Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft
File: aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft (raw, json)
Hash identifier: S3P5OERbJhAeQPkL9KqZLBBOBtYdY1pZrYl5G/c/iho=
Subject key identifier: 1A:D0:60:E5:27:BE:F4:F8:E3:33:0C:A1:FC:62:95:0B:EE:6D:44:11
Authority key identifier: 68:F0:63:ED:2E:0A:26:74:BC:47:10:10:18:9F:C7:7A:DB:31:C1:7F
Certificate issuer: /CN=68f063ed2e0a2674bc471010189fc77adb31c17f
Certificate serial: 019D9B1994A7D5E59BE87BEC24478C495D80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft
Manifest number: 17C1
Signing time: Fri 17 Apr 2026 11:00:37 +0000
Manifest this update: Fri 17 Apr 2026 11:00:37 +0000
Manifest next update: Sat 18 Apr 2026 11:00:37 +0000
Files and hashes: 1: aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl (hash: 2HNTLlQimZfG86MqD8k1Pkc3pPgV16uf0gTDCvrKv1o=)
2: gNhszUNFjUvnmp6uYZywKw0VK4Q.roa (hash: OoYbjhXKEH09k93nIljEgaEwB00MnQM3qMLjic/Ifxg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:19:94:a7:d5:e5:9b:e8:7b:ec:24:47:8c:49:5d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f063ed2e0a2674bc471010189fc77adb31c17f
Validity
Not Before: Apr 17 11:00:37 2026 GMT
Not After : Apr 18 11:00:37 2026 GMT
Subject: CN=1ad060e527bef4f8e3330ca1fc62950bee6d4411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6f:8b:7a:a0:1d:bd:5f:09:6a:90:95:75:7f:
37:8a:ee:f2:03:a1:9f:0d:59:3f:8a:f7:95:01:74:
b4:a1:3e:d1:f2:02:42:91:ae:6e:1e:48:12:52:a3:
0e:b0:1e:6a:0b:af:bb:cb:3e:6f:71:67:46:70:4a:
2d:c6:8a:d3:2a:7e:7a:18:c6:a5:ca:db:ec:cf:0a:
77:20:4c:1a:f0:c5:05:fa:77:4e:3e:5a:0b:3d:11:
ef:e2:ba:de:ad:19:97:cb:b1:21:c8:4b:9b:d1:13:
e8:e5:c9:26:eb:50:6b:16:4e:62:32:d9:3e:94:59:
39:6c:ed:b4:32:dc:e4:c9:5d:52:82:cd:ff:f4:58:
12:c9:9a:6e:be:27:0c:8c:c2:2b:54:2d:76:8a:a6:
63:37:20:79:ce:4c:78:02:37:27:8d:1e:3e:9b:30:
38:a9:53:5b:dc:1a:6e:62:38:40:f6:25:c4:8c:e8:
49:c8:90:3f:11:b5:39:13:ed:1b:a9:fa:68:f5:c2:
e7:de:b7:37:d0:1a:29:ae:8e:6e:78:35:dd:ef:d1:
97:00:fa:3e:83:a4:b7:23:ac:4f:1a:c6:b9:e4:a6:
ac:81:d4:4f:64:5d:02:03:b2:fc:e4:59:d2:2a:41:
0f:15:a1:28:e4:44:e3:01:bd:31:45:0c:65:3c:c1:
ae:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D0:60:E5:27:BE:F4:F8:E3:33:0C:A1:FC:62:95:0B:EE:6D:44:11
X509v3 Authority Key Identifier:
keyid:68:F0:63:ED:2E:0A:26:74:BC:47:10:10:18:9F:C7:7A:DB:31:C1:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:9a:07:2a:be:06:35:a5:64:f9:2e:16:4a:ac:0a:5f:a7:69:
b6:b2:5a:26:cc:2b:99:d6:6c:37:ef:16:22:16:23:05:4d:12:
23:cc:a8:a1:c6:3c:73:79:bc:49:b5:10:18:06:0d:9e:2e:11:
59:72:c8:86:4b:00:5c:f9:1c:ea:fc:ce:86:7d:9e:6d:fd:6a:
b7:94:09:97:68:0c:f5:5f:fc:e0:92:7a:1c:50:f9:6a:c6:ee:
56:9e:01:01:99:44:65:d4:66:37:8d:3e:6d:e9:43:06:34:65:
1a:90:f5:d3:23:40:74:1e:cd:29:22:03:66:39:8b:ed:0e:1d:
d8:bf:78:2a:8b:4c:6d:d5:98:a2:20:e3:8b:75:fe:1f:fd:5c:
75:bf:39:e3:09:89:76:5f:59:1d:19:ef:24:d5:84:91:1d:85:
d4:2c:f3:0b:23:a9:13:10:5f:ba:07:39:ca:6a:07:be:14:29:
09:64:f1:bd:d7:9f:7b:4d:e0:86:c8:9f:f7:19:85:5a:33:42:
bf:8a:22:d4:ba:be:3d:a8:8a:8a:88:a9:60:1e:dc:0b:e3:72:
03:c1:cb:ba:b9:3b:f1:39:76:a4:88:f2:ac:11:93:13:20:78:
f7:6b:9d:05:00:04:7e:6e:f9:57:3d:cd:9b:dd:7d:e9:21:eb:
24:94:29:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bGZSn1eWb6HvsJEeMSV2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjA2M2VkMmUwYTI2NzRiYzQ3MTAxMDE4OWZjNzdhZGIz
MWMxN2YwHhcNMjYwNDE3MTEwMDM3WhcNMjYwNDE4MTEwMDM3WjAzMTEwLwYDVQQD
EygxYWQwNjBlNTI3YmVmNGY4ZTMzMzBjYTFmYzYyOTUwYmVlNmQ0NDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2+LeqAdvV8JapCVdX83iu7yA6Gf
DVk/iveVAXS0oT7R8gJCka5uHkgSUqMOsB5qC6+7yz5vcWdGcEotxorTKn56GMal
ytvszwp3IEwa8MUF+ndOPloLPRHv4rrerRmXy7EhyEub0RPo5ckm61BrFk5iMtk+
lFk5bO20MtzkyV1Sgs3/9FgSyZpuvicMjMIrVC12iqZjNyB5zkx4AjcnjR4+mzA4
qVNb3BpuYjhA9iXEjOhJyJA/EbU5E+0bqfpo9cLn3rc30Bopro5ueDXd79GXAPo+
g6S3I6xPGsa55KasgdRPZF0CA7L85FnSKkEPFaEo5ETjAb0xRQxlPMGunQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBrQYOUnvvT44zMMofxilQvubUQRMB8GA1UdIwQY
MBaAFGjwY+0uCiZ0vEcQEBifx3rbMcF/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy82MWI3M2ItZjI2NS00M2Q0LWI1YjMt
OTQ2ZmRhZmUyZWM2LzEvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy82MWI3M2ItZjI2NS00M2Q0LWI1YjMtOTQ2ZmRhZmUyZWM2
LzEvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnJoHKr4G
NaVk+S4WSqwKX6dptrJaJswrmdZsN+8WIhYjBU0SI8yoocY8c3m8SbUQGAYNni4R
WXLIhksAXPkc6vzOhn2ebf1qt5QJl2gM9V/84JJ6HFD5asbuVp4BAZlEZdRmN40+
belDBjRlGpD10yNAdB7NKSIDZjmL7Q4d2L94KotMbdWYoiDji3X+H/1cdb854wmJ
dl9ZHRnvJNWEkR2F1CzzCyOpExBfugc5ymoHvhQpCWTxvdefe03ghsif9xmFWjNC
v4oi1Lq+PaiKioipYB7cC+NyA8HLurk78Tl2pIjyrBGTEyB492udBQAEfm75Vz3N
m9196SHrJJQpvA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:42:07 2026 by rpki-client