Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/014634-7feb-47da-aae2-e21e0082636f/1/AV3onCqMLU3oGkNnXBXlQ-qhcOk.mft
File: AV3onCqMLU3oGkNnXBXlQ-qhcOk.mft (raw, json)
Hash identifier: R5c2gebhUQfUp7QQkP7CcWPP0PTUxLgU+30padt8vrM=
Subject key identifier: 86:6F:2A:FE:1E:3B:C2:A9:E7:61:FE:A4:14:B8:F2:C8:22:81:A6:51
Authority key identifier: 01:5D:E8:9C:2A:8C:2D:4D:E8:1A:43:67:5C:15:E5:43:EA:A1:70:E9
Certificate issuer: /CN=015de89c2a8c2d4de81a43675c15e543eaa170e9
Certificate serial: 019D39E60522AED9DE6A65F7E8CCF71FD7DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AV3onCqMLU3oGkNnXBXlQ-qhcOk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/014634-7feb-47da-aae2-e21e0082636f/1/AV3onCqMLU3oGkNnXBXlQ-qhcOk.mft
Manifest number: CF
Signing time: Sun 29 Mar 2026 14:01:08 +0000
Manifest this update: Sun 29 Mar 2026 14:01:08 +0000
Manifest next update: Mon 30 Mar 2026 14:01:08 +0000
Files and hashes: 1: AV3onCqMLU3oGkNnXBXlQ-qhcOk.crl (hash: cm5Q4EYHINC0NqYczRt1Ogn/0+vAKlmA8257nBO0B9M=)
2: mwJT56lh20lnnPNb2evS5T-qWow.roa (hash: JKi1qoZgs72wB/QUa1LelaEM2vIQZNp7ROnLWSEumqo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/014634-7feb-47da-aae2-e21e0082636f/1/AV3onCqMLU3oGkNnXBXlQ-qhcOk.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/014634-7feb-47da-aae2-e21e0082636f/1/AV3onCqMLU3oGkNnXBXlQ-qhcOk.mft
rsync://rpki.ripe.net/repository/DEFAULT/AV3onCqMLU3oGkNnXBXlQ-qhcOk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 14:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:e6:05:22:ae:d9:de:6a:65:f7:e8:cc:f7:1f:d7:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015de89c2a8c2d4de81a43675c15e543eaa170e9
Validity
Not Before: Mar 29 14:01:08 2026 GMT
Not After : Mar 30 14:01:08 2026 GMT
Subject: CN=866f2afe1e3bc2a9e761fea414b8f2c82281a651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4d:06:67:9a:58:f4:fb:af:b1:9a:93:d8:0b:
c9:62:9b:e8:b8:20:d6:11:b6:46:32:28:21:d4:01:
ec:93:ec:b9:db:5f:4e:a1:ce:17:06:b5:23:eb:84:
2b:36:a5:86:8a:f8:f5:c1:ba:51:d7:c1:74:0a:09:
0a:16:77:83:d8:0e:cd:e6:79:b5:ca:8a:aa:36:fc:
12:78:49:29:71:2c:70:bf:72:1d:b8:49:23:9e:56:
5f:fb:8b:98:a0:05:d3:0d:87:32:27:7c:4e:37:30:
a9:02:3a:2d:07:42:a5:cb:3b:46:89:05:7c:a5:12:
0b:c0:69:fb:f3:47:57:87:88:18:3d:56:c2:5f:bb:
11:0a:60:1a:da:5d:35:af:51:91:67:83:9e:6a:5a:
b5:11:7d:12:9c:93:3e:8e:c4:48:91:74:66:24:26:
99:07:11:d1:8e:99:9d:c4:b2:f6:e8:2c:ec:1d:72:
a0:15:a9:9a:c6:be:34:a8:66:13:92:d1:97:a9:59:
31:5b:60:de:c8:92:b6:86:d0:98:37:62:94:0e:68:
5f:a2:d3:82:58:1e:4c:3d:e2:63:2a:35:48:38:b7:
cb:7d:7f:55:f9:85:46:86:10:2f:32:c5:64:71:68:
ec:a5:1f:80:df:30:73:eb:3d:be:da:c7:d2:a2:82:
c3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:6F:2A:FE:1E:3B:C2:A9:E7:61:FE:A4:14:B8:F2:C8:22:81:A6:51
X509v3 Authority Key Identifier:
keyid:01:5D:E8:9C:2A:8C:2D:4D:E8:1A:43:67:5C:15:E5:43:EA:A1:70:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AV3onCqMLU3oGkNnXBXlQ-qhcOk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/014634-7feb-47da-aae2-e21e0082636f/1/AV3onCqMLU3oGkNnXBXlQ-qhcOk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/014634-7feb-47da-aae2-e21e0082636f/1/AV3onCqMLU3oGkNnXBXlQ-qhcOk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:d7:af:09:0f:b6:56:df:cd:48:db:17:71:b4:15:6f:76:fe:
7a:83:63:71:01:0a:0e:02:ff:41:2c:17:b7:12:2b:b3:7c:aa:
06:9d:11:1c:9e:48:32:6b:76:cb:1b:4d:73:ae:38:98:d8:e3:
df:75:74:c8:d5:15:0d:52:ff:b5:0c:7a:0a:33:3e:23:a6:ce:
7b:9b:94:4d:c7:62:70:36:b4:1a:41:1a:d3:6c:43:72:c1:19:
9d:24:e2:41:93:ae:da:ca:7e:93:e6:d6:7d:b9:4e:8f:3d:81:
33:43:f3:9a:8b:c7:48:a7:f9:9f:ba:13:04:68:f4:41:f8:11:
0b:15:df:b6:9b:87:b6:f9:94:e2:8f:1b:7e:7a:37:01:ed:b3:
b1:7f:55:bf:ac:a6:6c:86:90:5c:04:2e:78:0e:29:50:bc:84:
03:20:83:46:23:60:a2:6f:38:87:b5:a2:7c:32:37:c6:f4:82:
e1:92:d9:00:b5:cf:1d:34:0c:5b:87:9b:e9:ec:d0:b5:94:71:
97:52:44:0c:b7:47:f9:58:5f:fe:62:ef:de:e6:6a:7a:c5:ba:
f7:7f:1b:d5:4e:4d:8a:4d:f2:f6:77:33:b0:c4:61:0e:0a:e4:
34:79:87:c5:88:ed:9b:42:de:1a:0c:7d:7c:d0:b4:34:29:6b:
dc:8a:ab:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055gUirtneamX36Mz3H9faMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWRlODljMmE4YzJkNGRlODFhNDM2NzVjMTVlNTQzZWFh
MTcwZTkwHhcNMjYwMzI5MTQwMTA4WhcNMjYwMzMwMTQwMTA4WjAzMTEwLwYDVQQD
Eyg4NjZmMmFmZTFlM2JjMmE5ZTc2MWZlYTQxNGI4ZjJjODIyODFhNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1k0GZ5pY9PuvsZqT2AvJYpvouCDW
EbZGMigh1AHsk+y5219Ooc4XBrUj64QrNqWGivj1wbpR18F0CgkKFneD2A7N5nm1
yoqqNvwSeEkpcSxwv3IduEkjnlZf+4uYoAXTDYcyJ3xONzCpAjotB0KlyztGiQV8
pRILwGn780dXh4gYPVbCX7sRCmAa2l01r1GRZ4Oealq1EX0SnJM+jsRIkXRmJCaZ
BxHRjpmdxLL26CzsHXKgFamaxr40qGYTktGXqVkxW2DeyJK2htCYN2KUDmhfotOC
WB5MPeJjKjVIOLfLfX9V+YVGhhAvMsVkcWjspR+A3zBz6z2+2sfSooLD/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZvKv4eO8Kp52H+pBS48sgigaZRMB8GA1UdIwQY
MBaAFAFd6JwqjC1N6BpDZ1wV5UPqoXDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVYzb25DcU1MVTNvR2tOblhCWGxRLXFoY09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8wMTQ2MzQtN2ZlYi00N2RhLWFhZTIt
ZTIxZTAwODI2MzZmLzEvQVYzb25DcU1MVTNvR2tOblhCWGxRLXFoY09rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8wMTQ2MzQtN2ZlYi00N2RhLWFhZTItZTIxZTAwODI2MzZm
LzEvQVYzb25DcU1MVTNvR2tOblhCWGxRLXFoY09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg9evCQ+2
Vt/NSNsXcbQVb3b+eoNjcQEKDgL/QSwXtxIrs3yqBp0RHJ5IMmt2yxtNc644mNjj
33V0yNUVDVL/tQx6CjM+I6bOe5uUTcdicDa0GkEa02xDcsEZnSTiQZOu2sp+k+bW
fblOjz2BM0PzmovHSKf5n7oTBGj0QfgRCxXftpuHtvmU4o8bfno3Ae2zsX9Vv6ym
bIaQXAQueA4pULyEAyCDRiNgom84h7WifDI3xvSC4ZLZALXPHTQMW4eb6ezQtZRx
l1JEDLdH+Vhf/mLv3uZqesW6938b1U5Nik3y9nczsMRhDgrkNHmHxYjtm0LeGgx9
fNC0NClr3IqrQw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:09:23 2026 by rpki-client