Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
File: aa24Jfn9vKDNfHkB3reiKuF5fAY.mft (raw, json)
Hash identifier: 4v3bhYPw5Lunc7lnCces9RxjAM/Nrmz8fMhab8YH2Zk=
Subject key identifier: BE:84:89:FB:AE:33:1C:D3:DA:BB:0F:6B:A0:AB:EF:CE:19:11:9F:D7
Authority key identifier: 69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
Certificate issuer: /CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Certificate serial: 019D9998EB55BCAEB21DEBE8040347ABEAFB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
Manifest number: 15DC
Signing time: Fri 17 Apr 2026 04:00:28 +0000
Manifest this update: Fri 17 Apr 2026 04:00:28 +0000
Manifest next update: Sat 18 Apr 2026 04:00:28 +0000
Files and hashes: 1: YlYRZ37O-pzL7R_8WiFUYYasSE0.roa (hash: pASfCwUDt1iiJW6IS3OTekooh+sWxZnThm/3hjuqE+0=)
2: aa24Jfn9vKDNfHkB3reiKuF5fAY.crl (hash: 7i3l4KajJC8Zy5DGRNUkTdyd0DSb5llSSf1JWjUu33M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:98:eb:55:bc:ae:b2:1d:eb:e8:04:03:47:ab:ea:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Validity
Not Before: Apr 17 04:00:28 2026 GMT
Not After : Apr 18 04:00:28 2026 GMT
Subject: CN=be8489fbae331cd3dabb0f6ba0abefce19119fd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:28:21:25:0a:18:8b:41:8c:7e:98:48:e1:2d:
a6:18:e4:0e:4d:ba:c8:1a:d8:5f:39:ec:f3:37:e9:
cf:eb:32:49:ca:b6:4d:a5:ba:08:d2:e1:8b:03:42:
96:0e:c3:42:8f:b8:9f:cd:2a:c4:a3:ee:52:d9:c3:
19:f6:ce:8a:6d:6c:df:49:b1:cc:43:38:07:a1:e1:
6a:c3:f8:a1:e4:a5:0a:ce:9d:98:69:c7:6c:0b:8c:
08:3c:ca:93:d2:32:45:83:e9:7e:3b:6f:4f:cf:4d:
31:64:7d:bd:b7:0d:f2:87:8b:bd:65:4e:bb:b9:da:
fd:f6:66:ea:2c:ea:c6:05:86:ab:44:09:ba:7e:66:
e7:28:49:d9:30:c3:51:d6:bf:75:5e:89:26:06:a5:
01:ab:c8:45:58:77:63:b4:f3:a1:fe:da:48:56:60:
90:e8:27:7d:05:02:e3:06:11:32:ae:60:96:32:bd:
44:84:89:10:4d:09:82:6c:2f:ea:86:11:58:36:23:
39:25:90:85:ea:3e:d1:8b:04:e7:e6:98:1b:00:d2:
3e:3f:b8:34:12:0d:95:ec:af:59:8f:ae:cb:b9:f4:
14:c5:e1:13:98:04:d6:20:0e:06:d3:da:3b:ea:11:
5d:5c:4f:64:41:31:ad:4f:23:83:b5:07:1b:8e:4b:
79:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:84:89:FB:AE:33:1C:D3:DA:BB:0F:6B:A0:AB:EF:CE:19:11:9F:D7
X509v3 Authority Key Identifier:
keyid:69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:94:8b:7f:ca:4b:fa:35:3d:30:38:5a:37:86:f1:8d:28:00:
a1:e5:bb:59:44:4c:cb:11:65:18:ab:b4:a3:be:2e:f1:7a:d3:
0f:06:14:47:81:3a:02:57:3b:ee:77:74:40:86:5d:8f:89:c1:
da:8a:fc:c5:a1:57:7c:06:e9:e6:0c:d1:37:43:70:9e:af:59:
c2:24:ec:b1:19:77:49:3b:62:ce:62:9d:32:39:fc:3f:4d:24:
65:f6:b7:4e:5c:bf:c4:ab:49:86:48:22:38:a3:7d:a7:29:bf:
5e:34:2f:a5:2d:2e:a0:17:5b:88:51:90:bd:65:10:b2:57:fc:
52:3b:16:98:0d:d9:ef:e6:e4:66:2b:38:b4:50:b4:a1:04:49:
83:55:5a:c2:4b:3c:2c:61:46:ce:71:94:c9:6c:cd:4d:1f:e2:
89:ee:80:b4:a8:12:d8:b2:ea:31:97:c6:14:78:0b:63:e2:8a:
30:b1:c8:b6:69:dc:73:67:54:e6:c6:1a:65:04:5b:f8:fb:26:
0b:99:72:73:5a:b1:20:46:03:b8:89:18:ca:64:f9:f5:64:10:
53:47:65:8d:05:55:e9:10:20:dc:65:eb:70:06:67:66:b5:6b:
20:0b:3e:8c:9a:f8:d1:6e:a8:30:54:10:4a:c9:92:90:36:29:
50:27:12:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmOtVvK6yHevoBANHq+r7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YWRiODI1ZjlmZGJjYTBjZDdjNzkwMWRlYjdhMjJhZTE3
OTdjMDYwHhcNMjYwNDE3MDQwMDI4WhcNMjYwNDE4MDQwMDI4WjAzMTEwLwYDVQQD
EyhiZTg0ODlmYmFlMzMxY2QzZGFiYjBmNmJhMGFiZWZjZTE5MTE5ZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySghJQoYi0GMfphI4S2mGOQOTbrI
GthfOezzN+nP6zJJyrZNpboI0uGLA0KWDsNCj7ifzSrEo+5S2cMZ9s6KbWzfSbHM
QzgHoeFqw/ih5KUKzp2YacdsC4wIPMqT0jJFg+l+O29Pz00xZH29tw3yh4u9ZU67
udr99mbqLOrGBYarRAm6fmbnKEnZMMNR1r91XokmBqUBq8hFWHdjtPOh/tpIVmCQ
6Cd9BQLjBhEyrmCWMr1EhIkQTQmCbC/qhhFYNiM5JZCF6j7RiwTn5pgbANI+P7g0
Eg2V7K9Zj67LufQUxeETmATWIA4G09o76hFdXE9kQTGtTyODtQcbjkt5LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL6EifuuMxzT2rsPa6Cr784ZEZ/XMB8GA1UdIwQY
MBaAFGmtuCX5/bygzXx5Ad63oirheXwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAt
MzIzNjI2N2M4Nzk5LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAtMzIzNjI2N2M4Nzk5
LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADZSLf8pL
+jU9MDhaN4bxjSgAoeW7WURMyxFlGKu0o74u8XrTDwYUR4E6Alc77nd0QIZdj4nB
2or8xaFXfAbp5gzRN0Nwnq9ZwiTssRl3STtizmKdMjn8P00kZfa3Tly/xKtJhkgi
OKN9pym/XjQvpS0uoBdbiFGQvWUQslf8UjsWmA3Z7+bkZis4tFC0oQRJg1Vawks8
LGFGznGUyWzNTR/iie6AtKgS2LLqMZfGFHgLY+KKMLHItmncc2dU5sYaZQRb+Psm
C5lyc1qxIEYDuIkYymT59WQQU0dljQVV6RAg3GXrcAZnZrVrIAs+jJr40W6oMFQQ
SsmSkDYpUCcSKg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:14:00 2026 by rpki-client