
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft
File: NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft (raw, json)
Hash identifier: /cOIyQOqARBvC5x7+Khzmq+ym4Op/Fx+7O/qwhu00/I=
Subject key identifier: D7:F6:7F:FF:C0:E8:35:C2:B2:53:23:78:78:41:D5:AB:F3:45:4A:60
Authority key identifier: 35:16:52:B8:38:FF:2D:96:72:AC:8C:A6:6B:A6:60:DD:4E:45:D6:99
Certificate issuer: /CN=351652b838ff2d9672ac8ca66ba660dd4e45d699
Certificate serial: 019A052426A1BFAD79B8AA56588566965C43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft
Manifest number: 0BCB
Signing time: Tue 21 Oct 2025 05:00:46 +0000
Manifest this update: Tue 21 Oct 2025 05:00:46 +0000
Manifest next update: Wed 22 Oct 2025 05:00:46 +0000
Files and hashes: 1: NRZSuDj_LZZyrIyma6Zg3U5F1pk.crl (hash: Xwjj6+uLHwK+JaCbGfN4Z+sWIZIBhwRL7S9YOPbbrbw=)
2: Zk0y4tHHB8Yu3r49IrGLEovlzps.roa (hash: Z8BlFARu3PiIVKgAzCmvXp/n3Elo4eu1cJ/tXUB0sZU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 05:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:05:24:26:a1:bf:ad:79:b8:aa:56:58:85:66:96:5c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351652b838ff2d9672ac8ca66ba660dd4e45d699
Validity
Not Before: Oct 21 05:00:46 2025 GMT
Not After : Oct 22 05:00:46 2025 GMT
Subject: CN=d7f67fffc0e835c2b25323787841d5abf3454a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9c:eb:62:90:0f:9c:37:2b:c3:78:d7:66:59:
42:bb:98:1e:83:79:ea:86:18:88:4a:19:80:0d:a0:
ef:ee:54:d8:73:2c:7e:fe:38:35:03:b0:29:3c:4c:
19:be:43:d8:8a:d7:2f:ff:12:a0:0b:4a:84:aa:4a:
1e:5c:9a:22:1d:23:76:0f:9f:5a:f4:40:48:e7:d5:
04:28:48:db:42:de:c9:ad:57:32:c6:a0:9f:cc:c1:
38:cf:42:6f:af:d4:19:db:6a:66:d9:2c:a9:06:11:
be:f9:cb:f4:a7:7f:7d:93:39:cc:d7:fb:7c:cf:25:
94:3f:33:92:54:d8:24:df:a0:55:35:86:a4:f3:fa:
90:d7:20:da:68:42:9a:64:12:47:d5:d9:a2:9e:8d:
26:cd:dd:5c:a4:76:7c:58:cf:9c:bd:52:43:9b:14:
3a:1a:dc:b3:83:73:32:02:4b:08:91:8c:3e:b3:8e:
a4:d5:76:4c:9a:df:03:98:94:ce:b5:55:9e:db:ec:
89:3f:2b:fd:ca:cf:7f:ad:0d:e8:c9:76:71:13:4a:
7b:cc:7e:1f:7e:60:45:ea:bd:92:d4:c2:a5:26:aa:
c9:af:f7:54:e0:6c:f3:f5:97:3e:6c:25:88:f5:08:
43:c3:ad:e5:92:21:0a:3c:36:9f:c4:14:04:cc:1a:
30:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F6:7F:FF:C0:E8:35:C2:B2:53:23:78:78:41:D5:AB:F3:45:4A:60
X509v3 Authority Key Identifier:
keyid:35:16:52:B8:38:FF:2D:96:72:AC:8C:A6:6B:A6:60:DD:4E:45:D6:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:81:fa:e7:2c:9e:b0:fd:b8:4e:89:17:82:bb:52:8d:3b:ab:
80:ed:76:10:3c:44:98:19:82:eb:4b:5d:85:77:38:33:25:bb:
9e:39:0d:61:d5:b0:c0:46:3f:db:1a:7e:8b:77:07:12:91:6f:
8c:e1:22:09:7c:96:0c:81:6d:1f:9a:40:f2:82:9d:71:bb:1e:
04:3e:33:5b:40:a6:3d:df:b6:37:0b:d1:0b:74:3b:38:8d:97:
13:45:b9:ef:79:f3:a0:3e:f4:da:18:65:83:4d:26:cf:1c:83:
43:9b:b6:71:32:7f:56:d4:1c:ec:a8:9c:dd:08:cc:0c:53:e8:
08:8c:ff:73:44:9c:34:70:aa:df:71:3a:b3:7b:33:1f:3b:3d:
db:2d:dc:04:c4:f7:9d:36:16:fe:b8:ba:0f:fe:c5:4d:52:d6:
52:9d:4a:da:45:6c:9c:10:92:91:a9:ee:15:b3:fd:bb:f5:94:
c4:9a:3c:44:85:98:50:80:81:41:6f:64:02:02:c3:4e:fd:e2:
d3:4b:d4:10:9c:b6:4c:54:04:d4:c6:25:04:37:0c:19:f4:b1:
7a:2a:12:52:98:0f:bb:4b:f4:36:c0:24:f8:b5:0c:11:1c:cc:
5c:70:27:fa:ad:d5:bf:62:0a:4f:9c:4e:21:04:43:21:bd:75:
eb:ab:73:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoFJCahv615uKpWWIVmllxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTY1MmI4MzhmZjJkOTY3MmFjOGNhNjZiYTY2MGRkNGU0
NWQ2OTkwHhcNMjUxMDIxMDUwMDQ2WhcNMjUxMDIyMDUwMDQ2WjAzMTEwLwYDVQQD
EyhkN2Y2N2ZmZmMwZTgzNWMyYjI1MzIzNzg3ODQxZDVhYmYzNDU0YTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypzrYpAPnDcrw3jXZllCu5geg3nq
hhiIShmADaDv7lTYcyx+/jg1A7ApPEwZvkPYitcv/xKgC0qEqkoeXJoiHSN2D59a
9EBI59UEKEjbQt7JrVcyxqCfzME4z0Jvr9QZ22pm2SypBhG++cv0p399kznM1/t8
zyWUPzOSVNgk36BVNYak8/qQ1yDaaEKaZBJH1dmino0mzd1cpHZ8WM+cvVJDmxQ6
Gtyzg3MyAksIkYw+s46k1XZMmt8DmJTOtVWe2+yJPyv9ys9/rQ3oyXZxE0p7zH4f
fmBF6r2S1MKlJqrJr/dU4Gzz9Zc+bCWI9QhDw63lkiEKPDafxBQEzBowXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNf2f//A6DXCslMjeHhB1avzRUpgMB8GA1UdIwQY
MBaAFDUWUrg4/y2WcqyMpmumYN1ORdaZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85Y2U2MGItY2JjNC00MGQ5LTk4YWQt
MWNkNTA2MDcwYmI1LzEvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi85Y2U2MGItY2JjNC00MGQ5LTk4YWQtMWNkNTA2MDcwYmI1
LzEvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK4H65yye
sP24TokXgrtSjTurgO12EDxEmBmC60tdhXc4MyW7njkNYdWwwEY/2xp+i3cHEpFv
jOEiCXyWDIFtH5pA8oKdcbseBD4zW0CmPd+2NwvRC3Q7OI2XE0W573nzoD702hhl
g00mzxyDQ5u2cTJ/VtQc7Kic3QjMDFPoCIz/c0ScNHCq33E6s3szHzs92y3cBMT3
nTYW/ri6D/7FTVLWUp1K2kVsnBCSkanuFbP9u/WUxJo8RIWYUICBQW9kAgLDTv3i
00vUEJy2TFQE1MYlBDcMGfSxeioSUpgPu0v0NsAk+LUMERzMXHAn+q3Vv2IKT5xO
IQRDIb1166tz3g==
-----END CERTIFICATE-----
Generated at Tue Oct 21 09:39:59 2025 by rpki-client