Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.mft
File: AJJn8-O54eu5eZaQgLDfqyTDYBo.mft (raw, json)
Hash identifier: PEFV20F03gjridRoOPfqvQv/xyIvF3awPY6hnskL6sc=
Subject key identifier: 20:C5:B1:52:97:AF:5E:5C:E1:4D:3E:55:9C:B3:02:14:C1:55:27:31
Authority key identifier: 00:92:67:F3:E3:B9:E1:EB:B9:79:96:90:80:B0:DF:AB:24:C3:60:1A
Certificate issuer: /CN=009267f3e3b9e1ebb979969080b0dfab24c3601a
Certificate serial: 019D9B50440F4B2FEEB7F09DF2A35BA13D37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AJJn8-O54eu5eZaQgLDfqyTDYBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.mft
Manifest number: 0495
Signing time: Fri 17 Apr 2026 12:00:21 +0000
Manifest this update: Fri 17 Apr 2026 12:00:21 +0000
Manifest next update: Sat 18 Apr 2026 12:00:21 +0000
Files and hashes: 1: AJJn8-O54eu5eZaQgLDfqyTDYBo.crl (hash: TeP0CWAAgrgD43BHMN6GK/iETUyTq1CQMrXAr7RVbtM=)
2: d9OmlBe2GpKLvl3u0mUGOFIDWgo.roa (hash: Ba/7rGgRRFa7/HkHrFHCRps9ypeyWifGgSmqxh5y+b8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/AJJn8-O54eu5eZaQgLDfqyTDYBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:50:44:0f:4b:2f:ee:b7:f0:9d:f2:a3:5b:a1:3d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=009267f3e3b9e1ebb979969080b0dfab24c3601a
Validity
Not Before: Apr 17 12:00:21 2026 GMT
Not After : Apr 18 12:00:21 2026 GMT
Subject: CN=20c5b15297af5e5ce14d3e559cb30214c1552731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:39:39:1e:7b:f6:f8:aa:b4:5c:d3:07:6f:45:
69:8e:a6:c0:9a:47:db:21:63:05:b5:e9:f5:7b:00:
d9:36:e4:6a:c3:8f:21:fa:51:56:ef:2e:48:f1:4e:
15:4e:83:e7:bb:f0:b1:e2:83:a5:a6:88:ae:cb:6a:
d1:f0:b6:89:9f:01:0e:45:23:d8:06:e4:1e:ce:e9:
d2:7f:13:7a:ac:65:be:00:91:9f:3b:a9:90:96:3f:
6b:90:93:63:03:c7:93:06:7c:c2:ac:1c:11:62:16:
d2:2b:31:ba:82:a1:7f:13:64:90:c2:45:58:46:86:
99:c9:9e:68:7c:72:04:9c:3e:6e:45:98:67:53:4c:
60:47:d6:37:e0:22:fa:b2:2e:97:fe:39:c0:74:fc:
68:60:a3:6b:98:a2:3d:2e:5f:93:73:f9:36:84:40:
ad:c3:be:6d:fc:d2:c0:83:b2:4b:66:f2:d7:3d:97:
5e:ad:fa:64:80:32:b1:c9:3a:eb:0c:b1:96:1f:82:
d9:ca:4a:48:e7:ef:3b:d3:8b:05:a3:34:64:b3:af:
73:9c:7d:c4:51:ae:68:9e:69:0b:b6:4c:88:3d:ed:
86:02:0d:af:70:1d:4f:38:33:1d:a9:fd:d2:24:53:
2e:db:e3:b5:8f:03:8d:99:18:86:86:c6:71:c9:ff:
2c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C5:B1:52:97:AF:5E:5C:E1:4D:3E:55:9C:B3:02:14:C1:55:27:31
X509v3 Authority Key Identifier:
keyid:00:92:67:F3:E3:B9:E1:EB:B9:79:96:90:80:B0:DF:AB:24:C3:60:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AJJn8-O54eu5eZaQgLDfqyTDYBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:98:91:5a:7b:13:6f:aa:35:67:6e:12:38:53:26:92:e7:08:
46:36:91:f9:cb:76:40:79:11:97:6a:3c:56:b0:ad:e5:45:54:
c8:e6:a9:7d:f6:03:51:20:12:8b:c0:1a:09:31:4a:95:d7:85:
ab:06:25:db:4b:ec:b6:52:33:75:20:24:03:29:95:cd:be:e8:
a4:ac:1f:e9:0f:4c:59:83:fc:2a:51:3f:e8:40:b9:58:49:fe:
ad:13:21:c3:37:c0:c5:fc:dd:e8:6c:19:c1:c1:54:5c:ad:4c:
ab:53:39:bb:00:78:f5:ea:fc:a1:70:5e:66:32:fc:76:e3:64:
5f:e4:2e:47:77:eb:3d:62:8c:e9:39:fc:ea:a2:b0:5f:6c:28:
be:6f:6c:cd:a2:12:4d:76:3a:c2:0d:b8:20:62:09:90:a2:46:
cc:0c:02:8e:8a:59:8e:99:6c:46:a6:5b:c5:9a:8e:98:94:a6:
33:ce:5f:bc:f3:de:b0:d8:1e:b0:e1:c9:7a:c7:0f:4c:bd:9f:
8e:7e:ad:31:69:71:86:da:c6:50:db:96:65:68:57:25:c8:ef:
a1:29:29:b8:99:ec:a0:17:30:9d:8e:47:52:74:1e:45:90:91:
39:b3:d5:60:88:55:4e:14:e1:4e:86:8b:58:b8:3f:f0:e6:31:
8a:e7:29:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUEQPSy/ut/Cd8qNboT03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwOTI2N2YzZTNiOWUxZWJiOTc5OTY5MDgwYjBkZmFiMjRj
MzYwMWEwHhcNMjYwNDE3MTIwMDIxWhcNMjYwNDE4MTIwMDIxWjAzMTEwLwYDVQQD
EygyMGM1YjE1Mjk3YWY1ZTVjZTE0ZDNlNTU5Y2IzMDIxNGMxNTUyNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTk5Hnv2+Kq0XNMHb0VpjqbAmkfb
IWMFten1ewDZNuRqw48h+lFW7y5I8U4VToPnu/Cx4oOlpoiuy2rR8LaJnwEORSPY
BuQezunSfxN6rGW+AJGfO6mQlj9rkJNjA8eTBnzCrBwRYhbSKzG6gqF/E2SQwkVY
RoaZyZ5ofHIEnD5uRZhnU0xgR9Y34CL6si6X/jnAdPxoYKNrmKI9Ll+Tc/k2hECt
w75t/NLAg7JLZvLXPZderfpkgDKxyTrrDLGWH4LZykpI5+8704sFozRks69znH3E
Ua5onmkLtkyIPe2GAg2vcB1PODMdqf3SJFMu2+O1jwONmRiGhsZxyf8s7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDFsVKXr15c4U0+VZyzAhTBVScxMB8GA1UdIwQY
MBaAFACSZ/PjueHruXmWkICw36skw2AaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUpKbjgtTzU0ZXU1ZVphUWdMRGZxeVREWUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9mNGRiYTYtNmQ5NC00MTBmLTliZTIt
ZDY5MDM4MjUwMThjLzEvQUpKbjgtTzU0ZXU1ZVphUWdMRGZxeVREWUJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9mNGRiYTYtNmQ5NC00MTBmLTliZTItZDY5MDM4MjUwMThj
LzEvQUpKbjgtTzU0ZXU1ZVphUWdMRGZxeVREWUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKpiRWnsT
b6o1Z24SOFMmkucIRjaR+ct2QHkRl2o8VrCt5UVUyOapffYDUSASi8AaCTFKldeF
qwYl20vstlIzdSAkAymVzb7opKwf6Q9MWYP8KlE/6EC5WEn+rRMhwzfAxfzd6GwZ
wcFUXK1Mq1M5uwB49er8oXBeZjL8duNkX+QuR3frPWKM6Tn86qKwX2wovm9szaIS
TXY6wg24IGIJkKJGzAwCjopZjplsRqZbxZqOmJSmM85fvPPesNgesOHJescPTL2f
jn6tMWlxhtrGUNuWZWhXJcjvoSkpuJnsoBcwnY5HUnQeRZCRObPVYIhVThThToaL
WLg/8OYxiucpIQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:49:20 2026 by rpki-client