Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
File: aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft (raw, json)
Hash identifier: HVJbRhXMB8vi7mam2/VyKkA8oeusrkr2Osh3QDrDug8=
Subject key identifier: 81:1C:17:1C:00:16:3A:39:AF:86:C9:7D:CB:59:01:84:48:D5:58:91
Authority key identifier: 69:5D:CE:5E:37:A8:62:53:8A:0F:66:88:3D:E2:06:FF:B7:C9:3B:69
Certificate issuer: /CN=695dce5e37a862538a0f66883de206ffb7c93b69
Certificate serial: 019CAC46FA98A7B17D9DF7DC2104A1D7D66E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
Manifest number: 0884
Signing time: Mon 02 Mar 2026 02:00:58 +0000
Manifest this update: Mon 02 Mar 2026 02:00:58 +0000
Manifest next update: Tue 03 Mar 2026 02:00:58 +0000
Files and hashes: 1: 4oDq4WaHtzxq4X2XmYKxOilfXjc.roa (hash: 0o/IvKk3dqBypwXiDheqBd2S3T9GWA2BbRQUpKWXnt8=)
2: aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl (hash: fHAD0WAR0ZKLcDodVdkPZqg/Qp0CDlLPxw+AQM8d4VE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:46:fa:98:a7:b1:7d:9d:f7:dc:21:04:a1:d7:d6:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=695dce5e37a862538a0f66883de206ffb7c93b69
Validity
Not Before: Mar 2 02:00:58 2026 GMT
Not After : Mar 3 02:00:58 2026 GMT
Subject: CN=811c171c00163a39af86c97dcb59018448d55891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:41:fb:0f:55:57:5d:65:a5:a4:b7:fd:b6:7e:
08:c1:a9:a4:75:1d:b5:dc:d8:f9:a4:10:69:42:78:
53:3c:92:76:38:ba:11:1f:d2:de:f7:73:fb:6e:c3:
6d:e3:ff:1f:2e:39:01:a1:ff:be:63:dc:58:8c:bc:
a4:02:32:3e:bd:75:72:32:61:dc:d0:d3:69:b2:bd:
9d:71:8a:8a:f3:73:4d:97:d0:f4:8f:01:a3:8d:1d:
b6:a9:53:07:50:26:6b:71:f0:de:d8:50:63:ef:9f:
e1:c2:fb:64:c7:6e:8a:12:70:e1:b9:02:20:e8:6f:
e4:a3:0f:95:be:60:1d:1a:88:0f:28:8d:ac:a8:34:
c9:5d:34:1d:66:84:48:5e:30:ff:00:6f:8d:a8:e6:
2a:53:78:e1:ff:9a:e7:b0:e7:de:ce:5a:e1:12:a1:
7c:5e:03:67:c0:c9:ba:73:4e:f2:50:34:db:af:e7:
d4:75:7a:5c:1a:88:67:29:6d:52:af:37:03:aa:f8:
52:a8:8c:b3:5f:90:6a:3c:0c:d7:dd:ed:60:26:38:
25:f8:f7:62:49:fc:79:1a:58:ae:6a:b5:3a:f7:cb:
31:bb:c4:ba:73:3f:e5:10:c7:b8:ee:2c:99:76:5b:
08:59:76:55:16:ee:bf:06:19:09:d5:02:1a:66:e5:
96:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1C:17:1C:00:16:3A:39:AF:86:C9:7D:CB:59:01:84:48:D5:58:91
X509v3 Authority Key Identifier:
keyid:69:5D:CE:5E:37:A8:62:53:8A:0F:66:88:3D:E2:06:FF:B7:C9:3B:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:97:d8:16:36:70:df:a6:39:f1:0f:f1:45:92:1a:f2:a0:76:
c4:fb:17:c0:e4:65:51:ad:9f:61:cb:f5:ff:68:85:90:56:e5:
22:a0:b4:bc:a3:55:4c:de:0d:d6:62:4c:29:f8:7b:62:a2:bc:
4c:b8:bb:5c:fd:30:52:66:a9:73:0e:05:a2:04:5c:76:ae:7c:
f6:8c:aa:ac:38:41:53:4b:a2:e7:75:ba:b3:45:1c:74:e9:e8:
7a:ac:aa:fb:94:19:89:aa:66:55:cf:35:8d:42:5e:3f:1e:35:
a1:cb:b3:63:77:bd:7b:91:3b:9b:42:41:1e:33:3a:f2:04:e5:
ef:d2:5d:a2:dd:2d:39:3c:78:7b:00:1c:4b:e3:6c:9d:7b:dc:
95:c3:ba:27:58:cd:45:f8:ae:bf:9a:34:68:cf:92:60:1c:bd:
da:58:60:97:da:5c:56:15:a6:00:28:5d:b1:ea:0e:12:7a:c3:
c7:5d:7e:02:46:f0:c3:70:b3:b9:bf:0a:54:61:6d:07:ad:b5:
d8:11:ee:dc:8f:d4:87:5f:07:66:45:c2:2b:b2:e9:bf:c2:72:
16:c3:54:1a:5b:f5:4b:5c:9b:9a:e5:f9:ce:99:ae:85:c6:fe:
9d:f3:58:25:67:1a:24:3a:69:e7:f1:05:77:e1:07:a6:85:4b:
c9:19:54:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRvqYp7F9nffcIQSh19ZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NWRjZTVlMzdhODYyNTM4YTBmNjY4ODNkZTIwNmZmYjdj
OTNiNjkwHhcNMjYwMzAyMDIwMDU4WhcNMjYwMzAzMDIwMDU4WjAzMTEwLwYDVQQD
Eyg4MTFjMTcxYzAwMTYzYTM5YWY4NmM5N2RjYjU5MDE4NDQ4ZDU1ODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUH7D1VXXWWlpLf9tn4IwamkdR21
3Nj5pBBpQnhTPJJ2OLoRH9Le93P7bsNt4/8fLjkBof++Y9xYjLykAjI+vXVyMmHc
0NNpsr2dcYqK83NNl9D0jwGjjR22qVMHUCZrcfDe2FBj75/hwvtkx26KEnDhuQIg
6G/kow+VvmAdGogPKI2sqDTJXTQdZoRIXjD/AG+NqOYqU3jh/5rnsOfezlrhEqF8
XgNnwMm6c07yUDTbr+fUdXpcGohnKW1SrzcDqvhSqIyzX5BqPAzX3e1gJjgl+Pdi
Sfx5GliuarU698sxu8S6cz/lEMe47iyZdlsIWXZVFu6/BhkJ1QIaZuWWgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIEcFxwAFjo5r4bJfctZAYRI1ViRMB8GA1UdIwQY
MBaAFGldzl43qGJTig9miD3iBv+3yTtpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83MTY5MTEtMzBkZS00Yjc0LTk1OWIt
MDE3ZGVlNDUyZWM0LzEvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83MTY5MTEtMzBkZS00Yjc0LTk1OWItMDE3ZGVlNDUyZWM0
LzEvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcpfYFjZw
36Y58Q/xRZIa8qB2xPsXwORlUa2fYcv1/2iFkFblIqC0vKNVTN4N1mJMKfh7YqK8
TLi7XP0wUmapcw4FogRcdq589oyqrDhBU0ui53W6s0UcdOnoeqyq+5QZiapmVc81
jUJePx41ocuzY3e9e5E7m0JBHjM68gTl79Jdot0tOTx4ewAcS+NsnXvclcO6J1jN
Rfiuv5o0aM+SYBy92lhgl9pcVhWmAChdseoOEnrDx11+Akbww3Czub8KVGFtB621
2BHu3I/Uh18HZkXCK7Lpv8JyFsNUGlv1S1ybmuX5zpmuhcb+nfNYJWcaJDpp5/EF
d+EHpoVLyRlUfw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:02:49 2026 by rpki-client