Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
File: raavh7Q2lN05mUwOMhQwaHVRny4.mft (raw, json)
Hash identifier: Cfs5o6tnKKzmd6Z3xB03Hy3IGr1mApDXlz24pEkZ5zA=
Subject key identifier: A7:CE:1B:1E:98:28:4C:3A:2A:0F:13:6A:DB:2F:41:16:87:E1:55:FD
Authority key identifier: AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E
Certificate issuer: /CN=ada6af87b43694dd39994c0e3214306875519f2e
Certificate serial: 019D2704605F86DD07D9AEC9E13359F549C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
Manifest number: 0DE2
Signing time: Wed 25 Mar 2026 22:01:31 +0000
Manifest this update: Wed 25 Mar 2026 22:01:31 +0000
Manifest next update: Thu 26 Mar 2026 22:01:31 +0000
Files and hashes: 1: raavh7Q2lN05mUwOMhQwaHVRny4.crl (hash: x9qYk3OkYr+7d0MV/0w31DHG1pIJs7hpRYdCPAvVbss=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:60:5f:86:dd:07:d9:ae:c9:e1:33:59:f5:49:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada6af87b43694dd39994c0e3214306875519f2e
Validity
Not Before: Mar 25 22:01:31 2026 GMT
Not After : Mar 26 22:01:31 2026 GMT
Subject: CN=a7ce1b1e98284c3a2a0f136adb2f411687e155fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:82:0d:cd:9e:fa:44:49:27:c4:18:1a:54:17:
1d:25:7a:9d:3b:e6:9e:5b:4b:d7:66:3b:49:e5:33:
f9:da:ea:f4:38:be:70:e6:d7:84:c1:53:1c:40:bf:
e7:ab:42:f6:0f:34:8e:3b:8d:24:5b:4e:d1:25:37:
0e:f3:1c:2b:72:5f:08:82:6a:3f:94:67:d0:ef:be:
28:66:9e:15:3f:18:a2:08:49:94:c6:30:a4:24:b2:
6d:d0:49:72:e7:12:71:43:e2:95:8a:82:61:ba:93:
a8:12:cf:42:b3:e7:3c:1a:30:4d:49:e3:dc:f5:b2:
a6:c4:cb:ea:c8:f2:53:2b:ca:04:69:b9:37:8d:4f:
72:37:d1:ed:82:83:56:a9:a5:30:b5:dd:15:df:9f:
0d:e9:03:d6:08:d2:ac:16:c3:f7:46:57:9a:b4:5a:
a7:34:2d:74:19:4e:3a:86:d3:31:6f:4a:27:c6:0d:
3b:46:09:ad:4d:46:14:51:c0:ed:8c:58:53:d6:47:
cc:d7:fb:36:9c:bd:6f:4f:ca:ea:f1:b7:d1:b2:9a:
f7:6c:1c:e3:11:80:5e:5e:5a:49:1f:c9:76:b3:8e:
74:bb:c7:71:bb:c1:df:d5:bd:69:79:66:0f:a3:02:
25:58:35:b2:25:fa:31:e4:78:09:cc:4f:2a:e6:07:
09:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:CE:1B:1E:98:28:4C:3A:2A:0F:13:6A:DB:2F:41:16:87:E1:55:FD
X509v3 Authority Key Identifier:
keyid:AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:ac:da:4f:2e:fc:f3:23:7f:62:34:62:66:50:3a:bf:bd:c5:
db:01:5f:2c:11:7b:26:96:ff:11:6b:a6:fa:07:9a:09:f8:43:
3b:2a:31:50:56:1b:68:a2:cb:65:34:ee:3b:b6:23:94:5d:61:
b0:d5:ca:79:6b:9c:99:a2:02:48:c0:83:3e:f1:9b:73:1b:2c:
53:6e:00:b7:e2:01:cf:3f:f5:d9:c4:eb:6d:1c:4f:3a:0c:c8:
c6:dd:fb:ce:37:81:67:a0:aa:21:82:05:4d:ab:48:7d:d0:99:
db:93:34:af:4f:75:df:c7:17:db:cd:d9:02:16:5f:5e:52:cd:
0d:7f:4a:2d:e6:64:38:db:72:cc:5b:57:93:41:e7:90:4a:59:
84:ab:01:0b:15:dc:5f:6c:9c:5d:2e:de:41:6c:29:72:91:c8:
91:3f:67:d1:af:12:29:17:29:d7:0a:b3:e1:e0:f3:00:33:db:
9f:15:92:9c:24:97:8b:60:40:c0:31:29:f5:d6:3e:25:a0:7d:
5b:d9:d1:d9:e9:89:97:c9:fa:ef:75:db:c2:72:a5:51:d9:27:
21:49:02:7d:61:e9:80:ca:c6:b5:53:32:95:53:21:a5:ee:40:
12:47:40:4c:c0:33:1f:18:cf:7a:38:54:5e:e4:35:82:e7:76:
c9:f4:a0:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBGBfht0H2a7J4TNZ9UnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTZhZjg3YjQzNjk0ZGQzOTk5NGMwZTMyMTQzMDY4NzU1
MTlmMmUwHhcNMjYwMzI1MjIwMTMxWhcNMjYwMzI2MjIwMTMxWjAzMTEwLwYDVQQD
EyhhN2NlMWIxZTk4Mjg0YzNhMmEwZjEzNmFkYjJmNDExNjg3ZTE1NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroINzZ76REknxBgaVBcdJXqdO+ae
W0vXZjtJ5TP52ur0OL5w5teEwVMcQL/nq0L2DzSOO40kW07RJTcO8xwrcl8Igmo/
lGfQ774oZp4VPxiiCEmUxjCkJLJt0Ely5xJxQ+KVioJhupOoEs9Cs+c8GjBNSePc
9bKmxMvqyPJTK8oEabk3jU9yN9HtgoNWqaUwtd0V358N6QPWCNKsFsP3RleatFqn
NC10GU46htMxb0onxg07RgmtTUYUUcDtjFhT1kfM1/s2nL1vT8rq8bfRspr3bBzj
EYBeXlpJH8l2s450u8dxu8Hf1b1peWYPowIlWDWyJfox5HgJzE8q5gcJbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKfOGx6YKEw6Kg8TatsvQRaH4VX9MB8GA1UdIwQY
MBaAFK2mr4e0NpTdOZlMDjIUMGh1UZ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDct
MzllMzU3Mzg0YWU0LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDctMzllMzU3Mzg0YWU0
LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN6zaTy78
8yN/YjRiZlA6v73F2wFfLBF7Jpb/EWum+geaCfhDOyoxUFYbaKLLZTTuO7YjlF1h
sNXKeWucmaICSMCDPvGbcxssU24At+IBzz/12cTrbRxPOgzIxt37zjeBZ6CqIYIF
TatIfdCZ25M0r09138cX283ZAhZfXlLNDX9KLeZkONtyzFtXk0HnkEpZhKsBCxXc
X2ycXS7eQWwpcpHIkT9n0a8SKRcp1wqz4eDzADPbnxWSnCSXi2BAwDEp9dY+JaB9
W9nR2emJl8n673XbwnKlUdknIUkCfWHpgMrGtVMylVMhpe5AEkdATMAzHxjPejhU
XuQ1gud2yfSgiw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:21:01 2026 by rpki-client