Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.mft
File: N8ZRc24kPV6mzsymOv20oDEtdzA.mft (raw, json)
Hash identifier: BPd2MijgSYo6iTsGr3CYVmIA/ZLhg67yyj6r9jnWeg8=
Subject key identifier: 49:00:56:CD:48:9A:D0:E5:4E:0C:82:04:5D:02:D4:B7:8E:88:F9:DA
Authority key identifier: 37:C6:51:73:6E:24:3D:5E:A6:CE:CC:A6:3A:FD:B4:A0:31:2D:77:30
Certificate issuer: /CN=37c651736e243d5ea6cecca63afdb4a0312d7730
Certificate serial: 019A7225D4B14C4DAD892A5D6EA91114B23F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N8ZRc24kPV6mzsymOv20oDEtdzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 09:01:13 +0000
Manifest this update: Tue 11 Nov 2025 09:01:13 +0000
Manifest next update: Wed 12 Nov 2025 09:01:13 +0000
Files and hashes: 1: N8ZRc24kPV6mzsymOv20oDEtdzA.crl (hash: HINRcf1wndmp0bwzGFPqMkL8k5+GnnR2kFq4rkkFdUs=)
2: ZRv7bLa28b8tf6OWanURzCF5xRg.roa (hash: oK8tGS8JdWtsRZmm08fTUJdRLOafRX6MArGF8Pv/FL0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/N8ZRc24kPV6mzsymOv20oDEtdzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:d4:b1:4c:4d:ad:89:2a:5d:6e:a9:11:14:b2:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37c651736e243d5ea6cecca63afdb4a0312d7730
Validity
Not Before: Nov 11 09:01:13 2025 GMT
Not After : Nov 12 09:01:13 2025 GMT
Subject: CN=490056cd489ad0e54e0c82045d02d4b78e88f9da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1c:01:29:a5:1f:e6:e5:2f:b6:12:dc:16:cf:
d5:65:ec:a5:3e:8e:c5:5c:17:0d:b4:f5:1b:ea:6b:
61:5d:96:eb:56:2f:4f:24:42:e8:9b:10:5d:a5:7f:
16:10:aa:92:72:18:3c:b5:d8:98:fc:ca:fc:0b:5e:
07:14:54:ae:6a:7e:6c:48:28:13:27:8d:04:90:66:
60:e2:cd:ca:c5:2e:5b:da:ca:c8:39:4c:0c:b6:68:
52:0e:d7:0a:fd:f3:43:07:c7:0c:e6:ef:d0:98:e6:
5c:39:d6:fb:64:34:e1:e4:45:4e:3c:cb:b2:ed:d4:
4c:c2:0d:19:11:e3:c8:e9:f8:a4:39:6b:be:82:9d:
9d:8e:52:6e:c0:85:1a:2e:28:39:7f:79:22:a2:f5:
c4:cc:f1:99:b5:a9:7f:2f:72:3d:c4:d1:f8:a3:4e:
70:24:56:3b:77:49:29:15:f4:2a:4b:aa:9e:bf:3e:
36:fb:96:77:59:5a:f1:07:2d:ae:3f:a0:91:a5:20:
1c:db:fb:f3:82:d0:af:8f:cc:5c:fb:21:ff:b2:fb:
4b:50:9a:a4:e4:cf:c0:03:05:04:8f:82:0b:3e:9b:
89:8f:9f:8f:7a:f7:91:9f:85:fc:79:a3:b3:e7:db:
da:19:8a:35:e6:d1:72:b6:7d:98:94:bf:df:ce:47:
1b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:00:56:CD:48:9A:D0:E5:4E:0C:82:04:5D:02:D4:B7:8E:88:F9:DA
X509v3 Authority Key Identifier:
keyid:37:C6:51:73:6E:24:3D:5E:A6:CE:CC:A6:3A:FD:B4:A0:31:2D:77:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N8ZRc24kPV6mzsymOv20oDEtdzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:91:a0:a6:8b:43:7e:7d:0a:b5:1d:a9:1c:39:76:a0:00:31:
4f:6b:10:18:bc:88:68:18:11:6d:3d:78:a1:61:69:8b:1d:e1:
28:c1:89:cf:61:e7:89:51:63:47:6f:52:a7:e5:df:38:eb:82:
82:68:89:7d:e1:ce:90:ea:66:ce:c6:0e:d4:33:af:9b:be:bf:
f1:be:da:b1:b1:ae:75:fe:99:1e:43:ca:b9:34:ff:cb:67:c0:
1f:0c:19:0c:4e:c2:8a:56:c9:5f:11:e9:fc:bf:f5:5e:50:3a:
03:94:66:5f:54:5b:cb:8b:0f:f3:1d:b7:09:62:63:c1:4a:58:
98:45:b4:61:81:bc:0e:ae:4b:70:9e:1f:cc:e5:f5:e7:6b:1c:
b7:cc:6c:74:0f:ea:b0:33:46:b8:80:48:37:92:c5:95:1c:b6:
5b:17:ce:07:18:fc:84:94:e4:4c:8d:0d:19:76:54:29:6b:91:
7c:e9:5a:fd:c0:29:49:bf:eb:4c:bd:80:e8:d1:f6:29:0b:72:
5c:83:c1:69:5d:68:81:da:88:a5:04:1a:f1:df:60:a8:ca:66:
de:72:c9:bf:d6:48:d3:76:4e:44:5e:c9:ea:0c:f6:f8:2a:9d:
5f:77:59:89:5c:28:73:f1:71:f0:8b:15:8b:50:1e:d4:e3:e4:
94:60:ec:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJdSxTE2tiSpdbqkRFLI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3YzY1MTczNmUyNDNkNWVhNmNlY2NhNjNhZmRiNGEwMzEy
ZDc3MzAwHhcNMjUxMTExMDkwMTEzWhcNMjUxMTEyMDkwMTEzWjAzMTEwLwYDVQQD
Eyg0OTAwNTZjZDQ4OWFkMGU1NGUwYzgyMDQ1ZDAyZDRiNzhlODhmOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRwBKaUf5uUvthLcFs/VZeylPo7F
XBcNtPUb6mthXZbrVi9PJELomxBdpX8WEKqSchg8tdiY/Mr8C14HFFSuan5sSCgT
J40EkGZg4s3KxS5b2srIOUwMtmhSDtcK/fNDB8cM5u/QmOZcOdb7ZDTh5EVOPMuy
7dRMwg0ZEePI6fikOWu+gp2djlJuwIUaLig5f3kiovXEzPGZtal/L3I9xNH4o05w
JFY7d0kpFfQqS6qevz42+5Z3WVrxBy2uP6CRpSAc2/vzgtCvj8xc+yH/svtLUJqk
5M/AAwUEj4ILPpuJj5+PeveRn4X8eaOz59vaGYo15tFytn2YlL/fzkcbFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkAVs1ImtDlTgyCBF0C1LeOiPnaMB8GA1UdIwQY
MBaAFDfGUXNuJD1eps7Mpjr9tKAxLXcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjhaUmMyNGtQVjZtenN5bU92MjBvREV0ZHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81MjNjN2QtMzkxNy00MTM3LTlkZjMt
YWJlYTYyNTg2OGE4LzEvTjhaUmMyNGtQVjZtenN5bU92MjBvREV0ZHpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81MjNjN2QtMzkxNy00MTM3LTlkZjMtYWJlYTYyNTg2OGE4
LzEvTjhaUmMyNGtQVjZtenN5bU92MjBvREV0ZHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXJGgpotD
fn0KtR2pHDl2oAAxT2sQGLyIaBgRbT14oWFpix3hKMGJz2HniVFjR29Sp+XfOOuC
gmiJfeHOkOpmzsYO1DOvm76/8b7asbGudf6ZHkPKuTT/y2fAHwwZDE7CilbJXxHp
/L/1XlA6A5RmX1Rby4sP8x23CWJjwUpYmEW0YYG8Dq5LcJ4fzOX152sct8xsdA/q
sDNGuIBIN5LFlRy2WxfOBxj8hJTkTI0NGXZUKWuRfOla/cApSb/rTL2A6NH2KQty
XIPBaV1ogdqIpQQa8d9gqMpm3nLJv9ZI03ZORF7J6gz2+CqdX3dZiVwoc/Fx8IsV
i1Ae1OPklGDsrQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:11 2025 by rpki-client