Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
File: aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft (raw, json)
Hash identifier: Pe7sg7TiMeg0DUKw5kBN+/KXI2V4QIR9TvMb2pC5bUc=
Subject key identifier: CA:8A:2E:BD:64:C5:43:C2:04:4D:87:B7:94:E1:63:46:1E:36:11:54
Authority key identifier: 69:5D:CE:5E:37:A8:62:53:8A:0F:66:88:3D:E2:06:FF:B7:C9:3B:69
Certificate issuer: /CN=695dce5e37a862538a0f66883de206ffb7c93b69
Certificate serial: 019D99D09E647F589D2A7715FED78BE1D4C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
Manifest number: 08FF
Signing time: Fri 17 Apr 2026 05:01:19 +0000
Manifest this update: Fri 17 Apr 2026 05:01:19 +0000
Manifest next update: Sat 18 Apr 2026 05:01:19 +0000
Files and hashes: 1: 4oDq4WaHtzxq4X2XmYKxOilfXjc.roa (hash: 0o/IvKk3dqBypwXiDheqBd2S3T9GWA2BbRQUpKWXnt8=)
2: aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl (hash: C9LEuTei178ApQ5iZdD3eLqgTFZUuEgc55IAJrWIkaU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:d0:9e:64:7f:58:9d:2a:77:15:fe:d7:8b:e1:d4:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=695dce5e37a862538a0f66883de206ffb7c93b69
Validity
Not Before: Apr 17 05:01:19 2026 GMT
Not After : Apr 18 05:01:19 2026 GMT
Subject: CN=ca8a2ebd64c543c2044d87b794e163461e361154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e8:1e:17:56:22:7c:f1:81:83:2e:7f:ff:25:
66:b1:c9:0b:0c:7a:cb:78:14:d5:6f:b6:2b:45:27:
41:85:e4:f5:cb:fe:27:84:56:9a:df:9b:8d:c4:7e:
39:50:57:a9:2d:9e:a4:f5:80:6f:c3:a6:5c:61:b5:
a1:a7:b3:2f:a3:87:3e:33:6e:e8:48:5b:db:05:9b:
c4:52:25:26:72:a2:16:e8:e5:eb:1f:18:5d:1f:a8:
45:8d:ec:e8:13:b7:76:7a:5d:23:c7:d5:ef:30:4f:
dc:9a:61:ff:8d:7a:64:5a:b8:8d:f8:96:af:55:51:
25:16:a4:d5:ed:0a:cd:69:9c:72:c0:61:22:0a:65:
b4:6e:31:21:6c:1d:94:40:4c:3b:e7:e5:e8:e9:4c:
ba:2a:20:69:6b:29:35:bf:9f:a8:ef:68:89:e8:97:
21:11:34:b0:91:28:eb:a7:87:5c:c2:22:2a:af:69:
71:84:fe:ed:98:02:b5:f9:d3:5b:74:19:14:dc:4e:
9f:c6:37:bb:23:51:ac:d0:13:e8:4f:69:62:9c:6e:
82:5a:0a:e0:ac:0c:03:16:e0:44:ae:d1:0c:fc:fe:
42:58:70:a1:10:92:e7:a7:c2:a6:29:ef:b2:3c:d4:
e7:53:9d:de:3a:1a:2d:44:d2:cf:a5:57:2d:9d:46:
39:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:8A:2E:BD:64:C5:43:C2:04:4D:87:B7:94:E1:63:46:1E:36:11:54
X509v3 Authority Key Identifier:
keyid:69:5D:CE:5E:37:A8:62:53:8A:0F:66:88:3D:E2:06:FF:B7:C9:3B:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:2a:e1:4f:c1:d8:d6:9c:12:b9:05:1b:97:a0:d6:1e:c8:d6:
f7:6c:ee:3a:58:c7:e0:18:98:17:fc:d2:56:b8:8d:79:a4:1c:
0d:c5:2a:e1:11:7a:d1:97:e8:37:c6:49:42:bf:db:d3:38:7d:
f7:fb:40:42:2f:21:e7:64:de:84:5e:22:01:9f:ff:57:74:01:
8b:12:1a:33:3e:81:d6:4b:87:19:f7:d3:2c:36:dc:59:49:2e:
b1:fd:4f:08:65:40:36:12:68:d8:9c:a5:a3:54:4b:8f:e0:23:
fb:3e:f6:8a:f7:7d:ff:dc:c7:c6:20:4e:e1:96:b1:d5:d6:1f:
82:d4:46:15:17:a9:c5:16:61:05:89:bd:04:83:a5:e5:11:26:
3b:66:8b:cb:33:03:60:c8:d7:02:73:77:8a:53:ef:08:03:00:
2c:fa:de:6f:68:56:b3:2a:fa:31:52:37:85:76:c3:0e:ef:ce:
6f:44:64:a4:ed:f8:2f:ed:17:34:29:f4:d9:bf:33:09:03:67:
84:82:3d:30:15:80:cd:01:bb:5b:8e:b7:70:2b:3c:28:16:9b:
91:7c:8b:f1:3d:82:2f:a8:a1:68:60:2d:58:4a:16:32:53:24:
ad:54:b6:d6:67:4b:2a:f1:3c:7f:db:7b:19:72:a7:91:7c:52:
cc:e7:60:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0J5kf1idKncV/teL4dTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NWRjZTVlMzdhODYyNTM4YTBmNjY4ODNkZTIwNmZmYjdj
OTNiNjkwHhcNMjYwNDE3MDUwMTE5WhcNMjYwNDE4MDUwMTE5WjAzMTEwLwYDVQQD
EyhjYThhMmViZDY0YzU0M2MyMDQ0ZDg3Yjc5NGUxNjM0NjFlMzYxMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOgeF1YifPGBgy5//yVmsckLDHrL
eBTVb7YrRSdBheT1y/4nhFaa35uNxH45UFepLZ6k9YBvw6ZcYbWhp7Mvo4c+M27o
SFvbBZvEUiUmcqIW6OXrHxhdH6hFjezoE7d2el0jx9XvME/cmmH/jXpkWriN+Jav
VVElFqTV7QrNaZxywGEiCmW0bjEhbB2UQEw75+Xo6Uy6KiBpayk1v5+o72iJ6Jch
ETSwkSjrp4dcwiIqr2lxhP7tmAK1+dNbdBkU3E6fxje7I1Gs0BPoT2linG6CWgrg
rAwDFuBErtEM/P5CWHChEJLnp8KmKe+yPNTnU53eOhotRNLPpVctnUY5JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMqKLr1kxUPCBE2Ht5ThY0YeNhFUMB8GA1UdIwQY
MBaAFGldzl43qGJTig9miD3iBv+3yTtpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83MTY5MTEtMzBkZS00Yjc0LTk1OWIt
MDE3ZGVlNDUyZWM0LzEvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83MTY5MTEtMzBkZS00Yjc0LTk1OWItMDE3ZGVlNDUyZWM0
LzEvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbCrhT8HY
1pwSuQUbl6DWHsjW92zuOljH4BiYF/zSVriNeaQcDcUq4RF60ZfoN8ZJQr/b0zh9
9/tAQi8h52TehF4iAZ//V3QBixIaMz6B1kuHGffTLDbcWUkusf1PCGVANhJo2Jyl
o1RLj+Aj+z72ivd9/9zHxiBO4Zax1dYfgtRGFRepxRZhBYm9BIOl5REmO2aLyzMD
YMjXAnN3ilPvCAMALPreb2hWsyr6MVI3hXbDDu/Ob0RkpO34L+0XNCn02b8zCQNn
hII9MBWAzQG7W463cCs8KBabkXyL8T2CL6ihaGAtWEoWMlMkrVS21mdLKvE8f9t7
GXKnkXxSzOdgSQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:56:54 2026 by rpki-client