Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: xl2x1epr4UGojtDJKokpAPuGAYQ+eM2+CCKy6ypTZxM=
Subject key identifier: 10:BC:29:B9:C7:77:6A:41:14:E5:A3:99:50:2C:90:92:D0:3C:4B:0E
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 019D9886D6F68146B7FAD0E6B22B8F3E9723
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 18C2
Signing time: Thu 16 Apr 2026 23:01:06 +0000
Manifest this update: Thu 16 Apr 2026 23:01:06 +0000
Manifest next update: Fri 17 Apr 2026 23:01:06 +0000
Files and hashes: 1: 9V6-AqA_4zEech3d9e-zrslLlYg.roa (hash: 2ZWDpKA0ocbpi4aN6axitNn05JRLFs0cLkW8mMIC92U=)
2: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: /e/nJTtyFdOB7SAx4lYsYhqbexArEqTgIEUz19wuGBU=)
3: s_Oj6JBKTNB4x3fb0XdQ9zvwP1o.roa (hash: 0jQdDlhdIZaz2WGN97YHIXqbtv/kRGloASKQBe2397Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:86:d6:f6:81:46:b7:fa:d0:e6:b2:2b:8f:3e:97:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Apr 16 23:01:06 2026 GMT
Not After : Apr 17 23:01:06 2026 GMT
Subject: CN=10bc29b9c7776a4114e5a399502c9092d03c4b0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:27:c0:b2:15:d8:4f:2b:66:bd:a3:2f:88:4f:
d3:10:77:ac:02:ea:03:31:65:fb:74:da:bf:b3:d4:
45:0c:ee:f5:d4:c3:18:be:16:82:95:cf:d1:d2:92:
13:b0:7f:cc:7b:33:cd:47:2d:56:bc:c6:d7:b1:15:
4f:72:20:22:66:26:b0:7b:2a:92:d8:fc:85:4e:f6:
b5:2d:33:08:d0:24:d6:78:05:45:83:70:10:6e:e6:
f9:4d:49:84:08:e8:1e:2d:50:af:e7:6b:eb:53:bd:
ce:3f:57:91:eb:9f:42:aa:5f:d6:cd:6b:4f:54:5e:
f5:fa:00:64:17:9c:bd:8a:a4:b0:1d:2e:b8:75:25:
17:21:f0:f4:37:8c:2d:3c:91:35:50:c5:c9:1a:a9:
9a:85:53:20:ef:b4:44:98:ce:ea:37:53:63:01:c4:
34:33:aa:31:31:10:23:c5:7d:1f:2d:74:69:d7:26:
4f:47:c8:17:26:9a:c5:71:49:f0:8a:4b:5a:35:80:
14:db:d0:4d:f6:3a:96:73:8c:f1:cc:4f:8e:66:a5:
c4:3f:dd:64:27:a3:9a:dd:d1:3c:e5:b1:42:e3:30:
0a:ef:fa:06:81:d0:6f:83:f1:02:19:87:45:d9:e2:
13:82:ba:20:9f:13:b6:bb:a0:23:c3:6a:15:88:6d:
59:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:BC:29:B9:C7:77:6A:41:14:E5:A3:99:50:2C:90:92:D0:3C:4B:0E
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cd:6b:8a:e8:de:ce:25:ae:5c:0d:50:bf:8f:64:50:8f:7d:0c:
02:67:fd:2c:f3:8e:44:9e:5d:91:01:db:d7:0a:b0:4c:ea:d3:
97:f5:1b:15:2a:79:25:b9:07:13:24:3f:15:1c:7f:11:61:ff:
9b:17:1b:50:ac:92:40:2d:19:d4:2e:b7:45:b4:64:9c:83:49:
f2:70:b7:0f:17:09:68:cc:38:df:ca:80:ed:53:07:85:2d:fd:
82:e3:cc:f3:30:bb:ff:bd:9a:bb:14:e6:cd:5a:72:ec:fb:7c:
a9:96:cd:10:d4:b2:70:a2:6c:2a:99:13:4c:91:27:55:d1:63:
6c:05:b4:97:0e:00:7e:b8:86:76:35:60:56:28:67:bb:f2:aa:
75:7c:c7:5a:0f:8e:62:d1:78:94:fc:52:af:7c:4c:b7:78:0b:
88:6d:db:4c:57:e2:b9:24:01:45:1e:49:fa:d1:8b:c8:36:5f:
49:9f:5b:e3:cf:70:61:a7:6e:a1:5c:60:9f:97:66:1b:f7:72:
72:53:95:ab:2f:50:82:fa:04:cb:c8:a5:4a:b4:2d:dd:e4:30:
b3:d6:21:73:97:f5:b4:dc:d6:33:c5:c9:c4:c6:7b:42:af:44:
0e:28:5d:53:1c:5e:0d:df:61:75:75:84:7a:be:ff:11:a0:ac:
50:fa:fc:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Yhtb2gUa3+tDmsiuPPpcjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjYwNDE2MjMwMTA2WhcNMjYwNDE3MjMwMTA2WjAzMTEwLwYDVQQD
EygxMGJjMjliOWM3Nzc2YTQxMTRlNWEzOTk1MDJjOTA5MmQwM2M0YjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlifAshXYTytmvaMviE/TEHesAuoD
MWX7dNq/s9RFDO711MMYvhaClc/R0pITsH/MezPNRy1WvMbXsRVPciAiZiaweyqS
2PyFTva1LTMI0CTWeAVFg3AQbub5TUmECOgeLVCv52vrU73OP1eR659Cql/WzWtP
VF71+gBkF5y9iqSwHS64dSUXIfD0N4wtPJE1UMXJGqmahVMg77REmM7qN1NjAcQ0
M6oxMRAjxX0fLXRp1yZPR8gXJprFcUnwiktaNYAU29BN9jqWc4zxzE+OZqXEP91k
J6Oa3dE85bFC4zAK7/oGgdBvg/ECGYdF2eITgrognxO2u6Ajw2oViG1ZMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBC8KbnHd2pBFOWjmVAskJLQPEsOMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzWuK6N7O
Ja5cDVC/j2RQj30MAmf9LPOORJ5dkQHb1wqwTOrTl/UbFSp5JbkHEyQ/FRx/EWH/
mxcbUKySQC0Z1C63RbRknINJ8nC3DxcJaMw438qA7VMHhS39guPM8zC7/72auxTm
zVpy7Pt8qZbNENSycKJsKpkTTJEnVdFjbAW0lw4AfriGdjVgVihnu/KqdXzHWg+O
YtF4lPxSr3xMt3gLiG3bTFfiuSQBRR5J+tGLyDZfSZ9b489wYaduoVxgn5dmG/dy
clOVqy9QgvoEy8ilSrQt3eQws9Yhc5f1tNzWM8XJxMZ7Qq9EDihdUxxeDd9hdXWE
er7/EaCsUPr8aQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:02:46 2026 by rpki-client