Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
File: NQzOG50G3M6IVmWVNkmcFgM5E3A.mft (raw, json)
Hash identifier: ukATOkbOUmHP76FJpHmJjqCIOU08FrPIffZ6DbbAxS8=
Subject key identifier: B3:C3:F4:EE:5A:5A:F6:AA:97:18:95:1F:66:1D:25:9E:98:CC:53:9F
Authority key identifier: 35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
Certificate issuer: /CN=350cce1b9d06dcce8856659536499c1603391370
Certificate serial: 019A26D4AAD4131859A96721D4999B04C277
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
Manifest number: 16FA
Signing time: Mon 27 Oct 2025 18:01:02 +0000
Manifest this update: Mon 27 Oct 2025 18:01:02 +0000
Manifest next update: Tue 28 Oct 2025 18:01:02 +0000
Files and hashes: 1: DFk17XzVK0-2LT-y57eUHLqsGoE.roa (hash: dXqY+iE+GyZrGAN3VZSoDHBgCd8KrkAD+zhIs/sw6B0=)
2: InA1Og6sR4YUgU6o-aAa42NlxCE.roa (hash: +mBUSakr5JllZ5ayoZAKPyK7MyouaEc8pwLjmxou6hg=)
3: NQzOG50G3M6IVmWVNkmcFgM5E3A.crl (hash: l408O1nSNH+kBEnGQEmCPi89MKzh0IQ4GiWFBNjiOpA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 15:57:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:26:d4:aa:d4:13:18:59:a9:67:21:d4:99:9b:04:c2:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350cce1b9d06dcce8856659536499c1603391370
Validity
Not Before: Oct 27 18:01:02 2025 GMT
Not After : Oct 28 18:01:02 2025 GMT
Subject: CN=b3c3f4ee5a5af6aa9718951f661d259e98cc539f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:53:1b:bf:28:25:c1:be:f1:0c:1a:ec:e0:13:
cf:d4:2b:cd:dc:ff:5c:f2:05:f1:2c:9d:80:01:41:
40:26:2a:5c:b3:76:e7:59:d8:cb:75:55:d3:f3:ee:
1e:21:15:df:bd:62:4b:c5:2d:e8:65:2c:12:a0:e0:
f2:cd:26:9c:b3:22:5a:28:92:b6:3c:dc:ba:f3:93:
d4:e8:1b:34:d7:d8:f6:ff:87:ed:19:e8:58:59:0b:
41:e7:5e:6c:30:ce:5d:1e:bb:43:84:85:e8:32:63:
88:93:5e:0a:6f:bb:55:04:e7:3a:9a:90:93:aa:c1:
55:66:a3:24:ef:18:46:4e:fe:8b:51:f8:f0:30:04:
c8:13:3f:82:bf:65:9d:70:86:41:19:bc:1a:62:72:
73:59:8f:bf:3e:2a:a4:43:39:40:d7:18:c7:3b:4c:
a8:3b:61:9d:32:91:da:3c:58:24:c1:3f:5b:03:d4:
08:b9:ba:a5:a8:1d:11:12:3c:ef:82:aa:ba:ea:8d:
39:c3:e7:56:06:e4:1d:89:60:01:4a:e7:ee:6f:69:
0b:de:a2:24:0f:1f:8d:42:e8:59:4f:78:d7:52:05:
85:bd:b5:7d:f2:9b:0d:7b:54:66:11:5b:ad:35:fe:
25:e5:69:e9:b9:dd:c5:51:ad:74:86:2d:60:33:87:
b9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C3:F4:EE:5A:5A:F6:AA:97:18:95:1F:66:1D:25:9E:98:CC:53:9F
X509v3 Authority Key Identifier:
keyid:35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:fc:d9:15:7a:83:0e:35:11:49:8a:10:85:51:8a:ba:ef:c1:
44:b9:31:55:f4:db:e4:94:7b:3b:1a:5f:54:35:c8:1a:8c:00:
63:e0:59:77:a4:c7:b6:b2:ba:f7:cf:9e:b9:02:ad:65:d0:b9:
83:39:29:0f:1a:a6:3b:ec:5d:96:d2:d7:83:3a:db:89:13:01:
59:e3:ec:f8:7e:46:8c:41:0f:81:e1:b9:41:14:5a:d3:ea:8b:
df:11:8e:42:c5:04:b5:bc:69:05:9f:1d:b3:c6:09:ad:f3:d2:
66:c3:23:5e:1f:15:68:e5:c1:75:18:4d:96:94:8f:fe:81:d1:
5b:4e:15:23:64:4e:2c:30:62:5d:9e:1d:46:ca:d2:af:87:43:
3f:0e:df:ea:b4:de:a1:a1:07:3c:0f:1d:5e:5a:ed:5c:1d:7b:
83:c4:84:d4:45:d8:53:54:ff:38:8e:e2:ac:d9:1e:fb:ed:9d:
61:28:6e:8e:b8:e9:97:03:66:f6:75:93:e9:85:96:a0:66:c2:
46:84:e5:99:9d:e8:35:a0:3a:7d:74:a0:db:72:39:fd:0f:99:
be:b9:4b:b7:b1:ad:6c:6f:35:53:9e:73:6b:74:f8:f3:76:9b:
df:cb:f2:7e:64:9a:61:da:54:f0:34:0e:56:b7:2a:87:03:9d:
62:aa:05:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZom1KrUExhZqWch1JmbBMJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGNjZTFiOWQwNmRjY2U4ODU2NjU5NTM2NDk5YzE2MDMz
OTEzNzAwHhcNMjUxMDI3MTgwMTAyWhcNMjUxMDI4MTgwMTAyWjAzMTEwLwYDVQQD
EyhiM2MzZjRlZTVhNWFmNmFhOTcxODk1MWY2NjFkMjU5ZTk4Y2M1MzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVMbvyglwb7xDBrs4BPP1CvN3P9c
8gXxLJ2AAUFAJipcs3bnWdjLdVXT8+4eIRXfvWJLxS3oZSwSoODyzSacsyJaKJK2
PNy685PU6Bs019j2/4ftGehYWQtB515sMM5dHrtDhIXoMmOIk14Kb7tVBOc6mpCT
qsFVZqMk7xhGTv6LUfjwMATIEz+Cv2WdcIZBGbwaYnJzWY+/PiqkQzlA1xjHO0yo
O2GdMpHaPFgkwT9bA9QIubqlqB0REjzvgqq66o05w+dWBuQdiWABSufub2kL3qIk
Dx+NQuhZT3jXUgWFvbV98psNe1RmEVutNf4l5Wnpud3FUa10hi1gM4e5OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLPD9O5aWvaqlxiVH2YdJZ6YzFOfMB8GA1UdIwQY
MBaAFDUMzhudBtzOiFZllTZJnBYDORNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQt
NTU0MTVhMGJhNzNiLzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQtNTU0MTVhMGJhNzNi
LzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFvzZFXqD
DjURSYoQhVGKuu/BRLkxVfTb5JR7OxpfVDXIGowAY+BZd6THtrK698+euQKtZdC5
gzkpDxqmO+xdltLXgzrbiRMBWePs+H5GjEEPgeG5QRRa0+qL3xGOQsUEtbxpBZ8d
s8YJrfPSZsMjXh8VaOXBdRhNlpSP/oHRW04VI2ROLDBiXZ4dRsrSr4dDPw7f6rTe
oaEHPA8dXlrtXB17g8SE1EXYU1T/OI7irNke++2dYShujrjplwNm9nWT6YWWoGbC
RoTlmZ3oNaA6fXSg23I5/Q+ZvrlLt7GtbG81U55za3T483ab38vyfmSaYdpU8DQO
VrcqhwOdYqoFIQ==
-----END CERTIFICATE-----
Generated at Mon Oct 27 22:41:31 2025 by rpki-client