Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
File: NDLzVG3kPONceHHFVLizDvY1wlE.mft (raw, json)
Hash identifier: N3DYVMfw0f2s7QxSDy9geQhnOGN+yxOFCfiS4+F/Xao=
Subject key identifier: 47:A6:D7:74:0E:AB:49:41:B9:10:B9:4D:80:16:4A:D0:59:48:96:FD
Authority key identifier: 34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51
Certificate issuer: /CN=3432f3546de43ce35c7871c554b8b30ef635c251
Certificate serial: 019A722651D536F7408F6E2E8023A95C34FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
Manifest number: 02C6
Signing time: Tue 11 Nov 2025 09:01:45 +0000
Manifest this update: Tue 11 Nov 2025 09:01:45 +0000
Manifest next update: Wed 12 Nov 2025 09:01:45 +0000
Files and hashes: 1: NDLzVG3kPONceHHFVLizDvY1wlE.crl (hash: G8AsKagCuHyRYDkKPcp2M0NilgcYGo5J2fsQsYB/mCo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:51:d5:36:f7:40:8f:6e:2e:80:23:a9:5c:34:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3432f3546de43ce35c7871c554b8b30ef635c251
Validity
Not Before: Nov 11 09:01:45 2025 GMT
Not After : Nov 12 09:01:45 2025 GMT
Subject: CN=47a6d7740eab4941b910b94d80164ad0594896fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f2:5f:41:cf:e4:bb:8b:84:85:5a:cd:bc:e3:
39:7b:f2:42:9d:07:d5:46:b9:e4:ef:3f:5e:58:d5:
44:19:6a:7a:ae:73:9f:65:dd:5c:cc:74:4e:33:cd:
bb:61:92:3b:aa:16:4e:f1:b5:93:ca:08:63:9a:0d:
ec:1f:77:dc:c0:db:a1:b2:b0:1e:b4:60:db:18:d7:
31:b8:c9:49:24:85:d7:38:c6:71:b8:1d:19:29:61:
35:e4:80:ed:4b:e3:04:65:a9:19:48:59:28:27:3a:
8c:34:8a:0b:17:46:f4:85:8a:ed:17:28:3b:4a:ed:
ba:e7:3d:19:64:ef:11:90:cd:a2:78:b6:ba:31:e6:
28:20:e3:a4:72:ed:fd:b7:e8:2d:ac:59:ef:b6:95:
54:54:56:e6:1b:30:7b:0a:9f:c6:69:95:8a:1d:4c:
44:10:7b:8c:86:cf:a3:58:87:3d:62:3e:71:2a:f5:
20:09:dc:3c:fa:2c:32:67:cd:06:c9:b9:1d:0d:f4:
22:30:9b:a5:a2:b2:ce:bb:68:6f:9b:1d:8c:f5:8b:
c6:b2:5c:08:af:d8:97:e1:0a:3e:3f:02:94:b9:71:
31:9e:a2:b5:38:96:c0:27:ff:b2:58:e7:e4:a9:c7:
8f:61:91:d7:7c:a2:fb:e9:b7:cb:6f:eb:fd:21:8c:
1b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A6:D7:74:0E:AB:49:41:B9:10:B9:4D:80:16:4A:D0:59:48:96:FD
X509v3 Authority Key Identifier:
keyid:34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:b8:94:46:f2:b2:ba:60:77:93:06:80:ed:4b:bb:61:ea:64:
8d:c1:50:39:f5:b5:d4:07:58:1c:44:48:c3:84:59:b8:2b:3c:
0f:88:ee:73:8e:60:75:3f:6e:56:55:d4:d1:ea:69:e9:6f:33:
0b:ab:5b:0a:b6:b6:74:e8:82:cb:27:3a:77:26:bf:be:47:b4:
6d:39:ae:e2:9f:6c:7c:25:9c:f0:7e:d7:7c:0b:54:42:ee:6f:
fa:39:0a:5b:c5:62:00:d1:0f:d2:26:c2:12:bf:5d:57:98:62:
39:38:bb:1f:aa:be:ca:7e:3a:f8:7c:ac:2c:15:4c:eb:d2:89:
c2:81:7d:df:dc:68:88:9c:a6:b6:bc:cf:9b:02:37:c8:d6:59:
06:d2:96:13:21:45:df:87:09:52:c6:6f:8e:5d:22:40:30:45:
13:1e:36:5c:cf:25:26:bd:81:23:22:3a:98:5a:e8:20:fa:c1:
6b:76:36:c8:73:f8:67:2e:a3:df:56:48:3d:f2:0e:46:e6:ac:
dd:bc:d1:2a:12:38:e1:70:0a:e4:0e:ac:f7:eb:1e:ae:9e:fc:
8c:f0:04:4c:70:4a:df:00:92:f7:60:4f:13:99:35:01:87:ba:
a5:3a:d1:82:73:94:ed:b0:b5:35:58:60:bc:c8:13:0f:26:77:
01:50:22:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJlHVNvdAj24ugCOpXDT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzJmMzU0NmRlNDNjZTM1Yzc4NzFjNTU0YjhiMzBlZjYz
NWMyNTEwHhcNMjUxMTExMDkwMTQ1WhcNMjUxMTEyMDkwMTQ1WjAzMTEwLwYDVQQD
Eyg0N2E2ZDc3NDBlYWI0OTQxYjkxMGI5NGQ4MDE2NGFkMDU5NDg5NmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/JfQc/ku4uEhVrNvOM5e/JCnQfV
Rrnk7z9eWNVEGWp6rnOfZd1czHROM827YZI7qhZO8bWTyghjmg3sH3fcwNuhsrAe
tGDbGNcxuMlJJIXXOMZxuB0ZKWE15IDtS+MEZakZSFkoJzqMNIoLF0b0hYrtFyg7
Su265z0ZZO8RkM2ieLa6MeYoIOOkcu39t+gtrFnvtpVUVFbmGzB7Cp/GaZWKHUxE
EHuMhs+jWIc9Yj5xKvUgCdw8+iwyZ80GybkdDfQiMJulorLOu2hvmx2M9YvGslwI
r9iX4Qo+PwKUuXExnqK1OJbAJ/+yWOfkqcePYZHXfKL76bfLb+v9IYwbmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEem13QOq0lBuRC5TYAWStBZSJb9MB8GA1UdIwQY
MBaAFDQy81Rt5DzjXHhxxVS4sw72NcJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjct
NjYzOGMzZWI0MDI3LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjctNjYzOGMzZWI0MDI3
LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmLiURvKy
umB3kwaA7Uu7YepkjcFQOfW11AdYHERIw4RZuCs8D4juc45gdT9uVlXU0epp6W8z
C6tbCra2dOiCyyc6dya/vke0bTmu4p9sfCWc8H7XfAtUQu5v+jkKW8ViANEP0ibC
Er9dV5hiOTi7H6q+yn46+HysLBVM69KJwoF939xoiJymtrzPmwI3yNZZBtKWEyFF
34cJUsZvjl0iQDBFEx42XM8lJr2BIyI6mFroIPrBa3Y2yHP4Zy6j31ZIPfIORuas
3bzRKhI44XAK5A6s9+serp78jPAETHBK3wCS92BPE5k1AYe6pTrRgnOU7bC1NVhg
vMgTDyZ3AVAi/Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:28:13 2025 by rpki-client