Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
File: nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json)
Hash identifier: i1S9RELRUnij98Ck2XKqhj/mCoMNHMgsPQbcs4cPr04=
Subject key identifier: 86:9F:C5:5D:AD:31:7F:19:91:83:86:F2:13:18:4F:DB:15:B3:72:00
Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
Certificate issuer: /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Certificate serial: 019A2477C3F7CAE50A76D7F672C4609CB553
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
Manifest number: 096F
Signing time: Mon 27 Oct 2025 07:00:19 +0000
Manifest this update: Mon 27 Oct 2025 07:00:19 +0000
Manifest next update: Tue 28 Oct 2025 07:00:19 +0000
Files and hashes: 1: cb8dWgekdgTmGEn_puzoSrtajs0.roa (hash: klMt7aeT4NJnkoShXspgSHaq5Jk7n53EuU54bLRTaLc=)
2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: BFEAI0xGF+fmXF6TQvCtYZGM+rIgWVuiMxy8MARXSMM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 07:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:77:c3:f7:ca:e5:0a:76:d7:f6:72:c4:60:9c:b5:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Validity
Not Before: Oct 27 07:00:19 2025 GMT
Not After : Oct 28 07:00:19 2025 GMT
Subject: CN=869fc55dad317f19918386f213184fdb15b37200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:88:30:e4:3c:97:e3:e8:54:9c:a7:da:9e:47:
c4:16:96:ea:d6:b5:cf:fe:3f:94:dc:61:ea:a6:00:
72:a3:d2:1b:f3:31:ea:a6:ea:f8:7c:33:fe:11:51:
f6:54:97:3d:ae:a2:da:bd:ca:57:f3:94:47:5b:0d:
04:78:51:fd:92:a0:b4:d2:3b:ea:dd:7d:61:ab:2c:
b7:0a:4d:88:90:5d:ee:f1:b9:fd:20:a5:2e:1f:6c:
e7:eb:85:70:63:de:fd:b4:1f:4f:54:49:a0:15:d2:
db:a2:92:87:1f:28:d1:70:df:a6:de:79:b8:13:ef:
a4:e3:1f:f4:7e:af:11:49:36:1a:c6:25:7a:b5:1c:
0e:68:36:2d:e1:99:15:23:ab:a7:1d:b7:cf:78:f7:
22:fa:7d:87:7b:66:bc:ee:0a:b8:3d:76:0b:75:92:
c0:e7:07:d1:01:17:4b:f0:3b:fe:a4:0b:58:33:19:
1e:dd:7a:c6:e7:f7:c9:d9:55:af:9b:0e:d9:56:75:
a4:c0:d3:dd:7c:10:08:0f:b6:b6:6b:a4:0f:5c:70:
ff:ca:1e:bd:6e:a0:18:45:ee:7f:6d:77:5a:f7:79:
76:cf:f8:79:f9:46:ef:6b:ff:58:ef:5e:a8:0b:13:
06:0c:7f:28:2e:c6:12:fa:2a:ab:a2:a1:fc:a2:59:
87:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9F:C5:5D:AD:31:7F:19:91:83:86:F2:13:18:4F:DB:15:B3:72:00
X509v3 Authority Key Identifier:
keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:c3:e4:b4:04:f3:0b:62:2f:06:9d:a3:ce:c8:86:49:b6:03:
df:0d:f2:55:fd:df:1e:35:a2:9f:e5:5c:8f:32:9b:6e:ac:73:
33:73:45:b7:79:01:d4:bb:9b:b9:0a:14:a3:bd:6b:0c:33:06:
3d:9a:c0:25:b9:27:96:8a:f7:63:fa:ca:04:61:1e:37:7b:c5:
39:ac:d5:2c:1f:81:ce:31:22:78:f9:f8:6f:d6:ed:12:46:02:
c5:b2:a3:5f:99:70:fe:5e:19:d3:9b:c8:cc:39:ff:71:0e:91:
56:db:68:ce:09:a2:70:ad:92:36:4d:65:be:28:ea:62:f1:fd:
15:d6:62:b8:e3:c5:cb:4e:0d:d1:56:46:a4:3e:34:e2:30:5e:
9f:80:19:8f:ef:cb:bd:a8:1c:f6:7b:22:d6:80:54:df:fe:4d:
3e:c7:db:3e:31:00:df:36:20:ac:dd:9e:95:70:ec:aa:42:f8:
fd:e5:30:76:b6:d1:b7:eb:87:3c:d8:0a:cf:26:1b:46:46:e0:
b6:18:c9:28:81:a5:cc:52:dc:8b:11:f9:12:cf:54:65:b1:09:
62:e5:10:62:cd:2e:1c:d7:0e:51:70:d3:bd:be:a9:8d:f2:74:
54:62:66:ae:ea:11:8e:c5:b5:bf:1e:1c:1d:ff:54:64:bc:29:
6b:10:e5:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokd8P3yuUKdtf2csRgnLVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx
ZTkxYTAwHhcNMjUxMDI3MDcwMDE5WhcNMjUxMDI4MDcwMDE5WjAzMTEwLwYDVQQD
Eyg4NjlmYzU1ZGFkMzE3ZjE5OTE4Mzg2ZjIxMzE4NGZkYjE1YjM3MjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIgw5DyX4+hUnKfankfEFpbq1rXP
/j+U3GHqpgByo9Ib8zHqpur4fDP+EVH2VJc9rqLavcpX85RHWw0EeFH9kqC00jvq
3X1hqyy3Ck2IkF3u8bn9IKUuH2zn64VwY979tB9PVEmgFdLbopKHHyjRcN+m3nm4
E++k4x/0fq8RSTYaxiV6tRwOaDYt4ZkVI6unHbfPePci+n2He2a87gq4PXYLdZLA
5wfRARdL8Dv+pAtYMxke3XrG5/fJ2VWvmw7ZVnWkwNPdfBAID7a2a6QPXHD/yh69
bqAYRe5/bXda93l2z/h5+Ubva/9Y716oCxMGDH8oLsYS+iqroqH8olmHpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIafxV2tMX8ZkYOG8hMYT9sVs3IAMB8GA1UdIwQY
MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt
ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0
LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgsPktATz
C2IvBp2jzsiGSbYD3w3yVf3fHjWin+VcjzKbbqxzM3NFt3kB1LubuQoUo71rDDMG
PZrAJbknlor3Y/rKBGEeN3vFOazVLB+BzjEiePn4b9btEkYCxbKjX5lw/l4Z05vI
zDn/cQ6RVttozgmicK2SNk1lvijqYvH9FdZiuOPFy04N0VZGpD404jBen4AZj+/L
vagc9nsi1oBU3/5NPsfbPjEA3zYgrN2elXDsqkL4/eUwdrbRt+uHPNgKzyYbRkbg
thjJKIGlzFLcixH5Es9UZbEJYuUQYs0uHNcOUXDTvb6pjfJ0VGJmruoRjsW1vx4c
Hf9UZLwpaxDl7A==
-----END CERTIFICATE-----
Generated at Mon Oct 27 14:33:13 2025 by rpki-client