Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
File: nlaYDUienFO8gp8-jWPTg_ONDeM.mft (raw, json)
Hash identifier: FISts3nHSO6NHpY66+C5WBWN4yS8fsct4y36fJoFIpM=
Subject key identifier: 32:D3:10:A7:F3:01:67:87:8B:09:4C:C6:97:2D:7E:C7:19:D8:EA:68
Authority key identifier: 9E:56:98:0D:48:9E:9C:53:BC:82:9F:3E:8D:63:D3:83:F3:8D:0D:E3
Certificate issuer: /CN=9e56980d489e9c53bc829f3e8d63d383f38d0de3
Certificate serial: 019A70DC7D8654DE0F86CDEB44CBF7E348EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
Manifest number: 167B
Signing time: Tue 11 Nov 2025 03:01:29 +0000
Manifest this update: Tue 11 Nov 2025 03:01:29 +0000
Manifest next update: Wed 12 Nov 2025 03:01:29 +0000
Files and hashes: 1: 5LKnYfYeN0M1IwSjOCfaAZydc0E.roa (hash: R6rY8mHoFXXwwf30CLdp4brLxdq1SUoGP6TPbyDWGN8=)
2: nlaYDUienFO8gp8-jWPTg_ONDeM.crl (hash: V+MT4zyq8PliHAtjbxA4mn2TaztNkbam+mXVZnigGzE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:7d:86:54:de:0f:86:cd:eb:44:cb:f7:e3:48:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e56980d489e9c53bc829f3e8d63d383f38d0de3
Validity
Not Before: Nov 11 03:01:29 2025 GMT
Not After : Nov 12 03:01:29 2025 GMT
Subject: CN=32d310a7f30167878b094cc6972d7ec719d8ea68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5c:f3:12:c6:b6:6c:3a:d8:20:16:37:43:d0:
8b:4d:a8:85:20:1a:32:b4:5e:5a:4f:04:91:1e:8a:
d9:2c:ab:9c:fa:d0:e6:e5:36:8b:fd:9e:61:73:f0:
81:15:3b:a7:eb:41:5f:ee:cf:18:0a:76:ee:1c:27:
0e:23:f1:67:e4:af:e4:12:f9:72:09:3c:67:43:35:
fd:14:b0:c1:63:b6:1d:78:cb:ee:cc:6f:7f:e1:cb:
66:0e:96:86:e4:7e:ec:af:b5:0d:b3:d7:1e:a1:ea:
35:51:54:cc:99:89:24:da:94:fc:df:f1:19:94:36:
e6:d9:bc:53:12:b3:d1:05:61:8b:3e:2e:bb:b4:31:
ce:4c:f2:3a:71:93:b9:90:6d:7c:53:7d:27:87:53:
75:49:23:d9:77:50:df:24:06:20:ad:74:22:4a:69:
7f:72:fd:0d:ac:13:4e:d7:9a:a7:8e:0b:27:36:3f:
52:b8:f2:a2:a1:5b:00:a8:4b:a3:9b:eb:08:66:3a:
1b:4a:0f:b2:6b:80:21:4e:5a:28:46:80:37:32:f2:
6c:4b:84:41:35:e6:c6:b0:be:30:20:7d:6d:c4:dd:
86:c3:f4:62:9c:87:a7:8f:e0:a0:03:31:dc:d6:6c:
53:32:95:7e:94:5b:0b:a1:06:51:ac:15:51:42:a7:
9f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D3:10:A7:F3:01:67:87:8B:09:4C:C6:97:2D:7E:C7:19:D8:EA:68
X509v3 Authority Key Identifier:
keyid:9E:56:98:0D:48:9E:9C:53:BC:82:9F:3E:8D:63:D3:83:F3:8D:0D:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:14:bc:18:a8:d3:e5:bd:a1:22:10:fe:71:e4:fb:7f:da:ea:
19:38:f3:ed:da:ed:08:40:59:52:a0:d9:b8:2c:25:50:f0:2f:
52:a1:ae:a6:0d:fe:a3:29:59:40:ce:74:ae:c9:b7:a9:c6:0c:
98:be:5f:44:59:04:10:17:41:60:b2:27:44:eb:ff:8c:2c:bf:
65:21:90:d1:ed:ec:45:3a:60:1f:4d:fd:c0:2b:08:1f:38:89:
b7:3c:04:23:ec:82:1a:72:b0:2a:2e:2c:2f:38:75:6c:0e:da:
9e:bf:2e:b3:16:3a:05:41:ae:d1:18:1b:e9:33:eb:21:a3:fa:
4a:54:e1:1f:81:c2:d8:d0:d8:81:a1:72:95:84:d0:ab:0e:75:
d3:e6:ef:1b:ce:39:da:7b:69:03:36:4d:f2:06:62:e7:b0:4d:
61:11:77:a8:a8:c5:55:62:b7:e8:06:b9:c0:e7:50:e5:f2:52:
45:03:51:9d:90:c4:b3:93:d7:76:1c:42:30:08:07:08:61:0d:
1b:08:7c:57:eb:a5:93:d6:79:48:c7:5c:d9:0d:22:ee:56:6a:
9d:72:76:a7:55:7b:91:7d:9e:41:c0:f7:6e:6d:3a:d8:3e:12:
fb:cf:13:c0:d9:43:f8:09:f9:b4:75:da:98:24:12:fb:06:d1:
12:64:cb:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3H2GVN4Phs3rRMv340jvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTY5ODBkNDg5ZTljNTNiYzgyOWYzZThkNjNkMzgzZjM4
ZDBkZTMwHhcNMjUxMTExMDMwMTI5WhcNMjUxMTEyMDMwMTI5WjAzMTEwLwYDVQQD
EygzMmQzMTBhN2YzMDE2Nzg3OGIwOTRjYzY5NzJkN2VjNzE5ZDhlYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VzzEsa2bDrYIBY3Q9CLTaiFIBoy
tF5aTwSRHorZLKuc+tDm5TaL/Z5hc/CBFTun60Ff7s8YCnbuHCcOI/Fn5K/kEvly
CTxnQzX9FLDBY7YdeMvuzG9/4ctmDpaG5H7sr7UNs9ceoeo1UVTMmYkk2pT83/EZ
lDbm2bxTErPRBWGLPi67tDHOTPI6cZO5kG18U30nh1N1SSPZd1DfJAYgrXQiSml/
cv0NrBNO15qnjgsnNj9SuPKioVsAqEujm+sIZjobSg+ya4AhTlooRoA3MvJsS4RB
NebGsL4wIH1txN2Gw/RinIenj+CgAzHc1mxTMpV+lFsLoQZRrBVRQqefgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLTEKfzAWeHiwlMxpctfscZ2OpoMB8GA1UdIwQY
MBaAFJ5WmA1InpxTvIKfPo1j04PzjQ3jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMzAzNjAtMDMyOS00Y2YxLWEzN2Yt
ZGI3NDk4ZGFkZTBjLzEvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hMzAzNjAtMDMyOS00Y2YxLWEzN2YtZGI3NDk4ZGFkZTBj
LzEvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWRS8GKjT
5b2hIhD+ceT7f9rqGTjz7drtCEBZUqDZuCwlUPAvUqGupg3+oylZQM50rsm3qcYM
mL5fRFkEEBdBYLInROv/jCy/ZSGQ0e3sRTpgH039wCsIHziJtzwEI+yCGnKwKi4s
Lzh1bA7anr8usxY6BUGu0Rgb6TPrIaP6SlThH4HC2NDYgaFylYTQqw510+bvG845
2ntpAzZN8gZi57BNYRF3qKjFVWK36Aa5wOdQ5fJSRQNRnZDEs5PXdhxCMAgHCGEN
Gwh8V+ulk9Z5SMdc2Q0i7lZqnXJ2p1V7kX2eQcD3bm062D4S+88TwNlD+An5tHXa
mCQS+wbREmTLgQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:27 2025 by rpki-client