Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
File: AhfGZs2iPpINFLkK6TY3EzUKrB4.mft (raw, json)
Hash identifier: C2PkhCn3AWSr14Bzm0RS3ZH0WQZtxTtf333vy7dZs8U=
Subject key identifier: AA:5C:5F:95:1F:3C:EA:C9:99:DD:B2:B8:8E:86:AD:9E:D6:6E:CB:12
Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
Certificate issuer: /CN=0217c666cda23e920d14b90ae9363713350aac1e
Certificate serial: 019D389C1E96D3E393C1A3CC168246FD6949
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
Manifest number: 188F
Signing time: Sun 29 Mar 2026 08:00:48 +0000
Manifest this update: Sun 29 Mar 2026 08:00:48 +0000
Manifest next update: Mon 30 Mar 2026 08:00:48 +0000
Files and hashes: 1: AhfGZs2iPpINFLkK6TY3EzUKrB4.crl (hash: Kc+mmWJYjU0CjbQWo80lOaydsYwe9CEXoRDXvxdTk+0=)
2: LbPyc4hAUlUzut2p0ZpxCw83HnE.roa (hash: cLTartZVu31Sy+PEywLeLASvzBKWyq6c9Am1NnMnkbU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:1e:96:d3:e3:93:c1:a3:cc:16:82:46:fd:69:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e
Validity
Not Before: Mar 29 08:00:48 2026 GMT
Not After : Mar 30 08:00:48 2026 GMT
Subject: CN=aa5c5f951f3ceac999ddb2b88e86ad9ed66ecb12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ca:f8:96:d7:8a:1a:01:4f:e3:bc:89:79:35:
60:dc:39:65:c8:41:34:21:dd:31:69:6a:66:f9:7b:
98:b5:3f:b6:19:11:09:51:29:94:b2:7d:bb:a0:b3:
dc:e0:8e:97:7b:09:6f:5d:79:92:7b:4d:02:bf:70:
18:db:38:57:0b:47:2f:4a:64:3f:6a:f9:93:7c:06:
ea:0f:6e:5f:80:6b:1b:a6:59:cc:3e:c8:52:b0:b9:
93:ff:9e:27:86:0d:97:61:b5:f5:d8:d8:ef:86:57:
70:40:4a:5c:6d:85:92:dd:30:4b:87:aa:d0:7c:ad:
74:ef:d6:78:bf:b5:62:f0:66:b5:41:bf:5d:f8:62:
a3:c3:23:64:8d:6f:91:bb:cb:1d:e8:a7:ff:28:0a:
d9:39:d3:0e:86:69:a9:0f:16:81:42:85:2f:e9:a9:
65:af:05:9d:8b:0a:53:eb:cc:b0:2b:28:bb:80:4f:
99:3e:be:95:a3:f5:43:1d:88:2d:67:66:6a:d1:6c:
ec:43:d3:4f:ab:18:65:22:25:57:be:c0:90:b6:05:
12:bf:5c:ab:59:59:96:5f:9e:68:cb:a0:6e:13:ec:
e7:4b:e3:b8:2c:8e:97:4a:ef:b9:57:4d:cf:f9:b5:
f6:b5:91:d8:93:82:7e:50:c6:da:8c:0a:70:1c:29:
7d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:5C:5F:95:1F:3C:EA:C9:99:DD:B2:B8:8E:86:AD:9E:D6:6E:CB:12
X509v3 Authority Key Identifier:
keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:70:67:31:94:79:bc:b1:9c:bb:59:08:d1:6d:ac:fe:de:d5:
fb:4a:9a:cb:48:05:a1:8b:da:b4:17:66:d4:bb:12:5a:84:32:
6e:e0:93:44:3e:b5:87:d1:79:58:e9:50:c6:c1:7f:cf:b9:8b:
38:3b:e2:b7:02:fe:d1:fd:ae:83:14:f0:bb:bd:cd:85:dc:5f:
2d:44:63:4a:3a:ad:33:93:63:ea:82:9f:42:75:26:39:78:0b:
05:ed:f1:5d:22:3f:6b:ea:c8:cb:f3:c8:ff:45:b2:cc:58:27:
4e:d7:25:8f:c5:29:78:3e:23:b7:b6:75:39:e1:73:a5:ab:aa:
cb:f6:08:e3:26:e6:05:22:08:cd:0d:07:dd:3e:b4:1c:52:42:
97:e5:34:b9:e5:c6:23:ca:ff:36:ba:cc:f0:3f:66:ad:eb:bd:
bb:9a:2f:41:8b:c8:e5:4d:39:fa:5c:69:70:2e:4e:57:9f:fd:
ce:de:eb:51:54:a0:5a:a9:c7:b6:a4:9d:0f:79:df:48:b4:9c:
25:5a:37:05:15:5a:47:97:43:2e:44:4a:de:27:87:5a:20:e1:
b2:87:b1:85:f0:0d:f8:81:36:42:2b:a3:53:0d:46:be:a9:01:
e6:6d:54:72:6e:99:6c:83:9a:d7:0a:77:09:21:8f:c2:b2:73:
f7:9d:7f:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nB6W0+OTwaPMFoJG/WlJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw
YWFjMWUwHhcNMjYwMzI5MDgwMDQ4WhcNMjYwMzMwMDgwMDQ4WjAzMTEwLwYDVQQD
EyhhYTVjNWY5NTFmM2NlYWM5OTlkZGIyYjg4ZTg2YWQ5ZWQ2NmVjYjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18r4lteKGgFP47yJeTVg3DllyEE0
Id0xaWpm+XuYtT+2GREJUSmUsn27oLPc4I6XewlvXXmSe00Cv3AY2zhXC0cvSmQ/
avmTfAbqD25fgGsbplnMPshSsLmT/54nhg2XYbX12NjvhldwQEpcbYWS3TBLh6rQ
fK1079Z4v7Vi8Ga1Qb9d+GKjwyNkjW+Ru8sd6Kf/KArZOdMOhmmpDxaBQoUv6all
rwWdiwpT68ywKyi7gE+ZPr6Vo/VDHYgtZ2Zq0WzsQ9NPqxhlIiVXvsCQtgUSv1yr
WVmWX55oy6BuE+znS+O4LI6XSu+5V03P+bX2tZHYk4J+UMbajApwHCl95wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpcX5UfPOrJmd2yuI6GrZ7WbssSMB8GA1UdIwQY
MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It
MDI5NzE1ZGU0YzZmLzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm
LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVXBnMZR5
vLGcu1kI0W2s/t7V+0qay0gFoYvatBdm1LsSWoQybuCTRD61h9F5WOlQxsF/z7mL
ODvitwL+0f2ugxTwu73NhdxfLURjSjqtM5Nj6oKfQnUmOXgLBe3xXSI/a+rIy/PI
/0WyzFgnTtclj8UpeD4jt7Z1OeFzpauqy/YI4ybmBSIIzQ0H3T60HFJCl+U0ueXG
I8r/NrrM8D9mreu9u5ovQYvI5U05+lxpcC5OV5/9zt7rUVSgWqnHtqSdD3nfSLSc
JVo3BRVaR5dDLkRK3ieHWiDhsoexhfAN+IE2QiujUw1GvqkB5m1Ucm6ZbIOa1wp3
CSGPwrJz951/pg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:31:28 2026 by rpki-client