Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft
File: AOLDNzGtylfcwzsvuCM_wDiwlek.mft (raw, json)
Hash identifier: KhBR4NQGjj18QlIVugL+GVNvAGc8LnB8PaL2q4Fhjx4=
Subject key identifier: BD:9F:2F:79:76:34:6B:96:E3:7E:05:A7:97:A7:D8:E1:97:26:32:C6
Authority key identifier: 00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
Certificate issuer: /CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Certificate serial: 019CABA24792A1A266F28106D362B22477AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft
Manifest number: 1385
Signing time: Sun 01 Mar 2026 23:01:04 +0000
Manifest this update: Sun 01 Mar 2026 23:01:04 +0000
Manifest next update: Mon 02 Mar 2026 23:01:04 +0000
Files and hashes: 1: 6tZKYli0xFjSrMTaPxgthKbfu_g.roa (hash: lqL9qb+FKGUxGrpBLb7Tf9OnZbQiDT4OvdfFGjgah0c=)
2: AOLDNzGtylfcwzsvuCM_wDiwlek.crl (hash: 3aTjEG83IOs6E8vLZwcbGMKNRBwJ/66M9gh0h2KU4zo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft
rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a2:47:92:a1:a2:66:f2:81:06:d3:62:b2:24:77:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Validity
Not Before: Mar 1 23:01:04 2026 GMT
Not After : Mar 2 23:01:04 2026 GMT
Subject: CN=bd9f2f7976346b96e37e05a797a7d8e1972632c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2f:4d:83:09:34:0a:9b:04:63:03:be:2c:c8:
a6:93:06:75:d5:16:d9:66:f3:6c:a2:7f:43:76:e2:
d2:55:97:6a:d3:b5:45:66:a8:9f:64:70:83:07:a5:
30:83:a2:9d:28:6a:be:55:f1:e2:a8:2a:ca:f7:40:
5e:91:2f:06:a7:d4:28:fc:0b:10:9c:26:e3:b4:a7:
0e:2a:27:90:c8:64:b6:ce:3a:8a:db:11:d5:b3:ef:
63:8a:eb:ed:14:1d:d2:1b:62:3f:2e:eb:5b:4d:18:
59:99:b0:04:6f:47:18:02:fc:e3:07:f4:d9:8d:0d:
68:09:d9:a8:ae:fa:e0:00:4b:20:8a:10:f1:03:d7:
41:9d:ea:b2:b7:9d:8a:e4:21:7b:c9:20:1d:30:97:
5f:a1:c7:51:a0:34:53:2f:d1:9c:ab:36:1f:dd:94:
e2:58:c7:bb:53:ed:40:e6:01:b3:96:09:b1:73:6d:
90:dd:ae:a7:80:ef:75:24:8d:14:34:fd:42:ca:96:
9c:cd:4d:b1:13:d1:d5:3d:18:d1:9c:54:91:6d:75:
73:ee:de:b9:a6:aa:66:d7:07:0b:e7:cb:27:db:a7:
c1:ae:6c:d7:e8:5b:cb:fa:46:cf:a1:ca:cb:9f:ab:
c9:d0:94:80:a6:8a:fa:8a:46:7b:68:95:04:c5:02:
46:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:9F:2F:79:76:34:6B:96:E3:7E:05:A7:97:A7:D8:E1:97:26:32:C6
X509v3 Authority Key Identifier:
keyid:00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ab:0d:15:77:0c:bb:0c:00:e6:88:ab:33:16:3c:3d:80:48:99:
61:9b:2b:e7:78:a5:81:de:f2:70:e2:9f:d1:e7:91:03:c5:70:
ca:35:f8:42:e5:24:c6:5b:f4:73:2c:c3:c7:7c:49:33:a1:2f:
35:92:1f:fc:52:b7:7f:d4:94:5c:26:56:6c:70:23:d9:2d:49:
af:71:cb:28:69:e6:1b:d7:dd:41:20:ab:ed:f2:8e:99:58:cc:
e1:0c:17:da:e6:81:d9:ca:00:af:ea:47:5e:34:87:e7:f8:ff:
4a:77:7b:d4:7a:f9:2b:a4:55:65:d7:c7:49:72:67:10:70:a0:
36:1e:78:e3:27:b9:48:ff:1e:59:20:75:af:c9:c9:12:fe:f6:
70:f5:16:16:51:81:55:8b:5c:4e:20:16:89:3d:be:17:64:cc:
7d:7d:b2:b9:7f:36:45:81:ba:65:22:05:15:68:d9:90:d6:79:
65:46:d3:ba:7c:aa:b9:0b:c0:8e:12:cc:9b:47:3a:58:7a:33:
01:8e:f9:19:54:44:0e:9b:42:3f:13:fe:b8:3b:59:bf:54:98:
66:17:7b:38:7f:dd:d2:21:1e:7a:99:08:2b:16:80:35:43:6c:
6d:27:bf:79:12:28:e1:60:76:aa:46:0d:4b:c2:4c:7e:0f:e8:
fc:d6:62:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrokeSoaJm8oEG02KyJHerMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTJjMzM3MzFhZGNhNTdkY2MzM2IyZmI4MjMzZmMwMzhi
MDk1ZTkwHhcNMjYwMzAxMjMwMTA0WhcNMjYwMzAyMjMwMTA0WjAzMTEwLwYDVQQD
EyhiZDlmMmY3OTc2MzQ2Yjk2ZTM3ZTA1YTc5N2E3ZDhlMTk3MjYzMmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC9Ngwk0CpsEYwO+LMimkwZ11RbZ
ZvNson9DduLSVZdq07VFZqifZHCDB6Uwg6KdKGq+VfHiqCrK90BekS8Gp9Qo/AsQ
nCbjtKcOKieQyGS2zjqK2xHVs+9jiuvtFB3SG2I/LutbTRhZmbAEb0cYAvzjB/TZ
jQ1oCdmorvrgAEsgihDxA9dBneqyt52K5CF7ySAdMJdfocdRoDRTL9GcqzYf3ZTi
WMe7U+1A5gGzlgmxc22Q3a6ngO91JI0UNP1CypaczU2xE9HVPRjRnFSRbXVz7t65
pqpm1wcL58sn26fBrmzX6FvL+kbPocrLn6vJ0JSApor6ikZ7aJUExQJG3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2fL3l2NGuW434Fp5en2OGXJjLGMB8GA1UdIwQY
MBaAFADiwzcxrcpX3MM7L7gjP8A4sJXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMt
YzlhZDM3Zjk0Y2Q3LzEvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMtYzlhZDM3Zjk0Y2Q3
LzEvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqw0Vdwy7
DADmiKszFjw9gEiZYZsr53ilgd7ycOKf0eeRA8VwyjX4QuUkxlv0cyzDx3xJM6Ev
NZIf/FK3f9SUXCZWbHAj2S1Jr3HLKGnmG9fdQSCr7fKOmVjM4QwX2uaB2coAr+pH
XjSH5/j/Snd71Hr5K6RVZdfHSXJnEHCgNh544ye5SP8eWSB1r8nJEv72cPUWFlGB
VYtcTiAWiT2+F2TMfX2yuX82RYG6ZSIFFWjZkNZ5ZUbTunyquQvAjhLMm0c6WHoz
AY75GVREDptCPxP+uDtZv1SYZhd7OH/d0iEeepkIKxaANUNsbSe/eRIo4WB2qkYN
S8JMfg/o/NZi0w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:18:16 2026 by rpki-client