Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.mft
File: AFetCa6aGpgBInWFGqvmnk4VovQ.mft (raw, json)
Hash identifier: 6E0cST4jkJYlweoX4AAIzGQOlXYWMBZp6IYyo/+pWK0=
Subject key identifier: 3F:C6:37:44:EB:40:23:BE:96:21:E8:1C:72:1F:ED:28:33:D4:EF:59
Authority key identifier: 00:57:AD:09:AE:9A:1A:98:01:22:75:85:1A:AB:E6:9E:4E:15:A2:F4
Certificate issuer: /CN=0057ad09ae9a1a98012275851aabe69e4e15a2f4
Certificate serial: 019A71B82FCAE9FE1BBCF448A1367256B8EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AFetCa6aGpgBInWFGqvmnk4VovQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.mft
Manifest number: 1007
Signing time: Tue 11 Nov 2025 07:01:27 +0000
Manifest this update: Tue 11 Nov 2025 07:01:27 +0000
Manifest next update: Wed 12 Nov 2025 07:01:27 +0000
Files and hashes: 1: AFetCa6aGpgBInWFGqvmnk4VovQ.crl (hash: AzGA6Un0T0UA3OIi1ceTV2QlsuxPCQT4ibJ9XBL8ARo=)
2: uxPm2jgrGB9aUpoVSqtxOrk6oLc.roa (hash: jnz+6TEphg6WeFVMNjeLnKwOXT2+7WslFFXVeACqJbs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/AFetCa6aGpgBInWFGqvmnk4VovQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:2f:ca:e9:fe:1b:bc:f4:48:a1:36:72:56:b8:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0057ad09ae9a1a98012275851aabe69e4e15a2f4
Validity
Not Before: Nov 11 07:01:27 2025 GMT
Not After : Nov 12 07:01:27 2025 GMT
Subject: CN=3fc63744eb4023be9621e81c721fed2833d4ef59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9b:c1:d5:f0:c8:fc:54:e1:98:d8:37:d2:d9:
0c:bf:d3:70:14:f4:c7:fd:dc:b4:55:c5:41:13:03:
25:81:ef:c1:1e:01:bc:34:f2:15:cd:68:cf:ec:32:
ac:b0:27:e0:bd:c9:29:0c:80:99:d7:04:63:72:cd:
b7:56:58:88:74:02:bd:f7:7d:b7:1b:0a:c5:a2:f4:
b3:b8:80:90:2f:ea:25:17:58:6e:67:30:af:29:cc:
d5:61:a4:2f:85:90:07:c9:b0:e6:4b:1b:f0:d9:17:
55:19:f5:3f:89:54:f0:d8:8f:72:07:48:c3:89:3e:
36:d4:9d:bc:90:78:7e:b3:21:69:6e:07:5d:1b:7d:
d0:25:c0:26:1c:13:e0:f4:04:04:83:e0:64:88:2a:
ec:b4:30:5d:58:31:1b:8f:c7:19:f3:d5:dd:48:81:
e4:0c:22:ce:9d:90:43:27:d7:70:11:7d:44:1c:06:
b4:88:1c:8f:97:38:4f:b9:68:5a:bd:97:4c:af:92:
2e:81:53:28:4e:57:4d:c2:e4:e0:67:65:14:ce:a6:
0c:83:08:57:d0:03:5a:5d:7e:8f:90:17:d9:76:06:
ce:01:11:b4:51:8a:22:1a:f4:d3:f9:23:60:06:0e:
4e:87:53:5f:39:02:34:e8:7a:c2:c7:68:26:f3:1a:
14:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C6:37:44:EB:40:23:BE:96:21:E8:1C:72:1F:ED:28:33:D4:EF:59
X509v3 Authority Key Identifier:
keyid:00:57:AD:09:AE:9A:1A:98:01:22:75:85:1A:AB:E6:9E:4E:15:A2:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFetCa6aGpgBInWFGqvmnk4VovQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:f9:f4:d1:f4:08:26:78:c3:6f:c0:b5:b2:e3:d3:ac:37:ab:
c7:d8:f7:b4:fc:5b:a3:8b:e3:d6:1d:b9:69:43:f0:cb:15:95:
26:bf:51:52:4c:cb:6f:6f:d2:02:76:10:e0:ff:33:30:91:6e:
60:67:98:a3:b1:c2:0b:5b:0e:b6:a9:5b:85:15:71:81:99:a4:
a4:f3:05:df:14:d7:c7:66:5e:67:2a:7a:a0:cc:b6:47:bc:65:
ee:70:1d:a5:af:16:37:b8:6c:b1:6d:13:d6:53:4a:70:8f:55:
7d:56:8d:54:be:34:da:c0:ce:2f:1c:68:a1:aa:0c:3f:22:06:
b1:17:a0:ea:14:80:35:8f:ee:e2:2e:70:d0:02:5f:48:90:86:
8f:66:2f:0c:69:3b:3f:a9:ea:5f:8d:5c:86:fe:79:aa:9c:e1:
30:35:d0:b1:b5:f5:3a:fc:f7:e9:79:b3:78:bc:f4:cd:2b:ff:
96:cf:d6:c5:1b:6c:f5:7b:6a:86:6c:ad:fb:fb:a6:6d:ae:1e:
a6:19:3b:87:ff:6a:35:10:5f:88:1e:0a:e2:ec:6a:97:67:99:
0e:3f:f2:b0:c7:df:c4:96:44:7f:82:09:c7:7f:b5:0a:cb:aa:
68:69:3f:25:4c:10:c6:56:26:d4:7a:d4:b4:4c:49:96:67:cf:
24:68:aa:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuC/K6f4bvPRIoTZyVrjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTdhZDA5YWU5YTFhOTgwMTIyNzU4NTFhYWJlNjllNGUx
NWEyZjQwHhcNMjUxMTExMDcwMTI3WhcNMjUxMTEyMDcwMTI3WjAzMTEwLwYDVQQD
EygzZmM2Mzc0NGViNDAyM2JlOTYyMWU4MWM3MjFmZWQyODMzZDRlZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJvB1fDI/FThmNg30tkMv9NwFPTH
/dy0VcVBEwMlge/BHgG8NPIVzWjP7DKssCfgvckpDICZ1wRjcs23VliIdAK99323
GwrFovSzuICQL+olF1huZzCvKczVYaQvhZAHybDmSxvw2RdVGfU/iVTw2I9yB0jD
iT421J28kHh+syFpbgddG33QJcAmHBPg9AQEg+BkiCrstDBdWDEbj8cZ89XdSIHk
DCLOnZBDJ9dwEX1EHAa0iByPlzhPuWhavZdMr5IugVMoTldNwuTgZ2UUzqYMgwhX
0ANaXX6PkBfZdgbOARG0UYoiGvTT+SNgBg5Oh1NfOQI06HrCx2gm8xoUDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/GN0TrQCO+liHoHHIf7Sgz1O9ZMB8GA1UdIwQY
MBaAFABXrQmumhqYASJ1hRqr5p5OFaL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZldENhNmFHcGdCSW5XRkdxdm1uazRWb3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy80YzMyYjktZjc3NS00ODY4LTkyM2Qt
ZGNhMzhkNTlhMTU4LzEvQUZldENhNmFHcGdCSW5XRkdxdm1uazRWb3ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy80YzMyYjktZjc3NS00ODY4LTkyM2QtZGNhMzhkNTlhMTU4
LzEvQUZldENhNmFHcGdCSW5XRkdxdm1uazRWb3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjfn00fQI
JnjDb8C1suPTrDerx9j3tPxbo4vj1h25aUPwyxWVJr9RUkzLb2/SAnYQ4P8zMJFu
YGeYo7HCC1sOtqlbhRVxgZmkpPMF3xTXx2ZeZyp6oMy2R7xl7nAdpa8WN7hssW0T
1lNKcI9VfVaNVL402sDOLxxooaoMPyIGsReg6hSANY/u4i5w0AJfSJCGj2YvDGk7
P6nqX41chv55qpzhMDXQsbX1Ovz36XmzeLz0zSv/ls/WxRts9Xtqhmyt+/umba4e
phk7h/9qNRBfiB4K4uxql2eZDj/ysMffxJZEf4IJx3+1CsuqaGk/JUwQxlYm1HrU
tExJlmfPJGiqjw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:15 2025 by rpki-client