Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
File: aHyL8iKia_HJxmOMw1bSg1UC8tY.mft (raw, json)
Hash identifier: LrGrbnYJxkjDQG4o1d6eaZIMQf+FNXhbQqOHiQIq4j8=
Subject key identifier: 9A:D1:05:E3:40:8E:CC:76:F6:8C:B0:B3:3C:E7:19:9F:DA:AF:ED:C3
Authority key identifier: 68:7C:8B:F2:22:A2:6B:F1:C9:C6:63:8C:C3:56:D2:83:55:02:F2:D6
Certificate issuer: /CN=687c8bf222a26bf1c9c6638cc356d2835502f2d6
Certificate serial: 019CAC7DC306C52EBD056DE743CD1F39B8A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
Manifest number: 0987
Signing time: Mon 02 Mar 2026 03:00:48 +0000
Manifest this update: Mon 02 Mar 2026 03:00:48 +0000
Manifest next update: Tue 03 Mar 2026 03:00:48 +0000
Files and hashes: 1: aHyL8iKia_HJxmOMw1bSg1UC8tY.crl (hash: s8PGb3XkSnJvFnTyFH0qC/OV7XKN9heh27BME38kGCY=)
2: aTVTcaHfSKBoGEQhyNKYBwoJu-0.roa (hash: rT/Vj6/a6YnM9d3VVAjTqdJg4CGPx8A6IhEaB6Bvdck=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:7d:c3:06:c5:2e:bd:05:6d:e7:43:cd:1f:39:b8:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687c8bf222a26bf1c9c6638cc356d2835502f2d6
Validity
Not Before: Mar 2 03:00:48 2026 GMT
Not After : Mar 3 03:00:48 2026 GMT
Subject: CN=9ad105e3408ecc76f68cb0b33ce7199fdaafedc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:db:58:66:a9:a5:01:fd:16:08:85:93:d1:7d:
bd:45:7a:65:29:8f:a0:92:6f:9f:14:0c:68:38:66:
42:3e:a7:4d:8f:62:81:3c:b9:70:9d:80:8a:96:71:
c8:8a:3b:f0:e0:c5:ee:a4:1a:42:4f:7e:23:97:27:
bb:88:84:82:60:48:33:2c:41:37:9c:1c:41:d0:b6:
06:4c:02:fa:66:36:d4:f3:c6:70:30:42:46:88:f9:
17:5b:45:2e:42:3c:7f:47:c6:f5:72:18:49:9b:fe:
d5:52:32:b4:70:ee:9b:d7:09:86:23:2f:d2:db:74:
be:ee:75:8e:5a:79:a6:93:a2:9f:1d:2a:c0:c9:06:
34:b9:f9:af:ad:66:c4:1c:e2:b6:cd:9a:7d:73:32:
11:e5:75:f1:4e:a4:dc:1e:18:af:d9:95:d8:8a:d5:
58:4e:fe:e2:1c:57:56:e4:01:9e:72:70:84:76:1b:
59:8d:a2:21:b0:3e:5d:02:7c:b3:40:7f:27:bd:07:
68:71:2b:19:0b:83:99:94:ae:ae:76:95:96:fe:af:
82:03:c6:63:a1:69:34:2f:f0:78:63:7f:29:a6:67:
6a:63:96:28:a9:11:96:be:e7:48:55:56:de:60:10:
15:97:8f:74:bd:26:2b:27:e3:aa:b7:1b:39:29:07:
d7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D1:05:E3:40:8E:CC:76:F6:8C:B0:B3:3C:E7:19:9F:DA:AF:ED:C3
X509v3 Authority Key Identifier:
keyid:68:7C:8B:F2:22:A2:6B:F1:C9:C6:63:8C:C3:56:D2:83:55:02:F2:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:b6:5c:39:9a:aa:e7:39:24:12:64:b5:10:45:9b:1e:a2:30:
12:b4:2c:f4:95:bf:9c:b1:92:f4:b4:f6:38:29:f6:96:61:ab:
14:6b:85:1e:0c:5a:75:93:e9:86:03:5a:ae:76:66:ac:72:c6:
99:f4:45:4c:2b:06:e8:94:11:3c:56:4d:94:91:74:1a:e4:64:
d5:65:c9:8c:34:d8:36:c9:e5:f8:8d:ac:4d:20:0a:89:3e:62:
9b:61:b3:11:d1:88:05:52:be:e6:5e:4e:d8:70:eb:9d:c6:76:
3e:d0:79:34:3a:48:b0:cf:05:1b:f7:c8:5c:72:ac:db:70:58:
8f:ca:aa:81:95:59:a4:93:a3:9b:7a:43:5b:49:1f:9c:49:ad:
90:a8:b3:d4:b0:70:56:de:23:4a:62:7e:17:0c:8b:30:80:ab:
81:72:18:b9:53:82:2c:b6:d1:fa:64:df:30:ca:32:67:8d:14:
d7:f0:6e:33:f6:8d:c8:49:9e:b3:70:c4:c0:28:4d:e4:67:11:
d7:52:1a:d8:4e:7c:0b:9e:5c:a7:4a:54:56:63:a1:40:b1:85:
ef:36:5c:49:66:f9:de:23:59:38:01:68:d2:ec:cd:09:fe:bc:
61:9d:96:2a:65:5b:16:3c:28:ab:d2:a5:13:56:1c:96:04:a3:
9a:88:98:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysfcMGxS69BW3nQ80fObikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4N2M4YmYyMjJhMjZiZjFjOWM2NjM4Y2MzNTZkMjgzNTUw
MmYyZDYwHhcNMjYwMzAyMDMwMDQ4WhcNMjYwMzAzMDMwMDQ4WjAzMTEwLwYDVQQD
Eyg5YWQxMDVlMzQwOGVjYzc2ZjY4Y2IwYjMzY2U3MTk5ZmRhYWZlZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9tYZqmlAf0WCIWT0X29RXplKY+g
km+fFAxoOGZCPqdNj2KBPLlwnYCKlnHIijvw4MXupBpCT34jlye7iISCYEgzLEE3
nBxB0LYGTAL6ZjbU88ZwMEJGiPkXW0UuQjx/R8b1chhJm/7VUjK0cO6b1wmGIy/S
23S+7nWOWnmmk6KfHSrAyQY0ufmvrWbEHOK2zZp9czIR5XXxTqTcHhiv2ZXYitVY
Tv7iHFdW5AGecnCEdhtZjaIhsD5dAnyzQH8nvQdocSsZC4OZlK6udpWW/q+CA8Zj
oWk0L/B4Y38ppmdqY5YoqRGWvudIVVbeYBAVl490vSYrJ+Oqtxs5KQfXhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJrRBeNAjsx29oywszznGZ/ar+3DMB8GA1UdIwQY
MBaAFGh8i/IiomvxycZjjMNW0oNVAvLWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82MWFlMjEtOGY2My00ZmQwLWE2YjUt
ZDU3MjU1ZTI1ZmVlLzEvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82MWFlMjEtOGY2My00ZmQwLWE2YjUtZDU3MjU1ZTI1ZmVl
LzEvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABrZcOZqq
5zkkEmS1EEWbHqIwErQs9JW/nLGS9LT2OCn2lmGrFGuFHgxadZPphgNarnZmrHLG
mfRFTCsG6JQRPFZNlJF0GuRk1WXJjDTYNsnl+I2sTSAKiT5im2GzEdGIBVK+5l5O
2HDrncZ2PtB5NDpIsM8FG/fIXHKs23BYj8qqgZVZpJOjm3pDW0kfnEmtkKiz1LBw
Vt4jSmJ+FwyLMICrgXIYuVOCLLbR+mTfMMoyZ40U1/BuM/aNyEmes3DEwChN5GcR
11Ia2E58C55cp0pUVmOhQLGF7zZcSWb53iNZOAFo0uzNCf68YZ2WKmVbFjwoq9Kl
E1YclgSjmoiYbw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:37:53 2026 by rpki-client