Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/953a61-3349-47bf-a12b-e4c69334142c/1/afM-l5tD6I0OXsp5h5R9sh73yrk.mft
File: afM-l5tD6I0OXsp5h5R9sh73yrk.mft (raw, json)
Hash identifier: WT5TGWvMg7LtuWvX8BcoEjnggR/99EE1JiwBoV/4l6c=
Subject key identifier: 7E:A4:21:9E:EA:E7:12:2A:F2:29:9C:D5:86:F6:C8:04:F9:D9:42:EF
Authority key identifier: 69:F3:3E:97:9B:43:E8:8D:0E:5E:CA:79:87:94:7D:B2:1E:F7:CA:B9
Certificate issuer: /CN=69f33e979b43e88d0e5eca7987947db21ef7cab9
Certificate serial: 019A72258F5B960A446E27AC544471A8EB25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/afM-l5tD6I0OXsp5h5R9sh73yrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/953a61-3349-47bf-a12b-e4c69334142c/1/afM-l5tD6I0OXsp5h5R9sh73yrk.mft
Manifest number: 05D8
Signing time: Tue 11 Nov 2025 09:00:55 +0000
Manifest this update: Tue 11 Nov 2025 09:00:55 +0000
Manifest next update: Wed 12 Nov 2025 09:00:55 +0000
Files and hashes: 1: afM-l5tD6I0OXsp5h5R9sh73yrk.crl (hash: b4QxraequZZ9lmr0TCEqIeQkhbWq3FkjkStFEDDw/jk=)
2: rjuN-ZTOCGAomaycIkzHFBIupdk.roa (hash: mpitT9m9PBhweeULsMgo7mL5tvByadSSpZctsThk9Hg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/953a61-3349-47bf-a12b-e4c69334142c/1/afM-l5tD6I0OXsp5h5R9sh73yrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/953a61-3349-47bf-a12b-e4c69334142c/1/afM-l5tD6I0OXsp5h5R9sh73yrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/afM-l5tD6I0OXsp5h5R9sh73yrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:8f:5b:96:0a:44:6e:27:ac:54:44:71:a8:eb:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69f33e979b43e88d0e5eca7987947db21ef7cab9
Validity
Not Before: Nov 11 09:00:55 2025 GMT
Not After : Nov 12 09:00:55 2025 GMT
Subject: CN=7ea4219eeae7122af2299cd586f6c804f9d942ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1d:d6:07:a0:3d:7e:9d:27:5f:65:61:6f:c7:
6a:10:18:01:8a:3d:7c:53:a9:fb:cf:5a:49:6a:36:
5c:2d:d9:09:3e:65:b3:68:4b:71:12:11:87:c3:03:
fe:ee:8c:68:3c:ec:50:67:d8:2d:31:92:49:f8:c6:
4f:d7:6d:75:73:a3:fe:d5:2c:b1:09:f4:16:0b:20:
0b:25:f0:d2:84:d6:6a:e8:c1:5d:53:69:b3:f3:96:
f7:65:ad:67:8c:98:96:04:ee:87:b7:4e:d8:d3:12:
88:cf:2d:6b:88:a3:96:76:5c:54:77:b7:54:25:6a:
9a:28:f0:f2:93:98:c0:6d:8a:46:62:8b:f2:83:99:
d7:9e:df:7b:0d:e1:e2:e8:ad:d9:c7:38:a2:14:be:
cc:18:8a:f7:5e:6a:41:4f:f3:42:36:e9:e3:d0:8f:
34:ff:d8:26:71:7a:21:85:8a:a2:ea:e9:90:59:56:
91:e8:44:4d:ee:7e:63:3f:98:da:a1:aa:df:d9:f4:
94:12:21:24:ca:e5:59:73:2c:e2:a0:b7:b2:13:07:
66:90:d2:1f:fa:0d:46:ab:63:26:35:9e:d9:8f:1b:
89:6d:c8:81:e6:a4:3d:7a:65:41:3d:26:7a:e0:3b:
6e:28:f8:94:fc:d8:b6:84:3c:6a:75:93:1c:ce:d7:
de:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A4:21:9E:EA:E7:12:2A:F2:29:9C:D5:86:F6:C8:04:F9:D9:42:EF
X509v3 Authority Key Identifier:
keyid:69:F3:3E:97:9B:43:E8:8D:0E:5E:CA:79:87:94:7D:B2:1E:F7:CA:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afM-l5tD6I0OXsp5h5R9sh73yrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/953a61-3349-47bf-a12b-e4c69334142c/1/afM-l5tD6I0OXsp5h5R9sh73yrk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/953a61-3349-47bf-a12b-e4c69334142c/1/afM-l5tD6I0OXsp5h5R9sh73yrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:57:1f:9c:66:84:e9:6d:9d:54:0f:08:6b:18:ae:89:a1:70:
47:58:b7:b5:f2:00:02:38:2f:9a:8e:eb:0d:29:a2:5c:c3:4e:
c3:f8:a4:ca:6e:6c:9e:0b:dc:0c:00:81:20:03:0c:ce:ef:db:
58:8b:f1:68:ae:83:a7:c8:ac:76:f6:2c:6f:a5:e2:32:f5:1a:
23:02:4c:06:d7:60:a5:1f:98:79:01:4a:47:3e:9c:87:f3:17:
6a:7d:40:2d:87:66:c2:66:ed:2b:d1:3f:f3:32:ba:38:38:a0:
54:1e:70:27:25:18:dc:f7:f7:99:3e:85:ee:55:e5:73:87:12:
60:a4:2e:85:f3:ec:7a:40:c8:ab:95:8e:d7:f6:9d:53:ec:d7:
f9:5c:f6:cd:99:95:92:f8:d3:96:71:d6:df:9d:c2:4d:cd:d0:
e7:a7:6f:5c:72:47:48:2d:8d:76:8d:9c:5c:e8:67:7b:17:22:
85:cc:d5:e7:c8:ad:e0:1a:ac:3b:1c:af:dc:ba:d8:ab:bd:cb:
5c:90:67:cf:2f:66:ca:d6:5a:6d:a6:f3:b0:e8:9c:2c:ad:7c:
c7:02:fb:05:48:d2:c3:d6:a9:f2:e5:d1:44:fc:ec:a1:72:4d:
5a:4a:b5:5e:19:c7:46:be:44:a3:85:f4:36:61:be:2e:21:31:
5e:00:93:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJY9blgpEbiesVERxqOslMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZjMzZTk3OWI0M2U4OGQwZTVlY2E3OTg3OTQ3ZGIyMWVm
N2NhYjkwHhcNMjUxMTExMDkwMDU1WhcNMjUxMTEyMDkwMDU1WjAzMTEwLwYDVQQD
Eyg3ZWE0MjE5ZWVhZTcxMjJhZjIyOTljZDU4NmY2YzgwNGY5ZDk0MmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx3WB6A9fp0nX2Vhb8dqEBgBij18
U6n7z1pJajZcLdkJPmWzaEtxEhGHwwP+7oxoPOxQZ9gtMZJJ+MZP1211c6P+1Syx
CfQWCyALJfDShNZq6MFdU2mz85b3Za1njJiWBO6Ht07Y0xKIzy1riKOWdlxUd7dU
JWqaKPDyk5jAbYpGYovyg5nXnt97DeHi6K3ZxziiFL7MGIr3XmpBT/NCNunj0I80
/9gmcXohhYqi6umQWVaR6ERN7n5jP5jaoarf2fSUEiEkyuVZcyzioLeyEwdmkNIf
+g1Gq2MmNZ7ZjxuJbciB5qQ9emVBPSZ64DtuKPiU/Ni2hDxqdZMcztfecQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH6kIZ7q5xIq8imc1Yb2yAT52ULvMB8GA1UdIwQY
MBaAFGnzPpebQ+iNDl7KeYeUfbIe98q5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWZNLWw1dEQ2STBPWHNwNWg1UjlzaDczeXJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi85NTNhNjEtMzM0OS00N2JmLWExMmIt
ZTRjNjkzMzQxNDJjLzEvYWZNLWw1dEQ2STBPWHNwNWg1UjlzaDczeXJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi85NTNhNjEtMzM0OS00N2JmLWExMmItZTRjNjkzMzQxNDJj
LzEvYWZNLWw1dEQ2STBPWHNwNWg1UjlzaDczeXJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo1cfnGaE
6W2dVA8IaxiuiaFwR1i3tfIAAjgvmo7rDSmiXMNOw/ikym5sngvcDACBIAMMzu/b
WIvxaK6Dp8isdvYsb6XiMvUaIwJMBtdgpR+YeQFKRz6ch/MXan1ALYdmwmbtK9E/
8zK6ODigVB5wJyUY3Pf3mT6F7lXlc4cSYKQuhfPsekDIq5WO1/adU+zX+Vz2zZmV
kvjTlnHW353CTc3Q56dvXHJHSC2Ndo2cXOhnexcihczV58it4BqsOxyv3LrYq73L
XJBnzy9mytZababzsOicLK18xwL7BUjSw9ap8uXRRPzsoXJNWkq1XhnHRr5Eo4X0
NmG+LiExXgCTHg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:16:08 2025 by rpki-client