Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
File: aDCZAOZItlowenhgECv3ixb1XXU.mft (raw, json)
Hash identifier: dvFkTHCY66OBDVFwNCXWNptPpWdruwP+DfxKlKY4Ee8=
Subject key identifier: E1:98:74:FA:31:80:E4:A9:62:6B:30:A0:64:6A:CC:36:75:3B:5A:FD
Authority key identifier: 68:30:99:00:E6:48:B6:5A:30:7A:78:60:10:2B:F7:8B:16:F5:5D:75
Certificate issuer: /CN=68309900e648b65a307a7860102bf78b16f55d75
Certificate serial: 019DA378D93A3AD8D43CEF826A2DD423FA40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
Manifest number: 0525
Signing time: Sun 19 Apr 2026 02:01:39 +0000
Manifest this update: Sun 19 Apr 2026 02:01:39 +0000
Manifest next update: Mon 20 Apr 2026 02:01:39 +0000
Files and hashes: 1: HbShzM3qrknCQZp2Tx1NZiWf1jk.roa (hash: YTGorDk65orDuOJJBzhtTtRRAT8YSucZuGLA7eX2VpI=)
2: aDCZAOZItlowenhgECv3ixb1XXU.crl (hash: 5McCXEef3ziMQ46NVixxUzKaIyGVyzt1zmGtbn1dvpc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a3:78:d9:3a:3a:d8:d4:3c:ef:82:6a:2d:d4:23:fa:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68309900e648b65a307a7860102bf78b16f55d75
Validity
Not Before: Apr 19 02:01:39 2026 GMT
Not After : Apr 20 02:01:39 2026 GMT
Subject: CN=e19874fa3180e4a9626b30a0646acc36753b5afd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:df:99:aa:95:f9:68:e9:5f:18:1f:9d:3b:e9:
34:b9:7c:a7:4f:36:fc:0f:00:21:77:04:2a:cf:61:
be:5e:8e:84:2f:b3:f4:67:3d:52:a6:d3:d2:2c:62:
5f:00:7c:39:0f:d7:e6:4e:e3:f5:c7:2d:d2:11:28:
e5:cf:9d:cd:4a:f4:64:b5:f6:15:4a:07:79:5c:66:
f7:8b:ae:2d:b1:61:25:06:42:9d:75:8c:be:49:aa:
44:9b:86:5a:2a:8a:bb:a2:e7:e4:14:ce:51:2d:62:
fb:84:ab:55:fd:36:c1:0d:f6:98:8a:f0:a1:46:3b:
6b:1b:5f:bb:b2:b8:68:5a:e8:3e:95:1b:4c:d3:6f:
e3:95:35:16:8d:77:7f:38:c7:43:8a:a9:08:ac:52:
13:f5:5e:38:d1:d8:37:eb:4e:db:be:27:61:55:8e:
b2:08:af:7b:bc:68:17:c0:31:68:a3:c0:11:bb:a5:
59:42:b6:e4:5b:aa:cf:28:fe:56:71:1a:8a:93:e6:
70:c9:d3:49:c9:2f:a0:df:5f:6a:4e:31:43:8f:c0:
7d:0c:8b:86:6b:cd:a6:3b:eb:2a:8e:ba:ae:64:01:
92:5c:3e:92:25:d1:fe:b8:d1:b7:92:0a:51:87:b0:
8e:48:d6:90:89:22:8c:90:37:71:c4:66:c9:7a:2c:
82:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:98:74:FA:31:80:E4:A9:62:6B:30:A0:64:6A:CC:36:75:3B:5A:FD
X509v3 Authority Key Identifier:
keyid:68:30:99:00:E6:48:B6:5A:30:7A:78:60:10:2B:F7:8B:16:F5:5D:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:e4:75:60:97:77:45:db:34:ca:99:33:50:b2:c2:36:a0:c0:
ee:2f:9e:1c:e0:26:f8:bb:cb:eb:ae:aa:1d:2b:27:91:c6:00:
2a:f6:ed:c4:2d:31:44:70:63:33:87:c6:54:37:d2:5e:17:d8:
ad:96:3a:5d:85:51:2f:0d:3f:58:33:dc:bd:f2:7f:f0:08:57:
25:d0:34:88:f9:69:b4:77:8b:da:11:83:52:55:6b:ea:9c:c7:
31:3c:e3:8b:36:7f:8b:54:2d:3e:7f:c7:1e:fa:fa:6b:32:00:
83:4e:62:58:bb:67:42:b3:0b:04:05:3f:c4:62:29:1f:9d:e2:
e5:48:ba:92:a0:31:8d:0f:0b:35:02:dd:2f:89:29:21:dd:5e:
d9:1c:a1:3d:24:9f:fd:71:17:df:68:5e:7a:c9:b9:a5:c4:95:
51:99:9a:fe:a5:fd:0c:2e:1a:e2:eb:05:3e:58:73:f1:8a:7a:
6d:44:ec:4b:d2:36:2c:c8:24:98:4d:c3:af:38:90:d6:e0:80:
eb:8e:82:b9:7e:54:af:31:d2:cc:67:e3:48:3d:86:a4:06:7c:
5c:8e:34:83:c2:21:f7:59:c1:a1:4e:2e:47:e0:26:e3:11:ea:
2b:b5:ae:70:fe:35:46:10:74:b5:d8:42:41:f6:37:74:89:43:
b3:46:62:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jeNk6OtjUPO+Cai3UI/pAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzA5OTAwZTY0OGI2NWEzMDdhNzg2MDEwMmJmNzhiMTZm
NTVkNzUwHhcNMjYwNDE5MDIwMTM5WhcNMjYwNDIwMDIwMTM5WjAzMTEwLwYDVQQD
EyhlMTk4NzRmYTMxODBlNGE5NjI2YjMwYTA2NDZhY2MzNjc1M2I1YWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA89+ZqpX5aOlfGB+dO+k0uXynTzb8
DwAhdwQqz2G+Xo6EL7P0Zz1SptPSLGJfAHw5D9fmTuP1xy3SESjlz53NSvRktfYV
Sgd5XGb3i64tsWElBkKddYy+SapEm4ZaKoq7oufkFM5RLWL7hKtV/TbBDfaYivCh
RjtrG1+7srhoWug+lRtM02/jlTUWjXd/OMdDiqkIrFIT9V440dg3607bvidhVY6y
CK97vGgXwDFoo8ARu6VZQrbkW6rPKP5WcRqKk+ZwydNJyS+g319qTjFDj8B9DIuG
a82mO+sqjrquZAGSXD6SJdH+uNG3kgpRh7COSNaQiSKMkDdxxGbJeiyC1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOGYdPoxgOSpYmswoGRqzDZ1O1r9MB8GA1UdIwQY
MBaAFGgwmQDmSLZaMHp4YBAr94sW9V11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTRjNTctZGVjYS00Njg1LTgxMDYt
OWZhNzgwNzUzMzBiLzEvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTRjNTctZGVjYS00Njg1LTgxMDYtOWZhNzgwNzUzMzBi
LzEvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJuR1YJd3
Rds0ypkzULLCNqDA7i+eHOAm+LvL666qHSsnkcYAKvbtxC0xRHBjM4fGVDfSXhfY
rZY6XYVRLw0/WDPcvfJ/8AhXJdA0iPlptHeL2hGDUlVr6pzHMTzjizZ/i1QtPn/H
Hvr6azIAg05iWLtnQrMLBAU/xGIpH53i5Ui6kqAxjQ8LNQLdL4kpId1e2RyhPSSf
/XEX32heesm5pcSVUZma/qX9DC4a4usFPlhz8Yp6bUTsS9I2LMgkmE3DrziQ1uCA
646CuX5UrzHSzGfjSD2GpAZ8XI40g8Ih91nBoU4uR+Am4xHqK7WucP41RhB0tdhC
QfY3dIlDs0Zi0g==
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:43:48 2026 by rpki-client