Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
File: NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft (raw, json)
Hash identifier: IPCk0S4KK7ZdeHw3jkcEWbBus7yAAMDPXqijrORCDOQ=
Subject key identifier: 45:8A:5F:25:3A:24:31:05:5B:A4:8A:D4:46:31:71:00:23:C9:7B:86
Authority key identifier: 35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
Certificate issuer: /CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Certificate serial: 019A2C323B196530BC0236D41D124ACCA64E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
Manifest number: 16FD
Signing time: Tue 28 Oct 2025 19:01:20 +0000
Manifest this update: Tue 28 Oct 2025 19:01:20 +0000
Manifest next update: Wed 29 Oct 2025 19:01:20 +0000
Files and hashes: 1: Jhw9faAWoEdqP1e__8w7b6zkmPk.roa (hash: TQENvT9b218+4xF+VAk4clIU0JMsKTFbzJxIDRXuwJ4=)
2: NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl (hash: Xckem0dJ1n6Ht3aPOZtJ3a968VolpdCtiflq/+85Q9E=)
3: fubcea_39IkkaWowT_0PbtN75oM.roa (hash: b26RPXGBBJCeMiSKu69amdDTbZc6gUFdxgY2Yx3wVnw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 19:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2c:32:3b:19:65:30:bc:02:36:d4:1d:12:4a:cc:a6:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Validity
Not Before: Oct 28 19:01:20 2025 GMT
Not After : Oct 29 19:01:20 2025 GMT
Subject: CN=458a5f253a2431055ba48ad44631710023c97b86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:99:fe:f0:16:c7:d1:56:ff:00:e5:b1:63:30:
e2:03:8e:6a:ff:08:3f:92:de:76:d1:65:d3:64:bb:
95:16:10:aa:6b:5b:5a:19:77:c8:92:54:e8:dd:43:
72:e4:45:b2:bd:0c:72:e9:3a:d3:a1:b4:02:d3:23:
9f:43:06:f2:b6:17:ee:02:28:3d:9c:6f:79:97:d5:
e7:6d:76:1f:50:89:2f:7d:6d:74:c3:78:e6:cb:a1:
fb:4d:7f:90:74:84:2b:87:c5:42:f6:84:d4:24:e1:
9c:e9:11:18:a3:d6:e1:d0:de:71:69:c7:e0:54:6c:
ad:de:5c:db:cc:84:d5:55:8d:a2:86:0c:0e:56:80:
25:99:c0:62:66:17:d4:bc:39:ce:12:bc:d1:fb:1b:
76:00:55:60:5f:9b:80:22:00:4c:55:d3:66:04:56:
28:02:11:bd:26:44:d6:56:90:b2:75:37:54:b4:56:
41:3e:06:9b:53:e3:ef:7a:e4:19:b4:ec:8b:c6:b0:
c2:55:4e:1d:ae:83:96:e0:7b:46:a1:55:14:37:4f:
39:58:00:45:6f:d1:a0:58:d3:a1:bb:f7:81:e2:d1:
85:d6:f4:4b:71:a6:54:18:2e:4c:ad:77:2a:29:38:
c2:a4:8d:fa:54:80:ea:96:cc:99:04:26:6e:e3:e9:
01:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:8A:5F:25:3A:24:31:05:5B:A4:8A:D4:46:31:71:00:23:C9:7B:86
X509v3 Authority Key Identifier:
keyid:35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:68:e9:7a:19:14:78:d4:40:a7:97:2b:69:d1:cc:ca:50:08:
ca:79:4d:d6:bb:dd:ae:c6:7d:78:6d:6d:9d:cc:ae:cd:c6:ee:
25:09:93:4e:6b:1c:4f:60:3b:9b:00:52:d3:35:02:84:1a:07:
de:cb:42:80:02:f3:e9:33:06:ca:09:1a:8d:5a:15:2b:3a:e3:
dd:c7:a6:39:54:00:b4:e2:89:05:cb:b6:fd:01:bd:5a:c6:98:
50:c7:bd:4f:64:25:aa:2f:9e:32:9c:4f:73:a5:52:f0:e0:fb:
41:74:24:0b:0e:2d:06:8f:31:2d:20:14:bd:0c:9a:f1:f3:a0:
c7:65:3d:ed:0a:76:eb:35:6f:8f:cb:8a:de:cc:9c:25:65:b0:
fd:e8:5f:3a:16:d3:9b:a5:b6:cf:01:8c:5e:ef:38:5b:de:13:
d3:62:9d:57:7f:c3:88:77:59:22:a5:69:e2:90:8a:d3:47:e4:
0a:c3:19:a6:c2:f9:f9:58:44:95:2e:cb:06:f5:f9:6c:57:5e:
6b:be:bb:8c:e2:dc:a6:ff:1c:8b:03:b5:7a:f3:79:e7:bb:a5:
25:2c:c6:14:68:51:ca:43:54:65:b5:1b:62:e3:0e:6c:27:cd:
a3:82:f7:19:ac:3f:98:dd:76:26:0b:28:37:d9:b6:8a:3a:ab:
37:ff:d2:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZosMjsZZTC8AjbUHRJKzKZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1M2UzZjI4ZTY0N2U5MmFjOGE3MTBjMzA1YzJlMjFiNjIz
ZWRjMWMwHhcNMjUxMDI4MTkwMTIwWhcNMjUxMDI5MTkwMTIwWjAzMTEwLwYDVQQD
Eyg0NThhNWYyNTNhMjQzMTA1NWJhNDhhZDQ0NjMxNzEwMDIzYzk3Yjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5n+8BbH0Vb/AOWxYzDiA45q/wg/
kt520WXTZLuVFhCqa1taGXfIklTo3UNy5EWyvQxy6TrTobQC0yOfQwbythfuAig9
nG95l9XnbXYfUIkvfW10w3jmy6H7TX+QdIQrh8VC9oTUJOGc6REYo9bh0N5xacfg
VGyt3lzbzITVVY2ihgwOVoAlmcBiZhfUvDnOErzR+xt2AFVgX5uAIgBMVdNmBFYo
AhG9JkTWVpCydTdUtFZBPgabU+PveuQZtOyLxrDCVU4droOW4HtGoVUUN085WABF
b9GgWNOhu/eB4tGF1vRLcaZUGC5MrXcqKTjCpI36VIDqlsyZBCZu4+kBTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWKXyU6JDEFW6SK1EYxcQAjyXuGMB8GA1UdIwQY
MBaAFDU+PyjmR+kqyKcQwwXC4htiPtwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83Njc5MzMtNGE3My00YjJmLWFjODQt
ZGFjYTI2ZGU2ZjdiLzEvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83Njc5MzMtNGE3My00YjJmLWFjODQtZGFjYTI2ZGU2Zjdi
LzEvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHGjpehkU
eNRAp5cradHMylAIynlN1rvdrsZ9eG1tncyuzcbuJQmTTmscT2A7mwBS0zUChBoH
3stCgALz6TMGygkajVoVKzrj3cemOVQAtOKJBcu2/QG9WsaYUMe9T2Qlqi+eMpxP
c6VS8OD7QXQkCw4tBo8xLSAUvQya8fOgx2U97Qp26zVvj8uK3sycJWWw/ehfOhbT
m6W2zwGMXu84W94T02KdV3/DiHdZIqVp4pCK00fkCsMZpsL5+VhElS7LBvX5bFde
a767jOLcpv8ciwO1evN557ulJSzGFGhRykNUZbUbYuMObCfNo4L3Gaw/mN12Jgso
N9m2ijqrN//SRA==
-----END CERTIFICATE-----
Generated at Wed Oct 29 02:27:21 2025 by rpki-client