Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.mft
File: NIMjF9JURDS2WeVpIHHY5MSTiwY.mft (raw, json)
Hash identifier: KxkmBaqXMemYm8SoyBBS22BvKUkJOcfs3y8/aRDAXs4=
Subject key identifier: EE:61:C1:D7:08:F3:B7:6D:5F:FB:08:53:4E:A9:1E:10:66:F1:9F:A7
Authority key identifier: 34:83:23:17:D2:54:44:34:B6:59:E5:69:20:71:D8:E4:C4:93:8B:06
Certificate issuer: /CN=34832317d2544434b659e5692071d8e4c4938b06
Certificate serial: 019A722599268D0762606E9BAF420E7DC7AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NIMjF9JURDS2WeVpIHHY5MSTiwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.mft
Manifest number: 0491
Signing time: Tue 11 Nov 2025 09:00:57 +0000
Manifest this update: Tue 11 Nov 2025 09:00:57 +0000
Manifest next update: Wed 12 Nov 2025 09:00:57 +0000
Files and hashes: 1: NIMjF9JURDS2WeVpIHHY5MSTiwY.crl (hash: SpHNsWgYflZVhpS3xu21YifDiyuxMSyMIZEvqwh5xiI=)
2: x2Xaez7Ra9vjvF4FG3Er4hO4ovk.roa (hash: T67Ch/iuLueDDibfJIFSKnLQW9UiEIt+71JVmL/jUzg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NIMjF9JURDS2WeVpIHHY5MSTiwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:99:26:8d:07:62:60:6e:9b:af:42:0e:7d:c7:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34832317d2544434b659e5692071d8e4c4938b06
Validity
Not Before: Nov 11 09:00:57 2025 GMT
Not After : Nov 12 09:00:57 2025 GMT
Subject: CN=ee61c1d708f3b76d5ffb08534ea91e1066f19fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e4:98:1d:b4:ac:ee:bf:34:e0:a0:45:0d:c8:
f0:c7:3f:1a:1e:b1:dc:07:17:84:b6:5e:70:91:11:
90:d0:b3:8e:a5:44:3e:72:f6:a1:fd:05:ca:9e:71:
02:5f:ed:54:92:3a:53:f9:8a:f5:0f:58:6a:47:8a:
7f:3b:66:e9:6b:8b:31:fe:60:0d:b4:22:45:4f:65:
7b:7d:d0:74:f9:bb:cb:fa:91:ab:08:17:b4:e7:cb:
28:c9:41:db:da:9f:ef:93:f2:ed:6a:35:bd:b0:63:
d5:89:12:86:25:b0:11:11:f3:ee:d6:bd:9b:f9:03:
77:a8:71:a6:62:4e:a0:96:01:32:e9:e9:b8:a0:0d:
45:e2:35:ea:57:14:50:8b:3c:64:89:6b:2e:26:a8:
0f:50:75:9d:3b:26:a5:02:45:ac:a8:23:27:42:3c:
3c:74:2a:6c:c4:8c:67:e1:75:c9:e9:1b:0e:c0:dc:
4c:c2:fb:fe:28:4d:66:de:79:27:8e:9a:80:bf:b3:
fb:ee:7e:a8:61:f0:0f:56:42:6f:57:3e:87:18:25:
3d:26:6b:90:9d:34:42:2e:83:78:f5:00:dc:5a:cb:
6c:a9:6c:49:c6:fa:be:ee:a4:9b:fd:49:69:92:40:
64:81:2f:b0:4f:3a:fb:9b:88:fe:cb:a2:d6:36:b6:
05:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:61:C1:D7:08:F3:B7:6D:5F:FB:08:53:4E:A9:1E:10:66:F1:9F:A7
X509v3 Authority Key Identifier:
keyid:34:83:23:17:D2:54:44:34:B6:59:E5:69:20:71:D8:E4:C4:93:8B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIMjF9JURDS2WeVpIHHY5MSTiwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:ea:bb:12:03:31:21:22:4d:8f:60:b2:fe:8f:f6:11:83:e7:
4d:30:6e:de:65:4e:48:fd:c4:95:6c:17:b1:a8:fc:0c:ed:33:
4a:32:ce:74:e1:60:5a:f9:6c:0a:ce:df:92:09:e6:0c:56:92:
14:7e:38:d9:2a:7e:f5:1f:51:98:18:43:2f:f4:08:b1:16:fb:
c6:2b:93:35:2d:53:96:0d:62:d5:1a:a4:e1:34:13:24:68:36:
a5:78:16:c2:43:2a:42:a5:d2:5f:2a:b3:cb:44:ee:35:d7:20:
5d:d0:23:a1:ef:ed:40:7d:bb:4f:a5:9d:2e:2a:a1:26:77:e7:
80:29:7a:90:79:d5:6a:62:90:88:85:42:26:33:5e:c3:a7:b6:
cd:9c:da:23:bd:0b:66:79:84:c9:7c:72:10:0d:a4:c8:41:a9:
67:03:52:cd:05:22:30:8d:65:97:95:fd:04:ab:60:8c:b6:f4:
a7:24:36:16:d1:29:6e:1b:56:06:f8:ce:dd:b7:bc:ef:8a:77:
a6:4c:3f:d7:09:a9:34:8b:f6:46:5c:e0:0b:82:57:1c:05:af:
8b:fb:57:44:43:f4:36:9a:73:2f:20:7f:c6:49:c8:e3:a2:4e:
8f:53:9d:cc:74:f0:75:3f:3d:b0:36:6f:70:82:b5:d6:cc:0d:
45:ab:64:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZkmjQdiYG6br0IOfcevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ODMyMzE3ZDI1NDQ0MzRiNjU5ZTU2OTIwNzFkOGU0YzQ5
MzhiMDYwHhcNMjUxMTExMDkwMDU3WhcNMjUxMTEyMDkwMDU3WjAzMTEwLwYDVQQD
EyhlZTYxYzFkNzA4ZjNiNzZkNWZmYjA4NTM0ZWE5MWUxMDY2ZjE5ZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOSYHbSs7r804KBFDcjwxz8aHrHc
BxeEtl5wkRGQ0LOOpUQ+cvah/QXKnnECX+1UkjpT+Yr1D1hqR4p/O2bpa4sx/mAN
tCJFT2V7fdB0+bvL+pGrCBe058soyUHb2p/vk/LtajW9sGPViRKGJbAREfPu1r2b
+QN3qHGmYk6glgEy6em4oA1F4jXqVxRQizxkiWsuJqgPUHWdOyalAkWsqCMnQjw8
dCpsxIxn4XXJ6RsOwNxMwvv+KE1m3nknjpqAv7P77n6oYfAPVkJvVz6HGCU9JmuQ
nTRCLoN49QDcWstsqWxJxvq+7qSb/UlpkkBkgS+wTzr7m4j+y6LWNrYFnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5hwdcI87dtX/sIU06pHhBm8Z+nMB8GA1UdIwQY
MBaAFDSDIxfSVEQ0tlnlaSBx2OTEk4sGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTklNakY5SlVSRFMyV2VWcElISFk1TVNUaXdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81YTJlZDktOGY4ZS00YzFkLWFhZjMt
MzBjNjVhZDgzMjkxLzEvTklNakY5SlVSRFMyV2VWcElISFk1TVNUaXdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81YTJlZDktOGY4ZS00YzFkLWFhZjMtMzBjNjVhZDgzMjkx
LzEvTklNakY5SlVSRFMyV2VWcElISFk1TVNUaXdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB+q7EgMx
ISJNj2Cy/o/2EYPnTTBu3mVOSP3ElWwXsaj8DO0zSjLOdOFgWvlsCs7fkgnmDFaS
FH442Sp+9R9RmBhDL/QIsRb7xiuTNS1Tlg1i1Rqk4TQTJGg2pXgWwkMqQqXSXyqz
y0TuNdcgXdAjoe/tQH27T6WdLiqhJnfngCl6kHnVamKQiIVCJjNew6e2zZzaI70L
ZnmEyXxyEA2kyEGpZwNSzQUiMI1ll5X9BKtgjLb0pyQ2FtEpbhtWBvjO3be874p3
pkw/1wmpNIv2RlzgC4JXHAWvi/tXREP0NppzLyB/xknI46JOj1OdzHTwdT89sDZv
cIK11swNRatkhw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:24 2025 by rpki-client