Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft
File: aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft (raw, json)
Hash identifier: vEWFteFRhpmxwJ9YJ2o4gVUWHEvMhy6xCkcj38DRMA4=
Subject key identifier: BA:1D:3A:D2:3E:07:0F:38:71:FF:B2:E2:A7:95:C6:4B:3D:86:A1:7E
Authority key identifier: 69:97:10:A1:69:37:10:AC:83:5F:0B:67:45:F9:0D:2D:68:0A:12:00
Certificate issuer: /CN=699710a1693710ac835f0b6745f90d2d680a1200
Certificate serial: 019CAC46D2B4912D1BD95D5D62232886D2C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZcQoWk3EKyDXwtnRfkNLWgKEgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft
Manifest number: 17D9
Signing time: Mon 02 Mar 2026 02:00:48 +0000
Manifest this update: Mon 02 Mar 2026 02:00:48 +0000
Manifest next update: Tue 03 Mar 2026 02:00:48 +0000
Files and hashes: 1: VmSEi88h8EdX70CoZBoX1PGWIw4.roa (hash: cwT1GcadLbcYd+EhAmWFsga6gtnL8WtN6n2eRtcoP6o=)
2: aZcQoWk3EKyDXwtnRfkNLWgKEgA.crl (hash: Xu5NC1nChary0M4RElP75iL7Cn5I8t862Jheu+WUk1w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZcQoWk3EKyDXwtnRfkNLWgKEgA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:46:d2:b4:91:2d:1b:d9:5d:5d:62:23:28:86:d2:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=699710a1693710ac835f0b6745f90d2d680a1200
Validity
Not Before: Mar 2 02:00:48 2026 GMT
Not After : Mar 3 02:00:48 2026 GMT
Subject: CN=ba1d3ad23e070f3871ffb2e2a795c64b3d86a17e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d4:80:73:d3:55:ea:e0:cb:6e:9c:cb:26:eb:
ae:bf:08:6a:95:f8:2d:1b:69:2c:d7:e6:a6:0d:13:
c2:db:97:b7:94:9a:2e:3d:91:c5:26:bd:16:ed:55:
26:3d:00:b1:6f:17:7e:ef:3f:9f:94:04:21:49:8f:
34:60:48:1d:60:b8:db:cf:86:30:9f:9e:9d:8e:cf:
be:8e:47:51:a2:b8:1e:1b:5c:3f:d3:57:28:a8:46:
76:5d:33:ea:01:2c:5b:c1:70:00:54:f2:60:61:db:
c9:3a:fd:cd:9c:54:0d:5a:fc:6b:79:e8:c8:e4:35:
cf:ce:01:12:6e:c8:4e:8b:ed:5e:43:31:c6:7f:89:
fa:62:32:d0:55:ad:74:be:0b:0c:66:01:8a:08:e3:
0a:04:3d:b2:eb:68:53:1f:03:64:1b:8c:71:a4:ac:
96:94:a1:b3:61:87:f6:55:8f:ac:c1:9b:d1:20:54:
b6:55:cb:be:3e:a8:cd:fb:9d:ea:05:ec:b3:6e:23:
0e:3b:32:b9:c3:73:a9:48:67:fd:0d:91:0f:1f:17:
18:39:13:1f:73:d9:92:3c:de:bd:81:ef:ca:e3:0f:
3e:43:7a:c8:a9:be:7f:44:fc:11:fd:e2:4b:0c:e1:
9d:84:4f:d0:c4:76:4c:ff:9e:ff:2d:20:7c:03:03:
11:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:1D:3A:D2:3E:07:0F:38:71:FF:B2:E2:A7:95:C6:4B:3D:86:A1:7E
X509v3 Authority Key Identifier:
keyid:69:97:10:A1:69:37:10:AC:83:5F:0B:67:45:F9:0D:2D:68:0A:12:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZcQoWk3EKyDXwtnRfkNLWgKEgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b6:32:e2:17:ef:92:49:9e:30:65:78:ac:5c:75:a4:b0:fd:ca:
dc:16:80:fc:75:a8:f8:73:a2:2b:e3:b9:f0:fd:4b:f5:f4:3d:
ae:ab:e1:58:ef:71:3e:56:80:4f:d3:c5:3e:2b:03:1b:b1:57:
96:d1:a1:d0:00:34:97:97:83:ae:f9:07:da:36:99:36:c1:e3:
8c:c7:04:f3:3d:2e:7b:aa:eb:49:86:37:32:c9:da:12:3a:7f:
aa:63:ea:be:8a:11:0b:0f:ba:98:0c:f6:74:35:1d:2d:26:24:
d6:e2:a2:3f:60:17:c4:82:9f:11:7b:16:28:dd:c4:87:4a:28:
b2:d5:c7:d8:d1:45:cf:30:db:2b:8e:68:3e:12:3d:09:b1:35:
7f:f2:e5:9a:13:e3:7b:40:d2:22:fb:e0:d3:e8:9d:be:e2:6a:
db:c5:9c:29:7f:72:5a:50:4e:5e:1b:b2:69:76:96:35:9f:38:
82:dc:73:57:2c:10:03:e7:29:17:69:6f:81:2d:70:f4:9d:3f:
3f:fa:1f:7a:58:ae:ae:9e:5e:18:a8:b7:12:0e:df:0f:29:73:
a3:bf:70:ec:a2:94:c4:96:98:d0:db:90:40:fd:ca:bf:12:81:
26:12:dc:e7:81:4e:4e:72:19:7f:28:b7:46:ef:13:e6:ff:4a:
d2:1a:28:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRtK0kS0b2V1dYiMohtLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTcxMGExNjkzNzEwYWM4MzVmMGI2NzQ1ZjkwZDJkNjgw
YTEyMDAwHhcNMjYwMzAyMDIwMDQ4WhcNMjYwMzAzMDIwMDQ4WjAzMTEwLwYDVQQD
EyhiYTFkM2FkMjNlMDcwZjM4NzFmZmIyZTJhNzk1YzY0YjNkODZhMTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotSAc9NV6uDLbpzLJuuuvwhqlfgt
G2ks1+amDRPC25e3lJouPZHFJr0W7VUmPQCxbxd+7z+flAQhSY80YEgdYLjbz4Yw
n56djs++jkdRorgeG1w/01coqEZ2XTPqASxbwXAAVPJgYdvJOv3NnFQNWvxreejI
5DXPzgESbshOi+1eQzHGf4n6YjLQVa10vgsMZgGKCOMKBD2y62hTHwNkG4xxpKyW
lKGzYYf2VY+swZvRIFS2Vcu+PqjN+53qBeyzbiMOOzK5w3OpSGf9DZEPHxcYORMf
c9mSPN69ge/K4w8+Q3rIqb5/RPwR/eJLDOGdhE/QxHZM/57/LSB8AwMRRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLodOtI+Bw84cf+y4qeVxks9hqF+MB8GA1UdIwQY
MBaAFGmXEKFpNxCsg18LZ0X5DS1oChIAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpjUW9XazNFS3lEWHd0blJma05MV2dLRWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8wNzc0NWMtNDdjMS00MDAyLTk1MGYt
MjliOThlY2RmZjEyLzEvYVpjUW9XazNFS3lEWHd0blJma05MV2dLRWdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8wNzc0NWMtNDdjMS00MDAyLTk1MGYtMjliOThlY2RmZjEy
LzEvYVpjUW9XazNFS3lEWHd0blJma05MV2dLRWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtjLiF++S
SZ4wZXisXHWksP3K3BaA/HWo+HOiK+O58P1L9fQ9rqvhWO9xPlaAT9PFPisDG7FX
ltGh0AA0l5eDrvkH2jaZNsHjjMcE8z0ue6rrSYY3MsnaEjp/qmPqvooRCw+6mAz2
dDUdLSYk1uKiP2AXxIKfEXsWKN3Eh0oostXH2NFFzzDbK45oPhI9CbE1f/LlmhPj
e0DSIvvg0+idvuJq28WcKX9yWlBOXhuyaXaWNZ84gtxzVywQA+cpF2lvgS1w9J0/
P/ofeliurp5eGKi3Eg7fDylzo79w7KKUxJaY0NuQQP3KvxKBJhLc54FOTnIZfyi3
Ru8T5v9K0hoodg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:38:37 2026 by rpki-client