Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
File: af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft (raw, json)
Hash identifier: l37DC3J5cE9f/3YmZSRpIB2ObHOBxlBAxvjF8X4wbLI=
Subject key identifier: 1D:30:7B:41:DD:F4:42:20:8B:01:B3:34:5E:30:7D:A7:DB:C0:F8:20
Authority key identifier: 69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
Certificate issuer: /CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Certificate serial: 0198D4A7BF74AA19376C51A9B438DD940CC7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
Manifest number: 1649
Signing time: Sat 23 Aug 2025 02:00:20 +0000
Manifest this update: Sat 23 Aug 2025 02:00:20 +0000
Manifest next update: Sun 24 Aug 2025 02:00:20 +0000
Files and hashes: 1: Ceo-HVPoWV3_2SxJvVUz90MzCXU.roa (hash: hrbJxLsRN5MK/3GlRfITM4zehXoSXHDnVzwmbM92S3A=)
2: af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl (hash: mYdRzFe0Ns7Ghm9BY5s0TDH6IbYuBGvO4T3W2IPdjZ4=)
3: u-uD5eJkyZwHdvCGzRD30UcsPdQ.roa (hash: 972IpaBLO7W9fM3TeJorAGTATEI6lVsjC4rz1G6aPgA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:a7:bf:74:aa:19:37:6c:51:a9:b4:38:dd:94:0c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Validity
Not Before: Aug 23 02:00:20 2025 GMT
Not After : Aug 24 02:00:20 2025 GMT
Subject: CN=1d307b41ddf442208b01b3345e307da7dbc0f820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:aa:63:eb:d2:ad:e5:a8:55:3f:c2:d0:a0:41:
67:35:03:3b:31:9d:bc:31:56:8e:dc:63:58:61:ce:
98:14:eb:68:05:b4:9e:a1:cb:77:ca:4f:d5:55:2e:
64:40:59:95:4f:dc:29:94:2b:66:dc:78:8e:12:00:
3a:99:94:20:27:08:e4:6c:08:91:f0:21:e6:fa:83:
11:8d:20:19:76:e7:4d:a1:cc:20:2e:ce:04:15:e7:
b3:81:1b:e1:6a:11:c3:8b:16:08:ec:50:9b:18:73:
46:af:bb:76:1d:05:3e:8a:61:d1:6d:6c:ff:15:d5:
b5:10:78:8c:8f:99:07:b6:b1:61:1f:03:00:37:89:
e7:5b:dc:47:84:e7:b4:2f:d8:32:25:37:28:fb:b0:
1f:3f:ca:f7:56:85:93:8d:96:db:0c:90:98:51:6d:
91:c4:ca:f7:a5:78:f2:a3:56:67:97:6f:4c:d1:f5:
0a:e9:63:6a:d0:f7:14:94:9f:36:d6:d5:a7:5f:25:
18:4c:60:e9:7c:a4:c9:a1:39:2a:4e:85:4c:cc:f9:
4a:f6:b1:67:28:7f:09:05:ca:f7:ec:8e:7b:c8:64:
3c:e0:df:d6:54:72:6a:86:4f:e0:4f:05:ff:49:75:
bc:50:ab:27:6c:3c:1e:06:c5:2a:1a:97:99:79:f6:
27:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:30:7B:41:DD:F4:42:20:8B:01:B3:34:5E:30:7D:A7:DB:C0:F8:20
X509v3 Authority Key Identifier:
keyid:69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:59:7f:96:4b:8a:f0:a9:8b:2a:87:1e:5c:48:ce:a9:88:2a:
12:a9:46:e9:2a:01:c7:d7:0a:cd:2e:f4:b5:f5:a4:2c:12:88:
c8:9e:b0:db:b7:26:51:bc:c9:8c:4a:7e:ac:68:8b:10:a8:ac:
25:7c:92:e7:ab:66:f7:27:de:62:aa:06:75:00:e5:d7:16:46:
0a:ee:9b:38:8c:ed:53:d0:c8:53:b2:00:33:53:5b:53:db:b0:
73:51:c9:4c:e6:88:6f:6b:4b:a7:0f:eb:4b:2a:0c:87:93:70:
ae:5f:69:2a:fc:37:90:b7:ad:31:eb:fb:c7:54:cf:7f:85:34:
56:51:17:73:27:65:ae:56:af:c7:3d:4d:c6:89:b2:ce:ba:14:
81:77:9c:b9:d0:9f:c2:67:46:6a:6e:9a:c3:d4:9c:db:9b:00:
ca:52:ad:1e:b0:0d:66:16:b9:54:68:d9:7a:e4:da:0d:8c:fe:
ae:85:d5:75:e5:d6:47:60:2f:87:98:f9:5d:01:32:f5:1c:76:
14:14:b6:a2:93:1a:22:50:e5:d3:76:fb:fc:1f:dc:eb:72:4d:
a3:d8:57:27:05:21:7f:20:2c:e0:24:f0:87:96:d4:43:da:5b:
3f:f6:4c:39:a6:63:ec:ea:9f:0e:65:a7:77:71:e9:a1:98:bc:
28:16:87:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp790qhk3bFGptDjdlAzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZmRmZTgyNDlmOTQzYWFiYWQxODgxZmNhNTgzNjYxM2E2
YTY3YmMwHhcNMjUwODIzMDIwMDIwWhcNMjUwODI0MDIwMDIwWjAzMTEwLwYDVQQD
EygxZDMwN2I0MWRkZjQ0MjIwOGIwMWIzMzQ1ZTMwN2RhN2RiYzBmODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qpj69Kt5ahVP8LQoEFnNQM7MZ28
MVaO3GNYYc6YFOtoBbSeoct3yk/VVS5kQFmVT9wplCtm3HiOEgA6mZQgJwjkbAiR
8CHm+oMRjSAZdudNocwgLs4EFeezgRvhahHDixYI7FCbGHNGr7t2HQU+imHRbWz/
FdW1EHiMj5kHtrFhHwMAN4nnW9xHhOe0L9gyJTco+7AfP8r3VoWTjZbbDJCYUW2R
xMr3pXjyo1Znl29M0fUK6WNq0PcUlJ821tWnXyUYTGDpfKTJoTkqToVMzPlK9rFn
KH8JBcr37I57yGQ84N/WVHJqhk/gTwX/SXW8UKsnbDweBsUqGpeZefYnTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB0we0Hd9EIgiwGzNF4wfafbwPggMB8GA1UdIwQY
MBaAFGn9/oJJ+UOqutGIH8pYNmE6ame8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTIt
NzFkOGI4ODUwODUzLzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTItNzFkOGI4ODUwODUz
LzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKll/lkuK
8KmLKoceXEjOqYgqEqlG6SoBx9cKzS70tfWkLBKIyJ6w27cmUbzJjEp+rGiLEKis
JXyS56tm9yfeYqoGdQDl1xZGCu6bOIztU9DIU7IAM1NbU9uwc1HJTOaIb2tLpw/r
SyoMh5Nwrl9pKvw3kLetMev7x1TPf4U0VlEXcydlrlavxz1NxomyzroUgXecudCf
wmdGam6aw9Sc25sAylKtHrANZha5VGjZeuTaDYz+roXVdeXWR2Avh5j5XQEy9Rx2
FBS2opMaIlDl03b7/B/c63JNo9hXJwUhfyAs4CTwh5bUQ9pbP/ZMOaZj7OqfDmWn
d3HpoZi8KBaHOQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:36:28 2025 by rpki-client