Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
File: af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft (raw, json)
Hash identifier: KF/54AuTXhdIIiZdwVU5n4msKJiQkFchekLf2mEtRrk=
Subject key identifier: BF:B9:07:53:C2:4C:36:34:3C:A0:1C:8D:A4:22:A4:CF:1A:12:BE:5A
Authority key identifier: 69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
Certificate issuer: /CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Certificate serial: 019D3A1C772E67540CCCDDFE2F4F3E10A5A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 15:00:37 +0000
Manifest this update: Sun 29 Mar 2026 15:00:37 +0000
Manifest next update: Mon 30 Mar 2026 15:00:37 +0000
Files and hashes: 1: HDFZ1nzAPhY5th4yTPNuqiO-Idw.roa (hash: BUbqdFYsXkOCO21qdCL7kVwV2KzcTLQ6Ol4gUVkwKWY=)
2: af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl (hash: AeG0y/0/PVJn0Ltf9mcGGgC1gsWnqxY3NYnKYaJAm8E=)
3: uJrBPbJuAzhkVZXNYxGhegbxeZE.roa (hash: vkQaOQJuuFQiTy2ZPMpaydP0z5Y6YEBLnSoStn62x7Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 15:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:1c:77:2e:67:54:0c:cc:dd:fe:2f:4f:3e:10:a5:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Validity
Not Before: Mar 29 15:00:37 2026 GMT
Not After : Mar 30 15:00:37 2026 GMT
Subject: CN=bfb90753c24c36343ca01c8da422a4cf1a12be5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:61:02:61:bf:62:bc:41:4a:60:65:13:ed:a2:
d3:e9:a6:f2:75:d0:a2:8a:74:da:86:d3:48:e6:fd:
16:29:6c:e9:0f:78:f8:cd:b8:a0:42:ba:66:c6:51:
42:92:cc:1f:b3:85:fb:9e:4f:78:78:e2:c4:72:7d:
88:ae:ea:30:45:74:d7:03:c2:ce:4a:6f:65:91:bc:
db:53:ba:32:04:17:8b:52:31:b1:5f:80:71:0e:2e:
09:27:99:9d:bd:dd:c1:ff:53:24:19:ad:c1:a4:95:
03:ec:86:6b:35:2b:77:ee:3e:50:fe:01:73:e9:b4:
ea:6d:e2:aa:c9:a6:e4:df:ad:69:cc:e6:53:fa:a6:
8b:b9:ab:35:2d:7d:08:88:0f:67:19:19:f2:5d:7f:
0a:69:63:b2:e9:a4:58:29:99:6a:ce:aa:a9:17:fb:
20:9e:c5:b8:d7:74:57:06:b7:7f:56:9a:4f:31:e7:
c0:e7:54:65:ea:85:23:f4:4d:31:ce:d9:f8:9e:9d:
e4:32:5e:42:4f:44:73:52:cc:02:0a:7f:1a:fd:48:
13:02:96:c0:56:45:bf:b2:8e:e1:ba:7f:51:70:33:
72:36:02:ce:b6:55:dd:30:6f:22:88:5d:40:67:04:
41:11:f8:b4:73:90:28:5d:0f:93:aa:25:12:6c:4d:
f4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B9:07:53:C2:4C:36:34:3C:A0:1C:8D:A4:22:A4:CF:1A:12:BE:5A
X509v3 Authority Key Identifier:
keyid:69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
05:be:98:72:bb:51:bc:99:97:ad:e0:e4:40:e5:99:07:b9:ac:
b0:51:17:04:1e:dc:d0:74:a7:ef:f0:da:0e:4c:62:1b:06:7f:
0b:51:9e:a5:b3:69:54:be:34:17:67:19:08:eb:6e:09:69:cb:
97:f6:c9:b2:a9:20:54:6b:0e:1f:5e:23:53:8c:5c:a4:33:b5:
fa:04:ce:b7:54:8e:25:7e:b4:09:ee:49:ef:55:3c:5c:4d:eb:
be:16:35:8f:6a:6b:c3:58:51:5b:2d:90:05:d9:13:2c:81:66:
85:16:f1:b1:69:e5:02:87:6a:87:51:10:76:18:33:d2:c1:e5:
4e:52:46:50:e9:37:e5:8e:c8:c0:60:5c:24:39:0d:e1:88:5f:
e5:04:cc:63:b1:ac:78:8a:cf:c0:de:52:30:7b:1d:06:4f:67:
4a:63:b2:1f:2d:dd:f6:b8:1b:6b:66:79:47:ca:f0:bb:d4:20:
2e:b8:05:e1:30:6c:de:33:af:95:65:3a:72:1f:62:f9:c4:bf:
ea:fd:ed:44:e2:93:33:9c:4e:88:77:ad:ba:14:d5:d7:f6:23:
8e:bb:51:53:6a:c6:1c:11:e4:fb:43:a5:29:3d:8e:5e:94:53:
f8:47:17:d8:b7:54:0e:0e:cd:04:5a:46:5d:19:ab:6d:3a:dc:
dc:8f:6a:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HHcuZ1QMzN3+L08+EKWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZmRmZTgyNDlmOTQzYWFiYWQxODgxZmNhNTgzNjYxM2E2
YTY3YmMwHhcNMjYwMzI5MTUwMDM3WhcNMjYwMzMwMTUwMDM3WjAzMTEwLwYDVQQD
EyhiZmI5MDc1M2MyNGMzNjM0M2NhMDFjOGRhNDIyYTRjZjFhMTJiZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumECYb9ivEFKYGUT7aLT6abyddCi
inTahtNI5v0WKWzpD3j4zbigQrpmxlFCkswfs4X7nk94eOLEcn2IruowRXTXA8LO
Sm9lkbzbU7oyBBeLUjGxX4BxDi4JJ5mdvd3B/1MkGa3BpJUD7IZrNSt37j5Q/gFz
6bTqbeKqyabk361pzOZT+qaLuas1LX0IiA9nGRnyXX8KaWOy6aRYKZlqzqqpF/sg
nsW413RXBrd/VppPMefA51Rl6oUj9E0xztn4np3kMl5CT0RzUswCCn8a/UgTApbA
VkW/so7hun9RcDNyNgLOtlXdMG8iiF1AZwRBEfi0c5AoXQ+TqiUSbE30WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+5B1PCTDY0PKAcjaQipM8aEr5aMB8GA1UdIwQY
MBaAFGn9/oJJ+UOqutGIH8pYNmE6ame8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTIt
NzFkOGI4ODUwODUzLzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTItNzFkOGI4ODUwODUz
LzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABb6YcrtR
vJmXreDkQOWZB7mssFEXBB7c0HSn7/DaDkxiGwZ/C1GepbNpVL40F2cZCOtuCWnL
l/bJsqkgVGsOH14jU4xcpDO1+gTOt1SOJX60Ce5J71U8XE3rvhY1j2prw1hRWy2Q
BdkTLIFmhRbxsWnlAodqh1EQdhgz0sHlTlJGUOk35Y7IwGBcJDkN4Yhf5QTMY7Gs
eIrPwN5SMHsdBk9nSmOyHy3d9rgba2Z5R8rwu9QgLrgF4TBs3jOvlWU6ch9i+cS/
6v3tROKTM5xOiHetuhTV1/YjjrtRU2rGHBHk+0OlKT2OXpRT+EcX2LdUDg7NBFpG
XRmrbTrc3I9qIw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:22:00 2026 by rpki-client