Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft
File: ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft (raw, json)
Hash identifier: SPNIiiMe8INm8rjG0C6gSMqC3JbfUuBM+rx2KJaVIrM=
Subject key identifier: 9C:F7:D2:3F:CA:27:8D:62:62:62:C5:C9:06:13:58:54:72:1C:20:8A
Authority key identifier: 6A:10:B7:C5:4E:6F:95:B1:D9:B8:4A:AC:3D:9D:A7:42:A0:E0:2A:6C
Certificate issuer: /CN=6a10b7c54e6f95b1d9b84aac3d9da742a0e02a6c
Certificate serial: 019D2703DB3C295D9B683AE71EC4203C12B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft
Manifest number: 1445
Signing time: Wed 25 Mar 2026 22:00:57 +0000
Manifest this update: Wed 25 Mar 2026 22:00:57 +0000
Manifest next update: Thu 26 Mar 2026 22:00:57 +0000
Files and hashes: 1: ahC3xU5vlbHZuEqsPZ2nQqDgKmw.crl (hash: T5ngFAhbJQhiunsHgTabpcmXNw5wZpBRb4mXHiPcPAE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:03:db:3c:29:5d:9b:68:3a:e7:1e:c4:20:3c:12:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a10b7c54e6f95b1d9b84aac3d9da742a0e02a6c
Validity
Not Before: Mar 25 22:00:57 2026 GMT
Not After : Mar 26 22:00:57 2026 GMT
Subject: CN=9cf7d23fca278d626262c5c906135854721c208a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:16:13:11:33:75:e8:42:27:9b:c3:73:9e:0c:
42:56:d4:f8:58:e6:47:fe:78:52:d6:b8:7a:19:d1:
69:38:e7:75:2c:c7:d8:6e:07:9a:0d:5f:6c:c6:be:
70:85:0b:69:13:84:f9:ff:e0:dd:37:44:41:95:bd:
77:5a:3a:96:94:cd:50:b2:b3:b3:90:73:47:c6:72:
bd:73:ad:cf:53:40:41:d9:35:72:b2:49:fd:1e:84:
de:4f:12:95:5f:d2:67:16:96:4a:c7:6c:43:a9:50:
9a:f9:a2:ae:39:aa:b1:46:ef:fa:a1:03:06:b0:38:
bc:ad:cb:37:f0:de:74:32:23:64:ec:5d:58:e1:29:
c8:2e:10:7b:24:38:f8:fa:c4:81:ac:55:b9:12:46:
7b:a0:72:27:a9:08:ba:0e:65:a8:6e:ba:15:ed:03:
f4:0c:c9:70:63:68:93:01:1b:8a:d3:53:0d:12:af:
76:96:8d:b5:c4:5f:4f:fb:1f:9f:06:4f:0b:94:ce:
b0:51:fd:2e:bd:d7:78:d7:ce:6a:13:c5:b9:51:d3:
26:5c:81:d7:bf:13:fa:9c:5c:d3:2a:b2:be:8f:1e:
ee:bb:54:48:48:18:33:5e:86:99:8f:97:40:3a:fc:
54:b3:a1:91:f5:7c:7c:ad:8f:5e:38:93:19:3c:e9:
48:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F7:D2:3F:CA:27:8D:62:62:62:C5:C9:06:13:58:54:72:1C:20:8A
X509v3 Authority Key Identifier:
keyid:6A:10:B7:C5:4E:6F:95:B1:D9:B8:4A:AC:3D:9D:A7:42:A0:E0:2A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:86:86:7d:c2:e4:d1:70:97:97:d8:74:47:85:4b:bf:a7:c0:
5f:4c:17:cd:a5:a2:a7:50:dc:05:7b:38:de:02:d1:98:70:f7:
e9:c0:22:a0:6f:52:2a:4d:a8:46:fd:15:22:b0:64:cc:45:26:
ae:d2:c6:8b:a6:c9:be:58:12:69:11:cc:06:af:72:47:ce:9c:
1d:93:49:e8:3b:bc:6e:b3:1c:a7:ff:1a:23:9a:3f:41:a1:9d:
11:3c:b4:36:2f:97:e4:58:40:ee:44:8a:70:26:5c:18:5b:a9:
20:19:bc:8f:c9:bd:93:6d:83:84:60:de:0f:6d:e2:91:ec:3e:
ff:d0:11:32:1e:78:64:e5:4a:47:a9:5c:48:10:c6:39:68:42:
62:6d:c8:f4:a1:f0:17:aa:07:2b:fa:e1:f9:22:2c:d0:44:88:
1f:2c:46:e3:e9:48:bd:5f:84:81:d1:c2:cd:10:e2:a3:e8:fa:
58:4d:3c:ef:59:11:51:23:55:3a:56:eb:50:e8:bf:3b:57:e1:
ed:9d:5f:84:7d:79:62:fa:1b:e5:69:a5:94:33:e6:58:69:dd:
0e:42:ed:56:9b:6d:31:53:db:f6:d7:dc:a8:94:b9:82:2b:8a:
7f:80:af:06:e8:e4:89:1a:8d:e9:b3:20:19:3f:f4:5a:38:fd:
cd:4f:99:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA9s8KV2baDrnHsQgPBKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMTBiN2M1NGU2Zjk1YjFkOWI4NGFhYzNkOWRhNzQyYTBl
MDJhNmMwHhcNMjYwMzI1MjIwMDU3WhcNMjYwMzI2MjIwMDU3WjAzMTEwLwYDVQQD
Eyg5Y2Y3ZDIzZmNhMjc4ZDYyNjI2MmM1YzkwNjEzNTg1NDcyMWMyMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBYTETN16EInm8NzngxCVtT4WOZH
/nhS1rh6GdFpOOd1LMfYbgeaDV9sxr5whQtpE4T5/+DdN0RBlb13WjqWlM1QsrOz
kHNHxnK9c63PU0BB2TVyskn9HoTeTxKVX9JnFpZKx2xDqVCa+aKuOaqxRu/6oQMG
sDi8rcs38N50MiNk7F1Y4SnILhB7JDj4+sSBrFW5EkZ7oHInqQi6DmWobroV7QP0
DMlwY2iTARuK01MNEq92lo21xF9P+x+fBk8LlM6wUf0uvdd4185qE8W5UdMmXIHX
vxP6nFzTKrK+jx7uu1RISBgzXoaZj5dAOvxUs6GR9Xx8rY9eOJMZPOlItwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJz30j/KJ41iYmLFyQYTWFRyHCCKMB8GA1UdIwQY
MBaAFGoQt8VOb5Wx2bhKrD2dp0Kg4CpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWhDM3hVNXZsYkhadUVxc1BaMm5RcURnS213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS84YTJlODUtOTQ4MC00MWEyLWEyNTUt
MmRjYWQ2ZWU3MWZiLzEvYWhDM3hVNXZsYkhadUVxc1BaMm5RcURnS213Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS84YTJlODUtOTQ4MC00MWEyLWEyNTUtMmRjYWQ2ZWU3MWZi
LzEvYWhDM3hVNXZsYkhadUVxc1BaMm5RcURnS213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABIaGfcLk
0XCXl9h0R4VLv6fAX0wXzaWip1DcBXs43gLRmHD36cAioG9SKk2oRv0VIrBkzEUm
rtLGi6bJvlgSaRHMBq9yR86cHZNJ6Du8brMcp/8aI5o/QaGdETy0Ni+X5FhA7kSK
cCZcGFupIBm8j8m9k22DhGDeD23ikew+/9ARMh54ZOVKR6lcSBDGOWhCYm3I9KHw
F6oHK/rh+SIs0ESIHyxG4+lIvV+EgdHCzRDio+j6WE0871kRUSNVOlbrUOi/O1fh
7Z1fhH15Yvob5WmllDPmWGndDkLtVpttMVPb9tfcqJS5giuKf4CvBujkiRqN6bMg
GT/0Wjj9zU+Zfg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:26:23 2026 by rpki-client