Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
File: aPw7CfVvin8ea-PJTw8IikKiy1s.mft (raw, json)
Hash identifier: 8RfKvapvyAIvIFDuJoh2sF0TXtd+JG93WZo92NsALKQ=
Subject key identifier: FF:FC:49:08:25:4C:12:B4:25:17:EB:FE:A3:E1:A8:0B:54:F8:64:9B
Authority key identifier: 68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B
Certificate issuer: /CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
Certificate serial: 019D99D0402624A0F8338B7732E69C905750
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
Manifest number: 0A7F
Signing time: Fri 17 Apr 2026 05:00:55 +0000
Manifest this update: Fri 17 Apr 2026 05:00:55 +0000
Manifest next update: Sat 18 Apr 2026 05:00:55 +0000
Files and hashes: 1: aPw7CfVvin8ea-PJTw8IikKiy1s.crl (hash: NwoGgX/1AgjTEPBWcMSbpFG42XiOH6zy+SEAgxM4BdA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:d0:40:26:24:a0:f8:33:8b:77:32:e6:9c:90:57:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
Validity
Not Before: Apr 17 05:00:55 2026 GMT
Not After : Apr 18 05:00:55 2026 GMT
Subject: CN=fffc4908254c12b42517ebfea3e1a80b54f8649b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:21:82:2e:f5:5d:b1:ca:0d:79:77:87:30:12:
15:60:42:58:af:be:d1:e6:d1:ad:c4:39:16:57:6a:
ae:8a:25:60:00:a2:dd:08:7b:4f:66:7e:de:50:7c:
c3:e6:1d:d1:e5:fe:1e:ae:3a:f1:ea:5d:9a:23:9d:
c9:66:7c:0b:ac:6e:05:ae:8e:4c:51:8b:c4:e5:ad:
8b:70:39:f8:f6:4d:83:76:89:7e:03:89:32:6f:88:
cd:62:94:b0:08:d1:6a:ad:88:6b:8a:52:98:fd:07:
00:94:9d:17:3d:82:93:ef:fe:2e:64:24:07:fe:64:
e4:eb:10:a3:ed:eb:79:67:48:0b:7f:2b:39:9d:2a:
71:c5:2f:72:95:68:6d:dc:7a:cc:04:aa:60:9d:93:
ec:71:d6:38:7b:9b:47:6e:3f:53:e6:ce:44:65:2a:
2e:40:bd:d9:5a:a4:21:de:a6:ed:98:fa:0c:36:fa:
33:16:34:8e:8a:cd:05:40:51:50:5d:1a:9c:ba:f0:
66:20:90:21:b9:9e:be:ae:95:83:74:e7:06:7f:07:
65:c9:5f:3f:3d:8f:2d:f2:22:26:ec:00:61:06:0d:
bd:ed:25:fe:77:64:bb:75:51:27:8a:20:44:72:1f:
0c:53:3e:a2:92:c9:a3:eb:b7:19:8a:0b:c6:58:19:
8a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:FC:49:08:25:4C:12:B4:25:17:EB:FE:A3:E1:A8:0B:54:F8:64:9B
X509v3 Authority Key Identifier:
keyid:68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:6b:fc:0a:c5:8c:c9:56:37:71:e1:41:80:bb:15:db:fb:97:
3a:50:2b:4c:ed:de:b5:54:9c:a5:0c:f1:71:8a:17:f3:0f:30:
bc:72:1d:69:23:55:7a:2e:fc:bb:b1:d9:ad:0d:fe:9b:d6:9a:
2e:93:1c:2d:3b:01:fb:69:04:50:9b:a2:bd:e5:9a:73:f0:ee:
6f:49:63:65:e8:6a:6f:44:55:0c:00:19:c1:50:7c:fe:c8:90:
6b:af:71:8f:49:1c:a6:d6:15:69:d3:f6:99:69:60:9d:b7:50:
20:66:42:fe:17:21:1b:53:45:df:99:86:9b:14:a3:54:f3:f7:
27:dd:fe:49:29:50:f6:2f:c5:e3:ed:f1:7a:33:c0:42:72:09:
5b:40:85:33:2f:c8:f7:c0:a8:4b:09:90:1e:f1:30:22:c4:4b:
99:87:5a:14:55:dc:74:0e:d5:5b:96:da:71:2e:fa:c7:2b:3b:
d5:5c:c1:a2:a7:c3:28:c0:00:51:2c:cc:01:18:65:70:c9:b9:
a5:89:e9:79:b8:92:ce:02:b2:7f:b8:07:a5:c8:38:36:26:06:
49:78:d7:96:27:8a:7b:8b:93:d5:13:b6:cb:10:fe:ef:02:c9:
34:13:b2:fb:fc:c6:38:4c:14:f8:11:00:94:b9:32:5e:2e:75:
f8:10:cd:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0EAmJKD4M4t3MuackFdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZmMzYjA5ZjU2ZjhhN2YxZTZiZTNjOTRmMGYwODhhNDJh
MmNiNWIwHhcNMjYwNDE3MDUwMDU1WhcNMjYwNDE4MDUwMDU1WjAzMTEwLwYDVQQD
EyhmZmZjNDkwODI1NGMxMmI0MjUxN2ViZmVhM2UxYTgwYjU0Zjg2NDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiGCLvVdscoNeXeHMBIVYEJYr77R
5tGtxDkWV2quiiVgAKLdCHtPZn7eUHzD5h3R5f4erjrx6l2aI53JZnwLrG4Fro5M
UYvE5a2LcDn49k2Ddol+A4kyb4jNYpSwCNFqrYhrilKY/QcAlJ0XPYKT7/4uZCQH
/mTk6xCj7et5Z0gLfys5nSpxxS9ylWht3HrMBKpgnZPscdY4e5tHbj9T5s5EZSou
QL3ZWqQh3qbtmPoMNvozFjSOis0FQFFQXRqcuvBmIJAhuZ6+rpWDdOcGfwdlyV8/
PY8t8iIm7ABhBg297SX+d2S7dVEniiBEch8MUz6iksmj67cZigvGWBmKWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/8SQglTBK0JRfr/qPhqAtU+GSbMB8GA1UdIwQY
MBaAFGj8Own1b4p/HmvjyU8PCIpCostbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMt
Yzg1MzRhM2M5NDk4LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMtYzg1MzRhM2M5NDk4
LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn2v8CsWM
yVY3ceFBgLsV2/uXOlArTO3etVScpQzxcYoX8w8wvHIdaSNVei78u7HZrQ3+m9aa
LpMcLTsB+2kEUJuiveWac/Dub0ljZehqb0RVDAAZwVB8/siQa69xj0kcptYVadP2
mWlgnbdQIGZC/hchG1NF35mGmxSjVPP3J93+SSlQ9i/F4+3xejPAQnIJW0CFMy/I
98CoSwmQHvEwIsRLmYdaFFXcdA7VW5bacS76xys71VzBoqfDKMAAUSzMARhlcMm5
pYnpebiSzgKyf7gHpcg4NiYGSXjXlieKe4uT1RO2yxD+7wLJNBOy+/zGOEwU+BEA
lLkyXi51+BDNNA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:48:52 2026 by rpki-client