Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: WT1xacVkbRRbflBmZcGdbzVpy22OBgEmeTB24qCKa2U=
Subject key identifier: 1E:EE:74:A3:AE:2D:AA:9F:E5:2E:4E:E3:63:4A:4B:4E:B7:EE:02:DB
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 019CAAFD1E3DD1B79BD90C70C92072B97AE5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 1847
Signing time: Sun 01 Mar 2026 20:00:40 +0000
Manifest this update: Sun 01 Mar 2026 20:00:40 +0000
Manifest next update: Mon 02 Mar 2026 20:00:40 +0000
Files and hashes: 1: 9V6-AqA_4zEech3d9e-zrslLlYg.roa (hash: 2ZWDpKA0ocbpi4aN6axitNn05JRLFs0cLkW8mMIC92U=)
2: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: sB7OWYiyOyXTEa/Z+yqEQgG49Q85Ftj9iTiYy8WZol0=)
3: s_Oj6JBKTNB4x3fb0XdQ9zvwP1o.roa (hash: 0jQdDlhdIZaz2WGN97YHIXqbtv/kRGloASKQBe2397Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fd:1e:3d:d1:b7:9b:d9:0c:70:c9:20:72:b9:7a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Mar 1 20:00:40 2026 GMT
Not After : Mar 2 20:00:40 2026 GMT
Subject: CN=1eee74a3ae2daa9fe52e4ee3634a4b4eb7ee02db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0a:b4:a2:ea:a0:ce:53:a4:18:92:08:06:4f:
65:3e:80:72:c4:3f:a6:f4:ce:fa:44:ea:b8:37:1d:
29:3e:38:fa:14:dd:6d:fd:18:7d:a1:78:88:06:a2:
36:16:7f:21:fe:ed:ce:11:c3:3d:c6:46:46:d6:4b:
a0:d5:c5:06:c7:91:e4:3e:69:18:3f:72:69:2a:29:
81:13:cc:fe:3f:42:97:ba:3d:2b:48:12:af:cd:cb:
b0:52:44:15:f6:29:51:a5:64:23:1e:81:ca:c4:dc:
0d:0c:1d:08:24:5e:ac:db:d0:36:7b:31:2d:fe:50:
85:ec:89:4f:96:52:fc:c9:ac:2c:da:8a:a7:5a:be:
f4:10:f3:cc:27:e3:c6:ec:d2:90:bf:15:6b:6d:8c:
f5:28:c1:ce:bf:2a:e1:87:7a:42:e6:0f:dd:15:97:
7a:5b:46:27:22:90:38:b9:cc:6f:4f:7c:08:d4:f1:
0e:bc:7b:8b:79:9f:0f:5f:36:38:76:1d:ad:7c:aa:
3c:2e:4b:27:12:8b:4c:ad:f3:48:d6:73:df:30:e1:
f8:67:bd:3e:14:bf:7e:54:24:9a:74:92:cf:3b:7e:
6a:4b:fa:76:cc:ef:48:43:ed:4e:6e:b6:4c:df:5f:
32:5b:cd:79:e2:70:82:a8:d4:07:97:f7:da:7e:a7:
3e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:EE:74:A3:AE:2D:AA:9F:E5:2E:4E:E3:63:4A:4B:4E:B7:EE:02:DB
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:7a:ac:48:0c:86:61:8a:60:ca:7a:e8:c1:07:7a:c1:ad:ee:
38:cd:d3:f1:60:6e:6c:2b:e6:a2:74:c2:f2:5f:35:1a:27:ce:
f1:06:58:85:63:9d:15:6e:13:c5:2b:92:b4:8a:73:92:b9:9c:
11:a1:1f:6a:d5:cc:20:28:a3:89:c1:b6:43:1c:6a:cf:2f:b5:
d9:1a:c9:06:45:b6:37:66:ab:87:ec:9b:90:ea:27:b8:d3:a4:
ed:d7:e7:90:ff:fd:78:76:68:34:57:9c:1a:67:ab:98:21:91:
eb:3a:b5:1e:2c:85:96:d4:de:08:6d:04:9a:2a:83:be:86:78:
42:5d:28:26:17:35:e1:3e:f3:8b:46:6d:7a:a1:af:1b:ae:4a:
a6:16:08:5b:a9:8d:31:2e:eb:ec:fb:c9:e4:5e:45:22:69:c9:
e8:8e:00:00:2e:2c:f9:b3:1e:83:9e:1e:30:30:84:c1:ee:12:
89:41:8f:e4:3a:33:4b:99:3e:f5:78:6a:e1:0f:cc:b2:1a:a0:
45:e8:96:84:10:d2:0f:ec:60:4a:20:91:d8:b7:75:13:e4:30:
5d:5d:94:51:76:39:60:23:69:28:c1:56:e8:6b:43:50:9f:b9:
99:67:f4:0f:ee:7b:d6:2c:e3:a6:0e:db:e9:c8:fa:ab:0b:0b:
00:0a:5e:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/R490beb2QxwySByuXrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjYwMzAxMjAwMDQwWhcNMjYwMzAyMjAwMDQwWjAzMTEwLwYDVQQD
EygxZWVlNzRhM2FlMmRhYTlmZTUyZTRlZTM2MzRhNGI0ZWI3ZWUwMmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAq0ouqgzlOkGJIIBk9lPoByxD+m
9M76ROq4Nx0pPjj6FN1t/Rh9oXiIBqI2Fn8h/u3OEcM9xkZG1kug1cUGx5HkPmkY
P3JpKimBE8z+P0KXuj0rSBKvzcuwUkQV9ilRpWQjHoHKxNwNDB0IJF6s29A2ezEt
/lCF7IlPllL8yaws2oqnWr70EPPMJ+PG7NKQvxVrbYz1KMHOvyrhh3pC5g/dFZd6
W0YnIpA4ucxvT3wI1PEOvHuLeZ8PXzY4dh2tfKo8LksnEotMrfNI1nPfMOH4Z70+
FL9+VCSadJLPO35qS/p2zO9IQ+1ObrZM318yW8154nCCqNQHl/fafqc+JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB7udKOuLaqf5S5O42NKS0637gLbMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOHqsSAyG
YYpgynrowQd6wa3uOM3T8WBubCvmonTC8l81GifO8QZYhWOdFW4TxSuStIpzkrmc
EaEfatXMICijicG2Qxxqzy+12RrJBkW2N2arh+ybkOonuNOk7dfnkP/9eHZoNFec
GmermCGR6zq1HiyFltTeCG0EmiqDvoZ4Ql0oJhc14T7zi0ZteqGvG65KphYIW6mN
MS7r7PvJ5F5FImnJ6I4AAC4s+bMeg54eMDCEwe4SiUGP5DozS5k+9Xhq4Q/Mshqg
ReiWhBDSD+xgSiCR2Ld1E+QwXV2UUXY5YCNpKMFW6GtDUJ+5mWf0D+571izjpg7b
6cj6qwsLAApezA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:27:26 2026 by rpki-client