Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/0e766a-72fe-47d2-a435-9035b0836243/1/aBnbgbSauhKxgQyzopnu5GMt1yA.mft
File: aBnbgbSauhKxgQyzopnu5GMt1yA.mft (raw, json)
Hash identifier: 9DsXDgF2JNfJnF4m8fgTHHTnf3Bvtejn77TzJl1KrFE=
Subject key identifier: BD:CB:9F:35:28:D1:B3:45:3A:34:96:71:06:79:E0:A4:93:4D:7D:7D
Authority key identifier: 68:19:DB:81:B4:9A:BA:12:B1:81:0C:B3:A2:99:EE:E4:63:2D:D7:20
Certificate issuer: /CN=6819db81b49aba12b1810cb3a299eee4632dd720
Certificate serial: 019CAE352C4A78243F18F5D90E3FE50A7566
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBnbgbSauhKxgQyzopnu5GMt1yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/0e766a-72fe-47d2-a435-9035b0836243/1/aBnbgbSauhKxgQyzopnu5GMt1yA.mft
Manifest number: 0418
Signing time: Mon 02 Mar 2026 11:00:46 +0000
Manifest this update: Mon 02 Mar 2026 11:00:46 +0000
Manifest next update: Tue 03 Mar 2026 11:00:46 +0000
Files and hashes: 1: PK2HVjD3GmdLB06ij0s7w3X0wCo.roa (hash: 1RKfa7PhpjR33QDEm1HWDfBtwC3Ch5Bq/qvovHpolJ0=)
2: aBnbgbSauhKxgQyzopnu5GMt1yA.crl (hash: SKxUxEzqfRVGjsdWq2ckD2ht7eVKALab7ePHUEMQUvo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/0e766a-72fe-47d2-a435-9035b0836243/1/aBnbgbSauhKxgQyzopnu5GMt1yA.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/0e766a-72fe-47d2-a435-9035b0836243/1/aBnbgbSauhKxgQyzopnu5GMt1yA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aBnbgbSauhKxgQyzopnu5GMt1yA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:35:2c:4a:78:24:3f:18:f5:d9:0e:3f:e5:0a:75:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6819db81b49aba12b1810cb3a299eee4632dd720
Validity
Not Before: Mar 2 11:00:46 2026 GMT
Not After : Mar 3 11:00:46 2026 GMT
Subject: CN=bdcb9f3528d1b3453a3496710679e0a4934d7d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:98:3d:2c:ce:cc:26:5f:9a:ff:93:62:d2:d1:
2a:26:be:ec:e8:18:20:39:b0:26:31:f2:04:4f:92:
26:26:c8:56:32:cc:8b:69:2b:8c:81:98:74:74:86:
0e:10:11:22:57:58:06:ad:9f:77:e2:c7:ac:df:6e:
f5:4c:51:c7:55:84:61:e0:c0:7f:da:1a:3f:b5:17:
94:34:0b:30:27:fe:fb:80:5d:b1:53:5d:27:72:2b:
a2:77:33:6c:4a:99:41:2c:e1:fd:28:b8:4a:5f:b5:
b4:95:46:27:5a:c7:5e:ac:87:75:60:1d:ba:24:ad:
03:c5:1d:ae:56:49:0d:ed:87:60:f7:b1:f7:91:a6:
e5:2f:cb:d0:32:38:4c:29:51:3a:c4:34:d0:43:d9:
2c:f0:0d:d9:45:72:fe:a0:5d:c3:b6:c1:44:34:22:
2d:8a:ce:4e:32:eb:b5:04:80:1c:b5:44:86:d9:80:
38:de:7e:5d:0d:7a:66:49:8b:17:8f:7c:a7:ff:0f:
46:50:ea:63:65:77:1e:48:93:66:c4:05:7f:48:5b:
5c:e0:a7:30:e7:d6:3c:82:da:1b:11:75:86:6e:ae:
49:d6:84:f4:e2:2d:95:6e:13:2c:5c:83:a8:4d:1d:
6a:af:8f:ad:78:61:d7:4c:d7:70:9a:6c:24:1c:ba:
c5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:CB:9F:35:28:D1:B3:45:3A:34:96:71:06:79:E0:A4:93:4D:7D:7D
X509v3 Authority Key Identifier:
keyid:68:19:DB:81:B4:9A:BA:12:B1:81:0C:B3:A2:99:EE:E4:63:2D:D7:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBnbgbSauhKxgQyzopnu5GMt1yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/0e766a-72fe-47d2-a435-9035b0836243/1/aBnbgbSauhKxgQyzopnu5GMt1yA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/0e766a-72fe-47d2-a435-9035b0836243/1/aBnbgbSauhKxgQyzopnu5GMt1yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:c4:b6:49:de:c6:37:0f:aa:48:bd:f2:bb:74:62:1e:9d:37:
c9:a0:36:2c:36:8b:58:9e:9b:35:d2:cb:c0:3d:eb:aa:d7:66:
13:e2:b9:e6:92:86:65:50:5b:f5:f2:93:05:ca:d8:c5:64:c0:
a4:be:4c:b6:6d:dc:86:29:a4:34:d4:ea:f3:b0:19:0d:d2:01:
24:95:e2:5c:ca:0c:bc:1c:a2:72:ee:59:ea:dc:fa:de:a1:a5:
83:ed:3a:2b:49:2f:0c:4c:04:4b:6b:20:ea:b2:db:92:fb:0b:
74:a4:1d:b3:a9:6a:05:57:28:54:c4:24:ce:01:0d:3c:ae:65:
7c:0b:c1:94:ff:a7:20:c9:2d:eb:d1:2d:6a:37:3a:73:4c:2d:
e9:ef:3f:6b:87:a0:06:61:50:4a:24:0c:bb:df:1c:3c:a9:1b:
0a:91:f0:f4:33:30:4c:18:6b:d6:21:c4:68:47:0b:72:b2:68:
26:9f:97:30:97:f0:c0:f7:e3:d1:93:3d:4b:29:e8:9e:3e:6a:
bf:7f:71:84:7b:2c:85:21:40:9a:87:ce:91:fa:9f:c1:a6:aa:
49:28:ec:40:3f:10:4e:d8:ab:af:9b:63:de:bd:27:70:0b:ea:
da:aa:8e:29:cd:e4:e9:48:5d:a3:3b:b4:18:8b:dc:a7:56:c7:
e9:3e:6c:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNSxKeCQ/GPXZDj/lCnVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTlkYjgxYjQ5YWJhMTJiMTgxMGNiM2EyOTllZWU0NjMy
ZGQ3MjAwHhcNMjYwMzAyMTEwMDQ2WhcNMjYwMzAzMTEwMDQ2WjAzMTEwLwYDVQQD
EyhiZGNiOWYzNTI4ZDFiMzQ1M2EzNDk2NzEwNjc5ZTBhNDkzNGQ3ZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Jg9LM7MJl+a/5Ni0tEqJr7s6Bgg
ObAmMfIET5ImJshWMsyLaSuMgZh0dIYOEBEiV1gGrZ934ses3271TFHHVYRh4MB/
2ho/tReUNAswJ/77gF2xU10nciuidzNsSplBLOH9KLhKX7W0lUYnWsderId1YB26
JK0DxR2uVkkN7Ydg97H3kablL8vQMjhMKVE6xDTQQ9ks8A3ZRXL+oF3DtsFENCIt
is5OMuu1BIActUSG2YA43n5dDXpmSYsXj3yn/w9GUOpjZXceSJNmxAV/SFtc4Kcw
59Y8gtobEXWGbq5J1oT04i2VbhMsXIOoTR1qr4+teGHXTNdwmmwkHLrFgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3LnzUo0bNFOjSWcQZ54KSTTX19MB8GA1UdIwQY
MBaAFGgZ24G0mroSsYEMs6KZ7uRjLdcgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJuYmdiU2F1aEt4Z1F5em9wbnU1R010MXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8wZTc2NmEtNzJmZS00N2QyLWE0MzUt
OTAzNWIwODM2MjQzLzEvYUJuYmdiU2F1aEt4Z1F5em9wbnU1R010MXlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8wZTc2NmEtNzJmZS00N2QyLWE0MzUtOTAzNWIwODM2MjQz
LzEvYUJuYmdiU2F1aEt4Z1F5em9wbnU1R010MXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADcS2Sd7G
Nw+qSL3yu3RiHp03yaA2LDaLWJ6bNdLLwD3rqtdmE+K55pKGZVBb9fKTBcrYxWTA
pL5Mtm3chimkNNTq87AZDdIBJJXiXMoMvByicu5Z6tz63qGlg+06K0kvDEwES2sg
6rLbkvsLdKQds6lqBVcoVMQkzgENPK5lfAvBlP+nIMkt69Etajc6c0wt6e8/a4eg
BmFQSiQMu98cPKkbCpHw9DMwTBhr1iHEaEcLcrJoJp+XMJfwwPfj0ZM9Synonj5q
v39xhHsshSFAmofOkfqfwaaqSSjsQD8QTtirr5tj3r0ncAvq2qqOKc3k6Uhdozu0
GIvcp1bH6T5sfw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:57:43 2026 by rpki-client