Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
File: af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft (raw, json)
Hash identifier: XioNExKMOz8asJ9VVQ0dvTuyPoylFrixLO/KdmoMViU=
Subject key identifier: 84:6E:ED:F8:82:A3:72:36:03:BE:2A:4D:C4:B8:9D:B1:0B:89:5C:52
Authority key identifier: 69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
Certificate issuer: /CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Certificate serial: 0199FFFE47EC355FD0815DA75A471B411F60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
Manifest number: 16E4
Signing time: Mon 20 Oct 2025 05:01:18 +0000
Manifest this update: Mon 20 Oct 2025 05:01:18 +0000
Manifest next update: Tue 21 Oct 2025 05:01:18 +0000
Files and hashes: 1: Ceo-HVPoWV3_2SxJvVUz90MzCXU.roa (hash: hrbJxLsRN5MK/3GlRfITM4zehXoSXHDnVzwmbM92S3A=)
2: af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl (hash: W83sGQGahQjJoQshaTNk1GgdiMw7jKo1BGtVPWRj/bU=)
3: u-uD5eJkyZwHdvCGzRD30UcsPdQ.roa (hash: 972IpaBLO7W9fM3TeJorAGTATEI6lVsjC4rz1G6aPgA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 05:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:fe:47:ec:35:5f:d0:81:5d:a7:5a:47:1b:41:1f:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Validity
Not Before: Oct 20 05:01:18 2025 GMT
Not After : Oct 21 05:01:18 2025 GMT
Subject: CN=846eedf882a3723603be2a4dc4b89db10b895c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fa:3f:49:5d:4a:6d:2f:8a:29:b5:86:2b:c9:
6a:1c:78:c9:98:d0:3d:6a:f2:73:f8:2b:34:36:58:
de:59:ee:b1:64:f3:6e:77:21:93:a3:1d:26:23:e0:
a4:8a:b0:2f:5d:1b:ee:b2:91:1b:2b:cf:60:23:60:
94:8e:6c:ca:a5:62:86:48:71:91:91:e7:0c:19:e7:
dc:50:e2:25:cf:5a:30:fe:bb:a0:52:0f:1b:df:57:
30:23:6b:85:c2:18:b4:94:cd:b1:ff:50:77:2f:c3:
b0:6f:78:35:0d:9c:1a:89:f5:ed:c0:52:28:8f:dc:
2f:39:41:56:9d:71:1f:68:72:9b:ad:e0:ed:de:ce:
60:9e:50:42:89:2d:69:b1:da:68:8f:6d:83:fc:1a:
09:52:dc:f5:e5:79:7c:65:8d:5c:d8:72:f5:ae:93:
f8:a4:dd:5f:cf:af:fe:6c:6f:d6:30:b4:57:e6:5f:
64:17:d0:81:ae:a7:e0:ab:8f:88:83:a8:26:b0:be:
6d:27:9c:61:ac:45:b8:b5:e9:aa:fc:d0:51:d0:de:
84:c1:c5:d9:9b:50:38:a4:40:fe:2f:f0:56:69:3f:
85:d0:ec:5d:35:e0:44:e7:2f:17:fd:28:f9:44:81:
ec:d5:60:60:b0:d8:d5:fb:79:c6:97:21:9b:d9:0c:
0c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:6E:ED:F8:82:A3:72:36:03:BE:2A:4D:C4:B8:9D:B1:0B:89:5C:52
X509v3 Authority Key Identifier:
keyid:69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:67:9f:8b:c7:a0:8f:dc:83:08:c7:f9:bd:76:f6:a7:6b:f7:
e7:f0:12:3c:72:b6:ac:e1:0b:17:21:67:67:f2:06:81:e6:5d:
64:9c:73:64:37:aa:5a:57:78:06:06:f3:51:6f:7c:70:35:8b:
5e:94:36:63:cc:fa:59:17:50:84:f4:98:74:11:d1:47:35:b1:
7b:a9:21:c5:8d:76:5b:eb:be:9a:36:62:6f:fb:c1:3b:eb:3c:
83:7d:e9:79:fe:21:ce:ab:34:0b:b1:0c:10:a5:57:86:59:f4:
5d:58:b7:7a:55:8a:bd:65:4c:35:35:1e:35:f5:47:1c:c6:93:
e4:ae:f2:1e:02:87:2f:5d:2b:80:2a:40:ef:f4:72:40:e0:ca:
4a:58:97:db:7c:7f:10:ec:83:ac:31:ef:ae:84:6c:d3:65:d3:
5b:52:a2:df:6e:57:75:b1:95:cf:e4:e5:ef:b0:e0:49:87:13:
6c:bb:12:45:ad:e5:cc:15:9d:c8:89:38:73:96:05:11:5c:ab:
9f:77:17:39:f6:9c:53:c8:fe:59:4a:25:c0:6b:ff:e8:8d:8b:
45:9b:65:b8:d2:49:74:e2:c3:42:d5:d3:38:45:84:84:af:7b:
f4:ac:88:16:97:b1:90:30:3e:2e:33:c3:db:9c:e1:a9:53:f3:
c0:cb:95:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//kfsNV/QgV2nWkcbQR9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZmRmZTgyNDlmOTQzYWFiYWQxODgxZmNhNTgzNjYxM2E2
YTY3YmMwHhcNMjUxMDIwMDUwMTE4WhcNMjUxMDIxMDUwMTE4WjAzMTEwLwYDVQQD
Eyg4NDZlZWRmODgyYTM3MjM2MDNiZTJhNGRjNGI4OWRiMTBiODk1YzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfo/SV1KbS+KKbWGK8lqHHjJmNA9
avJz+Cs0NljeWe6xZPNudyGTox0mI+CkirAvXRvuspEbK89gI2CUjmzKpWKGSHGR
kecMGefcUOIlz1ow/rugUg8b31cwI2uFwhi0lM2x/1B3L8Owb3g1DZwaifXtwFIo
j9wvOUFWnXEfaHKbreDt3s5gnlBCiS1psdpoj22D/BoJUtz15Xl8ZY1c2HL1rpP4
pN1fz6/+bG/WMLRX5l9kF9CBrqfgq4+Ig6gmsL5tJ5xhrEW4temq/NBR0N6EwcXZ
m1A4pED+L/BWaT+F0OxdNeBE5y8X/Sj5RIHs1WBgsNjV+3nGlyGb2QwMowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRu7fiCo3I2A74qTcS4nbELiVxSMB8GA1UdIwQY
MBaAFGn9/oJJ+UOqutGIH8pYNmE6ame8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTIt
NzFkOGI4ODUwODUzLzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTItNzFkOGI4ODUwODUz
LzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbGefi8eg
j9yDCMf5vXb2p2v35/ASPHK2rOELFyFnZ/IGgeZdZJxzZDeqWld4BgbzUW98cDWL
XpQ2Y8z6WRdQhPSYdBHRRzWxe6khxY12W+u+mjZib/vBO+s8g33pef4hzqs0C7EM
EKVXhln0XVi3elWKvWVMNTUeNfVHHMaT5K7yHgKHL10rgCpA7/RyQODKSliX23x/
EOyDrDHvroRs02XTW1Ki325XdbGVz+Tl77DgSYcTbLsSRa3lzBWdyIk4c5YFEVyr
n3cXOfacU8j+WUolwGv/6I2LRZtluNJJdOLDQtXTOEWEhK979KyIFpexkDA+LjPD
25zhqVPzwMuV9A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:27:36 2025 by rpki-client