Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
File: af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft (raw, json)
Hash identifier: eK3eLgBNg1dK0ljaq5rkxgsGmuoLUcz0M6ld3jp5GvU=
Subject key identifier: DC:9E:EA:CE:55:6A:A9:6E:8D:73:F6:43:5E:C9:A1:7D:7D:F5:26:4F
Authority key identifier: 69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
Certificate issuer: /CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Certificate serial: 019D26CD0DE0799FE67D7C94E6197E57F3AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
Manifest number: 1886
Signing time: Wed 25 Mar 2026 21:01:05 +0000
Manifest this update: Wed 25 Mar 2026 21:01:05 +0000
Manifest next update: Thu 26 Mar 2026 21:01:05 +0000
Files and hashes: 1: HDFZ1nzAPhY5th4yTPNuqiO-Idw.roa (hash: BUbqdFYsXkOCO21qdCL7kVwV2KzcTLQ6Ol4gUVkwKWY=)
2: af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl (hash: ZzQifCnhHBnpMMTdNNmn67Zd9fB6E82942gDGG4GI2g=)
3: uJrBPbJuAzhkVZXNYxGhegbxeZE.roa (hash: vkQaOQJuuFQiTy2ZPMpaydP0z5Y6YEBLnSoStn62x7Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:cd:0d:e0:79:9f:e6:7d:7c:94:e6:19:7e:57:f3:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Validity
Not Before: Mar 25 21:01:05 2026 GMT
Not After : Mar 26 21:01:05 2026 GMT
Subject: CN=dc9eeace556aa96e8d73f6435ec9a17d7df5264f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:99:43:4a:b6:b8:d2:8a:68:9f:a5:70:31:6d:
4c:50:f0:82:70:f5:1a:69:a5:f9:fb:72:df:62:1d:
e5:93:74:94:ae:67:b5:64:63:56:25:7d:f6:79:67:
fa:87:32:76:ac:9d:09:c6:bf:58:51:31:f5:c3:96:
12:8e:a4:7a:0e:9d:e9:05:80:96:49:94:cc:44:99:
df:0c:5d:34:73:1e:af:5a:a8:7f:27:af:4a:ca:a1:
e4:c2:40:97:f0:46:34:0d:e4:c0:66:29:52:ff:22:
5d:05:75:2e:e1:9a:e4:2c:6e:bf:ce:09:92:e9:ee:
69:8e:09:08:25:6c:88:81:7d:a5:3f:ab:4d:63:0a:
4e:24:1b:55:a2:cf:4b:a1:7a:3e:ec:cd:b5:c7:63:
b4:52:33:82:5d:88:95:69:ac:2d:4d:d3:50:8f:43:
24:94:8d:8e:5f:3f:62:81:5b:bb:67:45:e5:81:e2:
c0:75:e0:e1:3d:12:d9:74:42:90:86:07:e8:6b:32:
56:61:a0:d1:35:58:d8:c8:ed:81:4e:5f:0a:74:63:
71:a1:63:7e:f1:79:bb:da:75:b5:fa:b8:38:b4:c1:
f1:70:61:6c:c2:f1:95:e1:44:68:ba:89:61:6b:f1:
75:d8:56:ca:96:cb:e7:a8:42:41:98:86:a8:69:89:
57:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:9E:EA:CE:55:6A:A9:6E:8D:73:F6:43:5E:C9:A1:7D:7D:F5:26:4F
X509v3 Authority Key Identifier:
keyid:69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:f8:58:70:6e:a8:c0:35:a1:68:3b:39:3a:99:24:45:4a:36:
f0:f8:ae:b6:a5:07:d8:7a:67:83:d3:ac:53:7d:5a:3d:ee:1f:
65:ff:23:e9:45:6f:13:43:d1:86:33:52:ff:d6:3e:fe:9e:58:
d8:ef:d7:2d:22:52:bc:7a:c2:51:8b:c9:73:6d:a8:30:57:b0:
26:69:98:b8:5f:6f:77:75:bd:2c:97:36:09:7d:5e:7b:1e:73:
7e:d0:9d:1d:a1:7f:c0:0e:61:4f:c6:33:69:a7:3c:95:fd:50:
49:87:77:12:d5:5b:04:7b:15:26:76:b9:ce:ce:13:12:8b:e7:
5d:09:2f:d0:f6:5c:1e:d0:6a:33:bb:71:03:5f:0d:55:c4:5c:
c7:14:cf:32:e6:61:cc:a1:72:20:30:27:29:50:26:3c:bd:71:
cc:7e:20:9e:32:5e:13:de:74:16:49:b5:3e:f2:e6:1e:84:af:
62:82:b6:eb:69:a8:d6:cf:98:57:72:ad:3c:5d:9b:ad:c4:3c:
5f:01:f2:92:2a:21:82:51:33:b7:6b:d3:68:01:85:56:fd:ee:
33:f3:25:ac:76:c4:c4:80:c5:7e:7b:06:bf:0a:d5:96:80:1f:
5b:c2:49:13:c2:dc:6c:b8:5a:10:5a:80:54:a7:98:fd:c6:fd:
7c:79:37:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzQ3geZ/mfXyU5hl+V/OqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZmRmZTgyNDlmOTQzYWFiYWQxODgxZmNhNTgzNjYxM2E2
YTY3YmMwHhcNMjYwMzI1MjEwMTA1WhcNMjYwMzI2MjEwMTA1WjAzMTEwLwYDVQQD
EyhkYzllZWFjZTU1NmFhOTZlOGQ3M2Y2NDM1ZWM5YTE3ZDdkZjUyNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJlDSra40opon6VwMW1MUPCCcPUa
aaX5+3LfYh3lk3SUrme1ZGNWJX32eWf6hzJ2rJ0Jxr9YUTH1w5YSjqR6Dp3pBYCW
SZTMRJnfDF00cx6vWqh/J69KyqHkwkCX8EY0DeTAZilS/yJdBXUu4ZrkLG6/zgmS
6e5pjgkIJWyIgX2lP6tNYwpOJBtVos9LoXo+7M21x2O0UjOCXYiVaawtTdNQj0Mk
lI2OXz9igVu7Z0XlgeLAdeDhPRLZdEKQhgfoazJWYaDRNVjYyO2BTl8KdGNxoWN+
8Xm72nW1+rg4tMHxcGFswvGV4URouolha/F12FbKlsvnqEJBmIaoaYlXnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNye6s5VaqlujXP2Q17JoX199SZPMB8GA1UdIwQY
MBaAFGn9/oJJ+UOqutGIH8pYNmE6ame8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTIt
NzFkOGI4ODUwODUzLzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTItNzFkOGI4ODUwODUz
LzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhfhYcG6o
wDWhaDs5OpkkRUo28PiutqUH2Hpng9OsU31aPe4fZf8j6UVvE0PRhjNS/9Y+/p5Y
2O/XLSJSvHrCUYvJc22oMFewJmmYuF9vd3W9LJc2CX1eex5zftCdHaF/wA5hT8Yz
aac8lf1QSYd3EtVbBHsVJna5zs4TEovnXQkv0PZcHtBqM7txA18NVcRcxxTPMuZh
zKFyIDAnKVAmPL1xzH4gnjJeE950Fkm1PvLmHoSvYoK262mo1s+YV3KtPF2brcQ8
XwHykiohglEzt2vTaAGFVv3uM/MlrHbExIDFfnsGvwrVloAfW8JJE8LcbLhaEFqA
VKeY/cb9fHk32w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:01:09 2026 by rpki-client