Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
File: AhfGZs2iPpINFLkK6TY3EzUKrB4.mft (raw, json)
Hash identifier: DhzSnbiFAI9/P+HITU+ggPwGrcoSiWoJjf0VpKHVTgI=
Subject key identifier: E4:07:41:3F:52:24:7C:4A:00:3B:6C:14:66:FC:8E:59:76:EB:F8:C7
Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
Certificate issuer: /CN=0217c666cda23e920d14b90ae9363713350aac1e
Certificate serial: 0199FCC6CE471E8AC9B5089448076217B7BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
Manifest number: 16E2
Signing time: Sun 19 Oct 2025 14:01:51 +0000
Manifest this update: Sun 19 Oct 2025 14:01:51 +0000
Manifest next update: Mon 20 Oct 2025 14:01:51 +0000
Files and hashes: 1: AhfGZs2iPpINFLkK6TY3EzUKrB4.crl (hash: 2XRjPM25BMr9Wt0ZlyZEzp7XrdGWcsNPXhscRyfyZpA=)
2: osyzbtU7GZmaeY_CNmdQy5Vz8jw.roa (hash: /Wf83f8E6EuxQUr3auZsag/VGfFdi1UD8Jonkresr4U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:c6:ce:47:1e:8a:c9:b5:08:94:48:07:62:17:b7:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e
Validity
Not Before: Oct 19 14:01:51 2025 GMT
Not After : Oct 20 14:01:51 2025 GMT
Subject: CN=e407413f52247c4a003b6c1466fc8e5976ebf8c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:88:73:33:65:7b:5b:7b:aa:6f:af:e2:7c:cc:
03:08:c7:34:8d:97:db:70:2d:03:55:02:39:dc:dd:
1b:ea:d5:2e:90:01:34:50:34:8e:61:60:8e:5e:0f:
5a:93:f0:5d:ba:0a:2b:1b:e4:cc:5f:36:73:33:d3:
da:51:07:17:0e:42:2a:68:89:5e:58:b0:db:d2:fe:
f6:c5:7d:8f:9a:f5:64:56:db:8a:49:88:5c:a4:f8:
aa:a8:da:15:6b:28:9b:dc:17:65:7f:25:3c:37:2e:
26:45:4f:9c:8f:a4:42:2a:90:34:9f:40:d1:cc:2a:
53:7b:27:c5:71:05:be:40:7c:0c:cb:f3:b6:53:8c:
ea:47:7f:89:7f:42:b1:b9:ad:28:16:85:30:41:9d:
d6:8d:f0:a4:e4:4f:83:e2:ab:8e:c2:24:63:6d:bb:
e8:c1:f0:5b:bf:77:77:15:8d:51:95:91:07:9e:6c:
99:b0:e5:dd:de:cd:91:79:ac:91:ec:46:11:16:8b:
99:f6:04:a6:dd:1c:61:78:fa:13:1f:9a:9a:6e:09:
ff:27:c4:59:25:5e:7b:4d:ab:94:bf:1c:61:19:ef:
a4:84:de:1d:eb:7f:a4:b6:2d:04:00:3f:e6:57:9b:
81:8e:be:d3:49:f4:ad:35:6f:8a:74:f4:c8:be:36:
31:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:07:41:3F:52:24:7C:4A:00:3B:6C:14:66:FC:8E:59:76:EB:F8:C7
X509v3 Authority Key Identifier:
keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:2c:10:a2:aa:2e:5c:f8:c7:09:57:2d:4e:b8:51:49:62:fb:
a4:62:1a:15:2d:aa:cd:e0:0c:df:3e:01:64:95:de:e2:27:1f:
cd:0f:57:da:62:4b:2f:88:e0:08:87:43:10:99:7d:81:ec:03:
89:d1:48:be:13:fa:cd:11:a5:40:0f:d8:d0:5a:8d:c5:01:f7:
56:85:d3:af:dc:f3:b1:7f:3f:af:df:c0:c1:72:0b:2c:4d:9a:
16:e0:79:ff:d8:0f:63:a6:73:6a:df:d9:17:3e:ec:f7:57:1a:
ed:78:b9:c1:50:ec:b0:e7:88:5d:ea:6b:a2:9e:7c:48:c6:3f:
b6:3e:f8:df:5a:4d:14:b5:79:c9:42:3f:92:f8:74:4d:e5:ce:
e7:d5:8a:b2:85:4b:24:84:46:3d:e2:bb:35:35:57:02:ff:86:
01:16:41:3a:f6:9d:e2:73:7a:63:f2:d3:cd:8b:b6:6e:f8:b4:
3b:09:0f:94:6c:16:b8:e7:a6:a4:a4:61:3a:0d:3f:a1:b5:ba:
3f:31:d0:fc:c7:b6:33:4e:a2:c5:8b:cd:49:3a:2b:1d:0d:bf:
f4:30:c2:33:8c:7b:9f:68:ca:5e:43:89:1a:4e:05:95:7a:7d:
66:09:04:a9:39:c1:57:64:46:33:f0:64:e2:53:be:bb:c9:9f:
fa:e8:8b:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xs5HHorJtQiUSAdiF7e7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw
YWFjMWUwHhcNMjUxMDE5MTQwMTUxWhcNMjUxMDIwMTQwMTUxWjAzMTEwLwYDVQQD
EyhlNDA3NDEzZjUyMjQ3YzRhMDAzYjZjMTQ2NmZjOGU1OTc2ZWJmOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4hzM2V7W3uqb6/ifMwDCMc0jZfb
cC0DVQI53N0b6tUukAE0UDSOYWCOXg9ak/BdugorG+TMXzZzM9PaUQcXDkIqaIle
WLDb0v72xX2PmvVkVtuKSYhcpPiqqNoVayib3BdlfyU8Ny4mRU+cj6RCKpA0n0DR
zCpTeyfFcQW+QHwMy/O2U4zqR3+Jf0Kxua0oFoUwQZ3WjfCk5E+D4quOwiRjbbvo
wfBbv3d3FY1RlZEHnmyZsOXd3s2ReayR7EYRFouZ9gSm3RxhePoTH5qabgn/J8RZ
JV57TauUvxxhGe+khN4d63+kti0EAD/mV5uBjr7TSfStNW+KdPTIvjYx8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQHQT9SJHxKADtsFGb8jll26/jHMB8GA1UdIwQY
MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It
MDI5NzE1ZGU0YzZmLzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm
LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdSwQoqou
XPjHCVctTrhRSWL7pGIaFS2qzeAM3z4BZJXe4icfzQ9X2mJLL4jgCIdDEJl9gewD
idFIvhP6zRGlQA/Y0FqNxQH3VoXTr9zzsX8/r9/AwXILLE2aFuB5/9gPY6Zzat/Z
Fz7s91ca7Xi5wVDssOeIXeprop58SMY/tj7431pNFLV5yUI/kvh0TeXO59WKsoVL
JIRGPeK7NTVXAv+GARZBOvad4nN6Y/LTzYu2bvi0OwkPlGwWuOempKRhOg0/obW6
PzHQ/Me2M06ixYvNSTorHQ2/9DDCM4x7n2jKXkOJGk4FlXp9ZgkEqTnBV2RGM/Bk
4lO+u8mf+uiL2Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:54:23 2025 by rpki-client