Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft
File: avqwkWjnzGa2Y8YWLVyNRUllzOI.mft (raw, json)
Hash identifier: 9XGzbwGpOBDx2OeFB6t9xAH1CY3FPXdFXs4+PcdQnQg=
Subject key identifier: BF:8D:21:59:B5:53:98:1C:C5:A5:D7:39:00:36:E7:10:D4:B2:83:35
Authority key identifier: 6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2
Certificate issuer: /CN=6afab09168e7cc66b663c6162d5c8d454965cce2
Certificate serial: 019E90CA20D92A82AF0948B30CD05E3CB84C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft
Manifest number: 1943
Signing time: Thu 04 Jun 2026 04:00:26 +0000
Manifest this update: Thu 04 Jun 2026 04:00:26 +0000
Manifest next update: Fri 05 Jun 2026 04:00:26 +0000
Files and hashes: 1: avqwkWjnzGa2Y8YWLVyNRUllzOI.crl (hash: KdgGVtf0CnoVi7v9KEC+ibLfJ2IiJuYcOrgzCru5BJ0=)
2: hBPMfJjzisDLgAAy42OAPWTEtn4.roa (hash: 7+lbylCTdmTyru0tkrcTEDn3h1rEwAZ3WSEJuuLSstI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 04:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:90:ca:20:d9:2a:82:af:09:48:b3:0c:d0:5e:3c:b8:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6afab09168e7cc66b663c6162d5c8d454965cce2
Validity
Not Before: Jun 4 04:00:26 2026 GMT
Not After : Jun 5 04:00:26 2026 GMT
Subject: CN=bf8d2159b553981cc5a5d7390036e710d4b28335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6a:e8:39:08:61:37:83:00:72:3d:55:7d:d7:
44:9a:c5:bc:15:73:7e:ec:98:49:9f:67:8a:bf:54:
88:0b:af:65:7a:05:21:7b:b9:fc:e0:81:d8:6c:a9:
74:ec:98:7e:ce:0e:31:9d:26:d0:80:d4:7d:dd:dd:
c3:67:47:f5:a9:f0:60:66:2d:d2:dd:58:86:fd:3d:
24:a0:e7:3a:e5:a2:97:13:20:d1:2b:1d:83:3e:27:
6e:75:9e:ac:d0:33:14:02:8e:7d:4a:9e:ea:a4:07:
1b:96:e5:6a:28:3d:66:4b:b4:4b:79:5b:f5:7a:11:
76:1b:37:69:76:c7:19:2c:89:58:fe:23:fa:59:e5:
70:15:0b:f4:b2:07:75:43:e6:57:44:62:b7:12:9d:
9c:e6:42:c0:b1:85:60:c5:bf:27:5c:94:1e:c2:bc:
52:24:70:91:bd:02:9c:2d:e5:e4:58:be:a8:86:23:
44:ba:6f:e2:86:fe:9a:cc:49:36:25:49:bd:3b:d2:
a5:9a:75:b1:b8:83:ba:07:ab:55:ff:60:8c:24:ea:
20:9e:f6:ff:74:dc:6a:9b:9d:67:c6:52:dc:aa:61:
4a:47:c1:d0:b3:c6:d3:89:77:dd:0a:b7:25:88:f7:
b9:1e:3f:f2:0b:ac:60:ab:d2:39:06:1a:b2:92:c3:
14:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8D:21:59:B5:53:98:1C:C5:A5:D7:39:00:36:E7:10:D4:B2:83:35
X509v3 Authority Key Identifier:
keyid:6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
e8:e4:ef:03:26:29:de:58:1c:8d:d6:d6:e6:53:46:3f:d4:53:
2a:3b:78:e1:3a:ed:ba:e7:50:f2:70:39:a9:de:ea:2c:09:04:
e2:99:72:6b:cc:ad:4d:cd:11:d0:fb:f8:b9:9b:50:6e:44:d2:
c0:31:f5:2d:9f:61:92:17:f1:d7:e4:69:77:f6:fc:40:2b:80:
ed:ea:23:38:8f:fb:08:b4:9b:53:b1:fc:49:db:9b:f0:b8:ad:
e9:59:1c:1e:a8:3b:58:e3:4d:7f:76:a7:e2:7f:b0:8d:75:c6:
30:40:e1:b0:bd:c9:3f:14:5e:a4:0e:21:65:b5:3f:fa:d6:6e:
0e:4a:f8:db:f0:77:7b:ce:f1:e9:c9:ae:20:6f:d9:02:54:48:
1d:07:c2:83:ca:17:fa:0f:c1:83:3b:d7:e7:b4:41:82:f8:ca:
40:fe:86:96:2f:70:38:8c:22:18:a9:89:ac:41:69:94:65:b1:
f8:ac:cc:c6:ed:90:a6:f0:ba:99:ea:73:51:78:84:c5:de:71:
a0:3f:f2:b3:ba:75:53:6d:c9:74:45:54:04:c9:52:96:28:4c:
09:8d:ea:a5:34:35:1b:1d:c7:c2:ec:3e:73:b4:4b:c5:35:70:
0f:73:53:04:29:a1:99:e4:12:7a:70:0f:a6:c5:a4:da:5e:c7:
c8:1e:a8:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6QyiDZKoKvCUizDNBePLhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZmFiMDkxNjhlN2NjNjZiNjYzYzYxNjJkNWM4ZDQ1NDk2
NWNjZTIwHhcNMjYwNjA0MDQwMDI2WhcNMjYwNjA1MDQwMDI2WjAzMTEwLwYDVQQD
EyhiZjhkMjE1OWI1NTM5ODFjYzVhNWQ3MzkwMDM2ZTcxMGQ0YjI4MzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWroOQhhN4MAcj1VfddEmsW8FXN+
7JhJn2eKv1SIC69legUhe7n84IHYbKl07Jh+zg4xnSbQgNR93d3DZ0f1qfBgZi3S
3ViG/T0koOc65aKXEyDRKx2DPidudZ6s0DMUAo59Sp7qpAcbluVqKD1mS7RLeVv1
ehF2GzdpdscZLIlY/iP6WeVwFQv0sgd1Q+ZXRGK3Ep2c5kLAsYVgxb8nXJQewrxS
JHCRvQKcLeXkWL6ohiNEum/ihv6azEk2JUm9O9KlmnWxuIO6B6tV/2CMJOognvb/
dNxqm51nxlLcqmFKR8HQs8bTiXfdCrcliPe5Hj/yC6xgq9I5BhqyksMUUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+NIVm1U5gcxaXXOQA25xDUsoM1MB8GA1UdIwQY
MBaAFGr6sJFo58xmtmPGFi1cjUVJZcziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgt
NWYzMzgxYjA3MWRhLzEvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgtNWYzMzgxYjA3MWRh
LzEvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA6OTvAyYp
3lgcjdbW5lNGP9RTKjt44TrtuudQ8nA5qd7qLAkE4plya8ytTc0R0Pv4uZtQbkTS
wDH1LZ9hkhfx1+Rpd/b8QCuA7eojOI/7CLSbU7H8Sdub8Lit6VkcHqg7WONNf3an
4n+wjXXGMEDhsL3JPxRepA4hZbU/+tZuDkr42/B3e87x6cmuIG/ZAlRIHQfCg8oX
+g/BgzvX57RBgvjKQP6Gli9wOIwiGKmJrEFplGWx+KzMxu2QpvC6mepzUXiExd5x
oD/ys7p1U23JdEVUBMlSlihMCY3qpTQ1Gx3Hwuw+c7RLxTVwD3NTBCmhmeQSenAP
psWk2l7HyB6oXw==
-----END CERTIFICATE-----
Generated at Thu Jun 4 12:26:37 2026 by rpki-client