
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
File: AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft (raw, json)
Hash identifier: S7rnhuSuyh3uFHGEdgxAkafGhBF4ogsDqL4i75In3nM=
Subject key identifier: 94:BE:3E:40:3D:AB:07:21:9B:5A:AB:12:32:0C:58:7C:09:13:EF:DF
Authority key identifier: 00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
Certificate issuer: /CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Certificate serial: 019A00D9DEF2C9B279CC21EBB0649CBE2541
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
Manifest number: 16E7
Signing time: Mon 20 Oct 2025 09:01:09 +0000
Manifest this update: Mon 20 Oct 2025 09:01:09 +0000
Manifest next update: Tue 21 Oct 2025 09:01:09 +0000
Files and hashes: 1: AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl (hash: vTXe/6i2W0BBxlaZtzZC78okpoysotixRZsda1eGlqA=)
2: qen-QoIAAGwgpqx4OQAF6M4rR_M.roa (hash: Pfgs1o9qvVrkxz8on7jtYneDypFRD7JuU2XED3GEHk4=)
3: sJjIi8LxyBaapUPztypafiGazB4.roa (hash: snoS7xcNMuCgLXX7PRPXvmr0bu9uS7kTUSsVN0SedsA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:d9:de:f2:c9:b2:79:cc:21:eb:b0:64:9c:be:25:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Validity
Not Before: Oct 20 09:01:09 2025 GMT
Not After : Oct 21 09:01:09 2025 GMT
Subject: CN=94be3e403dab07219b5aab12320c587c0913efdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bb:54:52:03:67:8f:98:6e:d9:e2:6d:e4:e6:
cb:bb:c5:5a:a7:cf:29:ed:3f:40:7e:62:98:cb:38:
b1:a4:28:49:08:56:73:0d:3d:7e:d0:95:fa:80:db:
40:8a:16:a6:73:69:d9:3c:e1:42:d5:28:45:0a:2f:
65:26:d2:c6:28:42:e3:ee:d8:b8:63:50:c4:ac:a4:
f1:d1:77:1f:35:65:b4:06:ee:14:0e:a2:35:9e:fc:
c7:b7:a7:90:2e:48:5b:6f:bb:57:ab:c1:28:00:ed:
b4:75:c1:73:bf:f2:ee:65:9d:64:cf:3c:41:26:e3:
71:0c:cb:6b:bb:64:df:e5:10:f6:fd:46:b5:29:53:
a1:02:69:27:16:4d:c5:d9:ec:85:d9:c0:5a:98:a7:
c1:22:2e:30:f0:dc:db:63:b9:ec:3c:ab:3a:14:59:
5d:2a:20:c8:a6:a0:15:3b:f1:00:5c:ca:e6:45:34:
a3:3d:1d:3f:f2:b2:9b:de:33:7a:81:43:29:7c:ff:
72:c8:01:7e:88:ec:54:32:a1:17:c4:3c:25:1e:a1:
99:4f:ac:4b:ce:59:1d:6c:ef:d8:f2:f6:71:0f:12:
79:57:50:ce:b1:df:7e:c1:d3:27:34:37:6c:dd:36:
4b:f6:14:2d:51:89:69:d0:16:cb:99:b6:44:8b:20:
02:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:BE:3E:40:3D:AB:07:21:9B:5A:AB:12:32:0C:58:7C:09:13:EF:DF
X509v3 Authority Key Identifier:
keyid:00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:70:b3:af:84:5b:a2:4a:d2:f3:90:50:66:52:6b:01:89:73:
db:27:aa:2d:d0:e7:ef:c8:af:91:f5:8b:4b:2f:d9:22:7f:b3:
74:96:c8:56:9f:8e:41:38:85:f3:a0:f8:0d:79:69:23:2c:aa:
78:d3:f8:51:22:c6:a3:6c:ef:0d:a3:7f:ee:ab:7d:bf:cc:00:
a3:b1:71:c7:44:5a:cb:98:53:f9:3f:e4:d9:ac:fa:14:ed:ae:
69:33:2f:65:7e:b6:9f:ef:31:6a:a0:2c:d4:87:0f:d0:e8:ee:
4f:1d:72:eb:99:29:a0:41:27:f0:79:0b:c3:59:b9:5a:a3:bb:
62:13:02:1e:ef:54:97:0a:c4:36:5d:22:b3:68:36:c6:32:96:
f4:c5:db:2b:2a:5c:a8:e1:15:f6:8d:c1:1e:67:5d:e6:f2:5d:
9c:65:3f:51:35:87:b4:65:19:a3:fa:df:47:ff:74:31:3a:79:
13:36:06:4e:26:9a:23:e6:2d:4b:c6:83:f3:0f:e3:c2:ad:5a:
d7:ae:ef:ac:1c:70:9d:36:ac:27:3f:dc:a8:8b:15:8a:48:5e:
c7:98:fc:5e:93:6b:ae:9a:8a:f3:c1:7a:39:18:8e:c2:4a:6f:
8b:e7:47:99:1e:79:33:ee:55:d0:21:39:2c:5f:c6:d8:c5:94:
1b:73:eb:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoA2d7yybJ5zCHrsGScviVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzJjMDhmNzRkMmE4NDJhNzFmMjNhYjYxNDk5YjUyNjk0
ZmM3YTUwHhcNMjUxMDIwMDkwMTA5WhcNMjUxMDIxMDkwMTA5WjAzMTEwLwYDVQQD
Eyg5NGJlM2U0MDNkYWIwNzIxOWI1YWFiMTIzMjBjNTg3YzA5MTNlZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrtUUgNnj5hu2eJt5ObLu8Vap88p
7T9AfmKYyzixpChJCFZzDT1+0JX6gNtAihamc2nZPOFC1ShFCi9lJtLGKELj7ti4
Y1DErKTx0XcfNWW0Bu4UDqI1nvzHt6eQLkhbb7tXq8EoAO20dcFzv/LuZZ1kzzxB
JuNxDMtru2Tf5RD2/Ua1KVOhAmknFk3F2eyF2cBamKfBIi4w8NzbY7nsPKs6FFld
KiDIpqAVO/EAXMrmRTSjPR0/8rKb3jN6gUMpfP9yyAF+iOxUMqEXxDwlHqGZT6xL
zlkdbO/Y8vZxDxJ5V1DOsd9+wdMnNDds3TZL9hQtUYlp0BbLmbZEiyACqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJS+PkA9qwchm1qrEjIMWHwJE+/fMB8GA1UdIwQY
MBaAFABywI900qhCpx8jq2FJm1JpT8elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYt
NjY3ZDY2NDY5Y2Q5LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYtNjY3ZDY2NDY5Y2Q5
LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC3Czr4Rb
okrS85BQZlJrAYlz2yeqLdDn78ivkfWLSy/ZIn+zdJbIVp+OQTiF86D4DXlpIyyq
eNP4USLGo2zvDaN/7qt9v8wAo7Fxx0Ray5hT+T/k2az6FO2uaTMvZX62n+8xaqAs
1IcP0OjuTx1y65kpoEEn8HkLw1m5WqO7YhMCHu9UlwrENl0is2g2xjKW9MXbKypc
qOEV9o3BHmdd5vJdnGU/UTWHtGUZo/rfR/90MTp5EzYGTiaaI+YtS8aD8w/jwq1a
167vrBxwnTasJz/cqIsVikhex5j8XpNrrpqK88F6ORiOwkpvi+dHmR55M+5V0CE5
LF/G2MWUG3Prow==
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:00:28 2025 by rpki-client