Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
File: af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft (raw, json)
Hash identifier: AF/e/wgTEEA+Vf+1xgL59aZZ5/qTk1Of+B/k7Kg4+P8=
Subject key identifier: 57:13:39:B4:FF:E4:3A:28:E2:A5:7D:63:CE:2C:22:5B:68:38:63:2F
Authority key identifier: 69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
Certificate issuer: /CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Certificate serial: 0197B6D76C294C13B4AD778D6AE72538D535
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
Manifest number: 15B5
Signing time: Sat 28 Jun 2025 14:01:00 +0000
Manifest this update: Sat 28 Jun 2025 14:01:00 +0000
Manifest next update: Sun 29 Jun 2025 14:01:00 +0000
Files and hashes: 1: Ceo-HVPoWV3_2SxJvVUz90MzCXU.roa (hash: hrbJxLsRN5MK/3GlRfITM4zehXoSXHDnVzwmbM92S3A=)
2: af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl (hash: U3fGYVwYTKhssWn+m43sE5oXJAJRwnITzP6TNPqFlbw=)
3: u-uD5eJkyZwHdvCGzRD30UcsPdQ.roa (hash: 972IpaBLO7W9fM3TeJorAGTATEI6lVsjC4rz1G6aPgA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 14:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:d7:6c:29:4c:13:b4:ad:77:8d:6a:e7:25:38:d5:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Validity
Not Before: Jun 28 14:01:00 2025 GMT
Not After : Jun 29 14:01:00 2025 GMT
Subject: CN=571339b4ffe43a28e2a57d63ce2c225b6838632f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3a:ae:58:c3:1e:e9:06:77:8c:01:2a:cd:44:
6e:4c:57:67:47:f1:e7:07:42:7a:73:6a:76:fc:72:
26:89:c8:d1:4b:be:74:29:63:cd:a0:94:14:16:5f:
d1:26:da:75:20:95:61:17:a3:b2:c4:8f:4e:8a:5f:
3d:fb:bc:20:9f:24:8a:fc:d8:f9:93:af:21:1e:58:
b1:ad:20:fc:f2:0d:e3:bb:8c:b8:80:3b:b1:77:bb:
ed:3b:83:c8:30:4e:3a:3b:6b:43:ad:ed:3e:34:0b:
46:a1:af:6a:8b:bd:60:aa:98:96:c7:1a:4b:20:d2:
92:c2:de:24:c7:df:b5:c9:6e:d1:e8:63:c2:b4:9c:
e8:e7:9e:64:4a:28:f0:8c:8b:e5:58:70:c9:93:1b:
e8:e7:02:7c:ec:27:0a:7f:dd:85:c3:ff:f9:c6:a0:
f8:3c:44:50:35:f6:84:0e:03:5a:ba:a7:a7:dc:4e:
76:5b:0c:da:43:1c:4c:78:55:ef:bc:ca:6e:1e:a7:
0c:1e:7d:ad:bb:be:57:3a:09:fd:48:ae:49:2d:7d:
f5:ef:3a:65:f8:b1:f7:d5:61:d1:88:e8:28:ff:69:
89:e8:a2:63:fd:8f:6e:99:00:7a:7a:9a:89:07:9f:
5b:ae:9a:a9:9a:41:3f:1f:f1:94:5b:73:78:c8:57:
a6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:13:39:B4:FF:E4:3A:28:E2:A5:7D:63:CE:2C:22:5B:68:38:63:2F
X509v3 Authority Key Identifier:
keyid:69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:e0:6c:fa:b4:2a:e5:1f:34:10:3d:8d:dd:8c:da:a8:18:64:
5b:81:d8:15:34:aa:bc:be:3a:60:8f:2f:2f:97:bf:9f:6b:b9:
25:70:45:a5:62:ca:f9:ea:5b:48:d1:d7:e1:e8:ff:e0:bb:d7:
1b:75:bc:92:33:ac:3e:1c:6e:63:f1:2e:da:41:81:38:93:0c:
96:2f:9c:cd:ac:c2:44:3b:ec:0a:4a:e6:f6:c2:bc:73:c8:c6:
26:af:48:7e:2b:65:ad:24:7d:03:eb:76:0c:bf:da:6d:c5:ea:
7a:f2:42:c4:29:11:62:86:5e:79:58:f5:97:f9:aa:92:30:0d:
7b:8e:98:b6:18:28:0f:9d:f3:c7:48:a9:ba:99:9b:64:93:dd:
1e:b7:f8:a2:36:b5:28:66:a6:19:54:08:09:0b:ce:7e:48:fc:
c5:95:ff:bc:dc:cc:20:dd:f2:b3:c3:fb:06:01:8c:26:20:35:
5a:a2:6d:0a:d0:f8:e4:28:02:8d:79:7a:55:fc:3c:13:17:7d:
41:09:84:1b:c1:ac:85:61:20:49:80:ec:a1:77:e2:3c:ed:7c:
d2:ef:4b:9e:00:50:48:e8:0e:8b:7c:92:93:9b:6b:dc:78:9f:
e0:53:ca:bd:aa:a6:aa:76:07:a7:9c:40:31:3f:1a:7f:5b:8c:
98:14:2d:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe212wpTBO0rXeNauclONU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZmRmZTgyNDlmOTQzYWFiYWQxODgxZmNhNTgzNjYxM2E2
YTY3YmMwHhcNMjUwNjI4MTQwMTAwWhcNMjUwNjI5MTQwMTAwWjAzMTEwLwYDVQQD
Eyg1NzEzMzliNGZmZTQzYTI4ZTJhNTdkNjNjZTJjMjI1YjY4Mzg2MzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTquWMMe6QZ3jAEqzURuTFdnR/Hn
B0J6c2p2/HImicjRS750KWPNoJQUFl/RJtp1IJVhF6OyxI9Oil89+7wgnySK/Nj5
k68hHlixrSD88g3ju4y4gDuxd7vtO4PIME46O2tDre0+NAtGoa9qi71gqpiWxxpL
INKSwt4kx9+1yW7R6GPCtJzo555kSijwjIvlWHDJkxvo5wJ87CcKf92Fw//5xqD4
PERQNfaEDgNauqen3E52WwzaQxxMeFXvvMpuHqcMHn2tu75XOgn9SK5JLX317zpl
+LH31WHRiOgo/2mJ6KJj/Y9umQB6epqJB59brpqpmkE/H/GUW3N4yFemaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFcTObT/5Doo4qV9Y84sIltoOGMvMB8GA1UdIwQY
MBaAFGn9/oJJ+UOqutGIH8pYNmE6ame8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTIt
NzFkOGI4ODUwODUzLzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTItNzFkOGI4ODUwODUz
LzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZuBs+rQq
5R80ED2N3YzaqBhkW4HYFTSqvL46YI8vL5e/n2u5JXBFpWLK+epbSNHX4ej/4LvX
G3W8kjOsPhxuY/Eu2kGBOJMMli+czazCRDvsCkrm9sK8c8jGJq9IfitlrSR9A+t2
DL/abcXqevJCxCkRYoZeeVj1l/mqkjANe46YthgoD53zx0ipupmbZJPdHrf4oja1
KGamGVQICQvOfkj8xZX/vNzMIN3ys8P7BgGMJiA1WqJtCtD45CgCjXl6Vfw8Exd9
QQmEG8GshWEgSYDsoXfiPO180u9LngBQSOgOi3ySk5tr3Hif4FPKvaqmqnYHp5xA
MT8af1uMmBQtRA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:29:57 2025 by rpki-client