Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
File: aHyL8iKia_HJxmOMw1bSg1UC8tY.mft (raw, json)
Hash identifier: 2Xwg/d3SUrMVOVrD9zCRuq3OSKQOighvnBlcjD61a1Y=
Subject key identifier: 10:FC:65:D0:48:5A:DD:74:AF:69:DD:55:01:90:6D:39:2B:A2:62:3C
Authority key identifier: 68:7C:8B:F2:22:A2:6B:F1:C9:C6:63:8C:C3:56:D2:83:55:02:F2:D6
Certificate issuer: /CN=687c8bf222a26bf1c9c6638cc356d2835502f2d6
Certificate serial: 019D9A06CF7B756BF69817DF02AEA50998EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
Manifest number: 0A02
Signing time: Fri 17 Apr 2026 06:00:30 +0000
Manifest this update: Fri 17 Apr 2026 06:00:30 +0000
Manifest next update: Sat 18 Apr 2026 06:00:30 +0000
Files and hashes: 1: aHyL8iKia_HJxmOMw1bSg1UC8tY.crl (hash: 1RKH/N/JC6/bScO5TK/s3+qp9PsDlj0snsBJ5D4KfeY=)
2: aTVTcaHfSKBoGEQhyNKYBwoJu-0.roa (hash: rT/Vj6/a6YnM9d3VVAjTqdJg4CGPx8A6IhEaB6Bvdck=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:06:cf:7b:75:6b:f6:98:17:df:02:ae:a5:09:98:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687c8bf222a26bf1c9c6638cc356d2835502f2d6
Validity
Not Before: Apr 17 06:00:30 2026 GMT
Not After : Apr 18 06:00:30 2026 GMT
Subject: CN=10fc65d0485add74af69dd5501906d392ba2623c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:9e:af:73:f1:1f:a9:82:94:89:18:23:aa:b7:
b7:b5:0d:4d:8b:df:56:06:66:a3:b6:4f:98:25:26:
f4:12:ae:1e:49:45:d4:b3:54:73:25:aa:92:4b:56:
a5:16:7f:13:da:29:1b:05:e5:48:88:f1:3a:e4:1d:
31:53:c9:7b:3d:14:30:36:05:97:64:93:92:9b:8f:
7f:6e:e7:7f:aa:c5:36:2e:cc:33:bd:89:52:ce:84:
51:a9:c7:8f:86:22:fb:15:05:69:b0:c4:4c:16:e5:
99:70:c1:b9:f2:37:b2:46:ab:78:aa:75:f3:b5:f5:
0c:a2:de:4a:43:09:fd:da:a0:c1:ee:ad:59:6a:b0:
02:e1:5e:33:d4:ef:10:86:20:3a:14:58:ee:2f:b6:
ba:e5:f4:24:4e:1d:89:d1:7a:ae:62:54:78:c1:6e:
0d:d7:c1:f6:f1:4b:d0:5a:09:0d:83:d6:ee:0f:9a:
7e:5d:5a:b4:a4:71:3d:c8:b1:f6:76:2d:fa:cf:37:
de:7d:6c:55:70:e3:23:ef:0e:82:50:d6:84:56:da:
72:c5:f6:9a:82:5a:c3:0c:20:41:96:3b:09:ea:49:
d6:4e:b1:b3:83:62:34:fd:37:d5:56:f3:c9:e4:0f:
cb:b4:9c:ef:3e:44:1d:49:72:05:a9:96:5c:9e:e9:
2f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FC:65:D0:48:5A:DD:74:AF:69:DD:55:01:90:6D:39:2B:A2:62:3C
X509v3 Authority Key Identifier:
keyid:68:7C:8B:F2:22:A2:6B:F1:C9:C6:63:8C:C3:56:D2:83:55:02:F2:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:75:98:50:2e:a4:01:20:21:27:bd:0b:53:4d:d8:12:ef:14:
03:7f:2a:50:fa:37:cf:0d:40:4b:1e:3c:8a:38:f7:6c:9b:b8:
2e:e6:e1:9c:6c:05:d9:26:a1:47:69:a2:da:7c:20:a6:40:de:
5e:26:65:ac:a0:d6:1c:1b:7c:a7:56:06:56:54:2a:2e:27:e5:
dd:2c:43:bb:71:3d:86:42:95:91:af:6b:e8:ec:3c:41:ed:17:
f4:06:0f:c6:c8:46:d6:06:7e:f0:4a:8d:4e:fd:e0:b7:b3:fe:
92:4d:40:97:66:3f:63:1d:1d:50:8b:d1:59:fb:e0:52:99:fe:
68:19:c0:de:c2:ff:6c:0c:39:91:38:3b:e4:e4:78:61:1d:04:
4e:35:03:09:bc:32:d6:c2:e8:2f:31:c2:dd:70:27:a1:44:47:
33:cf:37:ce:81:3b:63:6f:57:fc:53:6c:3d:3f:95:1b:98:44:
f5:4b:92:c9:8a:62:52:d8:41:be:70:69:2f:f0:84:66:89:ea:
f5:09:70:e6:0c:7b:c7:a0:25:19:fa:aa:da:5e:75:17:39:93:
ec:c3:f4:ab:c6:48:93:ba:ca:d2:cf:4f:47:4a:1f:6e:4d:80:
ee:f1:b0:36:6a:03:e3:b2:27:18:59:56:86:e8:47:40:76:25:
1c:27:04:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBs97dWv2mBffAq6lCZjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4N2M4YmYyMjJhMjZiZjFjOWM2NjM4Y2MzNTZkMjgzNTUw
MmYyZDYwHhcNMjYwNDE3MDYwMDMwWhcNMjYwNDE4MDYwMDMwWjAzMTEwLwYDVQQD
EygxMGZjNjVkMDQ4NWFkZDc0YWY2OWRkNTUwMTkwNmQzOTJiYTI2MjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3J6vc/EfqYKUiRgjqre3tQ1Ni99W
Bmajtk+YJSb0Eq4eSUXUs1RzJaqSS1alFn8T2ikbBeVIiPE65B0xU8l7PRQwNgWX
ZJOSm49/bud/qsU2LswzvYlSzoRRqcePhiL7FQVpsMRMFuWZcMG58jeyRqt4qnXz
tfUMot5KQwn92qDB7q1ZarAC4V4z1O8QhiA6FFjuL7a65fQkTh2J0XquYlR4wW4N
18H28UvQWgkNg9buD5p+XVq0pHE9yLH2di36zzfefWxVcOMj7w6CUNaEVtpyxfaa
glrDDCBBljsJ6knWTrGzg2I0/TfVVvPJ5A/LtJzvPkQdSXIFqZZcnukv6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBD8ZdBIWt10r2ndVQGQbTkromI8MB8GA1UdIwQY
MBaAFGh8i/IiomvxycZjjMNW0oNVAvLWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82MWFlMjEtOGY2My00ZmQwLWE2YjUt
ZDU3MjU1ZTI1ZmVlLzEvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82MWFlMjEtOGY2My00ZmQwLWE2YjUtZDU3MjU1ZTI1ZmVl
LzEvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAonWYUC6k
ASAhJ70LU03YEu8UA38qUPo3zw1ASx48ijj3bJu4LubhnGwF2SahR2mi2nwgpkDe
XiZlrKDWHBt8p1YGVlQqLifl3SxDu3E9hkKVka9r6Ow8Qe0X9AYPxshG1gZ+8EqN
Tv3gt7P+kk1Al2Y/Yx0dUIvRWfvgUpn+aBnA3sL/bAw5kTg75OR4YR0ETjUDCbwy
1sLoLzHC3XAnoURHM883zoE7Y29X/FNsPT+VG5hE9UuSyYpiUthBvnBpL/CEZonq
9Qlw5gx7x6AlGfqq2l51FzmT7MP0q8ZIk7rK0s9PR0ofbk2A7vGwNmoD47InGFlW
huhHQHYlHCcEEg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:24:52 2026 by rpki-client