Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
File: afAHCvh31rmGswe5vATvGcRAQz0.mft (raw, json)
Hash identifier: ebJRggZ7X/dj/0APtDEhbJvRpkpb02ZfYorKEGmfMYc=
Subject key identifier: D0:60:57:E7:28:02:0E:A6:63:86:40:3A:1E:93:43:B8:A0:EE:CF:BA
Authority key identifier: 69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D
Certificate issuer: /CN=69f0070af877d6b986b307b9bc04ef19c440433d
Certificate serial: 019D29CE22616A8554CD0022253BCDF3B93F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
Manifest number: 0ABC
Signing time: Thu 26 Mar 2026 11:01:08 +0000
Manifest this update: Thu 26 Mar 2026 11:01:08 +0000
Manifest next update: Fri 27 Mar 2026 11:01:08 +0000
Files and hashes: 1: afAHCvh31rmGswe5vATvGcRAQz0.crl (hash: C3gKQRwkMDwUUTeuCfI139Q6sndVWZ30RqM+ww+/n+g=)
2: dkw8BE0MteDejxs-2qVpeffd5cE.roa (hash: OLIzwrtSctTD4rRGWSFchziybsw/DjSgiuUvhAPMb0Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:22:61:6a:85:54:cd:00:22:25:3b:cd:f3:b9:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69f0070af877d6b986b307b9bc04ef19c440433d
Validity
Not Before: Mar 26 11:01:08 2026 GMT
Not After : Mar 27 11:01:08 2026 GMT
Subject: CN=d06057e728020ea66386403a1e9343b8a0eecfba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:69:39:32:23:d6:d3:b9:f0:7a:d8:59:76:aa:
ca:42:fb:58:c1:2b:a5:39:45:49:4e:d3:6d:16:03:
ef:8b:90:91:b8:68:1e:1d:55:7e:e0:bb:12:e3:dd:
06:8d:db:40:6d:18:a6:67:cc:77:c5:d2:85:c5:92:
8c:7d:7d:7d:e0:52:46:2c:f6:6d:3f:5a:e2:df:d5:
79:f7:8d:35:a7:03:bb:d5:e4:22:d8:5c:d9:6a:9d:
c2:12:2e:de:41:98:09:36:68:23:71:09:96:f0:56:
c4:52:fb:c2:e2:04:1c:4a:82:1e:8a:c9:82:34:1a:
26:e9:e9:da:c4:c3:2a:27:03:e3:9b:d5:a9:2a:d6:
77:1f:d0:71:75:d6:6c:10:1a:f4:50:09:0f:a2:c4:
41:de:bc:ce:66:9c:94:7c:02:9f:4c:93:10:18:6c:
b9:2d:8c:cb:c1:14:06:8a:b8:04:22:bc:20:2b:9c:
70:3f:80:be:eb:97:8b:c3:18:d3:1a:20:88:5b:0a:
a0:b3:e6:b2:27:70:a8:fe:e4:d7:42:e8:b4:9a:cb:
21:c8:e9:03:4c:cd:5d:8e:5a:2d:de:19:43:25:7b:
66:76:d8:85:f7:29:8c:58:0b:cf:d6:63:e3:bf:c9:
51:30:65:72:9f:36:74:92:30:d1:a3:e2:97:11:b1:
79:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:60:57:E7:28:02:0E:A6:63:86:40:3A:1E:93:43:B8:A0:EE:CF:BA
X509v3 Authority Key Identifier:
keyid:69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:6f:71:51:55:72:45:e7:46:20:fd:1a:4b:e7:9b:5e:f8:20:
a5:92:a0:81:83:ca:29:73:87:9e:7f:ab:7f:fa:6e:ed:69:fc:
42:14:26:7c:f6:5c:0c:40:9f:a1:74:0c:2d:e9:5c:e5:97:ff:
a8:95:6f:b7:d9:a9:f5:5e:63:bf:7f:81:35:b2:a4:a0:f3:ba:
03:a6:ec:f9:3f:97:24:9b:bb:86:35:8f:6e:6b:66:51:89:5a:
45:b4:d7:be:57:c2:64:5d:ae:18:0e:28:79:5f:ca:e1:c6:d8:
34:f9:36:e8:51:a2:2f:6d:d8:85:8c:5e:05:54:b9:2b:26:81:
36:19:22:1c:57:f9:23:bd:34:f8:8f:94:03:60:f1:9c:64:b3:
13:f4:26:e9:8f:80:3e:20:27:e6:c5:2c:8a:e0:c7:f4:b7:74:
b5:85:8d:33:9a:c3:62:9a:43:bb:0e:ad:0d:b6:ed:11:e7:ed:
5e:85:80:3b:b4:ac:66:8f:fc:f5:89:d4:72:73:4c:f8:c2:ed:
33:9c:5b:74:4a:2b:f9:66:70:df:1e:4b:53:e4:42:9b:db:aa:
a9:b3:27:e2:9d:40:af:0e:92:37:56:fb:a8:1e:2c:ef:be:79:
cd:06:9f:59:8e:22:11:de:9f:0e:ef:0f:57:ab:23:db:66:d7:
ab:e4:69:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pziJhaoVUzQAiJTvN87k/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZjAwNzBhZjg3N2Q2Yjk4NmIzMDdiOWJjMDRlZjE5YzQ0
MDQzM2QwHhcNMjYwMzI2MTEwMTA4WhcNMjYwMzI3MTEwMTA4WjAzMTEwLwYDVQQD
EyhkMDYwNTdlNzI4MDIwZWE2NjM4NjQwM2ExZTkzNDNiOGEwZWVjZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGk5MiPW07nwethZdqrKQvtYwSul
OUVJTtNtFgPvi5CRuGgeHVV+4LsS490GjdtAbRimZ8x3xdKFxZKMfX194FJGLPZt
P1ri39V59401pwO71eQi2FzZap3CEi7eQZgJNmgjcQmW8FbEUvvC4gQcSoIeismC
NBom6enaxMMqJwPjm9WpKtZ3H9BxddZsEBr0UAkPosRB3rzOZpyUfAKfTJMQGGy5
LYzLwRQGirgEIrwgK5xwP4C+65eLwxjTGiCIWwqgs+ayJ3Co/uTXQui0msshyOkD
TM1djlot3hlDJXtmdtiF9ymMWAvP1mPjv8lRMGVynzZ0kjDRo+KXEbF5UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBgV+coAg6mY4ZAOh6TQ7ig7s+6MB8GA1UdIwQY
MBaAFGnwBwr4d9a5hrMHubwE7xnEQEM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMt
NjM4OTIyMGIyNmM2LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMtNjM4OTIyMGIyNmM2
LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF29xUVVy
RedGIP0aS+ebXvggpZKggYPKKXOHnn+rf/pu7Wn8QhQmfPZcDECfoXQMLelc5Zf/
qJVvt9mp9V5jv3+BNbKkoPO6A6bs+T+XJJu7hjWPbmtmUYlaRbTXvlfCZF2uGA4o
eV/K4cbYNPk26FGiL23YhYxeBVS5KyaBNhkiHFf5I700+I+UA2DxnGSzE/Qm6Y+A
PiAn5sUsiuDH9Ld0tYWNM5rDYppDuw6tDbbtEeftXoWAO7SsZo/89YnUcnNM+MLt
M5xbdEor+WZw3x5LU+RCm9uqqbMn4p1Arw6SN1b7qB4s7755zQafWY4iEd6fDu8P
V6sj22bXq+RppA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:36:49 2026 by rpki-client