Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
File: AhfGZs2iPpINFLkK6TY3EzUKrB4.mft (raw, json)
Hash identifier: vxwOd/+117N3+F8cNznqm2ph2Py0fn1EkG6t/lqF3kE=
Subject key identifier: 42:C4:26:9D:DB:52:58:B7:F8:EE:AD:D3:E5:5B:20:C2:47:43:65:43
Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
Certificate issuer: /CN=0217c666cda23e920d14b90ae9363713350aac1e
Certificate serial: 019A4DE1A047ACF885BD4106B3569FFBB8CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
Manifest number: 170C
Signing time: Tue 04 Nov 2025 08:00:23 +0000
Manifest this update: Tue 04 Nov 2025 08:00:23 +0000
Manifest next update: Wed 05 Nov 2025 08:00:23 +0000
Files and hashes: 1: AhfGZs2iPpINFLkK6TY3EzUKrB4.crl (hash: ATObrv/urLVrQZ6xlArZ/V5z0mFG8z6iMZY1o7sPF8E=)
2: osyzbtU7GZmaeY_CNmdQy5Vz8jw.roa (hash: /Wf83f8E6EuxQUr3auZsag/VGfFdi1UD8Jonkresr4U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:a0:47:ac:f8:85:bd:41:06:b3:56:9f:fb:b8:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e
Validity
Not Before: Nov 4 08:00:23 2025 GMT
Not After : Nov 5 08:00:23 2025 GMT
Subject: CN=42c4269ddb5258b7f8eeadd3e55b20c247436543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:db:1c:6a:95:8f:42:77:72:a5:48:34:0b:85:
8d:3f:b4:96:b1:1e:f9:ed:48:5a:26:9e:02:ab:73:
e8:36:b2:4f:4d:9d:68:fc:65:ab:1b:9f:8d:b2:5c:
31:7f:21:e6:61:0f:87:d2:63:8d:bb:29:2a:86:32:
7d:2c:44:38:b1:54:cb:39:29:16:b4:4f:0c:f9:e9:
ec:70:ee:7a:54:8a:75:ae:11:8c:24:5c:ec:b9:12:
0b:5f:1c:ea:a1:26:46:fa:e2:55:c6:5f:80:58:c0:
fc:7e:eb:d7:2b:fa:27:0c:a3:83:d9:95:fb:4a:64:
c3:5a:d9:26:18:23:3b:2e:38:a2:76:ef:58:8d:aa:
eb:78:12:10:99:9a:79:48:1e:eb:90:ee:98:27:84:
86:66:24:88:fe:38:ff:fa:7a:b2:53:c8:b5:81:5a:
8d:81:8d:da:df:60:67:3f:67:62:10:b8:c5:38:51:
2a:e2:32:89:c0:17:a8:1b:0e:55:96:04:f3:42:e6:
85:59:56:94:1d:eb:9b:5c:6f:7d:e6:61:1b:87:81:
50:6d:45:5f:13:e6:38:10:9b:73:6a:91:7f:5b:f6:
d6:62:30:cd:72:71:8d:cc:3c:4e:cc:ec:6a:4d:fb:
f1:d0:4e:3c:51:92:6f:b0:5c:ee:b2:8a:45:c4:00:
51:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C4:26:9D:DB:52:58:B7:F8:EE:AD:D3:E5:5B:20:C2:47:43:65:43
X509v3 Authority Key Identifier:
keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:ea:47:20:90:f6:92:7a:a7:aa:f3:b1:f7:5b:4f:72:cb:6b:
12:dc:e2:e9:32:97:6d:c8:23:67:40:84:81:24:57:dc:ee:0e:
a0:21:df:ed:60:e0:d2:a9:76:3f:fd:18:1a:3b:3f:11:e1:e6:
6d:2b:e5:f1:54:69:f9:1a:3c:eb:0d:8e:b3:83:b7:d4:45:9e:
99:b9:0d:6d:00:27:e8:ae:8e:15:5f:1c:3a:ed:63:65:cb:d7:
ee:fb:31:96:45:a1:68:03:0e:18:2b:93:12:a7:27:14:8e:0c:
44:cd:54:b0:fd:34:34:b2:2a:43:c2:fb:33:b1:16:21:a4:8c:
29:63:5d:24:c8:39:d3:c3:ec:3b:3a:76:4b:eb:b5:17:e3:cd:
a4:8a:00:69:91:1e:96:fb:af:59:f3:af:6c:95:7b:a1:6f:ea:
2e:86:e9:1e:b9:ef:e7:37:7f:f7:1c:89:36:fc:ca:b1:68:36:
1e:55:a5:24:10:b4:37:0f:97:0e:16:28:c5:ed:9f:4e:b4:e9:
3f:56:b7:d1:b5:4b:34:c7:dd:9d:fd:eb:4f:56:23:39:42:da:
0f:f1:d6:a5:7e:3f:0b:95:d4:25:2d:51:2a:e9:d4:50:ce:95:
b7:ae:02:09:02:e1:b9:68:b9:fa:9f:e3:62:ba:56:be:8d:84:
a6:f1:8d:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4aBHrPiFvUEGs1af+7jMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw
YWFjMWUwHhcNMjUxMTA0MDgwMDIzWhcNMjUxMTA1MDgwMDIzWjAzMTEwLwYDVQQD
Eyg0MmM0MjY5ZGRiNTI1OGI3ZjhlZWFkZDNlNTViMjBjMjQ3NDM2NTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NscapWPQndypUg0C4WNP7SWsR75
7UhaJp4Cq3PoNrJPTZ1o/GWrG5+NslwxfyHmYQ+H0mONuykqhjJ9LEQ4sVTLOSkW
tE8M+enscO56VIp1rhGMJFzsuRILXxzqoSZG+uJVxl+AWMD8fuvXK/onDKOD2ZX7
SmTDWtkmGCM7Ljiidu9YjarreBIQmZp5SB7rkO6YJ4SGZiSI/jj/+nqyU8i1gVqN
gY3a32BnP2diELjFOFEq4jKJwBeoGw5VlgTzQuaFWVaUHeubXG995mEbh4FQbUVf
E+Y4EJtzapF/W/bWYjDNcnGNzDxOzOxqTfvx0E48UZJvsFzusopFxABR+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELEJp3bUli3+O6t0+VbIMJHQ2VDMB8GA1UdIwQY
MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It
MDI5NzE1ZGU0YzZmLzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm
LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEOpHIJD2
knqnqvOx91tPcstrEtzi6TKXbcgjZ0CEgSRX3O4OoCHf7WDg0ql2P/0YGjs/EeHm
bSvl8VRp+Ro86w2Os4O31EWembkNbQAn6K6OFV8cOu1jZcvX7vsxlkWhaAMOGCuT
EqcnFI4MRM1UsP00NLIqQ8L7M7EWIaSMKWNdJMg508PsOzp2S+u1F+PNpIoAaZEe
lvuvWfOvbJV7oW/qLobpHrnv5zd/9xyJNvzKsWg2HlWlJBC0Nw+XDhYoxe2fTrTp
P1a30bVLNMfdnf3rT1YjOULaD/HWpX4/C5XUJS1RKunUUM6Vt64CCQLhuWi5+p/j
YrpWvo2EpvGNBA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:18:28 2025 by rpki-client