Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
File: AhfGZs2iPpINFLkK6TY3EzUKrB4.mft (raw, json)
Hash identifier: T+JSb6tgB8z3N26kZoff4RnFBWts7WOcNxbG+qCt/x0=
Subject key identifier: 5B:CD:13:4A:FF:D4:83:4F:09:D5:FC:08:A9:A7:02:97:57:98:18:FB
Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
Certificate issuer: /CN=0217c666cda23e920d14b90ae9363713350aac1e
Certificate serial: 019EBEB62AE9B71C42AA13891E43F45B8EED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
Manifest number: 1959
Signing time: Sat 13 Jun 2026 02:01:10 +0000
Manifest this update: Sat 13 Jun 2026 02:01:10 +0000
Manifest next update: Sun 14 Jun 2026 02:01:10 +0000
Files and hashes: 1: AhfGZs2iPpINFLkK6TY3EzUKrB4.crl (hash: 7oNzzQaHuNl2XKehn7ACvxN/0BGVMztzUh0GG7UUseY=)
2: LbPyc4hAUlUzut2p0ZpxCw83HnE.roa (hash: cLTartZVu31Sy+PEywLeLASvzBKWyq6c9Am1NnMnkbU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:be:b6:2a:e9:b7:1c:42:aa:13:89:1e:43:f4:5b:8e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e
Validity
Not Before: Jun 13 02:01:10 2026 GMT
Not After : Jun 14 02:01:10 2026 GMT
Subject: CN=5bcd134affd4834f09d5fc08a9a70297579818fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5f:90:cd:96:b9:a9:1e:99:c1:62:70:c8:0e:
1f:c4:e3:d4:6f:ff:82:c6:a7:25:65:5d:71:9e:f2:
5d:86:bf:55:b2:82:2a:30:14:a4:82:a6:a1:12:f0:
b1:fc:83:99:49:07:f0:bf:a1:e1:29:39:5f:c6:77:
c2:02:9b:b4:90:0f:df:e6:f8:1a:5a:d0:5b:1a:0c:
78:55:5d:28:13:dc:f5:b3:41:a3:0c:9e:3b:1d:5a:
34:de:67:cf:f1:d2:99:cd:93:fa:aa:28:db:b3:ed:
0f:43:9c:a0:dd:75:3f:01:13:c7:60:b4:74:e7:71:
6d:64:ad:b4:bb:4e:11:ff:23:a6:d4:7a:5b:a0:32:
64:d1:82:02:9a:2f:10:e0:14:a1:31:ea:2e:12:97:
4e:1a:13:1b:28:50:2e:00:b1:6f:f3:81:a1:39:79:
42:f5:f0:23:04:26:ad:ee:a5:97:ec:8a:7c:91:8b:
f4:e3:0e:76:a1:c6:12:0c:18:7e:e8:2f:d4:b7:ed:
fa:2c:cd:43:ba:ad:44:ee:0c:49:1e:21:16:37:bf:
5b:1a:57:70:c8:4c:3e:d2:6b:e1:b0:e2:0e:52:51:
26:d0:dc:a0:75:bf:a4:22:7d:2f:91:09:8a:9d:21:
bc:58:f6:42:de:5f:f3:8f:2d:f1:5d:42:77:10:8e:
ae:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:CD:13:4A:FF:D4:83:4F:09:D5:FC:08:A9:A7:02:97:57:98:18:FB
X509v3 Authority Key Identifier:
keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:93:8b:6f:69:e1:de:63:a4:5b:e4:2b:44:8a:75:a6:ee:54:
e9:a3:e8:ab:74:7b:76:fc:4e:9a:1e:a1:d6:13:f9:fd:54:a1:
ad:4c:76:3d:e0:52:75:c8:03:05:56:a6:f4:7a:24:fa:62:63:
b1:a0:54:06:40:4a:74:6d:4d:dc:d4:04:8c:df:de:df:2f:4a:
f9:07:a6:67:39:86:69:62:ad:21:8b:19:35:29:a8:8e:f5:fe:
71:68:c4:ab:d7:8c:68:83:20:3f:00:c1:d6:be:8d:2c:da:8c:
10:67:44:e9:0b:7e:7e:79:df:eb:c5:fd:f4:e4:b2:67:d6:69:
20:5f:c2:cd:7c:3b:4f:d1:8e:e3:0b:5b:8e:aa:eb:c8:d0:6c:
ff:c8:95:b3:2a:e2:cf:6a:fa:12:d0:c0:db:16:93:7c:50:34:
87:34:e4:ca:ba:0b:77:a7:e9:8c:32:6c:7a:0e:ba:8e:d0:b1:
44:7c:eb:95:07:03:0d:97:ae:6c:2d:bc:17:53:2a:a0:40:bc:
8c:da:66:66:c7:54:60:8a:22:1b:f9:ad:5a:53:e7:99:43:80:
ae:94:73:8b:39:ff:05:7d:db:20:f6:7a:f5:de:18:00:de:cd:
ff:2d:91:c7:fa:c0:d7:6f:59:9f:97:90:2d:7d:ed:43:f8:6d:
70:95:94:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+tirptxxCqhOJHkP0W47tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw
YWFjMWUwHhcNMjYwNjEzMDIwMTEwWhcNMjYwNjE0MDIwMTEwWjAzMTEwLwYDVQQD
Eyg1YmNkMTM0YWZmZDQ4MzRmMDlkNWZjMDhhOWE3MDI5NzU3OTgxOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl+QzZa5qR6ZwWJwyA4fxOPUb/+C
xqclZV1xnvJdhr9VsoIqMBSkgqahEvCx/IOZSQfwv6HhKTlfxnfCApu0kA/f5vga
WtBbGgx4VV0oE9z1s0GjDJ47HVo03mfP8dKZzZP6qijbs+0PQ5yg3XU/ARPHYLR0
53FtZK20u04R/yOm1HpboDJk0YICmi8Q4BShMeouEpdOGhMbKFAuALFv84GhOXlC
9fAjBCat7qWX7Ip8kYv04w52ocYSDBh+6C/Ut+36LM1Duq1E7gxJHiEWN79bGldw
yEw+0mvhsOIOUlEm0Nygdb+kIn0vkQmKnSG8WPZC3l/zjy3xXUJ3EI6ulwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvNE0r/1INPCdX8CKmnApdXmBj7MB8GA1UdIwQY
MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It
MDI5NzE1ZGU0YzZmLzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm
LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEpOLb2nh
3mOkW+QrRIp1pu5U6aPoq3R7dvxOmh6h1hP5/VShrUx2PeBSdcgDBVam9Hok+mJj
saBUBkBKdG1N3NQEjN/e3y9K+QemZzmGaWKtIYsZNSmojvX+cWjEq9eMaIMgPwDB
1r6NLNqMEGdE6Qt+fnnf68X99OSyZ9ZpIF/CzXw7T9GO4wtbjqrryNBs/8iVsyri
z2r6EtDA2xaTfFA0hzTkyroLd6fpjDJseg66jtCxRHzrlQcDDZeubC28F1MqoEC8
jNpmZsdUYIoiG/mtWlPnmUOArpRzizn/BX3bIPZ69d4YAN7N/y2Rx/rA129Zn5eQ
LX3tQ/htcJWU4Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:11:17 2026 by rpki-client