Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/953a61-3349-47bf-a12b-e4c69334142c/1/afM-l5tD6I0OXsp5h5R9sh73yrk.mft
File: afM-l5tD6I0OXsp5h5R9sh73yrk.mft (raw, json)
Hash identifier: 7281S6QAfC+7DPLLNXhTf5U5QVlEKmcidXTfO2RuDJY=
Subject key identifier: 9D:F8:5B:B1:F7:44:EC:32:18:AE:D3:3F:31:51:8F:23:7E:DA:5E:78
Authority key identifier: 69:F3:3E:97:9B:43:E8:8D:0E:5E:CA:79:87:94:7D:B2:1E:F7:CA:B9
Certificate issuer: /CN=69f33e979b43e88d0e5eca7987947db21ef7cab9
Certificate serial: 019D3909B58C6E54C95A7CA9E50DDB4652B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/afM-l5tD6I0OXsp5h5R9sh73yrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/953a61-3349-47bf-a12b-e4c69334142c/1/afM-l5tD6I0OXsp5h5R9sh73yrk.mft
Manifest number: 0749
Signing time: Sun 29 Mar 2026 10:00:30 +0000
Manifest this update: Sun 29 Mar 2026 10:00:30 +0000
Manifest next update: Mon 30 Mar 2026 10:00:30 +0000
Files and hashes: 1: afM-l5tD6I0OXsp5h5R9sh73yrk.crl (hash: Dh55DngM9GAb0pMrUiAqaGXsGBOJt1UljFNwrqv132g=)
2: eNYwFKvhTYAKwUVHqfcOhm_redw.roa (hash: h0zFFTvlVNTqfoPE4dwnvafuj6T5qC/XkjacHGe2Fjo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/953a61-3349-47bf-a12b-e4c69334142c/1/afM-l5tD6I0OXsp5h5R9sh73yrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/953a61-3349-47bf-a12b-e4c69334142c/1/afM-l5tD6I0OXsp5h5R9sh73yrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/afM-l5tD6I0OXsp5h5R9sh73yrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:b5:8c:6e:54:c9:5a:7c:a9:e5:0d:db:46:52:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69f33e979b43e88d0e5eca7987947db21ef7cab9
Validity
Not Before: Mar 29 10:00:30 2026 GMT
Not After : Mar 30 10:00:30 2026 GMT
Subject: CN=9df85bb1f744ec3218aed33f31518f237eda5e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7a:87:e4:69:0f:84:89:b8:a1:da:95:08:7b:
9b:ab:c5:cc:3b:6d:62:53:07:e2:9a:86:de:bc:1c:
d3:c9:51:78:0c:ec:63:7c:8d:f6:86:61:36:78:0d:
b6:7c:6d:fd:ab:d2:bf:fa:94:ff:16:9a:a7:11:81:
62:f0:a5:a1:36:d0:40:c9:73:37:62:33:b8:07:3d:
0e:58:fd:12:df:24:90:cb:39:e4:bf:a5:eb:55:b5:
db:ef:f2:37:64:9d:0b:64:4e:42:0a:cb:d1:5a:dd:
90:55:e2:55:ee:40:62:f7:c6:33:02:72:2b:0f:a2:
7d:9f:2a:ff:9a:a0:13:0d:4d:70:31:f7:8f:3d:d9:
6d:18:35:17:4a:8a:25:5e:bd:b3:24:d9:bb:fd:16:
9a:e7:2d:d1:66:a4:f0:20:07:8c:f3:3b:23:db:80:
d6:49:89:6f:a2:4a:02:c1:c5:90:f0:d9:ae:a6:32:
e5:1e:3f:ab:82:63:d9:39:9d:9f:4d:81:2c:4b:5b:
0a:2b:97:66:77:12:01:69:6c:eb:f2:82:e1:85:7b:
d9:e5:56:f5:e6:5e:df:4a:dd:1e:ab:2c:cd:4a:8d:
05:3a:2c:a3:2b:5f:26:16:26:3e:36:55:d5:17:54:
4a:5b:c3:df:c1:ed:8c:56:13:82:96:7e:d3:0e:5e:
bb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F8:5B:B1:F7:44:EC:32:18:AE:D3:3F:31:51:8F:23:7E:DA:5E:78
X509v3 Authority Key Identifier:
keyid:69:F3:3E:97:9B:43:E8:8D:0E:5E:CA:79:87:94:7D:B2:1E:F7:CA:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afM-l5tD6I0OXsp5h5R9sh73yrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/953a61-3349-47bf-a12b-e4c69334142c/1/afM-l5tD6I0OXsp5h5R9sh73yrk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/953a61-3349-47bf-a12b-e4c69334142c/1/afM-l5tD6I0OXsp5h5R9sh73yrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:34:c7:30:41:70:ec:f6:15:bd:5a:9e:18:3f:55:42:cc:25:
b9:fc:f1:8a:84:f8:73:30:aa:26:01:77:e8:b4:8c:05:a4:60:
7d:f6:d1:77:7b:22:9e:09:c2:ee:e7:8d:fc:45:32:0b:79:38:
ea:a7:e8:a2:d8:66:30:68:f9:2c:7b:1e:71:18:b6:f7:1c:89:
96:a4:01:c0:43:6e:79:5a:0f:12:e8:7b:92:a7:cc:a2:9e:4f:
b0:52:d0:57:5e:d5:e9:7b:a8:2d:25:86:e4:f7:f7:3d:d2:a4:
6f:b4:4e:0b:ce:ab:b7:ee:ac:97:36:e8:cc:45:df:b5:27:03:
70:ff:7f:e0:c2:67:26:82:6b:b7:40:da:f3:2e:e5:70:63:a5:
a5:35:0a:71:fa:9c:af:ca:19:a9:ac:c8:7b:36:f9:50:97:08:
09:78:16:aa:74:18:65:b1:ea:db:64:7c:b9:47:f0:76:57:7e:
cb:fb:89:2b:26:b8:ff:9e:09:4f:e7:44:ca:70:c3:6c:e7:03:
53:33:2e:e0:6d:c5:2c:0a:d4:58:59:b1:50:93:b4:d3:a1:1c:
6c:84:c7:f6:d5:19:d1:97:54:a1:42:97:09:88:40:39:c7:0b:
7d:94:81:d7:2e:1b:91:13:b7:12:6e:c2:ab:75:fd:bc:0c:28:
56:d4:01:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CbWMblTJWnyp5Q3bRlK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZjMzZTk3OWI0M2U4OGQwZTVlY2E3OTg3OTQ3ZGIyMWVm
N2NhYjkwHhcNMjYwMzI5MTAwMDMwWhcNMjYwMzMwMTAwMDMwWjAzMTEwLwYDVQQD
Eyg5ZGY4NWJiMWY3NDRlYzMyMThhZWQzM2YzMTUxOGYyMzdlZGE1ZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXqH5GkPhIm4odqVCHubq8XMO21i
UwfimobevBzTyVF4DOxjfI32hmE2eA22fG39q9K/+pT/FpqnEYFi8KWhNtBAyXM3
YjO4Bz0OWP0S3ySQyznkv6XrVbXb7/I3ZJ0LZE5CCsvRWt2QVeJV7kBi98YzAnIr
D6J9nyr/mqATDU1wMfePPdltGDUXSoolXr2zJNm7/Raa5y3RZqTwIAeM8zsj24DW
SYlvokoCwcWQ8NmupjLlHj+rgmPZOZ2fTYEsS1sKK5dmdxIBaWzr8oLhhXvZ5Vb1
5l7fSt0eqyzNSo0FOiyjK18mFiY+NlXVF1RKW8Pfwe2MVhOCln7TDl67ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ34W7H3ROwyGK7TPzFRjyN+2l54MB8GA1UdIwQY
MBaAFGnzPpebQ+iNDl7KeYeUfbIe98q5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWZNLWw1dEQ2STBPWHNwNWg1UjlzaDczeXJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi85NTNhNjEtMzM0OS00N2JmLWExMmIt
ZTRjNjkzMzQxNDJjLzEvYWZNLWw1dEQ2STBPWHNwNWg1UjlzaDczeXJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi85NTNhNjEtMzM0OS00N2JmLWExMmItZTRjNjkzMzQxNDJj
LzEvYWZNLWw1dEQ2STBPWHNwNWg1UjlzaDczeXJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdTTHMEFw
7PYVvVqeGD9VQswlufzxioT4czCqJgF36LSMBaRgffbRd3singnC7ueN/EUyC3k4
6qfoothmMGj5LHsecRi29xyJlqQBwENueVoPEuh7kqfMop5PsFLQV17V6XuoLSWG
5Pf3PdKkb7ROC86rt+6slzbozEXftScDcP9/4MJnJoJrt0Da8y7lcGOlpTUKcfqc
r8oZqazIezb5UJcICXgWqnQYZbHq22R8uUfwdld+y/uJKya4/54JT+dEynDDbOcD
UzMu4G3FLArUWFmxUJO006EcbITH9tUZ0ZdUoUKXCYhAOccLfZSB1y4bkRO3Em7C
q3X9vAwoVtQBaA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:07:25 2026 by rpki-client