Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/nZoMhLMHIPTUzkvboB3QVE0Cjs0.mft
File: nZoMhLMHIPTUzkvboB3QVE0Cjs0.mft (raw, json)
Hash identifier: LQLC8MoTJi0REC/lfbkEut60e1DKD6gEUNLOpD7ytJ8=
Subject key identifier: 98:9E:F5:E7:34:6C:46:76:E8:45:C7:7A:D6:FC:52:D4:6E:BC:2D:03
Authority key identifier: 9D:9A:0C:84:B3:07:20:F4:D4:CE:4B:DB:A0:1D:D0:54:4D:02:8E:CD
Certificate issuer: /CN=9d9a0c84b30720f4d4ce4bdba01dd0544d028ecd
Certificate serial: 019A725CD0D3BD289915B40F215C86E20806
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nZoMhLMHIPTUzkvboB3QVE0Cjs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/nZoMhLMHIPTUzkvboB3QVE0Cjs0.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 10:01:16 +0000
Manifest this update: Tue 11 Nov 2025 10:01:16 +0000
Manifest next update: Wed 12 Nov 2025 10:01:16 +0000
Files and hashes: 1: 8vJ7ABj3xVyEwXenD9W0ncMrU1A.roa (hash: 5gnWjjNTmQRrWBLMz2vS6KZph20DEPN6rQfmfIVo1TE=)
2: 95tOWT20XUkoFBLGQGdVcwDGE0s.roa (hash: Qa6N16B2kLdBJuSQoLOln9hPwf+0/JSY++MAPTIofBc=)
3: D2QorAtAGpZ4DSilBt-gZlYU1WU.roa (hash: vpJGRRZzUNjxMRhoSrLA2Ov0y70mAO/SHEjk1etazfE=)
4: nZoMhLMHIPTUzkvboB3QVE0Cjs0.crl (hash: BWCO5jyfPNUxJ679WaDZMiNyTJ58BQGmdlv/jEfHecg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/nZoMhLMHIPTUzkvboB3QVE0Cjs0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/nZoMhLMHIPTUzkvboB3QVE0Cjs0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nZoMhLMHIPTUzkvboB3QVE0Cjs0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:d0:d3:bd:28:99:15:b4:0f:21:5c:86:e2:08:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d9a0c84b30720f4d4ce4bdba01dd0544d028ecd
Validity
Not Before: Nov 11 10:01:16 2025 GMT
Not After : Nov 12 10:01:16 2025 GMT
Subject: CN=989ef5e7346c4676e845c77ad6fc52d46ebc2d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f5:b5:53:18:ce:d0:fe:ce:d9:ba:e8:12:36:
52:b2:ad:a5:8f:90:eb:b0:41:84:5c:32:cc:a1:ae:
ee:d7:09:30:2e:dd:55:1f:05:cb:1f:48:5e:0f:f7:
13:b7:7e:b0:6f:7a:f1:1e:69:c8:bf:95:f0:0a:6c:
96:8a:29:36:2a:87:d8:11:15:6a:7a:64:fd:77:75:
0c:41:7e:95:60:ae:5c:22:b2:3c:ad:18:de:fc:2b:
87:b5:07:05:1b:b8:1d:e5:ed:d7:c4:fa:a8:10:4e:
1d:c1:ed:e7:26:1e:11:b4:7e:84:4f:73:8d:9c:3b:
92:dd:8e:da:a9:ee:55:91:66:98:ea:93:34:d3:ee:
d8:94:c2:63:3f:8f:54:ba:2d:f7:e1:a0:1a:83:3a:
9a:6b:9e:57:dc:41:2e:15:1a:81:ae:f4:c3:d2:b6:
ff:91:95:cf:77:03:a7:bb:34:b2:11:fb:d5:b2:25:
f5:8d:33:29:59:8c:50:29:4d:35:2a:c4:a0:95:82:
83:37:cc:b6:c5:4d:28:90:74:02:eb:9b:66:82:c6:
68:9f:3e:74:68:02:b0:15:97:75:e6:04:31:77:2d:
53:70:4b:3e:22:0a:24:13:a2:d7:58:21:42:bd:e9:
39:4d:42:1d:44:bb:35:b2:4a:66:29:fe:ae:3a:30:
04:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:9E:F5:E7:34:6C:46:76:E8:45:C7:7A:D6:FC:52:D4:6E:BC:2D:03
X509v3 Authority Key Identifier:
keyid:9D:9A:0C:84:B3:07:20:F4:D4:CE:4B:DB:A0:1D:D0:54:4D:02:8E:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nZoMhLMHIPTUzkvboB3QVE0Cjs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/nZoMhLMHIPTUzkvboB3QVE0Cjs0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/nZoMhLMHIPTUzkvboB3QVE0Cjs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:10:51:7c:3f:1f:d6:7b:a6:a7:7e:f8:92:b7:3c:c8:c5:21:
c0:8e:30:a5:8a:f6:d4:4d:d8:9e:13:ab:2e:e4:aa:04:94:40:
a6:e7:ef:17:c6:9b:73:a1:39:50:6e:37:ee:d0:74:92:b5:b6:
d4:51:26:e4:04:93:06:05:da:19:c8:7b:5d:07:c5:78:1c:73:
a6:67:dc:dc:aa:b9:9b:13:34:17:11:3f:56:17:37:66:cd:bf:
14:8e:97:9d:c1:41:7c:82:62:8f:0e:bf:de:48:2b:ad:12:93:
b0:45:78:2f:b1:d9:48:93:a8:d3:d5:eb:5a:ca:70:26:d0:de:
d1:9a:60:8f:18:1e:6c:0f:48:60:95:12:bb:4c:eb:56:2c:52:
4f:c2:57:32:55:7d:03:2e:3a:1f:f3:47:67:01:83:a6:52:94:
21:84:08:10:41:db:3e:f9:38:1b:3f:ca:66:cc:59:95:82:1f:
be:64:ec:c2:4a:06:cb:51:ca:fc:ab:03:b3:32:cd:ba:19:ad:
c0:f9:27:48:ca:d1:5a:3c:63:69:c3:ea:02:4f:63:d3:6e:14:
39:08:29:6e:45:09:b0:ff:c1:16:9b:c3:8c:af:86:45:a1:9a:
46:f0:49:dc:39:d5:b9:41:e7:cd:b4:94:c3:5c:2d:f9:4c:11:
5b:41:f4:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNDTvSiZFbQPIVyG4ggGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOWEwYzg0YjMwNzIwZjRkNGNlNGJkYmEwMWRkMDU0NGQw
MjhlY2QwHhcNMjUxMTExMTAwMTE2WhcNMjUxMTEyMTAwMTE2WjAzMTEwLwYDVQQD
Eyg5ODllZjVlNzM0NmM0Njc2ZTg0NWM3N2FkNmZjNTJkNDZlYmMyZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvW1UxjO0P7O2broEjZSsq2lj5Dr
sEGEXDLMoa7u1wkwLt1VHwXLH0heD/cTt36wb3rxHmnIv5XwCmyWiik2KofYERVq
emT9d3UMQX6VYK5cIrI8rRje/CuHtQcFG7gd5e3XxPqoEE4dwe3nJh4RtH6ET3ON
nDuS3Y7aqe5VkWaY6pM00+7YlMJjP49Uui334aAagzqaa55X3EEuFRqBrvTD0rb/
kZXPdwOnuzSyEfvVsiX1jTMpWYxQKU01KsSglYKDN8y2xU0okHQC65tmgsZonz50
aAKwFZd15gQxdy1TcEs+IgokE6LXWCFCvek5TUIdRLs1skpmKf6uOjAEjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJie9ec0bEZ26EXHetb8UtRuvC0DMB8GA1UdIwQY
MBaAFJ2aDISzByD01M5L26Ad0FRNAo7NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblpvTWhMTUhJUFRVemt2Ym9CM1FWRTBDanMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8xZThkNGQtNTNiZi00YWNiLWJjMGMt
NTJjYWQ2Njc1ZmM2LzEvblpvTWhMTUhJUFRVemt2Ym9CM1FWRTBDanMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8xZThkNGQtNTNiZi00YWNiLWJjMGMtNTJjYWQ2Njc1ZmM2
LzEvblpvTWhMTUhJUFRVemt2Ym9CM1FWRTBDanMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAehBRfD8f
1nump374krc8yMUhwI4wpYr21E3YnhOrLuSqBJRApufvF8abc6E5UG437tB0krW2
1FEm5ASTBgXaGch7XQfFeBxzpmfc3Kq5mxM0FxE/Vhc3Zs2/FI6XncFBfIJijw6/
3kgrrRKTsEV4L7HZSJOo09XrWspwJtDe0ZpgjxgebA9IYJUSu0zrVixST8JXMlV9
Ay46H/NHZwGDplKUIYQIEEHbPvk4Gz/KZsxZlYIfvmTswkoGy1HK/KsDszLNuhmt
wPknSMrRWjxjacPqAk9j024UOQgpbkUJsP/BFpvDjK+GRaGaRvBJ3DnVuUHnzbSU
w1wt+UwRW0H0gA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:45:17 2025 by rpki-client