Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
File: af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft (raw, json)
Hash identifier: QK920H31TV5TW5hSuEk7Of3rmWQnXTjZwUE8uRT72kA=
Subject key identifier: A3:EE:50:D4:96:51:DF:E2:37:F5:E9:D6:F9:8B:F6:09:41:B8:11:F6
Authority key identifier: 69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
Certificate issuer: /CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Certificate serial: 019A71EE7E7C012AA5FB6F81DBE6BD814FFC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 08:00:46 +0000
Manifest this update: Tue 11 Nov 2025 08:00:46 +0000
Manifest next update: Wed 12 Nov 2025 08:00:46 +0000
Files and hashes: 1: Ceo-HVPoWV3_2SxJvVUz90MzCXU.roa (hash: hrbJxLsRN5MK/3GlRfITM4zehXoSXHDnVzwmbM92S3A=)
2: af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl (hash: Eo3BUTABkAYzvoka5Jy6aHLeJAPBB9WmiIrQ0bw2i+Y=)
3: u-uD5eJkyZwHdvCGzRD30UcsPdQ.roa (hash: 972IpaBLO7W9fM3TeJorAGTATEI6lVsjC4rz1G6aPgA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:7e:7c:01:2a:a5:fb:6f:81:db:e6:bd:81:4f:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Validity
Not Before: Nov 11 08:00:46 2025 GMT
Not After : Nov 12 08:00:46 2025 GMT
Subject: CN=a3ee50d49651dfe237f5e9d6f98bf60941b811f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:37:e8:e0:42:f2:93:69:ae:57:27:74:bd:e9:
f0:bd:4a:8c:cf:2f:3f:fc:be:da:ab:c8:a1:71:13:
a2:bb:7f:c4:94:82:d0:a5:b3:08:76:0c:28:aa:d4:
8e:d5:e2:3e:a1:3c:28:88:48:12:30:a8:15:99:36:
a3:03:3a:a8:f3:e7:8a:8d:13:23:1c:c7:c4:70:72:
08:0d:73:b7:b2:3e:f0:f4:1e:9b:54:7d:0b:da:62:
e7:2f:d7:9f:b8:b6:74:d5:d1:45:5b:f4:28:06:c6:
93:18:42:cc:9a:6a:8b:93:b8:2c:93:c7:4b:3a:57:
cb:e8:4b:84:98:e9:5a:17:71:ba:24:69:42:c7:36:
e0:2a:2d:91:86:1a:6d:51:0d:43:b0:90:e7:5a:1f:
d9:78:7a:0b:71:3d:c8:68:dd:33:4d:7c:2c:62:0d:
e3:ee:c0:7e:42:e2:1b:b7:fd:4a:b7:0f:4a:b3:56:
8d:10:0a:e8:88:30:70:cf:4d:e5:d6:19:9d:6f:da:
f6:b7:26:f6:53:fe:04:0c:d4:c3:62:d5:1b:7d:37:
5f:42:31:7a:01:88:c1:dc:47:7c:2f:b2:3e:e2:3d:
0b:a4:97:4e:c3:c6:97:33:55:89:4c:c9:8a:37:93:
3e:6b:25:2e:38:a8:08:18:74:ab:16:bd:5e:34:d0:
80:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EE:50:D4:96:51:DF:E2:37:F5:E9:D6:F9:8B:F6:09:41:B8:11:F6
X509v3 Authority Key Identifier:
keyid:69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:19:ed:84:cd:e2:b4:91:ae:26:33:91:91:f8:95:b2:f6:30:
1c:ea:ac:cc:8c:4d:14:d6:d5:5b:90:94:ee:23:94:44:f0:67:
ba:26:81:88:9d:75:78:65:41:95:45:b3:e0:50:1c:6b:96:d0:
90:0f:cd:db:b7:ee:01:f1:ae:6e:f7:36:39:e9:92:d5:a0:d0:
10:6c:65:51:69:02:00:86:05:48:f4:66:55:6a:c9:03:4c:f8:
c3:4a:f9:fb:be:7a:78:db:0d:11:74:f3:28:22:e0:a1:3b:32:
25:7a:f5:2b:8d:d7:26:71:29:bc:5e:d4:0a:cc:8f:a4:db:25:
ba:59:16:d3:33:76:e5:1f:59:65:1e:f9:bf:0f:c3:d9:27:06:
63:9c:8f:ef:b9:17:76:39:e8:72:31:45:2f:60:20:1a:62:20:
fb:3e:f0:79:ff:fd:68:1e:6f:40:bc:6f:0a:3d:e9:3e:d7:3a:
c8:33:0b:70:5f:2a:b3:76:72:52:0a:14:fa:83:49:64:8d:aa:
41:d8:23:83:c4:09:37:18:ec:73:9e:bf:9e:e5:ca:fd:19:04:
c6:2a:65:3c:47:ea:f4:1a:a9:36:d8:3e:c3:a2:03:3d:6b:0c:
00:39:17:e4:6e:7e:1e:d8:d1:3c:48:1e:48:9a:57:5b:de:c2:
01:d3:ac:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7n58ASql+2+B2+a9gU/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZmRmZTgyNDlmOTQzYWFiYWQxODgxZmNhNTgzNjYxM2E2
YTY3YmMwHhcNMjUxMTExMDgwMDQ2WhcNMjUxMTEyMDgwMDQ2WjAzMTEwLwYDVQQD
EyhhM2VlNTBkNDk2NTFkZmUyMzdmNWU5ZDZmOThiZjYwOTQxYjgxMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTfo4ELyk2muVyd0venwvUqMzy8/
/L7aq8ihcROiu3/ElILQpbMIdgwoqtSO1eI+oTwoiEgSMKgVmTajAzqo8+eKjRMj
HMfEcHIIDXO3sj7w9B6bVH0L2mLnL9efuLZ01dFFW/QoBsaTGELMmmqLk7gsk8dL
OlfL6EuEmOlaF3G6JGlCxzbgKi2RhhptUQ1DsJDnWh/ZeHoLcT3IaN0zTXwsYg3j
7sB+QuIbt/1Ktw9Ks1aNEAroiDBwz03l1hmdb9r2tyb2U/4EDNTDYtUbfTdfQjF6
AYjB3Ed8L7I+4j0LpJdOw8aXM1WJTMmKN5M+ayUuOKgIGHSrFr1eNNCAiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPuUNSWUd/iN/Xp1vmL9glBuBH2MB8GA1UdIwQY
MBaAFGn9/oJJ+UOqutGIH8pYNmE6ame8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTIt
NzFkOGI4ODUwODUzLzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTItNzFkOGI4ODUwODUz
LzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaxnthM3i
tJGuJjORkfiVsvYwHOqszIxNFNbVW5CU7iOURPBnuiaBiJ11eGVBlUWz4FAca5bQ
kA/N27fuAfGubvc2OemS1aDQEGxlUWkCAIYFSPRmVWrJA0z4w0r5+756eNsNEXTz
KCLgoTsyJXr1K43XJnEpvF7UCsyPpNslulkW0zN25R9ZZR75vw/D2ScGY5yP77kX
djnocjFFL2AgGmIg+z7wef/9aB5vQLxvCj3pPtc6yDMLcF8qs3ZyUgoU+oNJZI2q
Qdgjg8QJNxjsc56/nuXK/RkExiplPEfq9BqpNtg+w6IDPWsMADkX5G5+HtjRPEge
SJpXW97CAdOsWQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:44:19 2025 by rpki-client