Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
File: af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft (raw, json)
Hash identifier: FuIz1oINgZPT9wd4Zl2f3lYCNHjx1ukjmtYnzBLHZJ4=
Subject key identifier: 42:2F:AB:D0:FA:2E:72:56:B4:BE:8A:1B:DF:D8:C8:65:00:9F:D6:1D
Authority key identifier: 69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
Certificate issuer: /CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Certificate serial: 0196C94D84F655F073CFAC206CBEFA0EFD4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
Manifest number: 153A
Signing time: Tue 13 May 2025 11:00:22 +0000
Manifest this update: Tue 13 May 2025 11:00:22 +0000
Manifest next update: Wed 14 May 2025 11:00:22 +0000
Files and hashes: 1: Ceo-HVPoWV3_2SxJvVUz90MzCXU.roa (hash: hrbJxLsRN5MK/3GlRfITM4zehXoSXHDnVzwmbM92S3A=)
2: af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl (hash: 0cmZ5AWL7LpdD1PmxdOSABKMzvnihJlcW8BB9YcRvNQ=)
3: u-uD5eJkyZwHdvCGzRD30UcsPdQ.roa (hash: 972IpaBLO7W9fM3TeJorAGTATEI6lVsjC4rz1G6aPgA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 11:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:4d:84:f6:55:f0:73:cf:ac:20:6c:be:fa:0e:fd:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Validity
Not Before: May 13 11:00:22 2025 GMT
Not After : May 14 11:00:22 2025 GMT
Subject: CN=422fabd0fa2e7256b4be8a1bdfd8c865009fd61d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8c:11:66:ce:4c:45:14:75:5e:18:6c:b0:a4:
bc:0e:a8:e6:11:a3:c5:47:60:77:b5:87:dc:37:79:
c2:9b:eb:01:bb:61:e7:b4:e9:46:21:9d:4a:c7:ea:
47:e2:e0:32:81:09:d9:d1:d6:70:1c:9b:c2:9b:50:
e2:3a:cd:19:7f:d1:4b:db:ba:ea:97:ac:a6:62:8a:
91:2e:ee:82:14:2f:45:f6:69:82:6c:10:b6:3f:84:
c2:17:15:30:a7:47:6a:07:81:10:53:6d:6a:f0:91:
63:e3:cb:e6:6a:ed:0a:ff:0d:f7:1c:36:f8:0a:9e:
62:84:6b:26:b1:f3:c3:f9:34:b9:fc:d3:ca:ed:2f:
22:0d:48:ce:2b:0d:74:21:d0:e8:26:f9:b2:7e:ae:
21:3a:8b:3f:f9:d4:90:90:14:19:8a:5e:21:a0:41:
7f:a5:df:77:6c:f7:cf:e8:c4:fb:c9:76:fb:75:97:
73:d6:48:1e:a3:78:df:18:96:74:76:4b:a4:bb:59:
83:13:5e:d5:31:f9:4f:d5:3b:ec:6c:82:46:d1:f7:
30:ec:90:27:a9:25:88:72:0f:07:b1:e3:0e:d7:cd:
74:e0:62:b8:6d:d2:08:0e:d8:19:79:77:2a:a1:ca:
20:fc:24:c7:93:37:8f:cb:9b:79:85:a8:3b:13:92:
be:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:2F:AB:D0:FA:2E:72:56:B4:BE:8A:1B:DF:D8:C8:65:00:9F:D6:1D
X509v3 Authority Key Identifier:
keyid:69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:81:68:c7:ba:62:d7:78:ad:35:1b:22:1e:28:53:b3:42:a8:
c4:21:8e:19:d7:0e:03:83:82:ad:63:6c:de:d8:26:28:6a:7f:
3f:56:b9:3c:0a:92:f4:54:b5:5f:2c:59:ff:b1:2f:4d:0d:f0:
f9:fd:78:f2:b7:5f:71:39:02:bb:94:c7:1e:be:f1:a2:4a:64:
0c:e8:4e:4c:d8:c3:c1:d7:eb:ac:59:af:b3:5a:59:c8:58:24:
34:37:5c:b9:fa:06:30:3b:a2:46:e9:76:08:03:ce:f9:eb:eb:
c9:2f:ee:03:7f:88:63:a8:c5:64:e3:44:70:6b:8c:83:bf:7e:
ee:90:a2:c0:9d:ea:af:2e:54:4c:18:92:ab:a6:79:2b:69:dd:
40:9a:96:12:2b:fa:39:71:f6:fa:63:46:d3:dd:7c:98:72:40:
ba:19:5b:4f:e5:b5:b3:85:00:3d:37:d3:8c:59:f8:4e:0b:b4:
e1:8b:56:f0:d0:d3:61:e4:33:b9:0d:6f:6e:73:06:46:10:9c:
f5:ff:a6:f3:f1:09:fb:41:18:bf:d0:4b:e8:a3:df:73:03:32:
a8:e1:98:6d:1a:68:04:55:10:29:54:7c:e0:54:63:50:d4:44:
56:ac:05:6a:56:3c:b4:6c:86:56:3a:bd:1f:e7:7d:34:bc:dd:
d0:43:9b:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbJTYT2VfBzz6wgbL76Dv1KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZmRmZTgyNDlmOTQzYWFiYWQxODgxZmNhNTgzNjYxM2E2
YTY3YmMwHhcNMjUwNTEzMTEwMDIyWhcNMjUwNTE0MTEwMDIyWjAzMTEwLwYDVQQD
Eyg0MjJmYWJkMGZhMmU3MjU2YjRiZThhMWJkZmQ4Yzg2NTAwOWZkNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4wRZs5MRRR1XhhssKS8DqjmEaPF
R2B3tYfcN3nCm+sBu2HntOlGIZ1Kx+pH4uAygQnZ0dZwHJvCm1DiOs0Zf9FL27rq
l6ymYoqRLu6CFC9F9mmCbBC2P4TCFxUwp0dqB4EQU21q8JFj48vmau0K/w33HDb4
Cp5ihGsmsfPD+TS5/NPK7S8iDUjOKw10IdDoJvmyfq4hOos/+dSQkBQZil4hoEF/
pd93bPfP6MT7yXb7dZdz1kgeo3jfGJZ0dkuku1mDE17VMflP1TvsbIJG0fcw7JAn
qSWIcg8HseMO18104GK4bdIIDtgZeXcqocog/CTHkzePy5t5hag7E5K+EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIvq9D6LnJWtL6KG9/YyGUAn9YdMB8GA1UdIwQY
MBaAFGn9/oJJ+UOqutGIH8pYNmE6ame8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTIt
NzFkOGI4ODUwODUzLzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTItNzFkOGI4ODUwODUz
LzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMoFox7pi
13itNRsiHihTs0KoxCGOGdcOA4OCrWNs3tgmKGp/P1a5PAqS9FS1XyxZ/7EvTQ3w
+f148rdfcTkCu5THHr7xokpkDOhOTNjDwdfrrFmvs1pZyFgkNDdcufoGMDuiRul2
CAPO+evryS/uA3+IY6jFZONEcGuMg79+7pCiwJ3qry5UTBiSq6Z5K2ndQJqWEiv6
OXH2+mNG0918mHJAuhlbT+W1s4UAPTfTjFn4Tgu04YtW8NDTYeQzuQ1vbnMGRhCc
9f+m8/EJ+0EYv9BL6KPfcwMyqOGYbRpoBFUQKVR84FRjUNREVqwFalY8tGyGVjq9
H+d9NLzd0EObGw==
-----END CERTIFICATE-----
Generated at Tue May 13 18:05:12 2025 by rpki-client