Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
File: AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft (raw, json)
Hash identifier: nnr2AV8GEW6uQbL3MT1IfEqWrK7OnHbkaAw9i1iGpcA=
Subject key identifier: AF:10:F2:5C:93:B8:4D:9E:E1:AA:1D:C2:80:47:B2:CC:7A:D5:41:78
Authority key identifier: 00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
Certificate issuer: /CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Certificate serial: 019D299719711D2050046CB16DA663B719D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
Manifest number: 188A
Signing time: Thu 26 Mar 2026 10:01:01 +0000
Manifest this update: Thu 26 Mar 2026 10:01:01 +0000
Manifest next update: Fri 27 Mar 2026 10:01:01 +0000
Files and hashes: 1: AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl (hash: LYOP1+yTrdGs3KSyfYdBf+yY891vAKqgee2ZTXII6Ts=)
2: GSCpplFtfkTN5C3emWdSBHM2s_U.roa (hash: uafjHLArE68enYzHEZipyUcJy+2TVAQsxPWk3VzbutI=)
3: T4PSpNaqkAOQJjuBdAFdx3zKgyY.roa (hash: sU9bxlF1T+hrGzv9LaagfpQyLm85yMt1O7DFm4yEcJY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:97:19:71:1d:20:50:04:6c:b1:6d:a6:63:b7:19:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Validity
Not Before: Mar 26 10:01:01 2026 GMT
Not After : Mar 27 10:01:01 2026 GMT
Subject: CN=af10f25c93b84d9ee1aa1dc28047b2cc7ad54178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c9:e7:07:cd:d5:89:d9:fd:6e:38:52:57:89:
97:8d:cb:21:d3:ef:a0:01:a8:37:b7:7e:f5:61:b2:
20:fd:e0:d3:aa:8d:7f:22:52:84:93:f1:eb:3c:57:
2a:7f:16:74:a2:0b:df:f0:13:f8:a1:72:89:63:b4:
5c:8f:0c:c6:a2:84:1f:70:78:0c:21:04:c7:47:6c:
af:70:98:57:ba:27:a7:40:a9:67:c0:cb:73:00:72:
dd:9c:5d:3d:db:e4:2f:05:bc:66:58:2a:12:4b:55:
6f:d2:b8:7b:39:78:07:8a:e9:06:72:52:12:cd:af:
77:00:da:a1:b5:07:a0:f5:f7:79:61:8d:c6:57:ae:
4c:63:17:fb:86:ac:0a:64:45:58:97:3c:20:29:05:
6a:d5:69:e3:37:b6:f4:db:35:c3:7a:81:81:dd:0b:
34:9a:86:0e:d5:b0:c7:6d:94:36:e0:0c:42:dd:de:
14:b8:6d:4a:e5:7d:dc:28:c4:4f:cf:53:9e:85:b3:
80:c6:26:9f:2f:4d:5e:13:a6:5f:9f:84:65:82:23:
c1:e7:89:22:8e:55:e7:c8:b4:57:ba:aa:65:67:13:
fa:25:17:51:6c:bd:3a:a3:fa:6b:41:81:96:b5:bf:
54:28:09:e6:17:69:93:05:f1:89:49:95:3c:6a:75:
c3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:10:F2:5C:93:B8:4D:9E:E1:AA:1D:C2:80:47:B2:CC:7A:D5:41:78
X509v3 Authority Key Identifier:
keyid:00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:63:f5:cc:a2:69:67:a5:ba:4e:5c:06:55:8e:f1:f3:f1:a2:
8d:cf:ce:2e:d8:27:86:aa:6a:1c:e8:62:b3:19:5e:2a:1e:b2:
af:21:d4:6c:82:8b:8c:77:26:5d:b5:1c:84:94:b1:49:bd:c6:
e8:98:8d:fb:7c:90:dd:c3:44:fb:3b:47:b2:85:c1:00:7e:b3:
2a:3e:90:7c:ce:48:12:00:2d:1f:4b:37:1f:bf:20:3f:23:cb:
6c:38:da:0e:87:1d:7c:b8:82:8b:9f:c5:c3:8a:ee:58:c1:4f:
b4:80:ad:c4:4c:9a:a5:75:dd:d6:1b:31:29:41:bc:42:2c:f5:
08:d5:4f:85:f1:a7:a7:ef:da:11:e1:e4:ce:48:8d:09:fe:02:
2a:e0:c6:d2:f3:c7:18:ae:ed:89:d4:1d:f0:d7:b8:29:39:3c:
49:14:97:84:22:ab:fd:55:b2:9d:93:84:cd:29:51:2b:be:05:
58:c5:98:f4:4e:64:be:29:df:07:77:96:4d:f8:ae:e1:df:b8:
45:0b:f5:38:1c:ae:95:da:1a:af:04:df:e1:68:34:b3:6e:59:
f1:61:b5:f2:85:16:9c:bb:b4:3a:c1:8c:48:de:a4:59:59:c7:
c7:85:91:32:70:47:2c:b8:22:50:e9:8b:4f:20:d4:73:42:f5:
b6:13:67:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plxlxHSBQBGyxbaZjtxnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzJjMDhmNzRkMmE4NDJhNzFmMjNhYjYxNDk5YjUyNjk0
ZmM3YTUwHhcNMjYwMzI2MTAwMTAxWhcNMjYwMzI3MTAwMTAxWjAzMTEwLwYDVQQD
EyhhZjEwZjI1YzkzYjg0ZDllZTFhYTFkYzI4MDQ3YjJjYzdhZDU0MTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMnnB83Vidn9bjhSV4mXjcsh0++g
Aag3t371YbIg/eDTqo1/IlKEk/HrPFcqfxZ0ogvf8BP4oXKJY7RcjwzGooQfcHgM
IQTHR2yvcJhXuienQKlnwMtzAHLdnF092+QvBbxmWCoSS1Vv0rh7OXgHiukGclIS
za93ANqhtQeg9fd5YY3GV65MYxf7hqwKZEVYlzwgKQVq1WnjN7b02zXDeoGB3Qs0
moYO1bDHbZQ24AxC3d4UuG1K5X3cKMRPz1OehbOAxiafL01eE6Zfn4RlgiPB54ki
jlXnyLRXuqplZxP6JRdRbL06o/prQYGWtb9UKAnmF2mTBfGJSZU8anXDBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8Q8lyTuE2e4aodwoBHssx61UF4MB8GA1UdIwQY
MBaAFABywI900qhCpx8jq2FJm1JpT8elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYt
NjY3ZDY2NDY5Y2Q5LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYtNjY3ZDY2NDY5Y2Q5
LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVGP1zKJp
Z6W6TlwGVY7x8/Gijc/OLtgnhqpqHOhisxleKh6yryHUbIKLjHcmXbUchJSxSb3G
6JiN+3yQ3cNE+ztHsoXBAH6zKj6QfM5IEgAtH0s3H78gPyPLbDjaDocdfLiCi5/F
w4ruWMFPtICtxEyapXXd1hsxKUG8Qiz1CNVPhfGnp+/aEeHkzkiNCf4CKuDG0vPH
GK7tidQd8Ne4KTk8SRSXhCKr/VWynZOEzSlRK74FWMWY9E5kvinfB3eWTfiu4d+4
RQv1OByuldoarwTf4Wg0s25Z8WG18oUWnLu0OsGMSN6kWVnHx4WRMnBHLLgiUOmL
TyDUc0L1thNn1Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:29:58 2026 by rpki-client