Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
File: AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft (raw, json)
Hash identifier: ++g3A/iSFEnh6bFVCHzLdngbLc5FGACTRi47kNujPoo=
Subject key identifier: B1:6D:F1:B3:B4:13:0B:1E:C4:8D:35:E4:71:D4:89:8D:AE:DA:6E:B3
Authority key identifier: 00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
Certificate issuer: /CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Certificate serial: 019D371BFD5CDB220B753EBA6B3EE3DBF393
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 01:01:14 +0000
Manifest this update: Sun 29 Mar 2026 01:01:14 +0000
Manifest next update: Mon 30 Mar 2026 01:01:14 +0000
Files and hashes: 1: AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl (hash: fDBxBc6GGkUMSuBwona5wKxw06oFptYh4Md5PEGaUr8=)
2: GSCpplFtfkTN5C3emWdSBHM2s_U.roa (hash: uafjHLArE68enYzHEZipyUcJy+2TVAQsxPWk3VzbutI=)
3: T4PSpNaqkAOQJjuBdAFdx3zKgyY.roa (hash: sU9bxlF1T+hrGzv9LaagfpQyLm85yMt1O7DFm4yEcJY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 01:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:1b:fd:5c:db:22:0b:75:3e:ba:6b:3e:e3:db:f3:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Validity
Not Before: Mar 29 01:01:14 2026 GMT
Not After : Mar 30 01:01:14 2026 GMT
Subject: CN=b16df1b3b4130b1ec48d35e471d4898daeda6eb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cf:80:45:37:5f:eb:78:bd:e6:96:fa:c5:5f:
b3:ef:33:7b:d5:92:4e:7a:52:52:8f:92:b4:45:c9:
66:51:66:77:de:ed:6a:4e:5e:ef:86:8a:85:56:2a:
98:e8:7b:50:e8:94:31:26:ef:9e:fc:f2:84:8e:97:
9f:7d:4c:36:d5:4f:5d:22:c2:0c:bc:29:ad:66:45:
a8:41:0c:ef:3f:aa:10:33:6b:b7:ee:e9:b3:8e:d0:
ba:d1:40:3c:59:9a:07:67:60:27:51:e0:9c:90:3a:
53:7b:5d:ff:70:c3:6d:90:4a:79:4f:31:c5:a9:5b:
29:56:76:73:7a:34:ea:8b:e7:92:6d:26:f4:80:24:
3d:44:1d:87:ce:ac:99:26:ef:4e:fc:55:a3:f7:b0:
e8:e3:45:05:c5:1e:b5:3b:99:e4:e6:03:38:b1:d4:
5e:1c:c1:ab:27:e4:78:36:9a:b8:2c:3c:05:f4:a0:
f5:f7:7f:2b:47:d3:0c:2f:ea:3a:6e:c5:b0:5d:e4:
9f:63:f4:1e:10:11:48:42:d5:9c:9c:2a:52:d3:c8:
a7:0c:82:8e:57:68:3e:f3:e9:69:a1:9e:47:a0:b6:
83:59:30:60:56:3e:dc:36:24:6b:ac:36:9d:58:bf:
90:78:c9:ba:82:86:d7:81:9c:c1:15:6c:80:bf:c3:
cb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:6D:F1:B3:B4:13:0B:1E:C4:8D:35:E4:71:D4:89:8D:AE:DA:6E:B3
X509v3 Authority Key Identifier:
keyid:00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:1d:1e:ed:15:89:69:3b:01:13:bb:3e:2d:d2:f7:50:2c:a9:
3b:fa:9a:20:e3:4f:42:10:48:e8:35:a8:51:9d:79:b0:0f:c8:
35:9b:7b:24:db:44:77:2b:a0:c3:02:a7:00:98:77:9c:c8:9d:
30:c8:37:8a:27:37:2c:62:38:6e:17:87:a7:33:e5:4d:ae:e1:
09:da:60:b5:74:7a:58:08:92:dc:fd:62:f2:f9:bc:fe:df:89:
b0:f8:04:50:29:5c:9b:e8:0c:26:9e:37:04:64:4d:15:b5:a8:
e9:cc:57:17:f6:e3:05:79:04:69:e0:6b:45:fc:f4:70:c5:fa:
60:7b:fa:4f:9b:4e:1e:9f:a1:1a:73:45:fa:4a:5a:b8:52:43:
eb:17:6a:f5:98:01:a8:d6:e3:b6:bc:4d:6f:a3:1a:4c:cf:d3:
6a:b0:07:35:81:68:89:0a:78:31:ff:46:c1:1e:ac:5a:24:f6:
fc:74:b3:de:1f:64:b5:6e:47:8e:cd:74:20:71:da:cd:16:c5:
e4:35:53:f6:82:f9:a1:2f:1e:ef:63:58:47:66:5c:d5:ad:c8:
33:58:91:1a:0b:46:ee:03:42:7c:8c:b9:b5:87:f4:0e:99:c4:
b7:85:87:36:65:3c:40:34:77:81:40:a9:bb:92:09:0f:34:e2:
03:6c:46:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G/1c2yILdT66az7j2/OTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzJjMDhmNzRkMmE4NDJhNzFmMjNhYjYxNDk5YjUyNjk0
ZmM3YTUwHhcNMjYwMzI5MDEwMTE0WhcNMjYwMzMwMDEwMTE0WjAzMTEwLwYDVQQD
EyhiMTZkZjFiM2I0MTMwYjFlYzQ4ZDM1ZTQ3MWQ0ODk4ZGFlZGE2ZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1s+ARTdf63i95pb6xV+z7zN71ZJO
elJSj5K0RclmUWZ33u1qTl7vhoqFViqY6HtQ6JQxJu+e/PKEjpeffUw21U9dIsIM
vCmtZkWoQQzvP6oQM2u37umzjtC60UA8WZoHZ2AnUeCckDpTe13/cMNtkEp5TzHF
qVspVnZzejTqi+eSbSb0gCQ9RB2HzqyZJu9O/FWj97Do40UFxR61O5nk5gM4sdRe
HMGrJ+R4Npq4LDwF9KD1938rR9MML+o6bsWwXeSfY/QeEBFIQtWcnCpS08inDIKO
V2g+8+lpoZ5HoLaDWTBgVj7cNiRrrDadWL+QeMm6gobXgZzBFWyAv8PLcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFt8bO0EwsexI015HHUiY2u2m6zMB8GA1UdIwQY
MBaAFABywI900qhCpx8jq2FJm1JpT8elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYt
NjY3ZDY2NDY5Y2Q5LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYtNjY3ZDY2NDY5Y2Q5
LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOR0e7RWJ
aTsBE7s+LdL3UCypO/qaIONPQhBI6DWoUZ15sA/INZt7JNtEdyugwwKnAJh3nMid
MMg3iic3LGI4bheHpzPlTa7hCdpgtXR6WAiS3P1i8vm8/t+JsPgEUClcm+gMJp43
BGRNFbWo6cxXF/bjBXkEaeBrRfz0cMX6YHv6T5tOHp+hGnNF+kpauFJD6xdq9ZgB
qNbjtrxNb6MaTM/TarAHNYFoiQp4Mf9GwR6sWiT2/HSz3h9ktW5Hjs10IHHazRbF
5DVT9oL5oS8e72NYR2Zc1a3IM1iRGgtG7gNCfIy5tYf0DpnEt4WHNmU8QDR3gUCp
u5IJDzTiA2xGiA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:16:28 2026 by rpki-client