Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
File: afAHCvh31rmGswe5vATvGcRAQz0.mft (raw, json)
Hash identifier: OvzLejeBwdIaUN9VWFCPniYAwLeumq0/fUd4NOgyGs0=
Subject key identifier: BC:C4:7C:84:D3:19:54:F4:BE:36:1C:01:AA:2D:60:F3:BA:97:94:CA
Authority key identifier: 69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D
Certificate issuer: /CN=69f0070af877d6b986b307b9bc04ef19c440433d
Certificate serial: 0197B6A212F1455020BE1FD51A37B83CA8F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
Manifest number: 07E9
Signing time: Sat 28 Jun 2025 13:02:44 +0000
Manifest this update: Sat 28 Jun 2025 13:02:44 +0000
Manifest next update: Sun 29 Jun 2025 13:02:44 +0000
Files and hashes: 1: 5m0E4hrlymj_oPq4RutDZTBvpFc.roa (hash: D3u2GpmWvvHTn4HOSLwFPi92ntWCyeD4rYP1qp5He0g=)
2: afAHCvh31rmGswe5vATvGcRAQz0.crl (hash: QH+UKdga5BVj9W82YOkvY4f9Olvjows0zTANUU9fTxA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a2:12:f1:45:50:20:be:1f:d5:1a:37:b8:3c:a8:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69f0070af877d6b986b307b9bc04ef19c440433d
Validity
Not Before: Jun 28 13:02:44 2025 GMT
Not After : Jun 29 13:02:44 2025 GMT
Subject: CN=bcc47c84d31954f4be361c01aa2d60f3ba9794ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0c:7e:d2:19:5a:7e:f6:6e:62:a4:4d:46:60:
38:94:b3:56:43:b1:50:7c:96:60:92:5e:6f:b0:1c:
f5:ea:17:b7:a6:5c:27:a2:69:a7:b1:2f:ce:e1:d4:
e0:00:fd:cb:2d:72:17:4f:03:07:fa:20:12:05:fc:
74:9d:31:b4:88:bd:88:c2:d3:7f:44:dd:26:6d:b5:
77:ee:22:3b:36:27:bc:68:ea:41:a6:51:e0:55:d4:
b9:a5:92:e7:39:e8:73:2b:25:c9:51:f9:7e:95:62:
27:65:e4:17:d5:7e:8d:2c:a4:b5:ba:2d:ab:c3:c7:
81:6d:a8:df:34:8f:47:04:38:02:47:31:54:a5:59:
47:77:75:98:d7:d6:30:13:12:8c:4e:90:c6:4e:1b:
19:69:f0:aa:34:fd:0f:38:e6:c8:ca:87:1b:32:0f:
d9:5c:54:b6:1e:c7:27:e2:ad:ae:32:4b:aa:e8:10:
3f:8d:02:b0:47:c0:56:77:cf:b3:09:24:dc:4d:db:
51:2d:f7:75:f5:51:e4:0d:e7:2d:68:d8:a4:67:dd:
7b:82:39:dd:ba:6c:c1:c1:e0:41:9a:0a:41:68:86:
60:84:b5:22:84:3f:0d:b9:83:71:4d:48:04:84:c2:
13:51:ea:4c:98:15:2a:81:f5:52:e3:0e:49:37:6e:
ac:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:C4:7C:84:D3:19:54:F4:BE:36:1C:01:AA:2D:60:F3:BA:97:94:CA
X509v3 Authority Key Identifier:
keyid:69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:39:ee:9e:90:71:4a:87:af:34:bc:93:79:e2:d5:58:dd:85:
4a:51:c0:ba:4d:7f:94:29:c2:3a:c3:98:ba:d6:5d:dc:e0:20:
73:50:0f:38:31:6b:b5:c5:65:34:b9:0d:a4:7b:11:ec:9b:e6:
de:ce:16:49:2b:71:f6:3d:ce:fe:e3:bc:5a:c5:95:f5:e9:75:
da:88:7a:6c:8e:18:aa:f0:c8:5c:d1:2c:e1:f1:c3:2f:21:34:
db:fd:a5:c0:9b:81:45:8e:16:bd:f5:16:0c:c2:d9:b9:68:e3:
8c:9d:1c:10:c9:76:eb:00:d7:04:fc:87:40:27:9f:fb:cd:16:
74:81:ed:8c:b5:32:56:fe:64:69:2f:d4:15:0d:ea:95:49:a5:
f8:74:87:86:56:7f:00:e9:d9:98:61:06:91:59:85:05:78:3d:
f3:fe:09:15:3b:43:c6:f3:c4:32:e2:4e:33:ac:c9:07:4c:14:
f8:c3:4c:cb:c7:b0:df:f3:e4:93:7c:41:77:04:18:05:93:41:
94:25:45:83:3c:e2:a7:9a:a1:f4:c5:6e:89:73:5c:5c:c5:23:
d6:92:97:67:fc:65:99:1d:e7:b6:89:d7:0d:68:3d:62:3f:da:
5e:80:5a:db:7d:82:51:46:ba:3e:34:2c:17:d2:d2:69:81:26:
7c:19:20:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ohLxRVAgvh/VGje4PKj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZjAwNzBhZjg3N2Q2Yjk4NmIzMDdiOWJjMDRlZjE5YzQ0
MDQzM2QwHhcNMjUwNjI4MTMwMjQ0WhcNMjUwNjI5MTMwMjQ0WjAzMTEwLwYDVQQD
EyhiY2M0N2M4NGQzMTk1NGY0YmUzNjFjMDFhYTJkNjBmM2JhOTc5NGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgx+0hlafvZuYqRNRmA4lLNWQ7FQ
fJZgkl5vsBz16he3plwnommnsS/O4dTgAP3LLXIXTwMH+iASBfx0nTG0iL2IwtN/
RN0mbbV37iI7Nie8aOpBplHgVdS5pZLnOehzKyXJUfl+lWInZeQX1X6NLKS1ui2r
w8eBbajfNI9HBDgCRzFUpVlHd3WY19YwExKMTpDGThsZafCqNP0POObIyocbMg/Z
XFS2Hscn4q2uMkuq6BA/jQKwR8BWd8+zCSTcTdtRLfd19VHkDectaNikZ917gjnd
umzBweBBmgpBaIZghLUihD8NuYNxTUgEhMITUepMmBUqgfVS4w5JN26s2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLzEfITTGVT0vjYcAaotYPO6l5TKMB8GA1UdIwQY
MBaAFGnwBwr4d9a5hrMHubwE7xnEQEM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMt
NjM4OTIyMGIyNmM2LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMtNjM4OTIyMGIyNmM2
LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiznunpBx
SoevNLyTeeLVWN2FSlHAuk1/lCnCOsOYutZd3OAgc1APODFrtcVlNLkNpHsR7Jvm
3s4WSStx9j3O/uO8WsWV9el12oh6bI4YqvDIXNEs4fHDLyE02/2lwJuBRY4WvfUW
DMLZuWjjjJ0cEMl26wDXBPyHQCef+80WdIHtjLUyVv5kaS/UFQ3qlUml+HSHhlZ/
AOnZmGEGkVmFBXg98/4JFTtDxvPEMuJOM6zJB0wU+MNMy8ew3/Pkk3xBdwQYBZNB
lCVFgzzip5qh9MVuiXNcXMUj1pKXZ/xlmR3ntonXDWg9Yj/aXoBa232CUUa6PjQs
F9LSaYEmfBkgSA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:21:10 2025 by rpki-client