Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
File: AFA0jPYGQvVOyQck3niqoD3NOOE.mft (raw, json)
Hash identifier: WzDdB8Nzx3uQaZP6W56Lks6BHsBSXM1H7pdp1R7eOxI=
Subject key identifier: CA:37:86:5D:69:49:C4:70:2E:EE:EA:43:C8:6A:05:67:2C:CB:5D:82
Authority key identifier: 00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1
Certificate issuer: /CN=0050348cf60642f54ec90724de78aaa03dcd38e1
Certificate serial: 019D28F239F98448D61E1F3DC8C64E4E4473
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
Manifest number: 1032
Signing time: Thu 26 Mar 2026 07:00:56 +0000
Manifest this update: Thu 26 Mar 2026 07:00:56 +0000
Manifest next update: Fri 27 Mar 2026 07:00:56 +0000
Files and hashes: 1: AFA0jPYGQvVOyQck3niqoD3NOOE.crl (hash: VQbn/U76fmpIGHcXsvtzG1I7xOgrUS2hUG7hxI4MAB8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:f2:39:f9:84:48:d6:1e:1f:3d:c8:c6:4e:4e:44:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0050348cf60642f54ec90724de78aaa03dcd38e1
Validity
Not Before: Mar 26 07:00:56 2026 GMT
Not After : Mar 27 07:00:56 2026 GMT
Subject: CN=ca37865d6949c4702eeeea43c86a05672ccb5d82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:80:7a:03:47:86:cb:d2:9b:28:ae:b9:39:83:
14:6e:3e:d4:8e:dd:ef:29:80:bf:12:16:0b:e5:34:
d4:34:df:b5:4e:00:6d:5b:e1:22:b7:06:00:60:fb:
b9:36:67:56:07:77:e8:64:98:c6:92:e5:36:e3:d3:
66:8b:07:5e:fb:ae:c9:2f:88:02:8b:14:3f:20:c7:
b0:f8:89:ea:8d:55:9c:81:51:72:57:f4:04:81:62:
21:57:a9:ec:56:d1:da:74:a6:79:d0:15:e1:9d:45:
2f:ec:1f:84:d1:45:98:fe:be:ef:2a:6a:ef:3c:0c:
df:01:50:4e:b5:af:c0:45:0a:11:9c:71:49:d6:23:
a8:d8:e9:ed:09:c1:eb:a7:fd:81:2c:7a:f3:74:09:
e6:68:ca:11:01:f1:b5:11:14:85:2e:23:ee:ec:ec:
27:68:a3:51:04:9a:6c:0b:98:d9:93:59:7a:d2:48:
a6:35:13:97:a0:a7:6d:41:e7:c6:c7:bb:7e:19:ce:
0b:27:e7:87:20:58:e7:fd:e3:1f:bd:6d:89:00:70:
2e:42:64:6a:e0:f1:7d:93:02:a1:7f:42:fc:99:0b:
4c:8d:94:30:fd:9f:0f:e3:c5:5d:c0:2f:04:7e:80:
5a:ce:9c:92:24:62:e3:6f:af:f2:d1:05:9a:dd:f4:
35:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:37:86:5D:69:49:C4:70:2E:EE:EA:43:C8:6A:05:67:2C:CB:5D:82
X509v3 Authority Key Identifier:
keyid:00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:52:e1:8a:de:26:14:4f:f3:c4:3f:f4:7c:61:a3:a6:5f:45:
dd:70:37:d5:79:72:57:b3:6e:bf:46:50:45:70:ac:21:e5:cc:
40:c9:f2:54:bd:b6:06:5a:d7:5d:f6:46:b9:3e:9c:13:8d:b4:
20:ef:d3:01:78:1e:80:f1:36:3a:e5:28:a8:42:10:da:b4:6d:
a4:a8:8e:65:26:81:89:4e:de:f4:bd:bd:99:76:5e:a4:6b:ce:
06:eb:00:86:03:ff:48:8f:7c:c8:1f:77:04:f6:13:40:4c:cf:
78:2e:e8:d8:a5:52:67:85:ab:d2:ea:fb:05:e1:2d:0c:8c:f8:
21:4b:ad:5c:a1:11:2f:2d:62:8a:fe:fc:da:5f:94:91:9c:e3:
4c:06:dd:50:a9:cf:92:5b:e0:e7:dd:58:4f:0c:8e:de:1e:61:
45:26:76:4d:b9:96:39:6b:9a:07:0c:50:db:1e:c0:22:e3:8e:
70:eb:4b:54:93:3b:c7:0c:2a:27:02:46:98:94:e7:0e:d0:af:
97:2f:51:66:9c:8d:96:f1:ef:43:fc:3a:81:90:19:19:bb:db:
a2:85:0e:16:a1:37:91:73:40:2a:ae:50:50:01:2d:f3:33:3d:
d0:65:30:9a:a0:68:b7:b4:06:de:bb:f0:dc:47:e4:11:d6:e8:
3e:09:c6:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8jn5hEjWHh89yMZOTkRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTAzNDhjZjYwNjQyZjU0ZWM5MDcyNGRlNzhhYWEwM2Rj
ZDM4ZTEwHhcNMjYwMzI2MDcwMDU2WhcNMjYwMzI3MDcwMDU2WjAzMTEwLwYDVQQD
EyhjYTM3ODY1ZDY5NDljNDcwMmVlZWVhNDNjODZhMDU2NzJjY2I1ZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoB6A0eGy9KbKK65OYMUbj7Ujt3v
KYC/EhYL5TTUNN+1TgBtW+EitwYAYPu5NmdWB3foZJjGkuU249Nmiwde+67JL4gC
ixQ/IMew+InqjVWcgVFyV/QEgWIhV6nsVtHadKZ50BXhnUUv7B+E0UWY/r7vKmrv
PAzfAVBOta/ARQoRnHFJ1iOo2OntCcHrp/2BLHrzdAnmaMoRAfG1ERSFLiPu7Own
aKNRBJpsC5jZk1l60kimNROXoKdtQefGx7t+Gc4LJ+eHIFjn/eMfvW2JAHAuQmRq
4PF9kwKhf0L8mQtMjZQw/Z8P48VdwC8EfoBazpySJGLjb6/y0QWa3fQ1+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMo3hl1pScRwLu7qQ8hqBWcsy12CMB8GA1UdIwQY
MBaAFABQNIz2BkL1TskHJN54qqA9zTjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2Et
ZTU0YjA2YTkzNTI2LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2EtZTU0YjA2YTkzNTI2
LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASlLhit4m
FE/zxD/0fGGjpl9F3XA31XlyV7Nuv0ZQRXCsIeXMQMnyVL22BlrXXfZGuT6cE420
IO/TAXgegPE2OuUoqEIQ2rRtpKiOZSaBiU7e9L29mXZepGvOBusAhgP/SI98yB93
BPYTQEzPeC7o2KVSZ4Wr0ur7BeEtDIz4IUutXKERLy1iiv782l+UkZzjTAbdUKnP
klvg591YTwyO3h5hRSZ2TbmWOWuaBwxQ2x7AIuOOcOtLVJM7xwwqJwJGmJTnDtCv
ly9RZpyNlvHvQ/w6gZAZGbvbooUOFqE3kXNAKq5QUAEt8zM90GUwmqBot7QG3rvw
3EfkEdboPgnGLw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:38:15 2026 by rpki-client