Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
File: 2afNm3hyoceqJis_rRqQdlAlKDI.mft (raw, json)
Hash identifier: dJ0bn2raGSvk1plNogJ/VWnIZl9GXEz8I3Dhv3+ysTs=
Subject key identifier: 75:95:A4:45:58:84:BE:00:AD:5D:34:CD:59:BB:79:55:82:1C:F3:9E
Authority key identifier: D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32
Certificate issuer: /CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832
Certificate serial: 019D273B3B25A0A4B7EC78AE535D2F59E37E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
Manifest number: 06AC
Signing time: Wed 25 Mar 2026 23:01:26 +0000
Manifest this update: Wed 25 Mar 2026 23:01:26 +0000
Manifest next update: Thu 26 Mar 2026 23:01:26 +0000
Files and hashes: 1: 2afNm3hyoceqJis_rRqQdlAlKDI.crl (hash: bho0ATHiPFcSDKVBrhTdIPbtpyT8mb/MIwCakqvBmy4=)
2: bkcUPSVyK1GtBOw35C6fpsJHCPw.roa (hash: 14nbBDwXuaYsul3Mhzz1OYQgsUX4OxdsMQADV56Zhh0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3b:3b:25:a0:a4:b7:ec:78:ae:53:5d:2f:59:e3:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832
Validity
Not Before: Mar 25 23:01:26 2026 GMT
Not After : Mar 26 23:01:26 2026 GMT
Subject: CN=7595a4455884be00ad5d34cd59bb7955821cf39e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1e:15:2a:14:4b:7a:f4:26:cd:c3:14:81:2b:
61:ad:e9:e4:e7:69:e8:b5:0e:22:10:17:92:95:f6:
8a:98:18:7d:1b:55:e8:87:fe:6d:c0:27:e5:6a:f4:
20:5d:f7:22:65:60:ee:94:cb:d8:25:61:2c:fe:22:
d3:67:e0:b8:2c:e8:ef:74:c6:1f:13:fe:39:e1:ff:
68:a6:85:62:47:4b:ab:6f:1e:66:bf:b6:9d:51:f7:
68:71:a6:2d:f2:7f:0b:21:e6:47:2a:ae:37:8e:58:
26:40:21:fc:51:16:a2:e7:c5:d1:b2:cb:c0:fc:26:
7c:cc:ad:8d:d7:ac:3a:00:39:42:3a:dd:7d:13:a7:
d2:1e:b6:32:f1:e7:2f:da:39:14:d3:9c:09:cb:2a:
e1:23:31:08:4b:ed:9a:f7:e7:80:6c:2c:1c:71:6f:
84:13:a3:c8:db:9d:fa:87:6a:68:a2:9a:bc:68:fd:
00:55:08:54:e0:75:5b:0a:40:44:ab:59:da:6c:6d:
09:50:e8:c8:da:09:92:80:06:31:be:29:7a:73:72:
d8:ea:8a:8b:bb:3d:2d:1d:73:c9:f3:a2:24:3c:44:
be:3f:a2:07:4a:a8:c5:4c:a6:90:85:3e:6d:9e:ed:
06:ea:f8:ed:33:25:4b:80:31:ee:d9:03:fc:d4:e0:
85:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:95:A4:45:58:84:BE:00:AD:5D:34:CD:59:BB:79:55:82:1C:F3:9E
X509v3 Authority Key Identifier:
keyid:D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c3:cc:0e:8d:ec:86:ed:53:60:e3:e0:ac:cc:50:7e:0c:95:c6:
c7:c6:50:07:42:13:f2:49:fc:9c:f3:ab:df:2f:ec:35:11:57:
49:50:4c:dc:a6:bf:42:92:0d:b2:7d:e3:34:eb:c9:3d:77:1e:
fe:b0:dd:3d:03:e0:23:b6:0c:09:3b:28:71:90:05:38:f2:18:
e7:9a:ed:df:4e:b5:63:f8:6e:8e:a0:38:f2:82:25:79:16:81:
95:87:c6:fe:8d:a0:31:89:2a:07:e4:56:d4:70:60:1a:48:10:
5a:1b:5f:05:69:44:75:7f:9f:7f:35:64:f8:e4:aa:2f:74:93:
95:b7:db:61:c1:67:62:b3:75:78:22:38:39:e9:a7:a7:e5:a9:
b0:d3:b4:25:c6:cd:e8:ac:d1:41:6f:d1:ae:78:1e:db:af:e9:
b3:72:2d:c6:a0:ef:3f:d9:0f:29:da:94:a3:86:4a:1f:6e:17:
a3:a1:ad:d6:ee:80:91:e1:0e:5e:2a:02:f9:f0:78:6d:99:b2:
82:95:06:f7:09:1a:7f:aa:96:e5:3c:8f:d3:43:34:37:9a:e4:
42:be:95:eb:8d:07:da:bf:b3:5b:ac:8b:cf:83:15:d9:56:35:
62:ad:4f:8b:18:59:ce:e8:48:58:0b:70:43:cd:54:f1:8d:23:
de:3a:41:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOzsloKS37HiuU10vWeN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTdjZDliNzg3MmExYzdhYTI2MmIzZmFkMWE5MDc2NTAy
NTI4MzIwHhcNMjYwMzI1MjMwMTI2WhcNMjYwMzI2MjMwMTI2WjAzMTEwLwYDVQQD
Eyg3NTk1YTQ0NTU4ODRiZTAwYWQ1ZDM0Y2Q1OWJiNzk1NTgyMWNmMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjh4VKhRLevQmzcMUgSthrenk52no
tQ4iEBeSlfaKmBh9G1Xoh/5twCflavQgXfciZWDulMvYJWEs/iLTZ+C4LOjvdMYf
E/454f9opoViR0urbx5mv7adUfdocaYt8n8LIeZHKq43jlgmQCH8URai58XRssvA
/CZ8zK2N16w6ADlCOt19E6fSHrYy8ecv2jkU05wJyyrhIzEIS+2a9+eAbCwccW+E
E6PI2536h2poopq8aP0AVQhU4HVbCkBEq1nabG0JUOjI2gmSgAYxvil6c3LY6oqL
uz0tHXPJ86IkPES+P6IHSqjFTKaQhT5tnu0G6vjtMyVLgDHu2QP81OCFowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHWVpEVYhL4ArV00zVm7eVWCHPOeMB8GA1UdIwQY
MBaAFNmnzZt4cqHHqiYrP60akHZQJSgyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQt
ZDA1YmU4YzVhNGIxLzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQtZDA1YmU4YzVhNGIx
LzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw8wOjeyG
7VNg4+CszFB+DJXGx8ZQB0IT8kn8nPOr3y/sNRFXSVBM3Ka/QpINsn3jNOvJPXce
/rDdPQPgI7YMCTsocZAFOPIY55rt3061Y/hujqA48oIleRaBlYfG/o2gMYkqB+RW
1HBgGkgQWhtfBWlEdX+ffzVk+OSqL3STlbfbYcFnYrN1eCI4Oemnp+WpsNO0JcbN
6KzRQW/Rrnge26/ps3ItxqDvP9kPKdqUo4ZKH24Xo6Gt1u6AkeEOXioC+fB4bZmy
gpUG9wkaf6qW5TyP00M0N5rkQr6V640H2r+zW6yLz4MV2VY1Yq1PixhZzuhIWAtw
Q81U8Y0j3jpBWg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:05:08 2026 by rpki-client