Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
File: AhfGZs2iPpINFLkK6TY3EzUKrB4.mft (raw, json)
Hash identifier: PoTtdeCO8vETwWiL9xa7C0TeE8A66IsZR8eus+5UPVk=
Subject key identifier: BD:99:29:6B:53:29:E5:E8:17:05:38:D2:8B:98:84:D2:30:27:DB:FF
Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
Certificate issuer: /CN=0217c666cda23e920d14b90ae9363713350aac1e
Certificate serial: 019CABA1FF40889681794B8196A0896136E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
Manifest number: 1846
Signing time: Sun 01 Mar 2026 23:00:46 +0000
Manifest this update: Sun 01 Mar 2026 23:00:46 +0000
Manifest next update: Mon 02 Mar 2026 23:00:46 +0000
Files and hashes: 1: AhfGZs2iPpINFLkK6TY3EzUKrB4.crl (hash: y9+Mboxkzy7sJi7T0I0MCuirJF58n0LHetvCoFQi8Kg=)
2: LbPyc4hAUlUzut2p0ZpxCw83HnE.roa (hash: cLTartZVu31Sy+PEywLeLASvzBKWyq6c9Am1NnMnkbU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a1:ff:40:88:96:81:79:4b:81:96:a0:89:61:36:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e
Validity
Not Before: Mar 1 23:00:46 2026 GMT
Not After : Mar 2 23:00:46 2026 GMT
Subject: CN=bd99296b5329e5e8170538d28b9884d23027dbff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4f:c8:9f:92:37:35:9c:19:da:f8:4a:b3:22:
db:82:57:45:d3:1a:23:90:94:36:58:19:d9:c0:7e:
64:c9:cb:60:aa:46:0a:fa:02:a6:a2:53:5f:68:81:
7f:1e:c6:2f:29:c1:7c:eb:75:e4:54:7b:29:3a:a9:
f1:de:95:ac:36:68:f5:fd:36:ac:72:ec:b0:d9:c6:
97:5f:03:f6:b8:0f:09:66:de:72:53:0b:5a:c8:c1:
a5:e5:08:0b:02:65:cb:9a:8b:d0:d9:8c:fb:61:1f:
41:99:69:2f:9f:e2:33:e5:5c:70:dc:92:66:85:7f:
b0:49:32:c3:1b:8f:92:ce:94:a5:bd:0a:4e:cf:e8:
28:53:44:0c:90:9a:6a:b1:e7:1b:d2:6b:1f:21:01:
5d:4f:bd:dc:bf:7b:80:78:62:e2:d6:73:5e:75:86:
12:4e:92:6f:c7:a0:2f:2f:59:d5:cc:8c:45:14:40:
2a:66:0d:67:65:e1:cd:a8:82:4b:a7:35:af:a6:fa:
06:6b:1f:41:71:92:b9:f1:89:f3:27:5d:fb:2a:33:
e5:e5:58:dd:c2:3c:ae:eb:36:5d:33:4b:b7:40:20:
01:0a:ec:2a:b9:8a:9e:ea:1c:c1:55:6c:ae:b1:fa:
26:ae:d2:2c:32:41:c6:83:76:34:95:2f:ab:54:f7:
47:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:99:29:6B:53:29:E5:E8:17:05:38:D2:8B:98:84:D2:30:27:DB:FF
X509v3 Authority Key Identifier:
keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:e2:a3:28:f5:62:17:6d:f9:8c:81:51:ec:23:95:fc:14:e9:
51:62:23:01:aa:b6:63:1b:79:a8:1f:70:15:6b:50:4b:97:e0:
e0:4b:66:f2:d6:bd:04:87:19:0a:1e:1b:a0:e9:d6:d4:f7:68:
15:11:f4:07:1c:81:08:ea:95:e3:be:45:14:3e:84:7b:71:2d:
a6:b8:85:bf:20:03:c8:17:ca:6e:1e:61:68:38:b9:fa:ee:bd:
8a:3f:52:c7:4c:77:01:ca:98:ef:5d:e3:cd:13:21:66:4a:9f:
21:be:d0:77:c2:96:b3:4b:fe:8a:86:02:4e:51:e4:16:b7:3b:
0f:a1:9a:9f:6e:20:a9:d0:a7:9d:35:04:4c:e7:44:1c:a2:82:
19:44:d2:4c:31:57:58:d8:e7:f5:e2:49:13:6b:8e:06:c2:c5:
ac:8a:02:dc:ca:88:c0:5d:99:bc:ce:b1:f3:0d:c0:9b:cf:c9:
3e:a2:66:7d:34:32:f1:10:11:79:75:85:cb:b8:2a:4c:44:4f:
30:63:ad:cc:a9:b9:4f:24:3a:0f:e5:f6:fb:55:96:29:08:55:
5f:55:d3:1b:d3:b6:88:45:1b:67:c5:d7:87:9b:f8:58:b5:85:
17:b8:bf:7e:62:d1:ad:00:f9:08:b0:28:a0:c1:e8:09:da:f4:
3e:d5:53:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrof9AiJaBeUuBlqCJYTbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw
YWFjMWUwHhcNMjYwMzAxMjMwMDQ2WhcNMjYwMzAyMjMwMDQ2WjAzMTEwLwYDVQQD
EyhiZDk5Mjk2YjUzMjllNWU4MTcwNTM4ZDI4Yjk4ODRkMjMwMjdkYmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10/In5I3NZwZ2vhKsyLbgldF0xoj
kJQ2WBnZwH5kyctgqkYK+gKmolNfaIF/HsYvKcF863XkVHspOqnx3pWsNmj1/Tas
cuyw2caXXwP2uA8JZt5yUwtayMGl5QgLAmXLmovQ2Yz7YR9BmWkvn+Iz5Vxw3JJm
hX+wSTLDG4+SzpSlvQpOz+goU0QMkJpqsecb0msfIQFdT73cv3uAeGLi1nNedYYS
TpJvx6AvL1nVzIxFFEAqZg1nZeHNqIJLpzWvpvoGax9BcZK58YnzJ137KjPl5Vjd
wjyu6zZdM0u3QCABCuwquYqe6hzBVWyusfomrtIsMkHGg3Y0lS+rVPdHawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2ZKWtTKeXoFwU40ouYhNIwJ9v/MB8GA1UdIwQY
MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It
MDI5NzE1ZGU0YzZmLzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm
LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUOKjKPVi
F235jIFR7COV/BTpUWIjAaq2Yxt5qB9wFWtQS5fg4Etm8ta9BIcZCh4boOnW1Pdo
FRH0BxyBCOqV475FFD6Ee3EtpriFvyADyBfKbh5haDi5+u69ij9Sx0x3AcqY713j
zRMhZkqfIb7Qd8KWs0v+ioYCTlHkFrc7D6Gan24gqdCnnTUETOdEHKKCGUTSTDFX
WNjn9eJJE2uOBsLFrIoC3MqIwF2ZvM6x8w3Am8/JPqJmfTQy8RAReXWFy7gqTERP
MGOtzKm5TyQ6D+X2+1WWKQhVX1XTG9O2iEUbZ8XXh5v4WLWFF7i/fmLRrQD5CLAo
oMHoCdr0PtVT1g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:08:04 2026 by rpki-client