Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
File: AhfGZs2iPpINFLkK6TY3EzUKrB4.mft (raw, json)
Hash identifier: wZN8fOY5SPo+QF6CE2UULe7dhBN63o6bIEyUW8frqIQ=
Subject key identifier: 86:AE:78:9F:88:98:E2:83:F7:A3:86:6B:42:9F:1C:BA:2E:DB:BE:17
Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
Certificate issuer: /CN=0217c666cda23e920d14b90ae9363713350aac1e
Certificate serial: 019A72936A3A9C912C68E2E88942BC5F37D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 11:00:54 +0000
Manifest this update: Tue 11 Nov 2025 11:00:54 +0000
Manifest next update: Wed 12 Nov 2025 11:00:54 +0000
Files and hashes: 1: AhfGZs2iPpINFLkK6TY3EzUKrB4.crl (hash: 08eUo4jLMbgDbRAEoM9kxu6fMrTJ+bxipK0QKo9yH50=)
2: osyzbtU7GZmaeY_CNmdQy5Vz8jw.roa (hash: /Wf83f8E6EuxQUr3auZsag/VGfFdi1UD8Jonkresr4U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:6a:3a:9c:91:2c:68:e2:e8:89:42:bc:5f:37:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e
Validity
Not Before: Nov 11 11:00:54 2025 GMT
Not After : Nov 12 11:00:54 2025 GMT
Subject: CN=86ae789f8898e283f7a3866b429f1cba2edbbe17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5c:f8:a6:6c:00:ad:a7:c6:ca:2f:fe:7b:10:
ad:dd:4e:e8:4b:d2:e4:a9:56:e5:91:53:c6:e5:f3:
98:a3:ad:3e:54:c7:ef:89:d3:85:c9:e0:2a:e3:7e:
cc:55:c6:84:83:e7:ad:6c:36:6e:2f:a5:ba:5e:9e:
0c:68:e2:c4:6c:9d:39:56:63:18:2d:59:ab:70:32:
a9:b3:7e:d5:5e:47:05:19:0a:61:98:96:5a:6c:28:
6c:db:f2:15:28:9b:65:af:3d:95:b1:20:22:60:b9:
57:76:0d:dd:ed:78:eb:dd:2a:38:73:eb:c6:cf:a6:
0e:2d:70:ff:0b:6a:fb:8a:c0:53:03:aa:32:91:a6:
b8:1a:9d:b7:9a:9e:b5:48:29:83:f5:9c:3a:10:a3:
57:df:09:6a:8f:85:bd:02:2d:3e:67:d4:93:58:4a:
8f:1e:8b:1d:37:a8:38:b1:0c:77:f8:3b:b8:df:41:
c5:3c:10:10:90:15:f4:93:01:f7:18:7b:36:4f:08:
12:49:80:e2:be:7a:b9:bf:1f:2a:b7:b2:6a:4b:ae:
0d:e2:e4:7f:ab:d5:a7:94:4c:aa:02:4a:47:9d:06:
6d:b1:3c:e9:41:4b:4a:51:9e:cb:4e:09:4f:94:83:
94:64:24:a1:6f:0e:96:3d:41:ab:40:3b:7e:14:b7:
17:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AE:78:9F:88:98:E2:83:F7:A3:86:6B:42:9F:1C:BA:2E:DB:BE:17
X509v3 Authority Key Identifier:
keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:dd:75:fd:2d:a9:18:58:09:b4:ac:03:e4:39:57:e3:26:f8:
f8:46:b3:0f:b1:33:ca:f1:51:29:64:1b:c6:41:a2:53:ed:dc:
00:c5:9e:30:bd:86:d3:88:71:d9:47:79:2a:75:c3:cd:a8:59:
5e:c3:8b:d1:11:53:dd:6f:d4:c5:f5:67:c0:e4:e4:63:4c:e9:
70:3f:bf:68:2d:55:f9:af:05:47:e6:04:da:18:7f:47:6c:27:
dc:30:91:d1:ad:4e:98:23:57:f7:ac:e2:33:a7:7d:27:d0:1c:
55:91:a6:d7:4c:f2:7c:2e:45:dd:fa:a3:45:e6:01:0a:1f:ab:
0f:bf:e8:f0:b3:9f:9c:2f:d6:0b:c8:bb:e3:94:9d:3a:32:8d:
64:8a:8d:9e:dc:e3:10:82:21:13:0f:5e:c5:73:34:4b:74:b6:
07:39:f1:ee:3c:5c:36:4c:99:a2:7b:7d:6b:1a:23:64:2f:b4:
7a:2c:30:24:a1:3c:e1:2f:95:2b:4d:e2:53:de:df:0e:58:11:
61:4c:8d:95:74:ff:64:7a:bf:08:06:c3:31:e1:d6:1d:3c:b3:
96:ce:75:db:0c:96:f6:62:3e:56:cf:b2:29:87:d1:03:0c:1a:
16:f1:9c:bd:1d:15:ea:c1:91:a3:b9:67:92:ad:5c:8d:88:80:
a3:1c:1f:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk2o6nJEsaOLoiUK8XzfZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw
YWFjMWUwHhcNMjUxMTExMTEwMDU0WhcNMjUxMTEyMTEwMDU0WjAzMTEwLwYDVQQD
Eyg4NmFlNzg5Zjg4OThlMjgzZjdhMzg2NmI0MjlmMWNiYTJlZGJiZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFz4pmwArafGyi/+exCt3U7oS9Lk
qVblkVPG5fOYo60+VMfvidOFyeAq437MVcaEg+etbDZuL6W6Xp4MaOLEbJ05VmMY
LVmrcDKps37VXkcFGQphmJZabChs2/IVKJtlrz2VsSAiYLlXdg3d7Xjr3So4c+vG
z6YOLXD/C2r7isBTA6oykaa4Gp23mp61SCmD9Zw6EKNX3wlqj4W9Ai0+Z9STWEqP
HosdN6g4sQx3+Du430HFPBAQkBX0kwH3GHs2TwgSSYDivnq5vx8qt7JqS64N4uR/
q9WnlEyqAkpHnQZtsTzpQUtKUZ7LTglPlIOUZCShbw6WPUGrQDt+FLcXgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIaueJ+ImOKD96OGa0KfHLou274XMB8GA1UdIwQY
MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It
MDI5NzE1ZGU0YzZmLzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm
LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjd11/S2p
GFgJtKwD5DlX4yb4+EazD7EzyvFRKWQbxkGiU+3cAMWeML2G04hx2Ud5KnXDzahZ
XsOL0RFT3W/UxfVnwOTkY0zpcD+/aC1V+a8FR+YE2hh/R2wn3DCR0a1OmCNX96zi
M6d9J9AcVZGm10zyfC5F3fqjReYBCh+rD7/o8LOfnC/WC8i745SdOjKNZIqNntzj
EIIhEw9exXM0S3S2Bznx7jxcNkyZont9axojZC+0eiwwJKE84S+VK03iU97fDlgR
YUyNlXT/ZHq/CAbDMeHWHTyzls512wyW9mI+Vs+yKYfRAwwaFvGcvR0V6sGRo7ln
kq1cjYiAoxwfug==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:36:01 2025 by rpki-client