Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
File: AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft (raw, json)
Hash identifier: IMVJ61j+rYCjVTTbLXpPdxu1Iiw2hnTyGHXGr1OKcEw=
Subject key identifier: 66:E4:14:2F:F6:42:5D:06:C0:BE:2D:87:E1:48:8D:49:F6:64:EE:50
Authority key identifier: 00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
Certificate issuer: /CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Certificate serial: 019A258A8A15678BB0CE07C37139FA6FCE79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
Manifest number: 16FA
Signing time: Mon 27 Oct 2025 12:00:27 +0000
Manifest this update: Mon 27 Oct 2025 12:00:27 +0000
Manifest next update: Tue 28 Oct 2025 12:00:27 +0000
Files and hashes: 1: AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl (hash: nL4pXTYiQClM56D8BZmJM74Rgb5vT18jkVtGe7E7AaU=)
2: qen-QoIAAGwgpqx4OQAF6M4rR_M.roa (hash: Pfgs1o9qvVrkxz8on7jtYneDypFRD7JuU2XED3GEHk4=)
3: sJjIi8LxyBaapUPztypafiGazB4.roa (hash: snoS7xcNMuCgLXX7PRPXvmr0bu9uS7kTUSsVN0SedsA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 12:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:8a:8a:15:67:8b:b0:ce:07:c3:71:39:fa:6f:ce:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Validity
Not Before: Oct 27 12:00:27 2025 GMT
Not After : Oct 28 12:00:27 2025 GMT
Subject: CN=66e4142ff6425d06c0be2d87e1488d49f664ee50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2c:79:39:ab:f4:40:fe:27:44:d0:c5:39:e5:
ba:ee:c7:c4:51:31:35:55:6f:cc:4f:0e:04:2c:3f:
50:8d:4f:bf:d3:8e:45:b1:2e:5b:4d:0a:4d:6f:71:
ee:32:7b:6e:63:6e:6c:35:47:5e:2f:bd:d5:b6:d7:
28:f1:39:a9:5f:9c:b9:16:df:4f:f3:e2:d6:cd:92:
59:b0:57:f0:ca:9a:f2:68:09:c5:7b:b1:a7:c5:b5:
28:7c:a0:d2:88:6c:e2:44:f5:ab:84:0c:6b:4f:5e:
b9:3d:9e:91:46:e7:c9:b6:19:b4:89:ed:47:30:73:
42:7b:8f:09:2b:fd:df:99:a3:77:cf:74:27:00:c6:
f6:cb:1e:d5:f0:e3:32:6f:43:89:87:15:24:3b:8f:
ef:87:a2:26:99:70:80:ef:35:31:df:d2:20:80:f3:
b4:27:e1:b8:97:be:5b:8e:f3:37:42:c3:6a:64:f6:
6f:51:eb:8f:50:db:52:36:71:b7:62:25:db:8f:9a:
d3:bc:4f:10:12:bd:ef:cd:de:bb:8f:07:e7:45:01:
ee:fd:dc:fc:6e:34:49:3f:d1:b1:ba:64:4b:19:b7:
39:a9:6e:e3:87:4f:9c:0e:88:70:5d:8a:13:2e:ab:
7c:e6:63:2e:21:fb:d9:29:6e:e2:a4:8d:a6:fe:d6:
97:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E4:14:2F:F6:42:5D:06:C0:BE:2D:87:E1:48:8D:49:F6:64:EE:50
X509v3 Authority Key Identifier:
keyid:00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:1d:6c:d0:8a:e6:1c:fc:9f:3c:7f:43:32:5d:89:78:be:0c:
91:fc:01:a7:e8:50:ff:1b:75:66:bc:df:88:66:96:a2:44:cb:
5b:c9:c4:ec:84:08:de:e8:5e:b1:ef:39:58:73:1f:c0:65:d1:
ba:c8:d1:a3:a5:80:03:e8:b6:43:32:41:23:9c:59:39:51:7d:
d3:8b:15:fe:89:0c:bb:0d:09:ed:06:05:d0:91:62:00:d5:56:
8e:58:36:bf:25:6d:8f:af:c2:25:e0:1a:c4:85:df:74:57:b7:
b1:c2:41:cf:e2:dd:e3:2f:a2:d0:8d:5f:dc:9e:0b:d7:cc:f2:
69:d7:f1:09:11:a2:3d:7f:8f:2d:9a:13:e7:25:97:e1:ed:c2:
e9:c6:0d:f4:f0:0d:1a:de:fd:98:a2:b7:81:69:ee:4c:c4:49:
bd:b7:80:96:14:88:96:80:73:2d:4a:46:75:41:ad:f8:f9:36:
fd:59:88:83:b0:0b:dd:00:25:c4:b0:a1:b0:a1:58:2a:62:0f:
b6:f2:ca:5e:5e:ca:38:48:6a:c6:e9:9f:a7:9b:ec:b7:55:36:
e3:75:fa:13:0d:35:ce:a2:e3:e6:93:9d:f4:59:ad:58:3f:fe:
52:69:1e:38:75:ac:34:19:91:ad:51:59:74:ef:72:0d:bb:a9:
b4:43:03:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoliooVZ4uwzgfDcTn6b855MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzJjMDhmNzRkMmE4NDJhNzFmMjNhYjYxNDk5YjUyNjk0
ZmM3YTUwHhcNMjUxMDI3MTIwMDI3WhcNMjUxMDI4MTIwMDI3WjAzMTEwLwYDVQQD
Eyg2NmU0MTQyZmY2NDI1ZDA2YzBiZTJkODdlMTQ4OGQ0OWY2NjRlZTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSx5Oav0QP4nRNDFOeW67sfEUTE1
VW/MTw4ELD9QjU+/045FsS5bTQpNb3HuMntuY25sNUdeL73Vttco8TmpX5y5Ft9P
8+LWzZJZsFfwypryaAnFe7GnxbUofKDSiGziRPWrhAxrT165PZ6RRufJthm0ie1H
MHNCe48JK/3fmaN3z3QnAMb2yx7V8OMyb0OJhxUkO4/vh6ImmXCA7zUx39IggPO0
J+G4l75bjvM3QsNqZPZvUeuPUNtSNnG3YiXbj5rTvE8QEr3vzd67jwfnRQHu/dz8
bjRJP9GxumRLGbc5qW7jh0+cDohwXYoTLqt85mMuIfvZKW7ipI2m/taX1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbkFC/2Ql0GwL4th+FIjUn2ZO5QMB8GA1UdIwQY
MBaAFABywI900qhCpx8jq2FJm1JpT8elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYt
NjY3ZDY2NDY5Y2Q5LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYtNjY3ZDY2NDY5Y2Q5
LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALx1s0Irm
HPyfPH9DMl2JeL4MkfwBp+hQ/xt1ZrzfiGaWokTLW8nE7IQI3uhese85WHMfwGXR
usjRo6WAA+i2QzJBI5xZOVF904sV/okMuw0J7QYF0JFiANVWjlg2vyVtj6/CJeAa
xIXfdFe3scJBz+Ld4y+i0I1f3J4L18zyadfxCRGiPX+PLZoT5yWX4e3C6cYN9PAN
Gt79mKK3gWnuTMRJvbeAlhSIloBzLUpGdUGt+Pk2/VmIg7AL3QAlxLChsKFYKmIP
tvLKXl7KOEhqxumfp5vst1U243X6Ew01zqLj5pOd9FmtWD/+UmkeOHWsNBmRrVFZ
dO9yDbuptEMDBg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 18:19:04 2025 by rpki-client