Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft
File: AYGCKpyioAj1zRG5-duhbuLGFFk.mft (raw, json)
Hash identifier: jPjg/IOVWV4/1p4Tv7tYIyywSDSQixAsYdYNSfICaso=
Subject key identifier: 7A:F8:54:ED:EB:9A:35:EF:BF:DA:F3:10:5A:39:C8:F5:9D:93:39:21
Authority key identifier: 01:81:82:2A:9C:A2:A0:08:F5:CD:11:B9:F9:DB:A1:6E:E2:C6:14:59
Certificate issuer: /CN=0181822a9ca2a008f5cd11b9f9dba16ee2c61459
Certificate serial: 019D299779D16F3416E7EA30E515F616DD72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AYGCKpyioAj1zRG5-duhbuLGFFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft
Manifest number: 03CD
Signing time: Thu 26 Mar 2026 10:01:26 +0000
Manifest this update: Thu 26 Mar 2026 10:01:26 +0000
Manifest next update: Fri 27 Mar 2026 10:01:26 +0000
Files and hashes: 1: AYGCKpyioAj1zRG5-duhbuLGFFk.crl (hash: qpRoZoFiQX2aJsmaxVGELNha46eO37/sZmQcaccB5L8=)
2: Ys_4DR1wULGBNA_eDYgXZEWOD2Q.roa (hash: qjKc7M+pEY0qhXBmrNC0EBe740v+5vXbrYaxAIWy74Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft
rsync://rpki.ripe.net/repository/DEFAULT/AYGCKpyioAj1zRG5-duhbuLGFFk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:97:79:d1:6f:34:16:e7:ea:30:e5:15:f6:16:dd:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0181822a9ca2a008f5cd11b9f9dba16ee2c61459
Validity
Not Before: Mar 26 10:01:26 2026 GMT
Not After : Mar 27 10:01:26 2026 GMT
Subject: CN=7af854edeb9a35efbfdaf3105a39c8f59d933921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1a:3f:eb:55:78:1e:f6:7f:5c:6d:c0:2d:26:
49:2d:a8:a0:7a:dd:ea:39:b7:9c:a0:e5:d2:17:44:
2a:8c:fc:33:d0:2d:19:40:d9:05:77:c1:53:e6:37:
84:35:65:1c:de:33:6e:13:71:8e:11:cb:79:44:c2:
a6:63:ae:40:13:72:b1:16:96:b0:31:10:0e:0a:28:
d3:63:7a:86:04:86:2d:80:2a:2f:51:bb:c3:58:97:
cf:12:97:7f:c9:41:56:a8:44:48:d4:61:3d:6e:69:
04:f3:e3:e4:28:91:f2:6b:65:95:cd:f5:56:44:4f:
77:05:bc:88:c1:72:1a:e9:47:2e:48:e8:98:51:8e:
d4:51:e6:a8:93:a8:f6:18:13:65:4a:4f:bf:c3:4c:
e6:64:41:dd:f2:e7:c5:be:87:a8:36:66:7e:63:42:
9f:4b:6a:6b:6d:69:8a:df:34:c9:64:50:8e:9b:a3:
67:3b:6a:1a:f3:69:b3:86:fd:5a:41:95:66:3c:ad:
20:a9:01:f5:23:b9:b8:ce:2a:fc:86:f8:d1:03:28:
c3:ea:ba:b7:23:14:8f:10:19:fd:25:f6:b7:72:d5:
00:dc:06:a6:c1:92:71:ec:15:9e:9f:64:8d:77:ea:
db:d3:10:ff:30:b4:0b:8c:83:13:99:5d:20:54:bd:
a4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:F8:54:ED:EB:9A:35:EF:BF:DA:F3:10:5A:39:C8:F5:9D:93:39:21
X509v3 Authority Key Identifier:
keyid:01:81:82:2A:9C:A2:A0:08:F5:CD:11:B9:F9:DB:A1:6E:E2:C6:14:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AYGCKpyioAj1zRG5-duhbuLGFFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:2e:e6:28:62:f2:8a:4e:50:87:6d:c2:00:51:c0:41:ed:85:
51:fc:49:eb:33:e7:23:d7:5d:5d:29:bd:71:03:b2:39:6e:37:
e5:eb:f5:20:16:82:1b:0c:08:c1:e3:21:43:04:3e:3a:1a:e7:
7d:21:72:1f:05:6d:d5:86:d0:94:56:93:80:31:02:3a:33:c2:
6f:db:62:cd:16:da:f8:79:1b:c5:e2:e0:33:9a:ec:92:92:75:
d4:24:7a:95:bb:8e:00:63:a1:23:23:a0:91:37:70:57:51:38:
15:b5:95:f7:ff:2d:9a:9b:82:46:52:fd:81:48:30:91:d9:b6:
21:5c:29:27:e9:3f:8d:ac:59:a6:53:6c:48:82:4a:81:bd:7d:
8f:57:67:a1:56:e6:6c:d5:00:74:dd:54:58:28:b3:8c:7e:cc:
f9:49:4e:76:e7:70:f4:c7:8b:66:b4:0e:70:60:0a:aa:85:17:
f6:11:35:db:88:23:a2:b0:0a:05:b3:85:a6:5e:bb:29:8b:34:
0c:83:3a:81:14:ee:76:76:95:38:23:9e:5a:79:61:14:17:92:
a9:98:0e:21:23:8d:ed:9d:ef:24:a8:0b:27:94:83:1e:a3:ae:
be:34:91:43:66:ca:f5:98:9b:da:d4:26:56:c3:77:5c:fe:a5:
db:85:f8:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pl3nRbzQW5+ow5RX2Ft1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxODE4MjJhOWNhMmEwMDhmNWNkMTFiOWY5ZGJhMTZlZTJj
NjE0NTkwHhcNMjYwMzI2MTAwMTI2WhcNMjYwMzI3MTAwMTI2WjAzMTEwLwYDVQQD
Eyg3YWY4NTRlZGViOWEzNWVmYmZkYWYzMTA1YTM5YzhmNTlkOTMzOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRo/61V4HvZ/XG3ALSZJLaiget3q
ObecoOXSF0QqjPwz0C0ZQNkFd8FT5jeENWUc3jNuE3GOEct5RMKmY65AE3KxFpaw
MRAOCijTY3qGBIYtgCovUbvDWJfPEpd/yUFWqERI1GE9bmkE8+PkKJHya2WVzfVW
RE93BbyIwXIa6UcuSOiYUY7UUeaok6j2GBNlSk+/w0zmZEHd8ufFvoeoNmZ+Y0Kf
S2prbWmK3zTJZFCOm6NnO2oa82mzhv1aQZVmPK0gqQH1I7m4zir8hvjRAyjD6rq3
IxSPEBn9Jfa3ctUA3AamwZJx7BWen2SNd+rb0xD/MLQLjIMTmV0gVL2kUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHr4VO3rmjXvv9rzEFo5yPWdkzkhMB8GA1UdIwQY
MBaAFAGBgiqcoqAI9c0RufnboW7ixhRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVlHQ0tweWlvQWoxelJHNS1kdWhidUxHRkZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zZTk1MjUtYTJjZS00ZTkwLTkwMGQt
ODBkNDk0NTkxMWRkLzEvQVlHQ0tweWlvQWoxelJHNS1kdWhidUxHRkZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zZTk1MjUtYTJjZS00ZTkwLTkwMGQtODBkNDk0NTkxMWRk
LzEvQVlHQ0tweWlvQWoxelJHNS1kdWhidUxHRkZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAS7mKGLy
ik5Qh23CAFHAQe2FUfxJ6zPnI9ddXSm9cQOyOW435ev1IBaCGwwIweMhQwQ+Ohrn
fSFyHwVt1YbQlFaTgDECOjPCb9tizRba+HkbxeLgM5rskpJ11CR6lbuOAGOhIyOg
kTdwV1E4FbWV9/8tmpuCRlL9gUgwkdm2IVwpJ+k/jaxZplNsSIJKgb19j1dnoVbm
bNUAdN1UWCizjH7M+UlOdudw9MeLZrQOcGAKqoUX9hE124gjorAKBbOFpl67KYs0
DIM6gRTudnaVOCOeWnlhFBeSqZgOISON7Z3vJKgLJ5SDHqOuvjSRQ2bK9Zib2tQm
VsN3XP6l24X4RQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:52:41 2026 by rpki-client