Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
File: AhfGZs2iPpINFLkK6TY3EzUKrB4.mft (raw, json)
Hash identifier: 64YZq3bXI0b/NfwXmUQGP5izr/XyVQjPys3T78tWq/c=
Subject key identifier: DE:63:09:E8:4E:14:99:52:DC:FE:3F:60:B6:00:8C:49:4F:11:68:42
Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
Certificate issuer: /CN=0217c666cda23e920d14b90ae9363713350aac1e
Certificate serial: 019D273AACE86EB37745395519AA7DCB12BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
Manifest number: 1886
Signing time: Wed 25 Mar 2026 23:00:49 +0000
Manifest this update: Wed 25 Mar 2026 23:00:49 +0000
Manifest next update: Thu 26 Mar 2026 23:00:49 +0000
Files and hashes: 1: AhfGZs2iPpINFLkK6TY3EzUKrB4.crl (hash: CfkaSLcGiFTs2YT1c8VAizt/5og3rpG8oHdqd56dYz8=)
2: LbPyc4hAUlUzut2p0ZpxCw83HnE.roa (hash: cLTartZVu31Sy+PEywLeLASvzBKWyq6c9Am1NnMnkbU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3a:ac:e8:6e:b3:77:45:39:55:19:aa:7d:cb:12:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e
Validity
Not Before: Mar 25 23:00:49 2026 GMT
Not After : Mar 26 23:00:49 2026 GMT
Subject: CN=de6309e84e149952dcfe3f60b6008c494f116842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bc:88:da:90:b1:8c:6f:9a:3c:af:43:88:fd:
39:22:5e:46:1e:4d:24:7a:1f:69:37:a1:5b:62:b6:
d5:8b:bc:d7:c3:e7:4f:d4:19:da:ac:74:1d:99:fb:
5d:90:4b:7a:6d:8d:f7:2a:37:f1:c2:21:31:76:eb:
54:0f:2e:63:6f:67:2b:bb:74:70:df:0a:87:f9:00:
0b:8f:a9:d9:e5:5d:24:de:1a:97:90:4b:89:6c:78:
5d:1f:a3:20:49:e5:e8:10:ec:a6:a2:8a:fe:d4:45:
d3:fc:c1:5e:db:81:2b:81:bc:a9:a0:65:2f:96:de:
ac:03:66:f3:0a:26:27:03:8f:54:33:e4:ec:a7:be:
40:93:0e:fd:f2:eb:35:92:da:98:92:12:37:46:df:
52:54:0c:b6:91:ec:c3:f0:3a:d6:0d:5c:47:5d:4f:
99:7f:4b:69:87:3c:4f:3a:fb:44:27:4f:3f:83:c0:
b1:06:df:f7:6a:06:4d:7f:89:24:18:d6:a8:fc:4f:
1a:e3:8f:91:c3:bb:27:3f:00:8f:87:0e:5e:f5:33:
07:3f:c9:ec:5b:61:94:e8:24:5b:a5:fb:c2:95:90:
8c:c2:73:d9:06:7c:b1:3c:f7:ab:d3:a5:4f:b1:c3:
82:2f:3d:df:7a:ad:39:3b:51:c6:4d:09:8a:97:ca:
8f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:63:09:E8:4E:14:99:52:DC:FE:3F:60:B6:00:8C:49:4F:11:68:42
X509v3 Authority Key Identifier:
keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:00:27:93:4e:19:79:f7:e0:54:af:77:2a:48:53:72:52:d1:
87:7f:51:2e:5a:5e:8e:de:b3:22:84:0c:e4:41:c5:32:3f:34:
53:7d:55:3b:10:ad:de:b1:c2:cb:d1:07:03:d6:d9:e3:9e:56:
e3:4c:af:92:3c:9c:e8:c8:e9:79:95:a4:6b:9a:0a:3e:bb:72:
5e:34:82:07:a4:00:b4:14:59:f4:bf:49:bc:3b:3b:1b:36:29:
b1:c9:b5:7d:1e:04:83:7f:0d:ce:7a:ac:71:7a:e3:b5:ea:73:
54:84:75:6f:3e:76:11:3e:96:41:c6:97:12:86:86:01:85:35:
33:3c:3e:1f:14:30:b6:19:d5:dd:d1:d3:56:84:c9:d1:02:fa:
52:c4:27:9a:a4:e2:e5:d4:5d:f4:6f:f3:10:f9:8c:d1:de:6b:
61:00:2c:45:a1:37:64:a6:c4:e6:93:38:a1:d8:99:cc:e0:df:
90:53:dc:f2:dd:a3:2f:d7:73:79:12:05:ad:1d:05:bf:b2:ea:
34:b8:1e:b8:e3:f0:14:77:59:6b:e9:0d:ae:53:fa:c7:cb:9b:
1f:92:f8:4a:01:0a:c1:38:68:af:41:76:f6:2a:fc:9f:a9:47:
95:25:1f:47:c8:25:46:d9:a8:85:bd:9c:e5:32:6c:e6:23:92:
09:18:8b:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOqzobrN3RTlVGap9yxK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw
YWFjMWUwHhcNMjYwMzI1MjMwMDQ5WhcNMjYwMzI2MjMwMDQ5WjAzMTEwLwYDVQQD
EyhkZTYzMDllODRlMTQ5OTUyZGNmZTNmNjBiNjAwOGM0OTRmMTE2ODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvryI2pCxjG+aPK9DiP05Il5GHk0k
eh9pN6FbYrbVi7zXw+dP1BnarHQdmftdkEt6bY33KjfxwiExdutUDy5jb2cru3Rw
3wqH+QALj6nZ5V0k3hqXkEuJbHhdH6MgSeXoEOymoor+1EXT/MFe24ErgbypoGUv
lt6sA2bzCiYnA49UM+Tsp75Akw798us1ktqYkhI3Rt9SVAy2kezD8DrWDVxHXU+Z
f0tphzxPOvtEJ08/g8CxBt/3agZNf4kkGNao/E8a44+Rw7snPwCPhw5e9TMHP8ns
W2GU6CRbpfvClZCMwnPZBnyxPPer06VPscOCLz3feq05O1HGTQmKl8qPXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5jCehOFJlS3P4/YLYAjElPEWhCMB8GA1UdIwQY
MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It
MDI5NzE1ZGU0YzZmLzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm
LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADgAnk04Z
effgVK93KkhTclLRh39RLlpejt6zIoQM5EHFMj80U31VOxCt3rHCy9EHA9bZ455W
40yvkjyc6MjpeZWka5oKPrtyXjSCB6QAtBRZ9L9JvDs7GzYpscm1fR4Eg38Nznqs
cXrjtepzVIR1bz52ET6WQcaXEoaGAYU1Mzw+HxQwthnV3dHTVoTJ0QL6UsQnmqTi
5dRd9G/zEPmM0d5rYQAsRaE3ZKbE5pM4odiZzODfkFPc8t2jL9dzeRIFrR0Fv7Lq
NLgeuOPwFHdZa+kNrlP6x8ubH5L4SgEKwThor0F29ir8n6lHlSUfR8glRtmohb2c
5TJs5iOSCRiLkQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:59:10 2026 by rpki-client