Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.mft
File: AFetCa6aGpgBInWFGqvmnk4VovQ.mft (raw, json)
Hash identifier: 3jh3z4CKVmVcqhG04qz8nuu47ztCjI6+6XK7eSi6pjU=
Subject key identifier: 41:B4:A3:22:1B:61:65:17:25:73:6F:FE:1A:A7:5F:47:12:44:82:A0
Authority key identifier: 00:57:AD:09:AE:9A:1A:98:01:22:75:85:1A:AB:E6:9E:4E:15:A2:F4
Certificate issuer: /CN=0057ad09ae9a1a98012275851aabe69e4e15a2f4
Certificate serial: 019D39AEC7F99CCBEFCA15ECED8E7C737BCB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AFetCa6aGpgBInWFGqvmnk4VovQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.mft
Manifest number: 1178
Signing time: Sun 29 Mar 2026 13:00:48 +0000
Manifest this update: Sun 29 Mar 2026 13:00:48 +0000
Manifest next update: Mon 30 Mar 2026 13:00:48 +0000
Files and hashes: 1: AFetCa6aGpgBInWFGqvmnk4VovQ.crl (hash: YJYe6i42LeLFqlG7NIBBrkAR9xCG2hVc3KHMY4lwXZQ=)
2: YF-tWCFsSuAIoswUePA1e2Wc2vc.roa (hash: pEIfFvCDAADSX4Ka/xFTpfoKfdGNNPSk4G6XnaiqnGo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/AFetCa6aGpgBInWFGqvmnk4VovQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:c7:f9:9c:cb:ef:ca:15:ec:ed:8e:7c:73:7b:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0057ad09ae9a1a98012275851aabe69e4e15a2f4
Validity
Not Before: Mar 29 13:00:48 2026 GMT
Not After : Mar 30 13:00:48 2026 GMT
Subject: CN=41b4a3221b61651725736ffe1aa75f47124482a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fe:0b:c0:6a:3c:fd:ea:bd:5c:2b:c0:03:71:
fa:2c:1f:83:f1:2c:8e:55:bd:85:4b:fc:21:5c:cf:
59:28:0c:c6:e3:8b:19:c1:f0:33:61:7e:43:0e:36:
c2:e9:0d:42:05:7c:54:51:58:9b:d7:f9:da:40:d0:
37:23:87:fb:19:a9:df:2b:4e:93:f6:e4:45:91:b2:
48:14:78:2d:70:65:28:9c:5c:25:32:55:5a:4f:24:
87:7d:2a:65:c7:6d:ee:68:1f:7f:8f:84:ea:5e:b6:
b2:bf:2b:d1:47:dc:49:4b:72:55:f6:c9:5b:5f:02:
42:1b:3a:3b:cc:6b:9a:aa:45:0a:51:22:e9:76:2f:
6f:e1:db:de:14:32:b8:71:a1:00:07:c8:bc:37:c4:
70:4f:04:ee:e5:5d:0d:4a:76:48:7f:ac:e7:0f:8a:
76:3b:45:3a:65:e7:48:94:5c:0e:bd:54:57:9a:25:
d9:da:28:05:9a:24:03:60:49:9d:28:3d:20:36:b7:
b8:e0:de:12:94:41:a4:89:e7:67:f3:34:f6:f8:e2:
e5:f6:3b:d4:a7:d4:2b:24:1e:16:99:8e:c6:78:af:
53:e0:4d:be:f0:98:8f:f8:58:ac:07:a7:5e:7c:7d:
73:0a:18:63:a1:ed:6c:74:e4:5e:57:de:63:e9:81:
53:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B4:A3:22:1B:61:65:17:25:73:6F:FE:1A:A7:5F:47:12:44:82:A0
X509v3 Authority Key Identifier:
keyid:00:57:AD:09:AE:9A:1A:98:01:22:75:85:1A:AB:E6:9E:4E:15:A2:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFetCa6aGpgBInWFGqvmnk4VovQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:3c:f4:15:a7:1a:7d:6f:78:81:93:d9:6b:a8:d4:b4:17:f6:
2e:42:0d:d2:84:53:0b:e3:6b:8f:35:c3:2f:59:b8:93:81:f8:
1c:f7:b4:06:83:c5:73:36:f9:b8:46:c6:b7:89:e7:c2:3b:10:
f8:87:2a:5b:74:b4:1d:f3:f9:9a:f7:51:6e:dc:42:7a:05:2e:
fd:30:c0:22:1d:a3:40:dc:ec:42:6d:f6:c9:c8:7f:c8:6c:68:
8d:e0:6a:36:a0:7d:3a:bd:12:f6:ee:cd:5b:55:9f:71:d3:dd:
b7:45:e5:df:5c:8d:ac:e2:2c:e9:e5:a9:eb:15:8d:96:62:46:
3f:87:03:fd:31:c1:64:08:44:15:c7:70:0d:21:0f:8c:9a:7b:
8c:90:59:68:7c:bc:a8:43:7a:f4:15:67:11:c3:e2:25:e1:61:
6f:8f:6f:6f:8e:ff:b9:37:e4:0f:06:eb:c2:c6:bb:77:54:01:
61:ed:a6:1b:50:e2:e8:fc:9e:78:4b:86:3d:53:f0:b5:3e:39:
24:2b:b7:bb:92:d2:2c:b0:01:ae:02:22:06:2e:9d:b0:15:11:
63:de:3e:a6:21:95:d2:8a:6f:31:ea:bc:b5:d7:32:b7:a3:5b:
2b:b4:36:fa:24:b3:13:77:90:87:19:33:8a:b9:84:2c:79:ab:
87:16:52:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rsf5nMvvyhXs7Y58c3vLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTdhZDA5YWU5YTFhOTgwMTIyNzU4NTFhYWJlNjllNGUx
NWEyZjQwHhcNMjYwMzI5MTMwMDQ4WhcNMjYwMzMwMTMwMDQ4WjAzMTEwLwYDVQQD
Eyg0MWI0YTMyMjFiNjE2NTE3MjU3MzZmZmUxYWE3NWY0NzEyNDQ4MmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/4LwGo8/eq9XCvAA3H6LB+D8SyO
Vb2FS/whXM9ZKAzG44sZwfAzYX5DDjbC6Q1CBXxUUVib1/naQNA3I4f7GanfK06T
9uRFkbJIFHgtcGUonFwlMlVaTySHfSplx23uaB9/j4TqXrayvyvRR9xJS3JV9slb
XwJCGzo7zGuaqkUKUSLpdi9v4dveFDK4caEAB8i8N8RwTwTu5V0NSnZIf6znD4p2
O0U6ZedIlFwOvVRXmiXZ2igFmiQDYEmdKD0gNre44N4SlEGkiedn8zT2+OLl9jvU
p9QrJB4WmY7GeK9T4E2+8JiP+FisB6defH1zChhjoe1sdOReV95j6YFTfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEG0oyIbYWUXJXNv/hqnX0cSRIKgMB8GA1UdIwQY
MBaAFABXrQmumhqYASJ1hRqr5p5OFaL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZldENhNmFHcGdCSW5XRkdxdm1uazRWb3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy80YzMyYjktZjc3NS00ODY4LTkyM2Qt
ZGNhMzhkNTlhMTU4LzEvQUZldENhNmFHcGdCSW5XRkdxdm1uazRWb3ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy80YzMyYjktZjc3NS00ODY4LTkyM2QtZGNhMzhkNTlhMTU4
LzEvQUZldENhNmFHcGdCSW5XRkdxdm1uazRWb3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARDz0Faca
fW94gZPZa6jUtBf2LkIN0oRTC+NrjzXDL1m4k4H4HPe0BoPFczb5uEbGt4nnwjsQ
+IcqW3S0HfP5mvdRbtxCegUu/TDAIh2jQNzsQm32ych/yGxojeBqNqB9Or0S9u7N
W1WfcdPdt0Xl31yNrOIs6eWp6xWNlmJGP4cD/THBZAhEFcdwDSEPjJp7jJBZaHy8
qEN69BVnEcPiJeFhb49vb47/uTfkDwbrwsa7d1QBYe2mG1Di6PyeeEuGPVPwtT45
JCu3u5LSLLABrgIiBi6dsBURY94+piGV0opvMeq8tdcyt6NbK7Q2+iSzE3eQhxkz
irmELHmrhxZS8A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:49:54 2026 by rpki-client