Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
File: AhfGZs2iPpINFLkK6TY3EzUKrB4.mft (raw, json)
Hash identifier: J4yST9aH58wEEk+bBk/B9xLzlEflM01F1qc8GO1G35s=
Subject key identifier: 8C:E7:E1:BC:B5:4D:D1:C5:BD:2F:F2:77:02:9D:EA:BB:07:47:1C:44
Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
Certificate issuer: /CN=0217c666cda23e920d14b90ae9363713350aac1e
Certificate serial: 019D992B251B612F757A8EA8BB50C20A9DB0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
Manifest number: 18C1
Signing time: Fri 17 Apr 2026 02:00:34 +0000
Manifest this update: Fri 17 Apr 2026 02:00:34 +0000
Manifest next update: Sat 18 Apr 2026 02:00:34 +0000
Files and hashes: 1: AhfGZs2iPpINFLkK6TY3EzUKrB4.crl (hash: bS8IVz1WgiCaPcB9IrFc69J0I3mEApo91C5LTeBCJB0=)
2: LbPyc4hAUlUzut2p0ZpxCw83HnE.roa (hash: cLTartZVu31Sy+PEywLeLASvzBKWyq6c9Am1NnMnkbU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:2b:25:1b:61:2f:75:7a:8e:a8:bb:50:c2:0a:9d:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e
Validity
Not Before: Apr 17 02:00:34 2026 GMT
Not After : Apr 18 02:00:34 2026 GMT
Subject: CN=8ce7e1bcb54dd1c5bd2ff277029deabb07471c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b1:65:7f:e2:86:08:e2:dc:bf:2b:60:9f:29:
c0:0f:60:34:e3:d6:c8:5c:5e:d4:d6:66:a6:93:fe:
9a:d5:f4:ea:72:b2:4e:c2:17:ad:c6:95:27:dc:d3:
1f:65:53:f9:85:cc:b3:17:ab:44:60:8c:7a:a3:4d:
6a:db:cf:3e:fd:e8:49:43:34:fc:e8:3c:0d:79:8c:
f1:dd:00:39:f6:ed:69:24:3a:ec:3a:7b:fb:2d:1a:
a3:6d:d1:21:00:6e:88:ff:14:be:bd:62:44:1d:89:
e8:7f:ba:e6:d1:a7:6f:a4:c6:ad:23:40:91:b5:2f:
c1:de:26:ee:eb:e0:30:86:c8:5b:b7:9c:e6:b1:85:
f3:c7:01:15:b5:c3:7b:79:96:2f:f5:4f:eb:f6:4d:
a8:fe:e7:31:e9:7b:08:2c:03:05:2d:10:11:c1:5f:
60:96:b1:fd:52:49:3a:a0:28:d5:a5:4b:8a:63:09:
45:57:a1:a3:fc:ef:3f:33:c5:c7:63:d7:16:2e:b4:
4f:50:3c:fb:2d:6b:85:9e:75:cb:3f:10:3e:22:76:
65:93:00:c4:ef:13:78:63:2d:e1:75:e8:92:3a:59:
de:78:78:72:b3:5c:8d:ba:b6:17:83:4d:ea:36:8e:
15:12:ec:58:18:d4:d9:88:64:b0:ff:9c:a8:7a:b5:
93:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E7:E1:BC:B5:4D:D1:C5:BD:2F:F2:77:02:9D:EA:BB:07:47:1C:44
X509v3 Authority Key Identifier:
keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:84:fe:58:6a:cc:c7:c3:fb:05:63:48:e1:21:a2:a9:dd:d9:
67:9c:bd:b1:05:51:31:c5:8a:72:3d:fe:49:1d:c3:13:9e:e9:
c0:5d:19:cf:aa:4b:02:70:0c:d9:af:cf:0a:10:a8:61:89:a6:
8f:88:54:67:44:db:5a:bd:93:28:45:b0:c7:7c:df:8f:c7:3a:
be:c3:52:9f:25:85:1a:91:1c:66:e8:da:c5:f6:ac:c9:39:49:
82:0c:bd:cc:f2:76:70:4a:0b:09:91:5f:cd:e8:7a:29:e6:ba:
65:e6:17:9f:ce:29:0a:36:26:02:7b:73:3c:b1:96:5f:87:40:
3b:4f:9f:10:3e:91:ca:ca:7b:07:de:f1:7c:f0:75:05:66:3b:
b8:9e:23:00:9e:fc:74:bd:e7:5c:de:16:a8:5f:b1:56:5c:6f:
39:b9:a1:cd:c6:51:94:35:45:5c:aa:cd:15:de:2a:2a:c9:e9:
8c:3b:b2:71:38:95:de:96:9b:40:4c:11:e1:eb:a3:cb:d6:66:
2f:f0:72:81:60:cc:1f:8e:76:68:52:ce:5c:41:ed:ca:72:6d:
00:87:3f:fd:55:10:dc:65:de:44:6b:f3:e5:e8:fb:b4:e3:50:
85:c5:b8:db:54:4f:c5:5f:2d:f8:6f:9c:e4:e6:6f:eb:16:6e:
f4:91:0d:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZKyUbYS91eo6ou1DCCp2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw
YWFjMWUwHhcNMjYwNDE3MDIwMDM0WhcNMjYwNDE4MDIwMDM0WjAzMTEwLwYDVQQD
Eyg4Y2U3ZTFiY2I1NGRkMWM1YmQyZmYyNzcwMjlkZWFiYjA3NDcxYzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybFlf+KGCOLcvytgnynAD2A049bI
XF7U1mamk/6a1fTqcrJOwhetxpUn3NMfZVP5hcyzF6tEYIx6o01q288+/ehJQzT8
6DwNeYzx3QA59u1pJDrsOnv7LRqjbdEhAG6I/xS+vWJEHYnof7rm0advpMatI0CR
tS/B3ibu6+Awhshbt5zmsYXzxwEVtcN7eZYv9U/r9k2o/ucx6XsILAMFLRARwV9g
lrH9Ukk6oCjVpUuKYwlFV6Gj/O8/M8XHY9cWLrRPUDz7LWuFnnXLPxA+InZlkwDE
7xN4Yy3hdeiSOlneeHhys1yNurYXg03qNo4VEuxYGNTZiGSw/5yoerWTEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIzn4by1TdHFvS/ydwKd6rsHRxxEMB8GA1UdIwQY
MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It
MDI5NzE1ZGU0YzZmLzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm
LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT4T+WGrM
x8P7BWNI4SGiqd3ZZ5y9sQVRMcWKcj3+SR3DE57pwF0Zz6pLAnAM2a/PChCoYYmm
j4hUZ0TbWr2TKEWwx3zfj8c6vsNSnyWFGpEcZujaxfasyTlJggy9zPJ2cEoLCZFf
zeh6Kea6ZeYXn84pCjYmAntzPLGWX4dAO0+fED6Rysp7B97xfPB1BWY7uJ4jAJ78
dL3nXN4WqF+xVlxvObmhzcZRlDVFXKrNFd4qKsnpjDuycTiV3pabQEwR4eujy9Zm
L/BygWDMH452aFLOXEHtynJtAIc//VUQ3GXeRGvz5ej7tONQhcW421RPxV8t+G+c
5OZv6xZu9JENRw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:04:24 2026 by rpki-client