Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
File: afAHCvh31rmGswe5vATvGcRAQz0.mft (raw, json)
Hash identifier: 5w0+UT87fotktCWdZtgF8YfGJbDdaR4+td803/iRAaE=
Subject key identifier: EF:4D:10:57:D6:5F:70:9D:87:0B:7F:84:D1:30:6C:A7:72:66:1C:C7
Authority key identifier: 69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D
Certificate issuer: /CN=69f0070af877d6b986b307b9bc04ef19c440433d
Certificate serial: 01992D483B17D710804BA296A2FCE21CE79D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
Manifest number: 08AB
Signing time: Tue 09 Sep 2025 07:02:12 +0000
Manifest this update: Tue 09 Sep 2025 07:02:12 +0000
Manifest next update: Wed 10 Sep 2025 07:02:12 +0000
Files and hashes: 1: 5m0E4hrlymj_oPq4RutDZTBvpFc.roa (hash: D3u2GpmWvvHTn4HOSLwFPi92ntWCyeD4rYP1qp5He0g=)
2: afAHCvh31rmGswe5vATvGcRAQz0.crl (hash: mzAHACJG5kx+jlhtYwJUObm2/IcvVj4rG7noPM7Xjzo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 07:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:48:3b:17:d7:10:80:4b:a2:96:a2:fc:e2:1c:e7:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69f0070af877d6b986b307b9bc04ef19c440433d
Validity
Not Before: Sep 9 07:02:12 2025 GMT
Not After : Sep 10 07:02:12 2025 GMT
Subject: CN=ef4d1057d65f709d870b7f84d1306ca772661cc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2c:dd:cc:69:00:e7:62:ca:3b:5e:84:a3:6d:
3e:76:28:77:46:94:b6:6a:4f:d6:a3:4d:13:67:a0:
41:6a:bb:0a:a5:fb:20:b6:b6:ff:53:31:6a:55:cf:
b7:ed:d7:43:48:a1:01:38:a0:0a:ac:03:8b:3d:67:
9a:e6:08:03:95:a7:b4:20:6d:5f:fa:ac:11:16:9b:
e5:96:f1:52:4d:7d:4e:95:a2:32:e8:bf:23:c9:72:
d5:cf:4c:48:47:8c:f9:33:32:f0:53:41:b7:15:bf:
6b:7a:7c:32:3b:f3:9a:dd:ad:a1:18:21:db:ec:64:
56:4f:84:78:8f:c6:07:07:7b:60:36:95:62:a3:24:
7c:2f:c9:d2:c2:5a:be:60:b1:e5:a3:b7:04:a7:f0:
22:b5:d3:cc:a9:25:e9:47:e0:9e:e5:a6:ee:dc:56:
00:4a:a6:34:d8:b0:4e:e0:cb:0b:1c:79:37:12:15:
82:70:98:19:3a:89:c0:eb:7d:03:95:ef:d8:e2:dc:
66:27:31:07:79:88:31:88:24:f3:2b:06:b4:16:08:
9f:d2:ca:0b:9a:3f:a6:f4:53:bf:ea:70:95:27:30:
6e:b0:06:5e:34:f2:0d:86:ce:a0:fc:c6:66:29:78:
55:22:82:1c:11:fe:98:d2:93:f6:66:cb:21:74:af:
73:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:4D:10:57:D6:5F:70:9D:87:0B:7F:84:D1:30:6C:A7:72:66:1C:C7
X509v3 Authority Key Identifier:
keyid:69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:9c:80:10:cf:79:24:d9:fb:0f:b8:3d:14:bb:d6:6b:08:12:
13:cb:87:4f:aa:d1:43:3d:16:85:6e:cc:ae:93:65:2f:5f:13:
98:ad:20:77:49:79:52:7d:f5:ab:a1:9a:13:74:6c:27:61:f8:
cc:30:07:74:9d:27:39:b3:1e:60:66:16:1c:23:13:de:2d:83:
39:95:c6:60:30:f1:b5:a1:31:26:29:24:a6:cd:28:2c:78:40:
55:01:0b:53:68:7f:29:9f:e5:b9:4a:f9:3c:97:ba:75:23:32:
68:ef:cf:17:ef:ee:db:91:92:52:78:62:7f:70:dc:68:18:5b:
50:ff:cc:55:0e:76:c4:ef:0e:d7:89:a9:d8:12:15:fa:c0:64:
53:30:bd:7b:61:ed:49:85:7f:6f:96:19:5a:25:3a:8a:51:8c:
f0:40:f1:3b:05:4c:6a:ae:7f:36:17:dc:3b:4e:6a:2a:0e:d5:
ca:d5:15:49:6d:31:09:82:a9:e9:49:ee:29:77:f8:45:ea:48:
13:bb:fd:cf:29:d9:7e:8c:92:78:d8:17:6e:00:ca:b1:22:b0:
83:c2:1f:dd:e2:12:b1:f3:cc:8b:55:d9:e6:ca:eb:5a:9d:3e:
dd:2c:08:df:c9:22:4c:62:0c:57:ea:38:0a:45:6e:14:25:8b:
2d:eb:c2:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZktSDsX1xCAS6KWovziHOedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZjAwNzBhZjg3N2Q2Yjk4NmIzMDdiOWJjMDRlZjE5YzQ0
MDQzM2QwHhcNMjUwOTA5MDcwMjEyWhcNMjUwOTEwMDcwMjEyWjAzMTEwLwYDVQQD
EyhlZjRkMTA1N2Q2NWY3MDlkODcwYjdmODRkMTMwNmNhNzcyNjYxY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CzdzGkA52LKO16Eo20+dih3RpS2
ak/Wo00TZ6BBarsKpfsgtrb/UzFqVc+37ddDSKEBOKAKrAOLPWea5ggDlae0IG1f
+qwRFpvllvFSTX1OlaIy6L8jyXLVz0xIR4z5MzLwU0G3Fb9renwyO/Oa3a2hGCHb
7GRWT4R4j8YHB3tgNpVioyR8L8nSwlq+YLHlo7cEp/AitdPMqSXpR+Ce5abu3FYA
SqY02LBO4MsLHHk3EhWCcJgZOonA630Dle/Y4txmJzEHeYgxiCTzKwa0Fgif0soL
mj+m9FO/6nCVJzBusAZeNPINhs6g/MZmKXhVIoIcEf6Y0pP2ZsshdK9zfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9NEFfWX3Cdhwt/hNEwbKdyZhzHMB8GA1UdIwQY
MBaAFGnwBwr4d9a5hrMHubwE7xnEQEM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMt
NjM4OTIyMGIyNmM2LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMtNjM4OTIyMGIyNmM2
LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVJyAEM95
JNn7D7g9FLvWawgSE8uHT6rRQz0WhW7MrpNlL18TmK0gd0l5Un31q6GaE3RsJ2H4
zDAHdJ0nObMeYGYWHCMT3i2DOZXGYDDxtaExJikkps0oLHhAVQELU2h/KZ/luUr5
PJe6dSMyaO/PF+/u25GSUnhif3DcaBhbUP/MVQ52xO8O14mp2BIV+sBkUzC9e2Ht
SYV/b5YZWiU6ilGM8EDxOwVMaq5/NhfcO05qKg7VytUVSW0xCYKp6UnuKXf4RepI
E7v9zynZfoySeNgXbgDKsSKwg8If3eISsfPMi1XZ5srrWp0+3SwI38kiTGIMV+o4
CkVuFCWLLevCmg==
-----END CERTIFICATE-----
Generated at Tue Sep 9 10:09:12 2025 by rpki-client