Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/NHjAigY6wtNKGxkeJDY4m77tXpc.mft
File: NHjAigY6wtNKGxkeJDY4m77tXpc.mft (raw, json)
Hash identifier: N/4G7q6zcYWEzCKjItyqgXSB2XfCSYHuX2BwtNX0eMk=
Subject key identifier: 5B:B4:0A:5C:59:2E:13:DB:9E:94:AC:CE:16:FA:E5:6C:D7:F6:26:D7
Authority key identifier: 34:78:C0:8A:06:3A:C2:D3:4A:1B:19:1E:24:36:38:9B:BE:ED:5E:97
Certificate issuer: /CN=3478c08a063ac2d34a1b191e2436389bbeed5e97
Certificate serial: 019921B1796E009B099836E98BBC74112406
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHjAigY6wtNKGxkeJDY4m77tXpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/NHjAigY6wtNKGxkeJDY4m77tXpc.mft
Manifest number: 0CB0
Signing time: Sun 07 Sep 2025 01:01:42 +0000
Manifest this update: Sun 07 Sep 2025 01:01:42 +0000
Manifest next update: Mon 08 Sep 2025 01:01:42 +0000
Files and hashes: 1: NHjAigY6wtNKGxkeJDY4m77tXpc.crl (hash: XEPulOkk1htzertvD9SthpnpY7/Y6HILnbZeoe4XX64=)
2: pNlFvC-ThONwUDItOe39MOTdmuo.roa (hash: WDsgShsG54TqHBufqeXclF0wXzsc7Ep5HfaFqkIsZUI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/NHjAigY6wtNKGxkeJDY4m77tXpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/NHjAigY6wtNKGxkeJDY4m77tXpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHjAigY6wtNKGxkeJDY4m77tXpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 01:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:21:b1:79:6e:00:9b:09:98:36:e9:8b:bc:74:11:24:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3478c08a063ac2d34a1b191e2436389bbeed5e97
Validity
Not Before: Sep 7 01:01:42 2025 GMT
Not After : Sep 8 01:01:42 2025 GMT
Subject: CN=5bb40a5c592e13db9e94acce16fae56cd7f626d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e0:0a:d5:6d:8b:84:52:45:5d:ae:e9:12:3d:
9e:ae:ae:4d:2f:0d:56:79:1f:0a:d2:58:da:e8:60:
0a:2d:09:ac:a5:0b:55:22:bc:63:a0:11:92:46:39:
0d:e3:8d:4a:9b:ed:48:99:ff:72:a4:98:3d:97:f4:
25:9a:4b:64:b4:97:f9:44:48:b4:41:3d:fd:f2:38:
2f:b8:97:50:c8:1a:b8:ad:83:19:1b:8e:22:a3:1f:
7f:59:50:25:b1:03:1c:ff:be:41:ac:47:be:b6:b1:
df:a7:76:24:6b:c7:dd:da:22:94:af:20:ef:d8:c4:
b0:f6:3f:14:75:22:b3:a3:be:55:b5:19:c4:48:c9:
14:d8:8c:3a:c4:9d:f0:87:bd:d6:39:e5:06:28:fd:
68:36:dd:9e:48:59:fb:23:3a:39:3c:13:f5:a0:c5:
f2:68:55:f0:1c:5e:49:44:0f:b6:30:f8:df:1f:9f:
98:d8:cb:04:c4:8a:89:ef:ff:a6:85:4b:65:d6:51:
62:aa:63:1e:0c:8e:ec:ed:20:50:0d:34:ec:76:79:
76:6f:55:69:33:8e:66:78:ab:a5:c0:7c:a0:b9:80:
53:81:d8:5a:e8:e4:45:73:70:c1:72:d4:c2:9d:85:
62:02:ee:ad:dc:8e:f5:12:98:d1:7e:42:ee:48:22:
d0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B4:0A:5C:59:2E:13:DB:9E:94:AC:CE:16:FA:E5:6C:D7:F6:26:D7
X509v3 Authority Key Identifier:
keyid:34:78:C0:8A:06:3A:C2:D3:4A:1B:19:1E:24:36:38:9B:BE:ED:5E:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHjAigY6wtNKGxkeJDY4m77tXpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/NHjAigY6wtNKGxkeJDY4m77tXpc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/NHjAigY6wtNKGxkeJDY4m77tXpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:a2:a5:3a:57:a8:91:ed:ba:38:61:08:e1:ad:f0:09:31:18:
85:c2:08:9b:58:55:3e:df:d2:6a:c9:8e:84:c5:fc:48:a8:9d:
12:37:fc:3e:f7:10:6b:d8:08:b4:09:ec:1e:a9:6c:4e:1a:ed:
1e:b3:55:52:9e:75:82:61:0b:e6:8a:15:61:c8:12:1f:69:cf:
57:95:27:6a:30:25:56:0d:4d:af:c8:b4:b2:41:1c:44:12:10:
b7:da:c6:16:00:8c:c5:46:28:10:0b:58:27:9a:bb:76:4a:16:
59:07:1f:af:cd:80:df:bb:38:54:e2:86:2b:73:06:78:15:65:
8b:e5:f1:e8:c2:cc:32:ac:39:36:9c:24:22:c2:60:2a:84:cb:
dd:b3:1a:36:b3:36:4d:a4:b9:c1:23:83:7d:46:4a:68:24:26:
2e:b9:01:47:46:f4:41:d3:bc:85:45:7c:fb:83:71:42:88:b1:
13:62:9f:2c:77:c9:36:77:fc:0d:25:3f:92:6e:3d:e4:a8:43:
77:3a:c9:be:77:fb:ba:90:8b:8b:87:c9:c2:8b:5a:3f:f5:59:
c1:f1:56:64:48:03:d7:df:f8:b9:7c:e8:fa:b5:b7:ca:b7:70:
48:4a:7f:a5:4b:a8:8d:62:6d:23:7f:80:03:9c:c9:6e:5c:23:
d0:c0:7c:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsXluAJsJmDbpi7x0ESQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzhjMDhhMDYzYWMyZDM0YTFiMTkxZTI0MzYzODliYmVl
ZDVlOTcwHhcNMjUwOTA3MDEwMTQyWhcNMjUwOTA4MDEwMTQyWjAzMTEwLwYDVQQD
Eyg1YmI0MGE1YzU5MmUxM2RiOWU5NGFjY2UxNmZhZTU2Y2Q3ZjYyNmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOAK1W2LhFJFXa7pEj2erq5NLw1W
eR8K0lja6GAKLQmspQtVIrxjoBGSRjkN441Km+1Imf9ypJg9l/QlmktktJf5REi0
QT398jgvuJdQyBq4rYMZG44iox9/WVAlsQMc/75BrEe+trHfp3Yka8fd2iKUryDv
2MSw9j8UdSKzo75VtRnESMkU2Iw6xJ3wh73WOeUGKP1oNt2eSFn7Izo5PBP1oMXy
aFXwHF5JRA+2MPjfH5+Y2MsExIqJ7/+mhUtl1lFiqmMeDI7s7SBQDTTsdnl2b1Vp
M45meKulwHyguYBTgdha6ORFc3DBctTCnYViAu6t3I71EpjRfkLuSCLQAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFu0ClxZLhPbnpSszhb65WzX9ibXMB8GA1UdIwQY
MBaAFDR4wIoGOsLTShsZHiQ2OJu+7V6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhqQWlnWTZ3dE5LR3hrZUpEWTRtNzd0WHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8xZjEwYzItMDJlMi00MzhhLTkwYTIt
OTE3YzM1NzdmMzRmLzEvTkhqQWlnWTZ3dE5LR3hrZUpEWTRtNzd0WHBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8xZjEwYzItMDJlMi00MzhhLTkwYTItOTE3YzM1NzdmMzRm
LzEvTkhqQWlnWTZ3dE5LR3hrZUpEWTRtNzd0WHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG6KlOleo
ke26OGEI4a3wCTEYhcIIm1hVPt/SasmOhMX8SKidEjf8PvcQa9gItAnsHqlsThrt
HrNVUp51gmEL5ooVYcgSH2nPV5UnajAlVg1Nr8i0skEcRBIQt9rGFgCMxUYoEAtY
J5q7dkoWWQcfr82A37s4VOKGK3MGeBVli+Xx6MLMMqw5NpwkIsJgKoTL3bMaNrM2
TaS5wSODfUZKaCQmLrkBR0b0QdO8hUV8+4NxQoixE2KfLHfJNnf8DSU/km495KhD
dzrJvnf7upCLi4fJwotaP/VZwfFWZEgD19/4uXzo+rW3yrdwSEp/pUuojWJtI3+A
A5zJblwj0MB8Ng==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:39:31 2025 by rpki-client