Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/NHjAigY6wtNKGxkeJDY4m77tXpc.mft
File: NHjAigY6wtNKGxkeJDY4m77tXpc.mft (raw, json)
Hash identifier: 3t6w9MHLpuDuZGW1eFNUQB1fStk+Y0cVrrsqu8UjG4o=
Subject key identifier: 59:87:5A:42:FF:9B:B6:1D:05:30:A1:5A:6E:9E:82:46:05:E0:31:B5
Authority key identifier: 34:78:C0:8A:06:3A:C2:D3:4A:1B:19:1E:24:36:38:9B:BE:ED:5E:97
Certificate issuer: /CN=3478c08a063ac2d34a1b191e2436389bbeed5e97
Certificate serial: 019A71B89A48B870D074D644CAF30D8D06F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHjAigY6wtNKGxkeJDY4m77tXpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/NHjAigY6wtNKGxkeJDY4m77tXpc.mft
Manifest number: 0D5E
Signing time: Tue 11 Nov 2025 07:01:54 +0000
Manifest this update: Tue 11 Nov 2025 07:01:54 +0000
Manifest next update: Wed 12 Nov 2025 07:01:54 +0000
Files and hashes: 1: NHjAigY6wtNKGxkeJDY4m77tXpc.crl (hash: MDfEjF+DQeSArJJ+AvW8RAFT46DIAOmu8iLuTbRM0Vo=)
2: pNlFvC-ThONwUDItOe39MOTdmuo.roa (hash: WDsgShsG54TqHBufqeXclF0wXzsc7Ep5HfaFqkIsZUI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/NHjAigY6wtNKGxkeJDY4m77tXpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/NHjAigY6wtNKGxkeJDY4m77tXpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHjAigY6wtNKGxkeJDY4m77tXpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:9a:48:b8:70:d0:74:d6:44:ca:f3:0d:8d:06:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3478c08a063ac2d34a1b191e2436389bbeed5e97
Validity
Not Before: Nov 11 07:01:54 2025 GMT
Not After : Nov 12 07:01:54 2025 GMT
Subject: CN=59875a42ff9bb61d0530a15a6e9e824605e031b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f7:f1:7d:bb:0d:63:b7:68:1b:f8:38:73:3c:
63:4f:bb:f0:1b:1e:78:60:2e:6c:ad:b8:1d:c7:e1:
4d:8c:c2:4d:a9:3a:0d:54:71:42:0f:be:1c:0a:c0:
97:a8:0b:ee:d2:63:4c:d9:c5:67:db:8c:64:fb:c8:
d0:c5:ea:91:57:b3:5c:bd:31:ca:ff:39:64:a0:4a:
3c:25:6a:64:08:e5:27:96:06:e9:52:fa:12:22:b7:
0c:64:f4:5a:e5:34:e4:e6:b6:17:87:6f:78:01:21:
f5:12:f3:9a:53:dd:ba:10:85:14:1e:9f:d6:65:b6:
8f:a4:1e:dd:c8:6e:43:b2:be:f3:6b:b4:46:0d:29:
f4:ca:78:53:2c:6d:83:78:84:77:33:ee:39:32:5e:
2c:94:82:24:64:4e:50:1f:d6:f3:2f:6e:94:ea:cd:
6b:e0:e2:24:c1:58:b5:c9:27:15:8a:e7:d1:4a:cc:
af:3d:d0:58:cc:ae:cc:bd:87:1b:1c:c7:20:37:02:
05:f3:8d:6b:4d:ea:79:e7:a8:4b:3e:4e:6a:da:82:
a0:80:0c:5d:4d:8f:28:9e:c3:7b:a3:e7:c5:37:f7:
48:53:3f:9e:5c:72:ea:92:c5:e1:1a:4e:bd:95:16:
b8:2d:f3:d8:55:5e:13:93:e5:2c:f8:56:f5:77:d4:
9b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:87:5A:42:FF:9B:B6:1D:05:30:A1:5A:6E:9E:82:46:05:E0:31:B5
X509v3 Authority Key Identifier:
keyid:34:78:C0:8A:06:3A:C2:D3:4A:1B:19:1E:24:36:38:9B:BE:ED:5E:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHjAigY6wtNKGxkeJDY4m77tXpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/NHjAigY6wtNKGxkeJDY4m77tXpc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/NHjAigY6wtNKGxkeJDY4m77tXpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:de:b0:6a:93:9f:57:8d:d8:e5:da:4d:6e:81:57:4d:bf:76:
ea:84:38:86:56:cb:f0:47:7f:19:57:2b:ce:13:12:3c:79:e5:
f3:38:f3:3a:7b:73:8b:a8:29:b3:a3:31:ff:d0:b9:e2:08:4a:
14:12:12:17:cd:88:f9:bb:e8:4a:8c:81:aa:e7:19:a4:a2:6d:
ad:23:f0:19:77:3f:8d:ae:f7:de:d9:74:94:ac:b7:ef:ee:6e:
99:d3:17:dd:3a:2f:b9:c8:e1:17:4d:2a:23:3d:8a:2c:a1:27:
4f:f3:ca:86:e6:76:a8:4f:b3:8a:fb:98:fd:66:06:11:b4:30:
da:0e:da:96:34:7f:62:fe:f7:eb:5a:c9:8a:10:60:24:13:7f:
2f:bd:2b:6f:c2:73:7f:41:80:3c:d9:72:2f:58:76:d7:0b:27:
f3:3c:12:b5:13:d9:0d:53:0e:f7:54:b7:f4:4f:63:e9:63:c9:
17:fc:03:8b:6f:0e:20:ac:89:f3:90:24:c1:f4:1d:e4:6a:c0:
fe:30:e6:2c:30:a1:1b:4f:61:05:0e:c0:27:cb:18:ea:99:62:
24:22:8d:f5:a3:a7:9e:3b:9b:83:dd:54:6a:b0:a4:ca:86:42:
79:56:f4:11:57:cc:35:af:4e:4b:61:b1:47:b4:14:60:bb:39:
33:3e:95:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuJpIuHDQdNZEyvMNjQb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzhjMDhhMDYzYWMyZDM0YTFiMTkxZTI0MzYzODliYmVl
ZDVlOTcwHhcNMjUxMTExMDcwMTU0WhcNMjUxMTEyMDcwMTU0WjAzMTEwLwYDVQQD
Eyg1OTg3NWE0MmZmOWJiNjFkMDUzMGExNWE2ZTllODI0NjA1ZTAzMWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPfxfbsNY7doG/g4czxjT7vwGx54
YC5srbgdx+FNjMJNqToNVHFCD74cCsCXqAvu0mNM2cVn24xk+8jQxeqRV7NcvTHK
/zlkoEo8JWpkCOUnlgbpUvoSIrcMZPRa5TTk5rYXh294ASH1EvOaU926EIUUHp/W
ZbaPpB7dyG5Dsr7za7RGDSn0ynhTLG2DeIR3M+45Ml4slIIkZE5QH9bzL26U6s1r
4OIkwVi1yScViufRSsyvPdBYzK7MvYcbHMcgNwIF841rTep556hLPk5q2oKggAxd
TY8onsN7o+fFN/dIUz+eXHLqksXhGk69lRa4LfPYVV4Tk+Us+Fb1d9SbcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFmHWkL/m7YdBTChWm6egkYF4DG1MB8GA1UdIwQY
MBaAFDR4wIoGOsLTShsZHiQ2OJu+7V6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhqQWlnWTZ3dE5LR3hrZUpEWTRtNzd0WHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8xZjEwYzItMDJlMi00MzhhLTkwYTIt
OTE3YzM1NzdmMzRmLzEvTkhqQWlnWTZ3dE5LR3hrZUpEWTRtNzd0WHBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8xZjEwYzItMDJlMi00MzhhLTkwYTItOTE3YzM1NzdmMzRm
LzEvTkhqQWlnWTZ3dE5LR3hrZUpEWTRtNzd0WHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAId6wapOf
V43Y5dpNboFXTb926oQ4hlbL8Ed/GVcrzhMSPHnl8zjzOntzi6gps6Mx/9C54ghK
FBISF82I+bvoSoyBqucZpKJtrSPwGXc/ja733tl0lKy37+5umdMX3TovucjhF00q
Iz2KLKEnT/PKhuZ2qE+zivuY/WYGEbQw2g7aljR/Yv7361rJihBgJBN/L70rb8Jz
f0GAPNlyL1h21wsn8zwStRPZDVMO91S39E9j6WPJF/wDi28OIKyJ85AkwfQd5GrA
/jDmLDChG09hBQ7AJ8sY6pliJCKN9aOnnjubg91UarCkyoZCeVb0EVfMNa9OS2Gx
R7QUYLs5Mz6VTg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:40:56 2025 by rpki-client