Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft
File: NTPUOQNczcXww50bP7FhlbVV_KM.mft (raw, json)
Hash identifier: TYZ0LXh3HM4cZn73ppbrPcvjTCYovy3J9OFlQuzuSIk=
Subject key identifier: D0:5F:FF:F4:91:A9:AF:08:EA:BB:20:90:2B:DE:79:3F:46:C0:A8:12
Authority key identifier: 35:33:D4:39:03:5C:CD:C5:F0:C3:9D:1B:3F:B1:61:95:B5:55:FC:A3
Certificate issuer: /CN=3533d439035ccdc5f0c39d1b3fb16195b555fca3
Certificate serial: 019A70A5A1FEC9D9B5CD78494C1405F60685
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft
Manifest number: 0C14
Signing time: Tue 11 Nov 2025 02:01:34 +0000
Manifest this update: Tue 11 Nov 2025 02:01:34 +0000
Manifest next update: Wed 12 Nov 2025 02:01:34 +0000
Files and hashes: 1: NTPUOQNczcXww50bP7FhlbVV_KM.crl (hash: 56htx8z1HT23PDRQd6e5G0iuhBV0kqoLf0Z9USzOT2w=)
2: rAVoUvT6eIAoJ9DaPocwQDvvkoc.roa (hash: 1BFZOwvrkIRFql6imBqxsdk52Ly1yvo/6JadLNNcDZs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a5:a1:fe:c9:d9:b5:cd:78:49:4c:14:05:f6:06:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3533d439035ccdc5f0c39d1b3fb16195b555fca3
Validity
Not Before: Nov 11 02:01:34 2025 GMT
Not After : Nov 12 02:01:34 2025 GMT
Subject: CN=d05ffff491a9af08eabb20902bde793f46c0a812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8b:93:6f:2e:88:2e:5a:70:ee:1d:b8:c5:4d:
27:d3:97:fc:64:31:a0:40:35:77:fe:16:c7:c7:5b:
5c:05:33:59:d6:94:89:6a:8d:45:45:a5:08:f0:b7:
e8:a8:09:ea:46:ac:9d:68:bc:80:c3:52:61:da:d7:
44:ee:c8:39:3f:69:c4:89:a5:11:87:55:08:eb:d4:
1a:8e:f5:b9:cc:ed:eb:aa:81:ab:80:a2:bb:9b:c2:
7a:15:d9:2b:12:27:61:40:b6:cd:9b:02:1f:ba:a7:
62:49:d3:8c:5e:55:f1:d0:f3:c0:b0:c5:43:4d:30:
cb:92:ae:ec:a0:bf:db:32:c5:a4:76:67:69:b4:6e:
23:a6:22:f2:9d:d8:aa:50:93:50:09:60:ce:2c:2a:
71:37:54:dc:ee:34:ef:55:23:17:bc:ef:1a:9a:13:
cf:d8:2d:68:d5:ff:be:11:08:9b:49:2d:0c:c8:a1:
69:41:da:2d:cb:d9:8f:36:d7:3c:4e:b5:42:fe:51:
44:8f:87:52:fd:72:ca:56:90:37:fa:a9:a0:0e:f9:
39:ed:01:e2:ff:f2:e6:b4:85:d7:18:d7:f7:d7:4f:
a2:cf:c1:44:16:f3:ec:5e:0e:c9:ed:54:82:dd:55:
27:ff:06:95:88:37:b4:74:74:8a:53:89:4a:4e:c3:
00:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:5F:FF:F4:91:A9:AF:08:EA:BB:20:90:2B:DE:79:3F:46:C0:A8:12
X509v3 Authority Key Identifier:
keyid:35:33:D4:39:03:5C:CD:C5:F0:C3:9D:1B:3F:B1:61:95:B5:55:FC:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:e4:9f:d3:ee:ac:0c:f6:03:f7:6b:f6:18:f6:25:dd:d8:3d:
f6:0c:eb:39:fa:bd:18:55:eb:a6:ae:7a:c4:41:84:fb:51:0a:
e2:e2:80:e4:e6:42:08:4f:b1:80:a1:33:cc:c2:77:d0:e7:43:
3d:ee:75:48:41:f6:09:de:f3:7e:2f:1e:df:6f:c5:bf:94:f7:
cd:37:67:b7:51:92:f4:8e:95:82:32:aa:44:3a:40:5f:97:58:
96:b1:03:12:04:cb:ee:24:f1:06:61:d0:2a:ef:4d:6f:20:2f:
c1:81:18:64:26:55:e4:df:d3:00:34:a0:45:5b:74:04:90:3d:
6f:9e:3c:ae:55:dd:4c:2a:95:78:54:0d:7c:d1:d5:1a:52:5a:
37:9d:9d:95:36:53:3b:d8:c8:aa:07:c6:1e:a5:f0:be:e1:cf:
19:53:07:82:db:71:f4:04:99:f0:07:36:00:99:df:e5:85:72:
32:84:c8:07:f2:95:76:49:6e:63:56:b0:4f:de:c3:e8:03:96:
70:82:3f:8b:83:ac:02:db:fe:cd:4c:b6:36:ee:86:77:7b:b6:
13:32:4c:1c:f3:94:71:53:c8:dd:6e:2a:0a:7f:50:52:7c:41:
9d:ec:22:1f:23:ea:f7:d6:bc:60:43:d7:fd:d8:ba:eb:5f:7e:
8d:4f:7e:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpaH+ydm1zXhJTBQF9gaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MzNkNDM5MDM1Y2NkYzVmMGMzOWQxYjNmYjE2MTk1YjU1
NWZjYTMwHhcNMjUxMTExMDIwMTM0WhcNMjUxMTEyMDIwMTM0WjAzMTEwLwYDVQQD
EyhkMDVmZmZmNDkxYTlhZjA4ZWFiYjIwOTAyYmRlNzkzZjQ2YzBhODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIuTby6ILlpw7h24xU0n05f8ZDGg
QDV3/hbHx1tcBTNZ1pSJao1FRaUI8LfoqAnqRqydaLyAw1Jh2tdE7sg5P2nEiaUR
h1UI69QajvW5zO3rqoGrgKK7m8J6FdkrEidhQLbNmwIfuqdiSdOMXlXx0PPAsMVD
TTDLkq7soL/bMsWkdmdptG4jpiLyndiqUJNQCWDOLCpxN1Tc7jTvVSMXvO8amhPP
2C1o1f++EQibSS0MyKFpQdoty9mPNtc8TrVC/lFEj4dS/XLKVpA3+qmgDvk57QHi
//LmtIXXGNf310+iz8FEFvPsXg7J7VSC3VUn/waViDe0dHSKU4lKTsMAcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBf//SRqa8I6rsgkCveeT9GwKgSMB8GA1UdIwQY
MBaAFDUz1DkDXM3F8MOdGz+xYZW1VfyjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy84Y2YyYTYtNDUyOS00M2Q5LWI3ODIt
MzZlODVhYmU1MmZmLzEvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy84Y2YyYTYtNDUyOS00M2Q5LWI3ODItMzZlODVhYmU1MmZm
LzEvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfeSf0+6s
DPYD92v2GPYl3dg99gzrOfq9GFXrpq56xEGE+1EK4uKA5OZCCE+xgKEzzMJ30OdD
Pe51SEH2Cd7zfi8e32/Fv5T3zTdnt1GS9I6VgjKqRDpAX5dYlrEDEgTL7iTxBmHQ
Ku9NbyAvwYEYZCZV5N/TADSgRVt0BJA9b548rlXdTCqVeFQNfNHVGlJaN52dlTZT
O9jIqgfGHqXwvuHPGVMHgttx9ASZ8Ac2AJnf5YVyMoTIB/KVdkluY1awT97D6AOW
cII/i4OsAtv+zUy2Nu6Gd3u2EzJMHPOUcVPI3W4qCn9QUnxBnewiHyPq99a8YEPX
/di6619+jU9+vg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:53 2025 by rpki-client