Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
File: aM_hqssnjBMjGzEORe5XaTL-m04.mft (raw, json)
Hash identifier: fGYlM4ZK63R1gUb32khHAllvQjn1hAJkRzDTAnYBPcM=
Subject key identifier: 98:17:DA:E4:51:13:D9:F8:EC:51:AD:B6:D4:9F:8B:1F:67:15:71:8F
Authority key identifier: 68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
Certificate issuer: /CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Certificate serial: 019CAAFD7243E95615E06E6C8F387591F6DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
Manifest number: 14DB
Signing time: Sun 01 Mar 2026 20:01:02 +0000
Manifest this update: Sun 01 Mar 2026 20:01:02 +0000
Manifest next update: Mon 02 Mar 2026 20:01:02 +0000
Files and hashes: 1: CuVYq_7gkf_DrsINyOzhKZbktPU.roa (hash: /uHacyxGA33AcgKYOrlSIWvD9MdgqSXnE0I0qc9GHm0=)
2: aM_hqssnjBMjGzEORe5XaTL-m04.crl (hash: R9JSzBejljkhpRa+v4M/kZhut30cov4+C/hnksgyEdw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fd:72:43:e9:56:15:e0:6e:6c:8f:38:75:91:f6:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Validity
Not Before: Mar 1 20:01:02 2026 GMT
Not After : Mar 2 20:01:02 2026 GMT
Subject: CN=9817dae45113d9f8ec51adb6d49f8b1f6715718f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b8:02:48:1f:a6:1f:cd:4f:fb:a8:e8:c2:1c:
00:b6:4e:5c:dc:95:98:e7:04:5f:b6:e2:6f:83:ca:
c8:12:84:34:7b:19:d0:52:ee:7f:57:3b:64:50:b5:
7f:d6:16:df:13:ab:ef:2d:56:76:9d:e1:d1:7c:89:
b4:ff:c2:a9:d9:38:97:40:f4:b3:11:97:99:09:46:
02:86:1b:f5:1d:e4:a2:41:37:55:68:2d:31:60:ff:
88:8c:0e:bc:53:d6:12:8c:2d:f7:d9:cb:17:d3:65:
f7:1e:3b:ec:84:21:9e:7a:72:10:82:09:50:0d:22:
29:a2:e9:54:e7:1e:ee:55:f7:7d:0e:66:fd:cf:23:
d9:0b:99:70:e0:39:be:ec:4d:68:4d:0b:b8:e2:4a:
a3:ad:0e:00:30:e7:8a:92:ea:6b:c9:f0:1c:9e:9d:
10:53:e5:eb:9c:07:d0:35:7b:1b:a0:42:ea:86:12:
fc:df:9a:f6:ab:54:01:80:dd:1f:6f:4d:60:c1:31:
af:88:dd:fc:4b:5f:48:68:81:54:96:c7:12:7a:e0:
e2:1d:62:41:b3:83:6d:56:fd:d3:13:b7:7e:d1:68:
60:bc:04:9a:fd:f2:77:bb:04:9e:e8:ef:37:b6:33:
9e:87:28:ea:3b:69:b6:80:3f:9a:62:7f:a9:8d:5b:
c5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:17:DA:E4:51:13:D9:F8:EC:51:AD:B6:D4:9F:8B:1F:67:15:71:8F
X509v3 Authority Key Identifier:
keyid:68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:e3:9c:a7:7a:72:ca:3b:6a:bb:0b:da:23:8d:77:93:05:36:
41:11:15:0f:a0:cd:8b:6b:1d:08:3e:70:0d:9a:cc:f6:cc:57:
69:09:bf:d9:b7:c2:f7:c0:d6:0d:27:f3:ee:f9:32:c6:bf:b8:
d2:f2:f6:63:e5:5e:9d:b9:e8:2e:03:0b:00:61:6f:29:c4:8e:
62:a9:86:6f:db:dd:08:2c:53:17:c1:70:26:af:ca:0f:cc:bb:
b9:75:54:ce:a9:92:4f:d3:20:39:59:8e:6f:91:cf:1b:0c:c5:
73:78:a3:f1:d0:8a:b3:56:c3:4e:72:63:6a:52:9e:c2:a3:7b:
e5:a4:f4:7a:ad:8b:85:54:79:c6:fa:ce:cf:a9:cf:6a:75:2b:
93:10:4d:39:59:e6:fd:19:2b:0e:d1:a4:51:48:0c:31:fb:06:
9a:0b:3a:83:56:14:b3:29:21:99:9a:12:ce:ea:a2:f1:10:60:
a6:eb:87:2a:7d:80:40:63:bf:d2:95:fd:d3:a4:a2:f3:2a:2e:
5b:18:30:7b:ed:fb:54:66:9a:b8:0b:78:a0:50:3c:8d:59:61:
e8:b4:a2:ab:3d:1b:7a:3e:56:3c:d1:54:02:ce:94:76:c2:10:
e0:99:79:3c:40:80:21:0c:bd:a3:7e:6e:92:82:10:d5:20:f6:
dc:e6:56:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/XJD6VYV4G5sjzh1kfbcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2ZlMWFhY2IyNzhjMTMyMzFiMzEwZTQ1ZWU1NzY5MzJm
ZTliNGUwHhcNMjYwMzAxMjAwMTAyWhcNMjYwMzAyMjAwMTAyWjAzMTEwLwYDVQQD
Eyg5ODE3ZGFlNDUxMTNkOWY4ZWM1MWFkYjZkNDlmOGIxZjY3MTU3MThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbgCSB+mH81P+6jowhwAtk5c3JWY
5wRftuJvg8rIEoQ0exnQUu5/VztkULV/1hbfE6vvLVZ2neHRfIm0/8Kp2TiXQPSz
EZeZCUYChhv1HeSiQTdVaC0xYP+IjA68U9YSjC332csX02X3HjvshCGeenIQgglQ
DSIpoulU5x7uVfd9Dmb9zyPZC5lw4Dm+7E1oTQu44kqjrQ4AMOeKkupryfAcnp0Q
U+XrnAfQNXsboELqhhL835r2q1QBgN0fb01gwTGviN38S19IaIFUlscSeuDiHWJB
s4NtVv3TE7d+0WhgvASa/fJ3uwSe6O83tjOehyjqO2m2gD+aYn+pjVvFEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgX2uRRE9n47FGtttSfix9nFXGPMB8GA1UdIwQY
MBaAFGjP4arLJ4wTIxsxDkXuV2ky/ptOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYt
ODljMmY2NjZlOTA1LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYtODljMmY2NjZlOTA1
LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOOOcp3py
yjtquwvaI413kwU2QREVD6DNi2sdCD5wDZrM9sxXaQm/2bfC98DWDSfz7vkyxr+4
0vL2Y+VenbnoLgMLAGFvKcSOYqmGb9vdCCxTF8FwJq/KD8y7uXVUzqmST9MgOVmO
b5HPGwzFc3ij8dCKs1bDTnJjalKewqN75aT0eq2LhVR5xvrOz6nPanUrkxBNOVnm
/RkrDtGkUUgMMfsGmgs6g1YUsykhmZoSzuqi8RBgpuuHKn2AQGO/0pX906Si8you
Wxgwe+37VGaauAt4oFA8jVlh6LSiqz0bej5WPNFUAs6UdsIQ4Jl5PECAIQy9o35u
koIQ1SD23OZWyQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:06:04 2026 by rpki-client