Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
File: AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft (raw, json)
Hash identifier: YhjX9NQULC5n6DYQItpPGjZCA2Asb8DNWzGp2IXDncY=
Subject key identifier: 1A:58:89:61:A3:1B:F7:2E:14:17:8E:86:48:44:FB:EA:A1:11:81:CC
Authority key identifier: 00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
Certificate issuer: /CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Certificate serial: 019A53E3B2E7726173C70C05C0F036998572
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
Manifest number: 1712
Signing time: Wed 05 Nov 2025 12:00:22 +0000
Manifest this update: Wed 05 Nov 2025 12:00:22 +0000
Manifest next update: Thu 06 Nov 2025 12:00:22 +0000
Files and hashes: 1: AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl (hash: 3xxVkEjRBkrVG3eYhBuji9ocy2wYQZdfucvTHIsiTR8=)
2: qen-QoIAAGwgpqx4OQAF6M4rR_M.roa (hash: Pfgs1o9qvVrkxz8on7jtYneDypFRD7JuU2XED3GEHk4=)
3: sJjIi8LxyBaapUPztypafiGazB4.roa (hash: snoS7xcNMuCgLXX7PRPXvmr0bu9uS7kTUSsVN0SedsA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:e3:b2:e7:72:61:73:c7:0c:05:c0:f0:36:99:85:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Validity
Not Before: Nov 5 12:00:22 2025 GMT
Not After : Nov 6 12:00:22 2025 GMT
Subject: CN=1a588961a31bf72e14178e864844fbeaa11181cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:f9:fc:f2:01:8e:82:31:a2:2e:53:4a:12:99:
a6:86:32:1e:66:30:2b:67:5b:77:ab:e1:cc:b3:26:
34:1a:61:60:76:df:e4:87:b0:2f:c9:72:06:55:09:
7e:0b:f3:33:82:95:d8:12:3f:5c:f7:73:6b:f2:1e:
da:5f:2b:14:9d:5d:42:f5:27:bf:3c:8d:e2:26:c9:
41:bd:e9:a8:5f:43:3a:3b:33:63:f9:bf:3d:93:c6:
a8:60:78:cb:c2:9e:3f:5f:5a:45:fd:24:e4:6b:f7:
7e:8c:86:48:ee:82:9a:96:27:3e:e4:79:16:0e:a4:
c8:f4:1f:66:ca:a4:e2:80:3e:73:0b:41:f7:71:ec:
e2:af:78:96:38:a3:e1:fb:ee:80:6e:5c:fe:3c:b6:
b6:a2:7e:0b:c9:db:c4:cd:cd:66:05:19:56:4b:7f:
2e:df:80:7c:0e:68:75:ec:05:88:0c:69:8f:84:3c:
c2:07:aa:ba:59:1d:cf:51:9c:33:e8:c4:b7:59:ec:
e7:65:fb:46:a0:5b:61:00:2c:56:a0:8c:6e:3f:00:
15:66:f2:ac:9b:cf:4e:81:8b:dc:02:3e:41:0e:da:
dc:be:98:ae:2e:c5:5d:f7:32:42:0d:63:92:f6:36:
a2:95:da:1b:47:9e:f3:a1:ae:1f:cc:7a:83:4a:90:
24:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:58:89:61:A3:1B:F7:2E:14:17:8E:86:48:44:FB:EA:A1:11:81:CC
X509v3 Authority Key Identifier:
keyid:00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:5f:9a:12:c7:93:9f:59:57:87:af:4d:cc:8f:87:03:0f:ea:
48:b2:a5:ea:cd:0d:76:8c:c0:b5:ca:af:ce:71:f8:bf:8b:e2:
19:e1:51:fa:b7:0f:9f:89:0f:a1:89:1a:04:45:b6:cd:e0:48:
81:f3:a4:62:84:d1:e7:5f:07:9e:d4:68:16:d5:2d:d5:5c:02:
c9:22:80:57:c7:85:b5:64:b2:2b:38:4d:fc:a8:6b:fc:56:7a:
4b:a8:75:84:98:89:3b:7e:6b:0e:5c:b3:37:82:bf:b2:06:f0:
d6:62:d3:cf:84:90:21:10:c6:bf:30:3e:c5:bd:ef:b1:1d:c3:
ee:58:bb:64:08:6f:f8:79:a7:5f:c9:92:ef:2e:84:42:72:82:
64:ee:cc:63:1f:6c:e5:26:5b:ba:06:69:91:5f:ea:6e:37:71:
98:d0:88:94:7e:d7:25:3e:75:c3:98:50:1b:4f:b1:40:59:f5:
5a:1d:da:92:f2:f4:82:70:7b:8b:06:1d:20:73:be:83:3d:04:
04:3c:d4:d7:b6:ce:a5:42:ab:bb:9e:df:15:03:6a:3f:cf:95:
b1:d9:6f:87:52:5d:2c:98:0f:a4:ec:a9:5e:9c:fe:d0:0b:55:
23:87:4b:54:c8:c3:3a:b5:73:cc:88:87:cf:f6:92:9e:9c:12:
76:78:d5:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpT47LncmFzxwwFwPA2mYVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzJjMDhmNzRkMmE4NDJhNzFmMjNhYjYxNDk5YjUyNjk0
ZmM3YTUwHhcNMjUxMTA1MTIwMDIyWhcNMjUxMTA2MTIwMDIyWjAzMTEwLwYDVQQD
EygxYTU4ODk2MWEzMWJmNzJlMTQxNzhlODY0ODQ0ZmJlYWExMTE4MWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Pn88gGOgjGiLlNKEpmmhjIeZjAr
Z1t3q+HMsyY0GmFgdt/kh7AvyXIGVQl+C/MzgpXYEj9c93Nr8h7aXysUnV1C9Se/
PI3iJslBvemoX0M6OzNj+b89k8aoYHjLwp4/X1pF/STka/d+jIZI7oKalic+5HkW
DqTI9B9myqTigD5zC0H3cezir3iWOKPh++6Ablz+PLa2on4LydvEzc1mBRlWS38u
34B8Dmh17AWIDGmPhDzCB6q6WR3PUZwz6MS3WeznZftGoFthACxWoIxuPwAVZvKs
m89OgYvcAj5BDtrcvpiuLsVd9zJCDWOS9jaildobR57zoa4fzHqDSpAkPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBpYiWGjG/cuFBeOhkhE++qhEYHMMB8GA1UdIwQY
MBaAFABywI900qhCpx8jq2FJm1JpT8elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYt
NjY3ZDY2NDY5Y2Q5LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYtNjY3ZDY2NDY5Y2Q5
LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFl+aEseT
n1lXh69NzI+HAw/qSLKl6s0NdozAtcqvznH4v4viGeFR+rcPn4kPoYkaBEW2zeBI
gfOkYoTR518HntRoFtUt1VwCySKAV8eFtWSyKzhN/Khr/FZ6S6h1hJiJO35rDlyz
N4K/sgbw1mLTz4SQIRDGvzA+xb3vsR3D7li7ZAhv+HmnX8mS7y6EQnKCZO7MYx9s
5SZbugZpkV/qbjdxmNCIlH7XJT51w5hQG0+xQFn1Wh3akvL0gnB7iwYdIHO+gz0E
BDzU17bOpUKru57fFQNqP8+Vsdlvh1JdLJgPpOypXpz+0AtVI4dLVMjDOrVzzIiH
z/aSnpwSdnjVaA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:36:39 2025 by rpki-client