Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/552b83-5b63-4923-b566-e6dcdf02aed1/1/3AfJUUDwvwptkU8oh4-HPKc-yvQ.mft
File: 3AfJUUDwvwptkU8oh4-HPKc-yvQ.mft (raw, json)
Hash identifier: +Msgs45H0FeAb1zT4280dEvz/8TFwFvgC4C5oTJ3x3c=
Subject key identifier: A2:43:A2:96:2F:14:31:46:28:63:81:EC:4E:DD:25:DA:CF:1C:FA:C1
Authority key identifier: DC:07:C9:51:40:F0:BF:0A:6D:91:4F:28:87:8F:87:3C:A7:3E:CA:F4
Certificate issuer: /CN=dc07c95140f0bf0a6d914f28878f873ca73ecaf4
Certificate serial: 019D9AE2B513C4FFA245B2AE7450DB3A6D00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AfJUUDwvwptkU8oh4-HPKc-yvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/552b83-5b63-4923-b566-e6dcdf02aed1/1/3AfJUUDwvwptkU8oh4-HPKc-yvQ.mft
Manifest number: AA
Signing time: Fri 17 Apr 2026 10:00:41 +0000
Manifest this update: Fri 17 Apr 2026 10:00:41 +0000
Manifest next update: Sat 18 Apr 2026 10:00:41 +0000
Files and hashes: 1: 3AfJUUDwvwptkU8oh4-HPKc-yvQ.crl (hash: RahM/WZJPk+/JoNr67/LUxZMcHPlytDjRUT0rAWwpdA=)
2: FiJY_f6GKm6veDvPVDNX9LWOSRU.roa (hash: SMTBlb+NpQPNeXGuJJJYcwSp8wfNIzukvM7Bw3VT8hg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/552b83-5b63-4923-b566-e6dcdf02aed1/1/3AfJUUDwvwptkU8oh4-HPKc-yvQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/552b83-5b63-4923-b566-e6dcdf02aed1/1/3AfJUUDwvwptkU8oh4-HPKc-yvQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AfJUUDwvwptkU8oh4-HPKc-yvQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 10:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e2:b5:13:c4:ff:a2:45:b2:ae:74:50:db:3a:6d:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc07c95140f0bf0a6d914f28878f873ca73ecaf4
Validity
Not Before: Apr 17 10:00:41 2026 GMT
Not After : Apr 18 10:00:41 2026 GMT
Subject: CN=a243a2962f143146286381ec4edd25dacf1cfac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:73:60:a6:6f:89:fc:d0:26:9f:08:57:8d:b0:
07:e1:30:67:51:72:b5:ee:5b:23:80:11:89:50:dc:
27:75:4f:67:f1:40:f3:b8:4e:04:ce:21:62:fd:d6:
1b:b4:10:73:8a:13:bd:c4:19:08:a8:eb:b1:60:4b:
e6:8c:b8:ff:bd:79:d1:19:c2:27:a9:ee:53:f9:91:
63:27:0a:f5:4c:2c:a6:c8:d9:7c:65:6f:d6:e8:71:
53:11:09:bd:a5:1c:cf:a8:07:33:21:4a:16:22:e9:
ea:37:af:67:a8:00:78:ba:33:97:a4:18:53:dd:e3:
b8:3f:a4:f8:b3:8b:20:fd:cc:76:34:8c:5c:6a:b6:
90:66:ba:16:23:47:ae:d2:1b:1e:5b:7a:49:cd:9f:
aa:29:5b:e3:b7:66:3c:6c:56:f3:dd:ab:50:3c:e8:
a3:56:87:2d:cf:74:f2:a2:e1:d2:72:c1:a7:af:0a:
32:64:e0:e0:fb:a8:72:cd:2d:d5:3e:e6:40:79:0f:
42:71:c3:1e:1c:94:a6:2e:3e:00:52:d1:57:e6:36:
b1:60:3b:88:0d:79:89:62:c1:7d:10:9c:7a:69:2e:
3e:df:f5:63:df:8c:ab:5f:a9:d4:c0:a8:f4:3e:5e:
59:42:02:25:b9:38:e9:75:4d:7d:dd:f6:60:0b:d5:
63:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:43:A2:96:2F:14:31:46:28:63:81:EC:4E:DD:25:DA:CF:1C:FA:C1
X509v3 Authority Key Identifier:
keyid:DC:07:C9:51:40:F0:BF:0A:6D:91:4F:28:87:8F:87:3C:A7:3E:CA:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AfJUUDwvwptkU8oh4-HPKc-yvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/552b83-5b63-4923-b566-e6dcdf02aed1/1/3AfJUUDwvwptkU8oh4-HPKc-yvQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/552b83-5b63-4923-b566-e6dcdf02aed1/1/3AfJUUDwvwptkU8oh4-HPKc-yvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:6e:29:3c:f0:12:35:63:be:9b:70:89:77:ac:9b:42:e1:64:
eb:c9:36:d5:b5:4c:80:cd:3e:a8:99:c4:80:47:c8:b6:7c:bf:
bd:ef:23:6e:70:c3:71:25:d8:b0:61:c4:0a:20:88:ae:56:a9:
5a:ac:12:43:1e:12:c1:73:b1:5a:36:0f:c7:d7:e5:82:b8:b7:
27:50:61:f0:5d:bb:e7:31:28:54:08:0a:7e:95:98:7c:88:54:
f2:63:a6:26:46:93:90:83:9a:90:b2:02:c2:e5:e1:a1:cc:c4:
67:3b:36:5c:ad:2e:4e:27:3b:b4:e6:e1:02:b9:97:3f:76:8c:
94:8d:37:7d:f3:b7:4c:50:c2:60:94:08:14:37:60:52:11:ca:
82:37:73:99:8b:b3:5a:4a:56:8f:d2:ab:0e:4f:15:e6:75:cd:
73:a1:1c:11:4f:8f:aa:a4:8b:75:0a:56:c7:7c:c7:ec:01:21:
9e:1b:ef:d2:b4:08:41:4c:b3:73:72:8f:23:69:62:a3:a1:d4:
f7:99:e1:09:9b:a9:16:ad:35:a1:d9:85:e4:bc:a8:6e:9a:a1:
5c:26:4d:0e:fd:73:0f:aa:3d:98:dc:d1:70:e1:6a:25:97:a5:
82:60:15:35:00:00:03:bd:33:2c:6e:a7:a9:fc:7a:76:b3:51:
32:75:04:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4rUTxP+iRbKudFDbOm0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDdjOTUxNDBmMGJmMGE2ZDkxNGYyODg3OGY4NzNjYTcz
ZWNhZjQwHhcNMjYwNDE3MTAwMDQxWhcNMjYwNDE4MTAwMDQxWjAzMTEwLwYDVQQD
EyhhMjQzYTI5NjJmMTQzMTQ2Mjg2MzgxZWM0ZWRkMjVkYWNmMWNmYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnNgpm+J/NAmnwhXjbAH4TBnUXK1
7lsjgBGJUNwndU9n8UDzuE4EziFi/dYbtBBzihO9xBkIqOuxYEvmjLj/vXnRGcIn
qe5T+ZFjJwr1TCymyNl8ZW/W6HFTEQm9pRzPqAczIUoWIunqN69nqAB4ujOXpBhT
3eO4P6T4s4sg/cx2NIxcaraQZroWI0eu0hseW3pJzZ+qKVvjt2Y8bFbz3atQPOij
Voctz3TyouHScsGnrwoyZODg+6hyzS3VPuZAeQ9CccMeHJSmLj4AUtFX5jaxYDuI
DXmJYsF9EJx6aS4+3/Vj34yrX6nUwKj0Pl5ZQgIluTjpdU193fZgC9VjIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJDopYvFDFGKGOB7E7dJdrPHPrBMB8GA1UdIwQY
MBaAFNwHyVFA8L8KbZFPKIePhzynPsr0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FmSlVVRHd2d3B0a1U4b2g0LUhQS2MteXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81NTJiODMtNWI2My00OTIzLWI1NjYt
ZTZkY2RmMDJhZWQxLzEvM0FmSlVVRHd2d3B0a1U4b2g0LUhQS2MteXZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81NTJiODMtNWI2My00OTIzLWI1NjYtZTZkY2RmMDJhZWQx
LzEvM0FmSlVVRHd2d3B0a1U4b2g0LUhQS2MteXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgW4pPPAS
NWO+m3CJd6ybQuFk68k21bVMgM0+qJnEgEfItny/ve8jbnDDcSXYsGHECiCIrlap
WqwSQx4SwXOxWjYPx9flgri3J1Bh8F275zEoVAgKfpWYfIhU8mOmJkaTkIOakLIC
wuXhoczEZzs2XK0uTic7tObhArmXP3aMlI03ffO3TFDCYJQIFDdgUhHKgjdzmYuz
WkpWj9KrDk8V5nXNc6EcEU+PqqSLdQpWx3zH7AEhnhvv0rQIQUyzc3KPI2lio6HU
95nhCZupFq01odmF5LyobpqhXCZNDv1zD6o9mNzRcOFqJZelgmAVNQAAA70zLG6n
qfx6drNRMnUExw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:46:03 2026 by rpki-client