Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
File: AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft (raw, json)
Hash identifier: 1GBoDEzoooSR7YvrxcHAgfqEaCWwzi27/RAG6uI+jQE=
Subject key identifier: AB:11:C0:37:04:AF:68:67:D9:48:C8:7E:DA:3F:14:3F:7C:A8:9C:07
Authority key identifier: 00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
Certificate issuer: /CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Certificate serial: 019D97AA7A640FBA373654EC4575AA321674
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
Manifest number: 18C3
Signing time: Thu 16 Apr 2026 19:00:25 +0000
Manifest this update: Thu 16 Apr 2026 19:00:25 +0000
Manifest next update: Fri 17 Apr 2026 19:00:25 +0000
Files and hashes: 1: AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl (hash: 9gcwzNe+Y4I3QKuuKKpPgCv6NVfQNrExyNNPx8850so=)
2: GSCpplFtfkTN5C3emWdSBHM2s_U.roa (hash: uafjHLArE68enYzHEZipyUcJy+2TVAQsxPWk3VzbutI=)
3: T4PSpNaqkAOQJjuBdAFdx3zKgyY.roa (hash: sU9bxlF1T+hrGzv9LaagfpQyLm85yMt1O7DFm4yEcJY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:aa:7a:64:0f:ba:37:36:54:ec:45:75:aa:32:16:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Validity
Not Before: Apr 16 19:00:25 2026 GMT
Not After : Apr 17 19:00:25 2026 GMT
Subject: CN=ab11c03704af6867d948c87eda3f143f7ca89c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0a:c3:30:6e:eb:58:12:c3:5f:aa:5d:4f:19:
9f:fc:20:33:1b:34:e2:44:c3:2b:d1:15:72:55:2b:
36:92:6c:62:7b:de:03:54:7b:a5:6b:5f:59:62:55:
d0:fd:d7:1e:bf:d2:33:10:be:0c:92:fb:46:aa:6d:
8f:72:d4:bf:ea:16:87:4d:48:76:1f:c7:91:9c:19:
d8:be:c6:ac:76:1b:2e:e3:6e:16:b7:41:d6:75:4a:
1c:6c:ef:de:29:6f:71:a3:1c:a2:8b:3d:9f:87:5c:
69:0b:bb:f9:c9:95:1c:00:5e:d6:83:f2:e7:2a:6a:
0e:df:7e:db:67:74:48:70:f3:1c:d4:21:34:ca:43:
94:fe:67:85:0a:3b:30:72:c2:5a:c8:a4:34:df:27:
a4:47:16:ba:24:12:9c:17:a6:c0:05:29:39:eb:ef:
62:db:1e:44:19:e1:9e:d1:38:eb:c6:e1:1d:78:b3:
1f:f2:47:4f:29:b2:b9:6d:b7:f5:08:7b:7a:72:c1:
85:55:4f:a3:60:07:29:11:09:0f:4e:50:d9:df:5c:
00:23:79:e3:88:9d:73:b9:97:99:20:8a:b0:79:73:
17:a4:27:1b:0b:bd:f6:1a:20:df:ca:31:45:2f:59:
dd:a2:18:c4:9a:e0:16:87:ea:fd:a7:73:02:c5:66:
6a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:11:C0:37:04:AF:68:67:D9:48:C8:7E:DA:3F:14:3F:7C:A8:9C:07
X509v3 Authority Key Identifier:
keyid:00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:f4:f3:6f:45:4a:ec:b8:fa:63:7f:ac:bc:72:da:ba:a0:00:
9c:bb:0d:ee:de:10:56:42:1a:ad:a5:aa:8b:29:6f:01:c6:db:
54:da:47:30:e2:fe:dc:18:4f:e1:5f:62:12:e3:bb:a3:57:3a:
79:df:3f:d4:90:05:84:4a:7f:68:2c:3e:d8:65:0c:59:09:d4:
2e:ea:b0:41:4e:1a:d1:d8:b3:16:24:c9:d1:cb:08:69:03:c7:
6f:e4:f2:ea:ae:36:fa:af:d4:46:0d:5d:81:f4:82:84:bc:fe:
06:e1:ed:d4:fc:63:68:6f:5f:c2:8b:28:46:dc:a7:04:73:79:
ef:fd:b6:34:e0:95:db:a3:55:bb:a0:ce:d7:93:5b:b9:e2:65:
1b:bf:44:c9:a3:d9:ae:aa:b1:11:af:56:f3:77:ab:f4:d1:88:
b5:2d:ce:94:a5:32:15:2c:27:00:5a:b7:27:a1:e6:62:ff:5d:
bf:c2:e4:f2:45:dd:7f:5b:ea:79:c1:9b:de:f2:63:b0:ed:e8:
5b:cc:89:44:2c:36:aa:98:76:00:b1:80:50:9b:cf:a2:6b:5e:
b3:29:52:0b:87:56:1b:d0:7d:d9:9d:57:4a:3a:a8:b5:fe:88:
2b:d5:a5:e3:c6:e9:26:24:12:3d:5f:89:e9:94:05:7c:6f:7d:
f8:e0:b4:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2XqnpkD7o3NlTsRXWqMhZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzJjMDhmNzRkMmE4NDJhNzFmMjNhYjYxNDk5YjUyNjk0
ZmM3YTUwHhcNMjYwNDE2MTkwMDI1WhcNMjYwNDE3MTkwMDI1WjAzMTEwLwYDVQQD
EyhhYjExYzAzNzA0YWY2ODY3ZDk0OGM4N2VkYTNmMTQzZjdjYTg5YzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwrDMG7rWBLDX6pdTxmf/CAzGzTi
RMMr0RVyVSs2kmxie94DVHula19ZYlXQ/dcev9IzEL4MkvtGqm2PctS/6haHTUh2
H8eRnBnYvsasdhsu424Wt0HWdUocbO/eKW9xoxyiiz2fh1xpC7v5yZUcAF7Wg/Ln
KmoO337bZ3RIcPMc1CE0ykOU/meFCjswcsJayKQ03yekRxa6JBKcF6bABSk56+9i
2x5EGeGe0TjrxuEdeLMf8kdPKbK5bbf1CHt6csGFVU+jYAcpEQkPTlDZ31wAI3nj
iJ1zuZeZIIqweXMXpCcbC732GiDfyjFFL1ndohjEmuAWh+r9p3MCxWZqUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKsRwDcEr2hn2UjIfto/FD98qJwHMB8GA1UdIwQY
MBaAFABywI900qhCpx8jq2FJm1JpT8elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYt
NjY3ZDY2NDY5Y2Q5LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYtNjY3ZDY2NDY5Y2Q5
LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj/Tzb0VK
7Lj6Y3+svHLauqAAnLsN7t4QVkIaraWqiylvAcbbVNpHMOL+3BhP4V9iEuO7o1c6
ed8/1JAFhEp/aCw+2GUMWQnULuqwQU4a0dizFiTJ0csIaQPHb+Ty6q42+q/URg1d
gfSChLz+BuHt1PxjaG9fwosoRtynBHN57/22NOCV26NVu6DO15NbueJlG79EyaPZ
rqqxEa9W83er9NGItS3OlKUyFSwnAFq3J6HmYv9dv8Lk8kXdf1vqecGb3vJjsO3o
W8yJRCw2qph2ALGAUJvPomtesylSC4dWG9B92Z1XSjqotf6IK9Wl48bpJiQSPV+J
6ZQFfG99+OC0GA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:50:13 2026 by rpki-client