Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
File: nwAKfifXFIcphPrjeIda9lvkBWw.mft (raw, json)
Hash identifier: Cph/mysjFbh9h/ZACZ+RgNRJov8iGDBO5xbyesOHaM8=
Subject key identifier: 20:28:2B:5D:12:BF:FC:80:57:FB:10:BD:01:0C:95:68:90:83:B4:3C
Authority key identifier: 9F:00:0A:7E:27:D7:14:87:29:84:FA:E3:78:87:5A:F6:5B:E4:05:6C
Certificate issuer: /CN=9f000a7e27d714872984fae378875af65be4056c
Certificate serial: 019A71EEA9D22E0422EDC50DCB1D9CEC7653
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
Manifest number: 0173
Signing time: Tue 11 Nov 2025 08:00:57 +0000
Manifest this update: Tue 11 Nov 2025 08:00:57 +0000
Manifest next update: Wed 12 Nov 2025 08:00:57 +0000
Files and hashes: 1: nwAKfifXFIcphPrjeIda9lvkBWw.crl (hash: 2X3dPJFikElYu/AusBW4CoDBtqRwJmj5jArYjlJcXMA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:a9:d2:2e:04:22:ed:c5:0d:cb:1d:9c:ec:76:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f000a7e27d714872984fae378875af65be4056c
Validity
Not Before: Nov 11 08:00:57 2025 GMT
Not After : Nov 12 08:00:57 2025 GMT
Subject: CN=20282b5d12bffc8057fb10bd010c95689083b43c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:84:47:da:d8:77:1c:be:4d:6e:46:4b:86:9b:
3a:e7:fd:4b:62:99:ce:0f:12:12:85:36:2c:e7:b9:
bb:46:63:6f:b5:b5:ab:16:a2:c5:91:14:30:1f:33:
0e:5d:75:de:23:ed:f2:da:b0:aa:70:aa:0a:4e:3a:
ca:1b:f0:d5:6b:f8:f1:d2:c3:0d:f9:49:f3:22:f7:
33:ef:af:7b:51:09:4e:4d:77:57:04:91:8b:95:2d:
d7:32:0b:4e:a2:db:7d:f3:cc:7b:96:b4:ae:96:d7:
7d:14:d8:0d:0b:68:13:8b:53:66:92:08:8c:8b:d0:
67:a8:62:6b:c4:6b:70:94:9c:3d:79:90:70:77:7e:
2c:4c:e0:1c:e1:ff:ab:9a:bc:f6:ce:7d:8a:f7:77:
85:1f:58:a8:c3:af:f0:be:0e:27:34:7e:7f:3f:49:
53:77:d9:01:be:db:68:f6:2e:21:2a:7c:32:66:17:
d2:63:4c:7c:73:bb:1e:e8:b3:fa:14:38:1e:95:a2:
8b:34:45:a4:ad:ac:b9:cc:05:61:f7:5c:3e:b6:c0:
02:29:5b:6a:77:be:50:39:3d:ef:2a:14:51:5c:d8:
31:7d:d0:75:1f:a3:80:6d:c7:73:c0:ac:e1:57:a6:
d6:12:2a:4c:b2:56:96:7f:3a:32:b5:c7:c5:8c:66:
be:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:28:2B:5D:12:BF:FC:80:57:FB:10:BD:01:0C:95:68:90:83:B4:3C
X509v3 Authority Key Identifier:
keyid:9F:00:0A:7E:27:D7:14:87:29:84:FA:E3:78:87:5A:F6:5B:E4:05:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:0c:00:7b:5a:25:df:7c:32:08:cf:c6:a2:66:a4:95:25:a2:
bc:99:a7:b5:1a:b8:78:b7:bb:2a:6c:c9:7b:ed:7e:ab:de:40:
e5:97:28:0b:7d:4f:b0:09:7f:de:88:27:19:9b:e7:6b:79:87:
e4:0c:37:83:1b:51:64:c6:af:bf:d0:fa:f9:4c:79:79:05:9a:
03:86:f8:e5:16:b2:3d:4f:34:f2:16:d1:43:78:12:92:80:3a:
0c:15:f9:91:dc:03:bf:15:c9:bc:f3:be:78:5b:a7:df:a5:d4:
47:71:ef:5e:d7:48:44:b7:d5:af:4f:8e:02:d2:71:d9:db:51:
69:0e:e5:00:07:78:8a:90:6f:c0:9c:06:23:77:86:eb:3f:99:
97:7d:03:cc:3a:f2:4d:a8:5c:fe:67:a8:76:de:3b:20:82:f4:
c8:76:ec:3b:20:ba:3a:9f:71:ba:df:7b:07:1c:82:31:17:f9:
64:76:8a:a5:17:4b:2b:c6:ec:29:01:93:6c:57:8d:65:93:ec:
e8:fd:ef:7a:50:f7:94:f4:17:18:90:a4:4f:fd:52:be:3e:97:
55:11:83:b2:1e:ea:19:69:a2:94:c9:50:69:95:8f:7c:db:4d:
f1:66:ea:57:22:c9:aa:7d:b1:39:46:b5:e7:c1:e3:6f:78:05:
2f:51:bc:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7qnSLgQi7cUNyx2c7HZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDAwYTdlMjdkNzE0ODcyOTg0ZmFlMzc4ODc1YWY2NWJl
NDA1NmMwHhcNMjUxMTExMDgwMDU3WhcNMjUxMTEyMDgwMDU3WjAzMTEwLwYDVQQD
EygyMDI4MmI1ZDEyYmZmYzgwNTdmYjEwYmQwMTBjOTU2ODkwODNiNDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44RH2th3HL5NbkZLhps65/1LYpnO
DxIShTYs57m7RmNvtbWrFqLFkRQwHzMOXXXeI+3y2rCqcKoKTjrKG/DVa/jx0sMN
+UnzIvcz7697UQlOTXdXBJGLlS3XMgtOott988x7lrSultd9FNgNC2gTi1NmkgiM
i9BnqGJrxGtwlJw9eZBwd34sTOAc4f+rmrz2zn2K93eFH1iow6/wvg4nNH5/P0lT
d9kBvtto9i4hKnwyZhfSY0x8c7se6LP6FDgelaKLNEWkray5zAVh91w+tsACKVtq
d75QOT3vKhRRXNgxfdB1H6OAbcdzwKzhV6bWEipMslaWfzoytcfFjGa+JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAoK10Sv/yAV/sQvQEMlWiQg7Q8MB8GA1UdIwQY
MBaAFJ8ACn4n1xSHKYT643iHWvZb5AVsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82YjJhNTgtYmVjYy00OWJjLThkODQt
YTAzODkyZmMzNDBiLzEvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82YjJhNTgtYmVjYy00OWJjLThkODQtYTAzODkyZmMzNDBi
LzEvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZgwAe1ol
33wyCM/GomaklSWivJmntRq4eLe7KmzJe+1+q95A5ZcoC31PsAl/3ognGZvna3mH
5Aw3gxtRZMavv9D6+Ux5eQWaA4b45RayPU808hbRQ3gSkoA6DBX5kdwDvxXJvPO+
eFun36XUR3HvXtdIRLfVr0+OAtJx2dtRaQ7lAAd4ipBvwJwGI3eG6z+Zl30DzDry
Tahc/meodt47IIL0yHbsOyC6Op9xut97BxyCMRf5ZHaKpRdLK8bsKQGTbFeNZZPs
6P3velD3lPQXGJCkT/1Svj6XVRGDsh7qGWmilMlQaZWPfNtN8WbqVyLJqn2xOUa1
58Hjb3gFL1G82g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:44:16 2025 by rpki-client