Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
File: af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft (raw, json)
Hash identifier: s1bKy7agjCxGTXdr0ANKUzNMB0mIF45NwEDwIYZftlU=
Subject key identifier: 99:D4:05:A0:D9:E0:38:5D:67:CE:64:45:D0:68:90:1E:6E:37:C4:B7
Authority key identifier: 69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
Certificate issuer: /CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Certificate serial: 019746D4CD4E551EB915CB61057409F0E91E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
Manifest number: 157B
Signing time: Fri 06 Jun 2025 20:00:40 +0000
Manifest this update: Fri 06 Jun 2025 20:00:40 +0000
Manifest next update: Sat 07 Jun 2025 20:00:40 +0000
Files and hashes: 1: Ceo-HVPoWV3_2SxJvVUz90MzCXU.roa (hash: hrbJxLsRN5MK/3GlRfITM4zehXoSXHDnVzwmbM92S3A=)
2: af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl (hash: F2ieltl9PUDQahb7q18As2ZNqjKPQqlzjQjSum1TTuk=)
3: u-uD5eJkyZwHdvCGzRD30UcsPdQ.roa (hash: 972IpaBLO7W9fM3TeJorAGTATEI6lVsjC4rz1G6aPgA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 20:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:46:d4:cd:4e:55:1e:b9:15:cb:61:05:74:09:f0:e9:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Validity
Not Before: Jun 6 20:00:40 2025 GMT
Not After : Jun 7 20:00:40 2025 GMT
Subject: CN=99d405a0d9e0385d67ce6445d068901e6e37c4b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:34:64:25:27:7d:c3:e6:d2:17:aa:e0:d3:19:
6c:fd:79:c0:56:16:0d:0a:ee:5f:68:fd:0d:57:73:
0b:a3:bd:b9:c5:61:ef:73:14:a1:a1:57:23:a9:09:
e5:8c:c2:98:b2:04:49:79:cf:28:d9:7a:ab:b6:1d:
55:62:7a:94:4f:4f:58:bc:07:5c:0d:36:1d:89:3d:
8c:e0:ac:8c:e4:14:5d:f0:72:d7:15:39:98:43:6d:
7a:4c:88:13:82:6f:b6:82:8e:8a:a5:60:d1:bf:f3:
fa:b2:b2:c6:27:9d:c1:a3:24:e8:7d:25:3f:70:4b:
0d:4f:80:7c:47:71:37:41:7a:60:f8:48:fe:11:a1:
93:11:4f:4e:a3:c0:74:8c:25:49:b6:fa:97:3d:ae:
b8:b9:06:3e:0f:09:a3:92:e6:5d:0b:f5:81:b6:f9:
f9:f6:ba:af:e7:b7:74:86:b4:8d:a6:1f:a9:4a:56:
4f:ef:8d:04:34:e6:78:99:72:26:25:28:fb:b9:4f:
53:01:6a:53:6f:bf:c4:fb:4e:c9:7a:47:3c:48:eb:
f0:16:a3:45:5c:8b:fa:6c:01:a5:e4:f9:9a:85:85:
58:61:89:60:04:22:1a:f8:b1:b0:e6:2b:f8:22:21:
85:68:2c:b1:47:ec:05:42:39:6e:a8:5e:a1:70:23:
07:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D4:05:A0:D9:E0:38:5D:67:CE:64:45:D0:68:90:1E:6E:37:C4:B7
X509v3 Authority Key Identifier:
keyid:69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:54:39:b1:1a:4d:79:5a:f1:69:0a:32:df:bc:f1:95:3a:aa:
7b:d0:f2:26:aa:83:6b:5a:c1:e7:00:4a:87:c8:62:51:21:96:
82:c0:cd:b3:af:7a:59:fb:e4:1b:1f:a5:bf:21:95:e4:51:3c:
cd:1c:c5:bb:ce:86:1b:d0:6b:cb:36:b3:e3:7e:e8:b2:2a:72:
aa:c2:70:71:a5:47:74:c1:58:64:d6:2b:9a:10:6e:f0:fe:f4:
ae:0e:93:81:1f:73:52:1b:6d:6d:51:e5:7d:38:e2:b1:f3:79:
b2:b7:95:da:61:44:ff:93:22:75:3e:5e:65:82:e3:63:bf:fe:
b0:b7:ec:8c:63:67:bc:2c:80:dd:27:a8:03:a4:a9:8a:dd:48:
82:f8:04:a0:69:ea:37:2c:22:6d:be:3c:48:05:e4:4e:89:13:
41:28:90:11:27:45:4a:3f:c8:39:4a:08:6b:5e:e0:0b:07:b8:
18:1a:58:6b:c6:fc:6c:b2:b7:98:11:18:64:dc:c3:44:19:3e:
dc:35:06:2f:2e:b8:c7:cf:43:62:b3:45:8d:6b:0b:a4:3c:3b:
1f:13:79:99:db:c9:50:c5:82:2c:27:da:cc:66:9c:5d:74:03:
10:7b:2b:fa:be:cc:ab:c5:d0:0c:fe:84:9e:24:13:2c:e1:18:
8c:30:5e:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdG1M1OVR65FcthBXQJ8OkeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZmRmZTgyNDlmOTQzYWFiYWQxODgxZmNhNTgzNjYxM2E2
YTY3YmMwHhcNMjUwNjA2MjAwMDQwWhcNMjUwNjA3MjAwMDQwWjAzMTEwLwYDVQQD
Eyg5OWQ0MDVhMGQ5ZTAzODVkNjdjZTY0NDVkMDY4OTAxZTZlMzdjNGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzRkJSd9w+bSF6rg0xls/XnAVhYN
Cu5faP0NV3MLo725xWHvcxShoVcjqQnljMKYsgRJec8o2Xqrth1VYnqUT09YvAdc
DTYdiT2M4KyM5BRd8HLXFTmYQ216TIgTgm+2go6KpWDRv/P6srLGJ53BoyTofSU/
cEsNT4B8R3E3QXpg+Ej+EaGTEU9Oo8B0jCVJtvqXPa64uQY+DwmjkuZdC/WBtvn5
9rqv57d0hrSNph+pSlZP740ENOZ4mXImJSj7uU9TAWpTb7/E+07Jekc8SOvwFqNF
XIv6bAGl5PmahYVYYYlgBCIa+LGw5iv4IiGFaCyxR+wFQjluqF6hcCMHlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnUBaDZ4DhdZ85kRdBokB5uN8S3MB8GA1UdIwQY
MBaAFGn9/oJJ+UOqutGIH8pYNmE6ame8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTIt
NzFkOGI4ODUwODUzLzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTItNzFkOGI4ODUwODUz
LzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH1Q5sRpN
eVrxaQoy37zxlTqqe9DyJqqDa1rB5wBKh8hiUSGWgsDNs696WfvkGx+lvyGV5FE8
zRzFu86GG9Bryzaz437osipyqsJwcaVHdMFYZNYrmhBu8P70rg6TgR9zUhttbVHl
fTjisfN5sreV2mFE/5MidT5eZYLjY7/+sLfsjGNnvCyA3SeoA6Spit1IgvgEoGnq
Nywibb48SAXkTokTQSiQESdFSj/IOUoIa17gCwe4GBpYa8b8bLK3mBEYZNzDRBk+
3DUGLy64x89DYrNFjWsLpDw7HxN5mdvJUMWCLCfazGacXXQDEHsr+r7Mq8XQDP6E
niQTLOEYjDBe1A==
-----END CERTIFICATE-----
Generated at Sat Jun 7 03:44:43 2025 by rpki-client