Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
File: NQzOG50G3M6IVmWVNkmcFgM5E3A.mft (raw, json)
Hash identifier: DhRGd8VfsKoSaWLZF0qp/HDdbYEUhV77LuofpWW//mM=
Subject key identifier: 88:D6:F9:70:29:B9:D0:F6:5F:35:1F:ED:E1:3A:7F:9C:EA:CE:78:64
Authority key identifier: 35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
Certificate issuer: /CN=350cce1b9d06dcce8856659536499c1603391370
Certificate serial: 0197470C4A0465394F96D9B90B7A021A879B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
Manifest number: 157D
Signing time: Fri 06 Jun 2025 21:01:17 +0000
Manifest this update: Fri 06 Jun 2025 21:01:17 +0000
Manifest next update: Sat 07 Jun 2025 21:01:17 +0000
Files and hashes: 1: DFk17XzVK0-2LT-y57eUHLqsGoE.roa (hash: dXqY+iE+GyZrGAN3VZSoDHBgCd8KrkAD+zhIs/sw6B0=)
2: InA1Og6sR4YUgU6o-aAa42NlxCE.roa (hash: +mBUSakr5JllZ5ayoZAKPyK7MyouaEc8pwLjmxou6hg=)
3: NQzOG50G3M6IVmWVNkmcFgM5E3A.crl (hash: Z8HfzN9eDPPh8TDGKmlGO6XzGDU6dpo931xOdkXL/5g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 21:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:47:0c:4a:04:65:39:4f:96:d9:b9:0b:7a:02:1a:87:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350cce1b9d06dcce8856659536499c1603391370
Validity
Not Before: Jun 6 21:01:17 2025 GMT
Not After : Jun 7 21:01:17 2025 GMT
Subject: CN=88d6f97029b9d0f65f351fede13a7f9ceace7864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:cc:05:b2:2b:93:c8:7b:a7:ef:5a:4f:74:da:
6d:96:17:16:02:dd:d3:63:18:eb:96:41:85:24:fc:
a3:5b:83:38:cc:0e:b3:01:86:ac:dd:d7:d1:fe:83:
c2:cf:ed:a0:08:69:0e:b7:66:8a:8c:a0:55:64:78:
b9:6f:d4:42:f8:ea:09:48:c7:ae:78:67:88:ef:3e:
e6:b0:55:85:ba:ea:78:ff:4a:c5:93:25:bf:4e:1a:
91:42:25:3c:99:5f:54:3e:0a:c5:88:a6:60:17:2a:
e0:c1:f9:c9:5e:d3:b7:0e:19:45:71:ad:6b:b3:a9:
d8:13:26:1b:59:12:08:8b:52:c0:15:e6:a0:dd:5b:
37:36:6b:2d:7e:52:58:cf:a3:b1:13:1b:df:8b:bf:
31:49:32:ed:d3:f0:b2:aa:e8:01:93:13:eb:52:f2:
c0:a4:22:da:9d:db:f7:da:83:f8:dd:cc:11:69:f0:
41:1d:a3:c2:0c:2d:2a:03:7b:03:c0:44:be:ea:34:
85:22:b3:78:c6:53:84:0e:92:26:92:e0:7e:00:de:
6d:68:14:4d:30:59:71:0b:63:11:6f:84:d4:d6:30:
11:2e:69:05:45:a6:5b:44:bf:a5:68:12:0d:36:af:
f1:63:06:64:3a:fd:5a:0a:58:e8:b9:92:95:77:6b:
6c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D6:F9:70:29:B9:D0:F6:5F:35:1F:ED:E1:3A:7F:9C:EA:CE:78:64
X509v3 Authority Key Identifier:
keyid:35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:a9:de:97:8c:65:53:ee:14:e3:79:b1:09:26:0b:04:cb:98:
70:03:ae:48:a9:81:8f:e8:a7:5b:83:02:fb:47:29:a4:e5:ff:
c8:6b:5a:1f:11:27:8b:26:6a:d4:34:89:53:03:51:4e:b0:47:
07:ea:e2:97:60:9b:3e:4d:d1:58:d9:b2:7d:07:d6:0c:f6:bf:
64:9b:d4:db:e4:a1:2a:a0:1b:5e:9f:92:92:0c:ce:db:dc:7b:
18:0d:a2:a6:f7:fc:27:2d:01:a8:73:c4:d3:e2:2f:9f:94:af:
ee:0e:e6:57:29:47:f4:8d:a1:dd:64:5f:73:f5:4a:ad:78:08:
0a:3d:05:6f:90:a9:e4:c6:42:59:e7:58:d8:4b:99:b1:6c:aa:
b7:63:db:a8:05:52:09:a7:75:cb:a5:02:36:fd:de:17:aa:dc:
1e:e1:63:37:9b:8e:2b:8e:86:bc:00:60:26:9e:3a:d2:1b:fd:
2c:2f:eb:6a:4e:a2:6d:26:d3:39:d8:40:9f:90:72:d4:29:fa:
48:06:be:b3:44:06:6b:f6:d8:ca:ec:d5:07:8d:96:97:b8:0f:
3b:41:58:c3:e6:d1:94:7c:f5:de:64:f5:d5:98:12:7a:e4:aa:
6f:8c:2d:4b:78:fb:d4:7a:e1:48:39:e5:67:c5:5a:75:d4:9b:
15:75:17:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHDEoEZTlPltm5C3oCGoebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGNjZTFiOWQwNmRjY2U4ODU2NjU5NTM2NDk5YzE2MDMz
OTEzNzAwHhcNMjUwNjA2MjEwMTE3WhcNMjUwNjA3MjEwMTE3WjAzMTEwLwYDVQQD
Eyg4OGQ2Zjk3MDI5YjlkMGY2NWYzNTFmZWRlMTNhN2Y5Y2VhY2U3ODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MwFsiuTyHun71pPdNptlhcWAt3T
YxjrlkGFJPyjW4M4zA6zAYas3dfR/oPCz+2gCGkOt2aKjKBVZHi5b9RC+OoJSMeu
eGeI7z7msFWFuup4/0rFkyW/ThqRQiU8mV9UPgrFiKZgFyrgwfnJXtO3DhlFca1r
s6nYEyYbWRIIi1LAFeag3Vs3NmstflJYz6OxExvfi78xSTLt0/CyqugBkxPrUvLA
pCLandv32oP43cwRafBBHaPCDC0qA3sDwES+6jSFIrN4xlOEDpImkuB+AN5taBRN
MFlxC2MRb4TU1jARLmkFRaZbRL+laBINNq/xYwZkOv1aCljouZKVd2tsAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjW+XApudD2XzUf7eE6f5zqznhkMB8GA1UdIwQY
MBaAFDUMzhudBtzOiFZllTZJnBYDORNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQt
NTU0MTVhMGJhNzNiLzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQtNTU0MTVhMGJhNzNi
LzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUanel4xl
U+4U43mxCSYLBMuYcAOuSKmBj+inW4MC+0cppOX/yGtaHxEniyZq1DSJUwNRTrBH
B+ril2CbPk3RWNmyfQfWDPa/ZJvU2+ShKqAbXp+SkgzO29x7GA2ipvf8Jy0BqHPE
0+Ivn5Sv7g7mVylH9I2h3WRfc/VKrXgICj0Fb5Cp5MZCWedY2EuZsWyqt2PbqAVS
Cad1y6UCNv3eF6rcHuFjN5uOK46GvABgJp460hv9LC/rak6ibSbTOdhAn5By1Cn6
SAa+s0QGa/bYyuzVB42Wl7gPO0FYw+bRlHz13mT11ZgSeuSqb4wtS3j71HrhSDnl
Z8VaddSbFXUX9Q==
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:29:32 2025 by rpki-client