Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.mft
File: NQF3JFfg-Ce56SCwDNEUgkpfpiE.mft (raw, json)
Hash identifier: 829AUS2vTP5j4C45KsPwObdFkyZzKjxL4ISe8tpY1nA=
Subject key identifier: 81:A6:09:22:D2:97:B2:20:47:5B:20:75:2C:78:13:BD:CD:E6:C7:0B
Authority key identifier: 35:01:77:24:57:E0:F8:27:B9:E9:20:B0:0C:D1:14:82:4A:5F:A6:21
Certificate issuer: /CN=3501772457e0f827b9e920b00cd114824a5fa621
Certificate serial: 019A71B8C4130B8A4A2ECA0F36AC77B0EED9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQF3JFfg-Ce56SCwDNEUgkpfpiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 07:02:05 +0000
Manifest this update: Tue 11 Nov 2025 07:02:05 +0000
Manifest next update: Wed 12 Nov 2025 07:02:05 +0000
Files and hashes: 1: NQF3JFfg-Ce56SCwDNEUgkpfpiE.crl (hash: FZLh+FWq/sqo05YM+pFHSUo8AojexWy4sOONsHDvDbo=)
2: f-luTA_tx0v0TH5JKilbt6SzcJU.roa (hash: +LXN4TEg0fwtohb1kuvdLScMnEdA9CiLPdalbBVCXxU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQF3JFfg-Ce56SCwDNEUgkpfpiE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:c4:13:0b:8a:4a:2e:ca:0f:36:ac:77:b0:ee:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3501772457e0f827b9e920b00cd114824a5fa621
Validity
Not Before: Nov 11 07:02:05 2025 GMT
Not After : Nov 12 07:02:05 2025 GMT
Subject: CN=81a60922d297b220475b20752c7813bdcde6c70b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:46:3c:a3:86:7b:27:97:3c:de:7f:16:2c:ae:
e2:3f:bc:60:69:80:60:3a:cf:b4:1d:f9:72:26:b3:
50:17:6a:b0:45:a6:18:3a:b9:a5:1b:e2:3e:85:f8:
74:85:76:ad:68:5a:af:19:f2:63:a2:ba:1d:67:4e:
ff:78:5f:62:bf:a1:0d:69:68:bf:68:1f:3b:ca:f4:
5a:4f:05:5e:ca:a9:0f:2a:97:0b:51:dc:05:2b:28:
30:f8:58:4f:b0:42:ba:e8:24:d7:83:a6:50:bc:ba:
b3:d4:30:a5:51:52:ac:7a:0e:6b:91:57:3f:a2:6d:
7d:4b:22:9c:ae:88:61:20:ad:3d:c7:c4:72:8d:d0:
a5:3f:2e:b3:0f:eb:9d:e5:7a:a1:19:fa:ec:1d:0e:
14:ec:37:32:ba:8a:36:9a:ca:a2:77:23:b1:61:bb:
c0:64:1d:24:74:66:d3:59:57:c8:17:64:16:fc:d1:
7e:02:a5:08:65:16:d7:41:53:71:3c:d2:06:cd:65:
f9:2d:97:57:e3:bf:67:2f:7d:33:35:5f:df:93:e5:
d9:bb:5c:2f:bd:96:6d:ff:30:f8:42:ba:93:9e:a3:
e7:a5:09:a2:ed:fc:5b:d4:23:8f:5f:52:25:54:72:
cd:70:0c:ea:a2:d2:0a:63:51:5a:e9:f5:ca:89:dd:
33:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A6:09:22:D2:97:B2:20:47:5B:20:75:2C:78:13:BD:CD:E6:C7:0B
X509v3 Authority Key Identifier:
keyid:35:01:77:24:57:E0:F8:27:B9:E9:20:B0:0C:D1:14:82:4A:5F:A6:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQF3JFfg-Ce56SCwDNEUgkpfpiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:d8:36:e5:fc:bb:bf:6a:76:b6:f0:3d:3a:d7:35:bd:cd:d3:
de:4c:9b:57:5c:7f:b7:2f:c5:20:b6:ce:58:53:4e:2f:f8:16:
74:35:87:39:28:f9:c1:ae:15:3d:c2:31:8b:bb:47:ac:3e:29:
05:0b:21:f7:cc:74:e0:11:81:48:09:05:09:a8:a5:c3:e4:31:
bf:cc:a9:13:b0:32:a1:3c:17:a0:de:b2:84:0e:cb:44:a4:8f:
7b:9c:a3:b1:3c:6b:ec:26:64:0f:b8:45:9d:6f:a6:a2:28:1b:
b1:bc:bc:ed:b8:6d:a5:b3:ed:62:df:b8:3c:9e:70:f1:c5:0c:
ba:16:47:0a:98:97:b0:1f:51:32:e9:a2:88:84:22:f5:d5:1c:
c5:b8:73:37:40:57:0a:9d:18:1b:8b:f4:5a:f4:b1:78:c2:16:
5d:1f:7f:f2:8c:59:eb:85:1c:51:b4:73:25:b3:29:bc:c4:82:
68:5f:c9:17:90:31:a1:af:fe:f5:75:52:99:02:dd:dd:00:0d:
8f:fe:45:90:1c:5a:a0:d7:72:9d:56:cb:ce:51:43:b2:89:03:
92:1e:49:4a:4b:75:f5:c8:93:eb:89:ca:cd:5f:65:48:2e:b7:
0c:ed:b5:83:44:d7:00:b8:6b:28:d5:cc:3f:53:76:83:36:da:
b6:a7:92:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuMQTC4pKLsoPNqx3sO7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MDE3NzI0NTdlMGY4MjdiOWU5MjBiMDBjZDExNDgyNGE1
ZmE2MjEwHhcNMjUxMTExMDcwMjA1WhcNMjUxMTEyMDcwMjA1WjAzMTEwLwYDVQQD
Eyg4MWE2MDkyMmQyOTdiMjIwNDc1YjIwNzUyYzc4MTNiZGNkZTZjNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EY8o4Z7J5c83n8WLK7iP7xgaYBg
Os+0HflyJrNQF2qwRaYYOrmlG+I+hfh0hXataFqvGfJjorodZ07/eF9iv6ENaWi/
aB87yvRaTwVeyqkPKpcLUdwFKygw+FhPsEK66CTXg6ZQvLqz1DClUVKseg5rkVc/
om19SyKcrohhIK09x8RyjdClPy6zD+ud5XqhGfrsHQ4U7Dcyuoo2msqidyOxYbvA
ZB0kdGbTWVfIF2QW/NF+AqUIZRbXQVNxPNIGzWX5LZdX479nL30zNV/fk+XZu1wv
vZZt/zD4QrqTnqPnpQmi7fxb1COPX1IlVHLNcAzqotIKY1Fa6fXKid0z5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGmCSLSl7IgR1sgdSx4E73N5scLMB8GA1UdIwQY
MBaAFDUBdyRX4PgnuekgsAzRFIJKX6YhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlFGM0pGZmctQ2U1NlNDd0RORVVna3BmcGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi85MDM5MzEtMTY5OC00MWI3LWFmMzQt
OWRkODI3MzVkYTNkLzEvTlFGM0pGZmctQ2U1NlNDd0RORVVna3BmcGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi85MDM5MzEtMTY5OC00MWI3LWFmMzQtOWRkODI3MzVkYTNk
LzEvTlFGM0pGZmctQ2U1NlNDd0RORVVna3BmcGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAtg25fy7
v2p2tvA9Otc1vc3T3kybV1x/ty/FILbOWFNOL/gWdDWHOSj5wa4VPcIxi7tHrD4p
BQsh98x04BGBSAkFCailw+Qxv8ypE7AyoTwXoN6yhA7LRKSPe5yjsTxr7CZkD7hF
nW+moigbsby87bhtpbPtYt+4PJ5w8cUMuhZHCpiXsB9RMumiiIQi9dUcxbhzN0BX
Cp0YG4v0WvSxeMIWXR9/8oxZ64UcUbRzJbMpvMSCaF/JF5Axoa/+9XVSmQLd3QAN
j/5FkBxaoNdynVbLzlFDsokDkh5JSkt19ciT64nKzV9lSC63DO21g0TXALhrKNXM
P1N2gzbatqeS6A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:06:37 2025 by rpki-client