Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft
File: avqwkWjnzGa2Y8YWLVyNRUllzOI.mft (raw, json)
Hash identifier: q6FaJ8WfDFgcp7AeA/bva2nTS7YgvPmZLLkh7gCRgRo=
Subject key identifier: 83:47:F9:AE:4D:9E:AB:CC:39:3A:90:B3:16:01:2C:5E:93:0F:22:67
Authority key identifier: 6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2
Certificate issuer: /CN=6afab09168e7cc66b663c6162d5c8d454965cce2
Certificate serial: 019D3909ECEB7BDCE53BE6A9F0B37DDC5CFC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 10:00:44 +0000
Manifest this update: Sun 29 Mar 2026 10:00:44 +0000
Manifest next update: Mon 30 Mar 2026 10:00:44 +0000
Files and hashes: 1: avqwkWjnzGa2Y8YWLVyNRUllzOI.crl (hash: K4m+NFkn9OQuOkgdiH9U4ovNkGMJV0FebhXU3RN78r8=)
2: hBPMfJjzisDLgAAy42OAPWTEtn4.roa (hash: 7+lbylCTdmTyru0tkrcTEDn3h1rEwAZ3WSEJuuLSstI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:ec:eb:7b:dc:e5:3b:e6:a9:f0:b3:7d:dc:5c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6afab09168e7cc66b663c6162d5c8d454965cce2
Validity
Not Before: Mar 29 10:00:44 2026 GMT
Not After : Mar 30 10:00:44 2026 GMT
Subject: CN=8347f9ae4d9eabcc393a90b316012c5e930f2267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:10:12:9e:44:24:28:3e:ed:91:d0:e3:4c:8c:
d8:fc:1f:e2:b3:0f:a5:e8:eb:47:3b:2b:71:a0:06:
9e:3d:22:fe:c7:c4:a9:ca:ed:40:79:e4:9e:ec:01:
a9:32:26:e3:ce:b7:78:d8:fe:20:29:ed:bf:fb:da:
0f:78:45:b4:27:78:d8:9f:ad:98:2f:a5:82:44:5a:
f5:59:0d:48:b0:03:0d:1a:bf:eb:9b:53:c6:98:ec:
7f:64:9a:60:d0:83:0d:3b:dd:5e:56:1e:23:e2:98:
36:74:e8:9e:2e:12:08:a3:ec:b8:0f:c9:29:0a:1c:
4b:38:b3:0a:e3:4f:de:7a:a9:43:92:f3:8d:ee:87:
90:07:d7:b3:eb:ee:d6:5a:dd:f6:71:eb:9c:1a:92:
54:9c:a3:d5:46:85:20:22:ce:35:94:24:41:37:82:
c8:b9:33:b4:f2:84:ca:81:74:78:b3:65:38:93:c7:
61:b8:f0:d8:0f:5c:74:78:eb:07:ed:6f:9e:07:f5:
79:b5:3d:d3:6a:85:ed:50:f1:bd:f3:ac:72:5e:71:
7b:68:26:88:4e:48:7b:c0:a8:5c:c6:db:4f:d9:34:
6a:e4:2f:f5:48:7a:36:38:94:e8:4b:a3:01:15:b9:
6c:02:58:d9:74:09:bb:1f:eb:4e:cf:cf:bb:56:c7:
82:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:47:F9:AE:4D:9E:AB:CC:39:3A:90:B3:16:01:2C:5E:93:0F:22:67
X509v3 Authority Key Identifier:
keyid:6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:bf:22:c0:14:a7:93:9c:36:13:a8:ed:1c:2a:33:9c:11:0f:
ac:d8:c4:7f:4f:44:1f:46:66:cb:1e:42:60:1a:2b:89:2d:2b:
00:bc:af:d3:c8:e5:a2:bd:48:f3:32:73:0f:ad:aa:08:14:43:
1d:bc:60:5d:b8:d2:a5:2b:55:a6:15:29:fb:db:32:b4:89:29:
99:34:1a:4e:76:c3:06:12:54:b3:8d:1c:a0:e3:1c:32:32:53:
b5:12:f0:19:25:83:80:4b:35:cc:ca:24:3f:b9:a6:18:cd:58:
b2:64:f6:a1:2a:07:3f:08:b0:f6:13:c3:bd:80:3e:a2:b7:29:
3c:9c:11:db:af:7d:7a:08:cf:b5:57:d4:00:90:8f:2b:40:8d:
02:6c:05:7a:cf:41:d2:02:e2:0c:3f:f5:bf:b9:d3:79:93:e3:
02:aa:04:25:91:c8:53:2b:e4:98:8d:fe:89:c0:da:27:7e:44:
7f:18:69:c9:7a:46:5f:21:70:08:9d:7b:a6:da:c5:fa:b6:3b:
bb:5d:41:37:73:5e:66:46:c4:71:1e:82:b9:48:50:52:63:48:
5c:1f:92:25:af:c0:b1:a9:ba:85:ab:fc:9c:bc:9a:d6:9e:0c:
0b:54:ce:25:90:57:b8:76:9f:09:a1:ee:6a:65:9c:a4:5c:0e:
ab:a5:a9:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cezre9zlO+ap8LN93Fz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZmFiMDkxNjhlN2NjNjZiNjYzYzYxNjJkNWM4ZDQ1NDk2
NWNjZTIwHhcNMjYwMzI5MTAwMDQ0WhcNMjYwMzMwMTAwMDQ0WjAzMTEwLwYDVQQD
Eyg4MzQ3ZjlhZTRkOWVhYmNjMzkzYTkwYjMxNjAxMmM1ZTkzMGYyMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBASnkQkKD7tkdDjTIzY/B/isw+l
6OtHOytxoAaePSL+x8Spyu1AeeSe7AGpMibjzrd42P4gKe2/+9oPeEW0J3jYn62Y
L6WCRFr1WQ1IsAMNGr/rm1PGmOx/ZJpg0IMNO91eVh4j4pg2dOieLhIIo+y4D8kp
ChxLOLMK40/eeqlDkvON7oeQB9ez6+7WWt32ceucGpJUnKPVRoUgIs41lCRBN4LI
uTO08oTKgXR4s2U4k8dhuPDYD1x0eOsH7W+eB/V5tT3TaoXtUPG986xyXnF7aCaI
Tkh7wKhcxttP2TRq5C/1SHo2OJToS6MBFblsAljZdAm7H+tOz8+7VseCQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFINH+a5NnqvMOTqQsxYBLF6TDyJnMB8GA1UdIwQY
MBaAFGr6sJFo58xmtmPGFi1cjUVJZcziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgt
NWYzMzgxYjA3MWRhLzEvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgtNWYzMzgxYjA3MWRh
LzEvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQL8iwBSn
k5w2E6jtHCoznBEPrNjEf09EH0Zmyx5CYBoriS0rALyv08jlor1I8zJzD62qCBRD
HbxgXbjSpStVphUp+9sytIkpmTQaTnbDBhJUs40coOMcMjJTtRLwGSWDgEs1zMok
P7mmGM1YsmT2oSoHPwiw9hPDvYA+orcpPJwR2699egjPtVfUAJCPK0CNAmwFes9B
0gLiDD/1v7nTeZPjAqoEJZHIUyvkmI3+icDaJ35EfxhpyXpGXyFwCJ17ptrF+rY7
u11BN3NeZkbEcR6CuUhQUmNIXB+SJa/Asam6hav8nLya1p4MC1TOJZBXuHafCaHu
amWcpFwOq6WptA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:27:58 2026 by rpki-client