Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.mft
File: AJJn8-O54eu5eZaQgLDfqyTDYBo.mft (raw, json)
Hash identifier: W8OT5eSFt8pdbVkzbFvdK00kkpixDczUCdvOFCBAC4w=
Subject key identifier: C2:0F:B5:E5:C9:CD:7F:DA:35:75:07:0D:5A:D1:1C:63:1C:35:E0:12
Authority key identifier: 00:92:67:F3:E3:B9:E1:EB:B9:79:96:90:80:B0:DF:AB:24:C3:60:1A
Certificate issuer: /CN=009267f3e3b9e1ebb979969080b0dfab24c3601a
Certificate serial: 019CADC7A4A9B33561DDC36DE1687657B9A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AJJn8-O54eu5eZaQgLDfqyTDYBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.mft
Manifest number: 041A
Signing time: Mon 02 Mar 2026 09:01:08 +0000
Manifest this update: Mon 02 Mar 2026 09:01:08 +0000
Manifest next update: Tue 03 Mar 2026 09:01:08 +0000
Files and hashes: 1: AJJn8-O54eu5eZaQgLDfqyTDYBo.crl (hash: HhaDjAQo2FV5QlOFMhOp/WXjthX1db8N1ScbRgvP/t0=)
2: d9OmlBe2GpKLvl3u0mUGOFIDWgo.roa (hash: Ba/7rGgRRFa7/HkHrFHCRps9ypeyWifGgSmqxh5y+b8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/AJJn8-O54eu5eZaQgLDfqyTDYBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c7:a4:a9:b3:35:61:dd:c3:6d:e1:68:76:57:b9:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=009267f3e3b9e1ebb979969080b0dfab24c3601a
Validity
Not Before: Mar 2 09:01:08 2026 GMT
Not After : Mar 3 09:01:08 2026 GMT
Subject: CN=c20fb5e5c9cd7fda3575070d5ad11c631c35e012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:03:53:25:d4:8c:2f:3b:ce:f7:26:04:97:b9:
5f:10:ce:57:d3:33:a3:5e:68:f6:72:9b:6e:f6:be:
30:42:8e:d7:dc:3a:86:85:0d:1f:f8:f2:d0:24:60:
54:66:b3:58:ab:ee:d7:a1:84:72:d2:dc:57:58:25:
1b:59:47:9c:57:97:86:fe:3e:ef:70:72:e4:cf:0a:
02:28:d6:09:99:5f:69:43:31:00:8a:92:61:14:0c:
04:7d:97:a6:f0:6c:b8:ce:69:43:67:f6:28:68:a3:
dd:d5:10:f5:f6:b7:cd:ca:f4:dc:62:54:cc:72:7a:
8b:0a:15:f9:11:f9:44:48:b6:1a:d0:6d:4b:71:fd:
26:bc:36:5b:4a:fb:81:0e:3d:12:18:80:5b:33:83:
e9:13:46:9a:03:17:5d:c2:74:3f:d5:3d:de:75:55:
42:f7:eb:89:8d:c3:94:9a:65:20:87:ef:db:2a:9d:
54:7a:38:01:3d:60:32:f5:40:e7:53:d0:ae:2d:70:
ed:1d:54:98:4c:79:4e:16:c3:33:d5:79:36:f7:7a:
6a:be:e2:4e:4e:82:bd:da:2b:51:a1:ba:28:cb:67:
44:19:f7:2b:33:21:7a:b4:6f:ed:1e:4a:55:25:51:
18:15:5f:06:8c:ce:0d:71:e7:f9:e3:67:51:60:6d:
40:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:0F:B5:E5:C9:CD:7F:DA:35:75:07:0D:5A:D1:1C:63:1C:35:E0:12
X509v3 Authority Key Identifier:
keyid:00:92:67:F3:E3:B9:E1:EB:B9:79:96:90:80:B0:DF:AB:24:C3:60:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AJJn8-O54eu5eZaQgLDfqyTDYBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:7d:bd:c8:b9:b4:83:fa:0c:8e:66:46:93:2b:ac:70:d9:ec:
b5:b8:2a:ce:3b:20:d2:80:ab:74:e0:31:69:c5:ab:cc:ba:7c:
8e:ef:93:73:73:ba:c0:23:7d:92:d0:98:a7:22:bc:03:31:eb:
6f:7d:89:50:fa:cd:b9:8d:0d:bf:6e:92:8a:a3:fb:d4:5f:3d:
f4:0e:e3:b8:f4:bb:44:1f:14:55:e0:9e:92:6d:e5:9c:a8:8d:
4c:bc:56:dd:b1:1f:c0:69:22:41:75:84:55:bb:cd:f8:00:ba:
b6:56:1b:b2:af:e8:68:2c:70:a1:b3:56:fe:2d:ea:7b:5c:ed:
b4:d3:ed:98:e3:22:e5:d4:1b:55:cc:76:63:7f:d7:5b:50:93:
1f:60:ce:30:54:3a:0e:cf:6f:fb:87:77:4a:cc:3c:e0:b4:66:
30:c1:b6:6b:12:a7:bb:bd:91:a1:6f:d8:ca:25:37:7d:f6:f3:
86:cc:a6:83:f7:a7:bc:f2:28:61:0b:fa:af:5d:db:66:b3:e9:
d1:0a:9c:9b:10:08:ca:c9:23:e1:2c:08:21:4a:be:71:36:77:
88:1a:de:44:49:5b:ed:38:54:84:d2:b0:3c:90:65:a2:3e:85:
8a:ec:62:f5:4e:a9:d3:8a:aa:c6:31:ec:89:52:09:ca:bd:58:
79:7c:f4:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx6SpszVh3cNt4Wh2V7mjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwOTI2N2YzZTNiOWUxZWJiOTc5OTY5MDgwYjBkZmFiMjRj
MzYwMWEwHhcNMjYwMzAyMDkwMTA4WhcNMjYwMzAzMDkwMTA4WjAzMTEwLwYDVQQD
EyhjMjBmYjVlNWM5Y2Q3ZmRhMzU3NTA3MGQ1YWQxMWM2MzFjMzVlMDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgNTJdSMLzvO9yYEl7lfEM5X0zOj
Xmj2cptu9r4wQo7X3DqGhQ0f+PLQJGBUZrNYq+7XoYRy0txXWCUbWUecV5eG/j7v
cHLkzwoCKNYJmV9pQzEAipJhFAwEfZem8Gy4zmlDZ/YoaKPd1RD19rfNyvTcYlTM
cnqLChX5EflESLYa0G1Lcf0mvDZbSvuBDj0SGIBbM4PpE0aaAxddwnQ/1T3edVVC
9+uJjcOUmmUgh+/bKp1UejgBPWAy9UDnU9CuLXDtHVSYTHlOFsMz1Xk293pqvuJO
ToK92itRobooy2dEGfcrMyF6tG/tHkpVJVEYFV8GjM4Ncef542dRYG1AIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMIPteXJzX/aNXUHDVrRHGMcNeASMB8GA1UdIwQY
MBaAFACSZ/PjueHruXmWkICw36skw2AaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUpKbjgtTzU0ZXU1ZVphUWdMRGZxeVREWUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9mNGRiYTYtNmQ5NC00MTBmLTliZTIt
ZDY5MDM4MjUwMThjLzEvQUpKbjgtTzU0ZXU1ZVphUWdMRGZxeVREWUJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9mNGRiYTYtNmQ5NC00MTBmLTliZTItZDY5MDM4MjUwMThj
LzEvQUpKbjgtTzU0ZXU1ZVphUWdMRGZxeVREWUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcn29yLm0
g/oMjmZGkyuscNnstbgqzjsg0oCrdOAxacWrzLp8ju+Tc3O6wCN9ktCYpyK8AzHr
b32JUPrNuY0Nv26SiqP71F899A7juPS7RB8UVeCekm3lnKiNTLxW3bEfwGkiQXWE
VbvN+AC6tlYbsq/oaCxwobNW/i3qe1zttNPtmOMi5dQbVcx2Y3/XW1CTH2DOMFQ6
Ds9v+4d3Ssw84LRmMMG2axKnu72RoW/YyiU3ffbzhsymg/envPIoYQv6r13bZrPp
0QqcmxAIyskj4SwIIUq+cTZ3iBreRElb7ThUhNKwPJBloj6Fiuxi9U6p04qqxjHs
iVIJyr1YeXz0dg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:49:05 2026 by rpki-client