Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
File: AhfGZs2iPpINFLkK6TY3EzUKrB4.mft (raw, json)
Hash identifier: 67fjMVZ7+GPSeqBlHoZjKXHPDuqdLppHZHRif+sUpRI=
Subject key identifier: 43:33:28:30:94:F2:D7:1B:86:27:23:0D:62:3B:4C:3A:9C:98:F5:E2
Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
Certificate issuer: /CN=0217c666cda23e920d14b90ae9363713350aac1e
Certificate serial: 019E1E6CA8B77A248C09C4447094AEB41570
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
Manifest number: 1906
Signing time: Tue 12 May 2026 23:01:38 +0000
Manifest this update: Tue 12 May 2026 23:01:38 +0000
Manifest next update: Wed 13 May 2026 23:01:38 +0000
Files and hashes: 1: AhfGZs2iPpINFLkK6TY3EzUKrB4.crl (hash: ZzCdmDlQnbl/XAZeBYt51ux7UwDu+ttVo5Y4LXPpHfA=)
2: LbPyc4hAUlUzut2p0ZpxCw83HnE.roa (hash: cLTartZVu31Sy+PEywLeLASvzBKWyq6c9Am1NnMnkbU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:6c:a8:b7:7a:24:8c:09:c4:44:70:94:ae:b4:15:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e
Validity
Not Before: May 12 23:01:38 2026 GMT
Not After : May 13 23:01:38 2026 GMT
Subject: CN=4333283094f2d71b8627230d623b4c3a9c98f5e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:53:db:c4:fc:4d:02:39:a3:5e:a1:d2:a8:a6:
ec:37:16:37:19:01:7d:f3:af:6f:ed:5f:dd:cf:bc:
9c:de:77:1c:60:2c:2c:f6:00:62:6a:b2:bb:78:cd:
dc:9e:40:b1:7f:86:46:81:ad:73:46:24:73:2b:a4:
12:4b:be:eb:68:cf:33:7e:17:c8:c4:4f:ea:7e:20:
0b:ae:5a:f6:ea:ee:cd:90:ad:84:d1:96:13:56:1d:
0d:86:e0:97:9d:44:f3:04:28:52:bf:95:7f:92:d9:
23:69:a7:0e:59:bb:43:45:24:38:e8:80:de:4d:0b:
3f:94:70:ac:2d:e0:0b:c3:c6:a4:40:5b:1e:02:56:
bc:c7:c3:42:e0:40:bc:37:d8:ff:35:92:6d:23:3c:
33:2a:59:5d:7c:6a:6d:36:c1:67:e3:25:e2:35:ce:
9c:90:0b:5d:de:44:95:c1:b7:62:ef:17:89:27:e2:
c4:7b:ac:cc:e8:62:52:89:ae:a0:ee:2e:fe:23:a1:
de:88:89:2a:ab:3c:66:82:4d:11:4a:06:39:80:53:
77:59:1a:78:39:eb:76:75:c6:6f:72:17:d5:fb:ce:
c0:36:34:a7:d5:09:62:0d:72:3c:44:ef:f3:4b:2c:
2d:0c:06:10:b3:13:18:f1:8d:e3:3c:08:c0:63:1e:
57:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:33:28:30:94:F2:D7:1B:86:27:23:0D:62:3B:4C:3A:9C:98:F5:E2
X509v3 Authority Key Identifier:
keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:1b:02:7f:70:c1:60:a2:f5:01:9c:f0:73:c4:10:84:03:88:
fb:17:6a:96:70:d6:c5:86:73:b2:2a:e1:bb:30:a3:03:8c:58:
86:92:58:b7:96:0d:1d:48:1c:f5:0b:ed:9b:cc:8a:e3:51:f4:
d2:f6:24:ab:47:a8:62:40:a3:ae:59:f9:db:f2:dc:23:47:67:
71:0e:94:2e:e1:ff:36:b8:8f:74:86:98:57:c0:90:a3:b8:c7:
16:52:3f:ce:6e:36:3e:75:c6:2f:21:e3:4a:c8:e5:f0:59:3d:
f2:eb:22:5e:d7:26:87:bb:3d:51:2f:b1:15:a3:a3:c1:32:21:
1b:fd:a9:dc:e7:d9:3e:ef:a5:98:8c:78:44:7c:4b:9f:44:f0:
c3:f7:bd:5f:5a:d7:fa:c6:f0:6f:70:f5:df:67:da:de:2d:d5:
28:88:fc:c8:1e:38:ec:71:f4:b9:32:69:66:ca:96:b9:06:6f:
67:ec:cf:15:3e:81:5b:6d:2c:0c:87:51:05:fa:3a:18:55:fb:
a9:c1:11:89:6e:79:98:a0:c7:be:b5:5d:e0:e5:a2:bc:8f:c0:
c9:00:66:95:61:1d:d6:a4:61:8e:5a:92:75:72:ed:96:49:33:
10:6f:9f:df:32:cd:a6:76:3a:4d:da:04:09:d2:ba:f3:d3:f8:
74:f3:4e:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ebKi3eiSMCcREcJSutBVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw
YWFjMWUwHhcNMjYwNTEyMjMwMTM4WhcNMjYwNTEzMjMwMTM4WjAzMTEwLwYDVQQD
Eyg0MzMzMjgzMDk0ZjJkNzFiODYyNzIzMGQ2MjNiNGMzYTljOThmNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVPbxPxNAjmjXqHSqKbsNxY3GQF9
869v7V/dz7yc3nccYCws9gBiarK7eM3cnkCxf4ZGga1zRiRzK6QSS77raM8zfhfI
xE/qfiALrlr26u7NkK2E0ZYTVh0NhuCXnUTzBChSv5V/ktkjaacOWbtDRSQ46IDe
TQs/lHCsLeALw8akQFseAla8x8NC4EC8N9j/NZJtIzwzKlldfGptNsFn4yXiNc6c
kAtd3kSVwbdi7xeJJ+LEe6zM6GJSia6g7i7+I6HeiIkqqzxmgk0RSgY5gFN3WRp4
Oet2dcZvchfV+87ANjSn1QliDXI8RO/zSywtDAYQsxMY8Y3jPAjAYx5XLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEMzKDCU8tcbhicjDWI7TDqcmPXiMB8GA1UdIwQY
MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It
MDI5NzE1ZGU0YzZmLzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm
LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASBsCf3DB
YKL1AZzwc8QQhAOI+xdqlnDWxYZzsirhuzCjA4xYhpJYt5YNHUgc9Qvtm8yK41H0
0vYkq0eoYkCjrln52/LcI0dncQ6ULuH/NriPdIaYV8CQo7jHFlI/zm42PnXGLyHj
Ssjl8Fk98usiXtcmh7s9US+xFaOjwTIhG/2p3OfZPu+lmIx4RHxLn0Tww/e9X1rX
+sbwb3D132fa3i3VKIj8yB447HH0uTJpZsqWuQZvZ+zPFT6BW20sDIdRBfo6GFX7
qcERiW55mKDHvrVd4OWivI/AyQBmlWEd1qRhjlqSdXLtlkkzEG+f3zLNpnY6TdoE
CdK689P4dPNOBA==
-----END CERTIFICATE-----
Generated at Wed May 13 03:06:59 2026 by rpki-client