Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
File: aIt13GcpXVhht31RoCEYtg3FWGg.mft (raw, json)
Hash identifier: I2pespduChVUROmUck7wc4MYQe3uTGIS2cyT++v3xh4=
Subject key identifier: 9E:6E:01:85:9E:AA:F6:55:5C:50:D7:AE:DE:6B:9E:06:A6:AD:CD:28
Authority key identifier: 68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
Certificate issuer: /CN=688b75dc67295d5861b77d51a02118b60dc55868
Certificate serial: 019DA3E5CF75B5C7031B37454136F3211E37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
Manifest number: 0FD1
Signing time: Sun 19 Apr 2026 04:00:40 +0000
Manifest this update: Sun 19 Apr 2026 04:00:40 +0000
Manifest next update: Mon 20 Apr 2026 04:00:40 +0000
Files and hashes: 1: LMUQmobuHVJEXOLCk7qulvM9xco.roa (hash: VHioZYEBKZU7KL0P7CQwH0VWVc2gjtg5Dg7pb7IsEAE=)
2: aIt13GcpXVhht31RoCEYtg3FWGg.crl (hash: 7AE5atwXFPLuyxfw4FP2XJeQlmOXBPFQuYgCaqscwIU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a3:e5:cf:75:b5:c7:03:1b:37:45:41:36:f3:21:1e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=688b75dc67295d5861b77d51a02118b60dc55868
Validity
Not Before: Apr 19 04:00:40 2026 GMT
Not After : Apr 20 04:00:40 2026 GMT
Subject: CN=9e6e01859eaaf6555c50d7aede6b9e06a6adcd28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:19:d4:fc:77:9a:fd:7e:47:91:ff:8c:fb:21:
d3:04:3d:03:a5:12:19:f9:e6:8a:3e:67:d0:db:f7:
46:74:e2:92:c2:a4:9e:5c:78:66:72:dd:83:29:f5:
e4:b6:56:26:5d:0a:46:f5:c4:24:d5:3b:72:45:05:
5c:22:cc:e4:48:40:5d:d7:8e:0c:b1:99:cb:e7:4b:
58:ae:17:24:57:63:2f:b7:3f:4a:5c:89:d4:1a:73:
9b:8a:93:ee:d8:bf:13:a5:0b:16:39:f1:d4:7c:f9:
86:d1:90:ad:5d:ab:3f:9e:01:c2:be:08:5c:b3:6a:
51:1a:ec:c3:b3:49:8a:2c:82:f7:62:50:28:ab:80:
76:03:a8:fe:e9:46:52:7e:3d:92:c3:93:f3:0b:68:
9c:33:af:20:25:cd:97:91:95:f7:04:4a:dc:8d:90:
f8:d5:cb:d5:36:ad:8b:fe:51:76:10:dc:8c:9d:0e:
1d:b1:4e:ea:b9:d4:31:9e:a5:aa:4f:92:4f:18:74:
e4:a4:a2:27:27:da:93:b4:80:8d:2a:be:e7:e7:66:
ae:aa:87:64:dc:3a:26:fb:d2:9b:5b:d2:db:28:fb:
66:b4:44:df:a5:0c:6a:d4:5e:22:48:75:fc:4a:8b:
a4:e6:75:c1:54:e4:b6:63:2f:cb:70:03:7c:40:43:
97:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6E:01:85:9E:AA:F6:55:5C:50:D7:AE:DE:6B:9E:06:A6:AD:CD:28
X509v3 Authority Key Identifier:
keyid:68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:37:73:2a:94:14:a4:11:93:1f:00:83:a3:b2:4e:fb:d1:a8:
2a:19:e0:6a:44:c0:2d:65:2d:97:4f:4f:98:89:f9:d7:4c:aa:
4a:e2:15:2a:5e:6a:47:41:39:ce:0e:d7:96:2a:38:f4:c8:cf:
1b:48:d8:0a:08:1b:5f:f2:8e:84:3f:0c:52:7c:58:f2:8d:13:
df:b0:b2:6d:89:b4:8e:3f:24:03:18:9b:53:43:c5:02:36:1d:
59:f5:40:67:73:a1:23:27:77:4b:28:f7:de:1a:d7:fe:60:5d:
46:cf:6c:08:52:82:9c:d6:b0:ed:3c:96:74:cd:e2:af:c7:85:
a5:45:15:df:8d:9e:0b:93:fa:1c:5a:6a:50:6a:38:2c:a4:ac:
b7:9f:0d:1d:ec:7b:b6:a6:05:41:e9:fd:76:e3:84:df:78:f7:
24:d8:71:85:27:a9:3a:71:ea:77:62:38:83:e5:ac:fe:24:f5:
52:1a:d3:2f:44:3a:e0:aa:0b:32:53:ae:61:e0:13:91:61:96:
1a:6a:14:25:3b:04:c2:b4:2c:03:9d:81:b8:0f:3e:22:6d:fd:
d0:ce:3a:4d:67:94:0a:ad:c0:9b:03:e1:e4:c4:79:67:bf:ef:
55:f7:6c:1a:61:d1:a8:38:86:e6:37:ef:c2:8a:d7:22:44:9e:
34:07:31:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5c91tccDGzdFQTbzIR43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OGI3NWRjNjcyOTVkNTg2MWI3N2Q1MWEwMjExOGI2MGRj
NTU4NjgwHhcNMjYwNDE5MDQwMDQwWhcNMjYwNDIwMDQwMDQwWjAzMTEwLwYDVQQD
Eyg5ZTZlMDE4NTllYWFmNjU1NWM1MGQ3YWVkZTZiOWUwNmE2YWRjZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRnU/Hea/X5Hkf+M+yHTBD0DpRIZ
+eaKPmfQ2/dGdOKSwqSeXHhmct2DKfXktlYmXQpG9cQk1TtyRQVcIszkSEBd144M
sZnL50tYrhckV2Mvtz9KXInUGnObipPu2L8TpQsWOfHUfPmG0ZCtXas/ngHCvghc
s2pRGuzDs0mKLIL3YlAoq4B2A6j+6UZSfj2Sw5PzC2icM68gJc2XkZX3BErcjZD4
1cvVNq2L/lF2ENyMnQ4dsU7qudQxnqWqT5JPGHTkpKInJ9qTtICNKr7n52auqodk
3Dom+9KbW9LbKPtmtETfpQxq1F4iSHX8Souk5nXBVOS2Yy/LcAN8QEOX/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5uAYWeqvZVXFDXrt5rngamrc0oMB8GA1UdIwQY
MBaAFGiLddxnKV1YYbd9UaAhGLYNxVhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYt
NTE4ZWU3YmRlMWY4LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYtNTE4ZWU3YmRlMWY4
LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhTdzKpQU
pBGTHwCDo7JO+9GoKhngakTALWUtl09PmIn510yqSuIVKl5qR0E5zg7Xlio49MjP
G0jYCggbX/KOhD8MUnxY8o0T37CybYm0jj8kAxibU0PFAjYdWfVAZ3OhIyd3Syj3
3hrX/mBdRs9sCFKCnNaw7TyWdM3ir8eFpUUV342eC5P6HFpqUGo4LKSst58NHex7
tqYFQen9duOE33j3JNhxhSepOnHqd2I4g+Ws/iT1UhrTL0Q64KoLMlOuYeATkWGW
GmoUJTsEwrQsA52BuA8+Im390M46TWeUCq3AmwPh5MR5Z7/vVfdsGmHRqDiG5jfv
worXIkSeNAcx6Q==
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:59:14 2026 by rpki-client