Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
File: MAhC2wg32vMRozS3IjGOcLWIsAk.mft (raw, json)
Hash identifier: BYxqXIItwTQlkhXoQdjWtnzSZx4g4eji+NA7Q9lavIY=
Subject key identifier: 8A:DE:3F:CE:8D:9D:D0:D9:3D:EC:56:DC:81:35:9B:A6:12:DB:10:33
Authority key identifier: 30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09
Certificate issuer: /CN=300842db0837daf311a334b722318e70b588b009
Certificate serial: 019D3A53FE4B78DD491ACD523AAB64F3A09D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
Manifest number: 188D
Signing time: Sun 29 Mar 2026 16:01:16 +0000
Manifest this update: Sun 29 Mar 2026 16:01:16 +0000
Manifest next update: Mon 30 Mar 2026 16:01:16 +0000
Files and hashes: 1: MAhC2wg32vMRozS3IjGOcLWIsAk.crl (hash: ItrCC6OcmZbDDTVH/WwGLahY/24Pd4tvKTl+E52+dRs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:53:fe:4b:78:dd:49:1a:cd:52:3a:ab:64:f3:a0:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=300842db0837daf311a334b722318e70b588b009
Validity
Not Before: Mar 29 16:01:16 2026 GMT
Not After : Mar 30 16:01:16 2026 GMT
Subject: CN=8ade3fce8d9dd0d93dec56dc81359ba612db1033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ff:22:45:c0:4a:29:be:13:cf:01:87:52:ab:
4a:b3:1f:da:50:af:72:f9:bf:ec:0f:dc:c7:df:ff:
a1:ea:20:ba:2e:15:fc:05:4f:93:6c:0d:e6:c8:3b:
aa:f1:89:57:6f:79:c0:5d:36:37:fc:ba:ce:6a:e3:
8d:5b:1b:63:2f:ca:2b:40:4e:0f:75:aa:e9:32:f7:
a3:14:44:3d:ec:f4:26:a0:d6:48:7a:c0:1a:97:1c:
b4:ab:f7:97:3d:05:36:06:71:9a:89:f4:59:74:b6:
6d:26:08:9d:4f:36:51:e1:49:a8:94:60:0e:92:9d:
85:07:2c:46:ec:a4:7c:33:b6:40:3a:a0:31:96:92:
ff:4a:8e:4e:9e:30:5f:93:eb:17:d5:b0:2e:66:2c:
eb:9d:7a:79:23:34:41:63:f9:a0:03:fc:02:be:ee:
c5:97:ea:b3:8a:ab:2a:7e:23:65:56:7d:f7:05:45:
52:47:34:d3:ee:be:96:ed:31:74:d4:49:7a:f3:67:
81:4b:32:d1:93:b9:b3:59:66:e4:cf:f5:66:50:bd:
f3:73:ee:6c:5d:61:bb:16:1a:5c:85:98:70:72:29:
d3:a8:b9:9c:32:79:80:48:b2:e6:98:43:b4:3e:dd:
3e:36:b0:7d:05:8a:d5:c4:e4:c7:b4:d8:f6:14:a1:
6e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:DE:3F:CE:8D:9D:D0:D9:3D:EC:56:DC:81:35:9B:A6:12:DB:10:33
X509v3 Authority Key Identifier:
keyid:30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:8c:b7:02:68:23:7c:85:a9:d8:f2:00:ea:27:17:12:81:76:
57:e9:f8:45:5e:ad:42:d1:df:98:a7:50:42:d9:e1:ca:17:fa:
4c:6d:fd:9a:e5:70:12:b4:a4:28:5e:62:32:f6:c5:00:8d:66:
b3:25:f7:a7:2b:78:f3:98:33:4b:93:c4:dd:b3:86:eb:28:b2:
7e:2b:c9:51:6d:bc:60:84:c5:6a:f2:a3:31:66:a8:1c:09:9c:
5d:72:a3:1d:79:48:c4:37:46:b3:26:1f:05:01:da:73:18:ad:
e4:5e:75:d7:59:59:27:38:87:df:f2:91:51:ed:7e:25:37:73:
fe:8e:23:4d:2f:0c:85:77:4d:ff:a1:05:e0:ab:59:4b:4c:3c:
d3:0a:2e:28:5b:b5:f8:99:fa:12:1a:27:26:25:a4:87:43:27:
35:40:5a:f6:20:0c:62:2b:b2:6a:47:b1:95:34:42:52:99:3d:
3b:69:09:73:e3:91:45:dd:5b:91:fd:70:78:f5:c2:e5:bc:f4:
67:4e:3a:69:07:c3:75:0a:64:0f:96:ca:5d:3c:c0:fc:c5:78:
89:2e:6d:87:fb:04:b3:50:28:70:55:99:1e:d0:5b:d2:17:13:
c2:48:6c:83:32:c3:b8:fc:e0:9d:9b:ee:81:30:8a:bd:90:a3:
9e:68:33:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U/5LeN1JGs1SOqtk86CdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDg0MmRiMDgzN2RhZjMxMWEzMzRiNzIyMzE4ZTcwYjU4
OGIwMDkwHhcNMjYwMzI5MTYwMTE2WhcNMjYwMzMwMTYwMTE2WjAzMTEwLwYDVQQD
Eyg4YWRlM2ZjZThkOWRkMGQ5M2RlYzU2ZGM4MTM1OWJhNjEyZGIxMDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwv8iRcBKKb4TzwGHUqtKsx/aUK9y
+b/sD9zH3/+h6iC6LhX8BU+TbA3myDuq8YlXb3nAXTY3/LrOauONWxtjL8orQE4P
darpMvejFEQ97PQmoNZIesAalxy0q/eXPQU2BnGaifRZdLZtJgidTzZR4UmolGAO
kp2FByxG7KR8M7ZAOqAxlpL/So5OnjBfk+sX1bAuZizrnXp5IzRBY/mgA/wCvu7F
l+qziqsqfiNlVn33BUVSRzTT7r6W7TF01El682eBSzLRk7mzWWbkz/VmUL3zc+5s
XWG7FhpchZhwcinTqLmcMnmASLLmmEO0Pt0+NrB9BYrVxOTHtNj2FKFuuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIreP86NndDZPexW3IE1m6YS2xAzMB8GA1UdIwQY
MBaAFDAIQtsIN9rzEaM0tyIxjnC1iLAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMt
NTMxMmExMzNiOTRlLzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMtNTMxMmExMzNiOTRl
LzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAoy3Amgj
fIWp2PIA6icXEoF2V+n4RV6tQtHfmKdQQtnhyhf6TG39muVwErSkKF5iMvbFAI1m
syX3pyt485gzS5PE3bOG6yiyfivJUW28YITFavKjMWaoHAmcXXKjHXlIxDdGsyYf
BQHacxit5F5111lZJziH3/KRUe1+JTdz/o4jTS8MhXdN/6EF4KtZS0w80wouKFu1
+Jn6EhonJiWkh0MnNUBa9iAMYiuyakexlTRCUpk9O2kJc+ORRd1bkf1wePXC5bz0
Z046aQfDdQpkD5bKXTzA/MV4iS5th/sEs1AocFWZHtBb0hcTwkhsgzLDuPzgnZvu
gTCKvZCjnmgzWg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:24:42 2026 by rpki-client