Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
File: afAHCvh31rmGswe5vATvGcRAQz0.mft (raw, json)
Hash identifier: BporXuvmM1mP7hYI5y/blQO7rlJjEVEPi6BmWSlQdD0=
Subject key identifier: 42:B2:DA:4D:55:E3:87:52:59:DF:46:D3:AF:8A:D3:88:1E:E1:99:CC
Authority key identifier: 69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D
Certificate issuer: /CN=69f0070af877d6b986b307b9bc04ef19c440433d
Certificate serial: 019D375253BE92C35BE5A265E87A4F48BEDA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
Manifest number: 0AC3
Signing time: Sun 29 Mar 2026 02:00:35 +0000
Manifest this update: Sun 29 Mar 2026 02:00:35 +0000
Manifest next update: Mon 30 Mar 2026 02:00:35 +0000
Files and hashes: 1: afAHCvh31rmGswe5vATvGcRAQz0.crl (hash: 8oA+sN64ybr0dE8/bS+MClzr37DYcMHs8nvl+1MDXR8=)
2: dkw8BE0MteDejxs-2qVpeffd5cE.roa (hash: OLIzwrtSctTD4rRGWSFchziybsw/DjSgiuUvhAPMb0Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:53:be:92:c3:5b:e5:a2:65:e8:7a:4f:48:be:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69f0070af877d6b986b307b9bc04ef19c440433d
Validity
Not Before: Mar 29 02:00:35 2026 GMT
Not After : Mar 30 02:00:35 2026 GMT
Subject: CN=42b2da4d55e3875259df46d3af8ad3881ee199cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:38:09:d3:a3:c6:92:e2:36:f5:46:15:79:ef:
4e:c8:90:f2:47:ec:02:3a:41:5f:75:3e:c5:12:71:
b3:e9:b0:15:2e:35:98:9d:81:62:85:a9:fe:95:a2:
9f:1b:4a:62:5f:a6:d6:04:ff:68:94:ea:f4:ef:31:
75:70:2f:db:57:6a:49:5f:a5:ce:af:56:e4:58:b3:
f1:af:dc:bf:8f:a7:27:1d:0c:c2:2d:db:2e:83:36:
aa:a9:94:28:15:30:3a:e2:8e:43:66:3b:0a:d7:00:
06:c8:a8:b4:c5:bf:e7:38:af:b4:6e:71:1d:51:b8:
a1:38:c9:4c:10:73:fd:50:44:d6:7b:71:04:53:37:
02:7a:6a:7d:55:dc:3c:65:d6:a0:94:ec:c9:7a:77:
8a:ca:38:6d:6f:17:a5:51:09:40:2e:61:68:f3:60:
35:b8:bf:3d:5c:d4:3b:7f:ca:fb:cf:c5:fc:71:bc:
24:7e:e9:75:c2:e1:a0:6f:52:56:42:c1:c5:e9:cc:
2f:0b:ad:97:bd:02:da:b3:bd:48:8d:4b:62:c6:66:
df:19:a3:de:1e:0d:44:33:2a:dd:36:7e:c2:9d:a2:
ad:3f:2b:a3:3b:69:b0:d1:2c:ce:40:c3:f9:e8:fb:
4f:6e:fa:f2:ca:f3:89:b5:76:97:1a:fb:49:00:b3:
b6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B2:DA:4D:55:E3:87:52:59:DF:46:D3:AF:8A:D3:88:1E:E1:99:CC
X509v3 Authority Key Identifier:
keyid:69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:94:d4:61:41:2b:e8:90:cd:c4:2f:c5:25:8f:8c:12:6f:73:
ab:bf:db:b4:dc:85:3b:6c:60:d6:00:e4:f7:0b:5a:7f:c8:c6:
4c:33:28:7e:dc:93:78:10:3e:b5:43:af:b1:6c:a5:cc:3b:9c:
51:1f:8e:27:e0:23:84:56:94:84:17:40:41:fe:03:b4:a5:07:
0a:09:e6:06:c7:95:1b:8b:57:02:ae:08:2f:3f:f3:97:9e:24:
22:3d:15:21:dd:f4:bb:79:05:75:4f:a9:9b:60:85:83:69:40:
a2:8f:6c:f1:e9:86:ae:c1:88:ec:4a:5a:7f:c3:6e:da:d8:d7:
e5:36:09:32:1a:5d:f8:e2:44:84:8e:f1:25:35:c4:da:2a:e7:
a4:7e:bd:6c:8f:e6:af:0e:1f:0e:41:34:cf:7c:62:8a:6f:e9:
b6:c6:f5:fe:f6:59:97:6d:4d:df:38:c6:49:5c:ee:22:4f:e8:
0d:83:f1:22:5f:e8:bb:2d:15:ae:15:84:2c:f1:97:75:74:3c:
5a:c6:3a:01:ec:f7:e9:d9:49:12:06:a3:62:45:d8:29:61:9a:
f5:09:4e:62:6c:dd:cb:65:fb:b3:ac:66:03:a8:58:4f:9f:b4:
da:fa:e4:7b:9f:0a:b9:0f:2f:5b:74:85:10:8f:06:3f:82:06:
bd:91:d7:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UlO+ksNb5aJl6HpPSL7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZjAwNzBhZjg3N2Q2Yjk4NmIzMDdiOWJjMDRlZjE5YzQ0
MDQzM2QwHhcNMjYwMzI5MDIwMDM1WhcNMjYwMzMwMDIwMDM1WjAzMTEwLwYDVQQD
Eyg0MmIyZGE0ZDU1ZTM4NzUyNTlkZjQ2ZDNhZjhhZDM4ODFlZTE5OWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jgJ06PGkuI29UYVee9OyJDyR+wC
OkFfdT7FEnGz6bAVLjWYnYFihan+laKfG0piX6bWBP9olOr07zF1cC/bV2pJX6XO
r1bkWLPxr9y/j6cnHQzCLdsugzaqqZQoFTA64o5DZjsK1wAGyKi0xb/nOK+0bnEd
UbihOMlMEHP9UETWe3EEUzcCemp9Vdw8ZdaglOzJeneKyjhtbxelUQlALmFo82A1
uL89XNQ7f8r7z8X8cbwkful1wuGgb1JWQsHF6cwvC62XvQLas71IjUtixmbfGaPe
Hg1EMyrdNn7CnaKtPyujO2mw0SzOQMP56PtPbvryyvOJtXaXGvtJALO2AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKy2k1V44dSWd9G06+K04ge4ZnMMB8GA1UdIwQY
MBaAFGnwBwr4d9a5hrMHubwE7xnEQEM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMt
NjM4OTIyMGIyNmM2LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMtNjM4OTIyMGIyNmM2
LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkJTUYUEr
6JDNxC/FJY+MEm9zq7/btNyFO2xg1gDk9wtaf8jGTDMoftyTeBA+tUOvsWylzDuc
UR+OJ+AjhFaUhBdAQf4DtKUHCgnmBseVG4tXAq4ILz/zl54kIj0VId30u3kFdU+p
m2CFg2lAoo9s8emGrsGI7Epaf8Nu2tjX5TYJMhpd+OJEhI7xJTXE2irnpH69bI/m
rw4fDkE0z3xiim/ptsb1/vZZl21N3zjGSVzuIk/oDYPxIl/ouy0VrhWELPGXdXQ8
WsY6Aez36dlJEgajYkXYKWGa9QlOYmzdy2X7s6xmA6hYT5+02vrke58KuQ8vW3SF
EI8GP4IGvZHXCA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:33:15 2026 by rpki-client