Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
File: aa24Jfn9vKDNfHkB3reiKuF5fAY.mft (raw, json)
Hash identifier: nq2PtOb5d2kHgl2qglqdNkWCZlhamwZdRAhePxSzWo0=
Subject key identifier: 3F:46:97:8A:4F:9C:57:AB:CE:42:DE:16:59:F2:54:D7:06:DB:35:67
Authority key identifier: 69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
Certificate issuer: /CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Certificate serial: 019CADFEBB9BF47F5488DD2EF0CE3D2512CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
Manifest number: 1562
Signing time: Mon 02 Mar 2026 10:01:18 +0000
Manifest this update: Mon 02 Mar 2026 10:01:18 +0000
Manifest next update: Tue 03 Mar 2026 10:01:18 +0000
Files and hashes: 1: YlYRZ37O-pzL7R_8WiFUYYasSE0.roa (hash: pASfCwUDt1iiJW6IS3OTekooh+sWxZnThm/3hjuqE+0=)
2: aa24Jfn9vKDNfHkB3reiKuF5fAY.crl (hash: BiUalDsHnFlTAyoxaLK/ks0bHJhRbV8krhyleH2rfZ4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 10:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:fe:bb:9b:f4:7f:54:88:dd:2e:f0:ce:3d:25:12:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Validity
Not Before: Mar 2 10:01:18 2026 GMT
Not After : Mar 3 10:01:18 2026 GMT
Subject: CN=3f46978a4f9c57abce42de1659f254d706db3567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:68:87:c8:92:e4:0a:5c:65:19:94:2b:8d:77:
ec:21:4d:a7:57:d2:ef:0b:c6:4b:cc:3d:0a:d3:b1:
00:16:81:78:87:87:c3:d9:84:96:a8:86:68:cb:03:
28:f8:9b:ba:f7:59:9b:0a:dd:e8:f2:7d:8f:cf:db:
1f:a7:09:9f:ed:85:dc:a3:90:12:7b:f1:4d:fd:db:
60:f1:28:2d:6d:8e:fc:20:fa:4e:d4:bc:06:13:a4:
71:63:6c:a2:ce:4a:47:ad:98:2a:3f:10:ce:03:38:
e8:46:88:13:5a:6a:c7:ff:b6:dc:ec:9d:ff:59:58:
41:67:a9:c1:bc:f6:0b:ed:50:6c:3f:d2:5c:3a:6c:
2a:87:d5:72:a1:f2:d6:24:7d:bb:ea:93:4b:53:8e:
90:a6:ee:91:e5:9d:17:78:23:58:01:b3:3d:7c:0e:
31:c1:6f:a6:8f:71:59:c7:2b:7e:c0:98:14:07:4f:
21:68:d4:bd:50:d4:2c:cd:aa:f6:bb:e3:98:e9:55:
99:cf:ac:ba:f1:6b:54:08:55:5d:a4:98:d7:cd:c1:
bd:3c:68:e4:73:72:75:ba:78:43:30:68:a1:05:49:
64:a8:a6:b8:4b:11:4e:90:19:bb:ac:cc:ff:b4:58:
9a:a5:49:ba:ab:07:91:94:cf:94:1b:68:a3:50:c9:
fb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:46:97:8A:4F:9C:57:AB:CE:42:DE:16:59:F2:54:D7:06:DB:35:67
X509v3 Authority Key Identifier:
keyid:69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:70:c7:58:8a:5d:61:e0:c4:cf:8e:5b:e1:9a:b5:9a:df:92:
77:7b:c3:ac:fb:9b:b9:ff:af:e0:b3:af:4f:74:95:dc:ee:76:
d7:81:0f:34:1c:76:6c:56:ae:61:88:8b:6d:5d:0b:96:57:28:
9d:94:bf:9f:2f:0f:f5:d2:dd:48:8d:57:a7:71:ac:4c:f8:ad:
b5:fb:a2:7c:ea:99:f8:b7:7e:45:0d:02:e2:9d:70:f1:8f:73:
b2:19:54:1a:28:78:5f:5d:2c:64:f8:71:7b:cd:91:46:78:b0:
df:af:f7:5b:4a:00:45:bf:0e:b8:01:f8:ee:e9:5e:67:78:40:
b8:04:4a:f5:25:b1:12:d5:63:90:49:0e:4d:1c:70:44:17:ac:
15:28:79:d5:dc:11:bc:85:0a:78:f7:4e:22:4a:63:6e:33:38:
3a:7d:94:8b:b3:6c:30:9f:d3:03:68:1d:59:1f:61:78:d2:6c:
4e:5f:af:af:09:1e:54:00:8c:06:c6:ca:9d:e6:e3:a3:3f:7e:
3f:78:81:1c:27:b3:c0:b0:f5:32:b9:6d:48:5f:c3:7c:b1:a8:
cb:26:ef:36:0e:16:c8:c8:cb:d7:a7:34:5a:9f:8e:f4:d8:dc:
95:f1:7e:d9:1e:d4:96:05:f6:ca:2b:d7:33:fd:e4:a8:97:7d:
99:15:dc:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/rub9H9UiN0u8M49JRLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YWRiODI1ZjlmZGJjYTBjZDdjNzkwMWRlYjdhMjJhZTE3
OTdjMDYwHhcNMjYwMzAyMTAwMTE4WhcNMjYwMzAzMTAwMTE4WjAzMTEwLwYDVQQD
EygzZjQ2OTc4YTRmOWM1N2FiY2U0MmRlMTY1OWYyNTRkNzA2ZGIzNTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGiHyJLkClxlGZQrjXfsIU2nV9Lv
C8ZLzD0K07EAFoF4h4fD2YSWqIZoywMo+Ju691mbCt3o8n2Pz9sfpwmf7YXco5AS
e/FN/dtg8SgtbY78IPpO1LwGE6RxY2yizkpHrZgqPxDOAzjoRogTWmrH/7bc7J3/
WVhBZ6nBvPYL7VBsP9JcOmwqh9VyofLWJH276pNLU46Qpu6R5Z0XeCNYAbM9fA4x
wW+mj3FZxyt+wJgUB08haNS9UNQszar2u+OY6VWZz6y68WtUCFVdpJjXzcG9PGjk
c3J1unhDMGihBUlkqKa4SxFOkBm7rMz/tFiapUm6qweRlM+UG2ijUMn7zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9Gl4pPnFerzkLeFlnyVNcG2zVnMB8GA1UdIwQY
MBaAFGmtuCX5/bygzXx5Ad63oirheXwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAt
MzIzNjI2N2M4Nzk5LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAtMzIzNjI2N2M4Nzk5
LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACXDHWIpd
YeDEz45b4Zq1mt+Sd3vDrPubuf+v4LOvT3SV3O5214EPNBx2bFauYYiLbV0Lllco
nZS/ny8P9dLdSI1Xp3GsTPittfuifOqZ+Ld+RQ0C4p1w8Y9zshlUGih4X10sZPhx
e82RRniw36/3W0oARb8OuAH47uleZ3hAuARK9SWxEtVjkEkOTRxwRBesFSh51dwR
vIUKePdOIkpjbjM4On2Ui7NsMJ/TA2gdWR9heNJsTl+vrwkeVACMBsbKnebjoz9+
P3iBHCezwLD1MrltSF/DfLGoyybvNg4WyMjL16c0Wp+O9NjclfF+2R7UlgX2yivX
M/3kqJd9mRXcVA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:52:47 2026 by rpki-client