Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft
File: nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft (raw, json)
Hash identifier: PVLC7FFC2tCQVawyMO8WwwDISv1ToMnQNxDrkKCVBEA=
Subject key identifier: 56:1D:91:FC:19:EE:E2:81:D8:2A:B3:FD:D4:AD:BA:E1:85:79:27:E8
Authority key identifier: 9D:FE:30:A0:14:78:46:25:DB:2C:9D:C9:0A:E3:CE:15:E5:4A:88:EC
Certificate issuer: /CN=9dfe30a014784625db2c9dc90ae3ce15e54a88ec
Certificate serial: 019A714A040108575F809EBB4A0D1B58362A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nf4woBR4RiXbLJ3JCuPOFeVKiOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 05:01:07 +0000
Manifest this update: Tue 11 Nov 2025 05:01:07 +0000
Manifest next update: Wed 12 Nov 2025 05:01:07 +0000
Files and hashes: 1: YH77N0FEznpizquL2OaCl5vYAjI.roa (hash: YndCp+4019jEGglb/4lGICFoI/oofyeIHhlA4OhtUTc=)
2: nf4woBR4RiXbLJ3JCuPOFeVKiOw.crl (hash: vVPUvkjERSKy4U7UgBty+fcLeGCseM4+LFXBPseJxj8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/nf4woBR4RiXbLJ3JCuPOFeVKiOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:04:01:08:57:5f:80:9e:bb:4a:0d:1b:58:36:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfe30a014784625db2c9dc90ae3ce15e54a88ec
Validity
Not Before: Nov 11 05:01:07 2025 GMT
Not After : Nov 12 05:01:07 2025 GMT
Subject: CN=561d91fc19eee281d82ab3fdd4adbae1857927e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:95:35:00:ef:83:9f:30:35:c2:8e:0b:e0:f5:
7d:76:27:76:36:6b:c8:2e:88:fb:fb:59:93:9e:f7:
b6:78:73:09:69:04:04:f7:fd:a0:37:4d:7c:05:81:
79:c2:fc:1b:d5:e4:03:7c:ac:33:e8:36:66:bc:19:
96:ff:e0:e3:a9:3f:ec:79:25:5f:99:83:4c:d7:c7:
ac:ae:1b:7d:65:6c:53:09:79:52:2c:13:3d:4b:6d:
ae:5b:50:7e:86:06:3a:4b:62:47:b8:93:91:8e:e9:
bd:13:5d:f4:20:c7:a8:64:ee:7e:0e:30:ef:00:f9:
e9:35:43:be:04:95:0b:26:9f:fb:59:45:4b:5d:10:
89:d8:d1:dc:36:7f:e2:b2:14:b4:88:dd:17:81:e4:
3d:84:73:75:16:9a:65:97:0f:92:45:09:e3:44:48:
0c:5e:36:c9:17:a8:26:53:a1:78:05:23:d9:73:6c:
34:de:92:bc:ad:b7:c7:77:99:9a:36:8b:79:53:78:
df:96:28:e3:bb:0a:40:36:70:4a:a2:a3:83:47:3c:
c7:e4:e7:7c:98:76:3b:00:90:37:53:c0:23:e3:f7:
df:8a:7b:a7:b7:4a:3a:d5:5b:f3:a0:f2:0d:71:b4:
91:cf:5f:9c:fe:f0:48:20:48:d1:07:9b:d0:5c:78:
02:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1D:91:FC:19:EE:E2:81:D8:2A:B3:FD:D4:AD:BA:E1:85:79:27:E8
X509v3 Authority Key Identifier:
keyid:9D:FE:30:A0:14:78:46:25:DB:2C:9D:C9:0A:E3:CE:15:E5:4A:88:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nf4woBR4RiXbLJ3JCuPOFeVKiOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:de:ea:f9:2a:96:a0:3d:01:3a:99:7b:39:02:2a:9c:f8:23:
15:f3:a6:99:48:7f:ce:a2:d2:2b:99:64:2f:79:d4:6c:d8:13:
35:7d:da:ca:7b:57:15:f5:aa:35:04:bb:10:a7:c6:9e:bd:9d:
21:46:cd:ee:d0:c0:eb:0c:64:9b:c6:27:53:98:01:72:e1:bc:
42:00:50:b7:a3:a9:bb:22:ce:4f:6a:8d:93:5c:79:4b:1f:37:
78:ee:8c:22:09:d9:4b:68:33:e1:30:92:73:2a:44:f1:8c:5a:
00:89:00:bc:3b:0e:95:bb:33:6f:18:34:50:6a:c6:15:e9:41:
75:71:c3:67:93:87:fa:28:9c:70:09:e6:6a:14:07:77:69:50:
40:43:21:18:94:ad:c8:82:e9:4b:57:0f:c6:87:07:b8:56:1b:
63:0c:ae:56:62:74:b6:bf:b4:0a:12:30:6b:80:26:70:3c:04:
0b:1c:42:64:ae:8f:14:74:c3:ba:38:bf:b7:f8:72:f0:37:90:
ba:73:0a:8b:79:9d:7f:18:68:01:1c:d3:34:31:49:58:b7:a3:
fb:b3:7e:c4:ee:4c:80:3a:3d:51:31:e1:94:2c:f7:21:9e:35:
47:bf:90:35:f7:b2:ed:b1:6e:32:40:3d:b0:73:97:43:0a:c9:
5f:7e:e8:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSgQBCFdfgJ67Sg0bWDYqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZmUzMGEwMTQ3ODQ2MjVkYjJjOWRjOTBhZTNjZTE1ZTU0
YTg4ZWMwHhcNMjUxMTExMDUwMTA3WhcNMjUxMTEyMDUwMTA3WjAzMTEwLwYDVQQD
Eyg1NjFkOTFmYzE5ZWVlMjgxZDgyYWIzZmRkNGFkYmFlMTg1NzkyN2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJU1AO+DnzA1wo4L4PV9did2NmvI
Loj7+1mTnve2eHMJaQQE9/2gN018BYF5wvwb1eQDfKwz6DZmvBmW/+DjqT/seSVf
mYNM18esrht9ZWxTCXlSLBM9S22uW1B+hgY6S2JHuJORjum9E130IMeoZO5+DjDv
APnpNUO+BJULJp/7WUVLXRCJ2NHcNn/ishS0iN0XgeQ9hHN1Fppllw+SRQnjREgM
XjbJF6gmU6F4BSPZc2w03pK8rbfHd5maNot5U3jflijjuwpANnBKoqODRzzH5Od8
mHY7AJA3U8Aj4/ffinunt0o61VvzoPINcbSRz1+c/vBIIEjRB5vQXHgCUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFYdkfwZ7uKB2Cqz/dStuuGFeSfoMB8GA1UdIwQY
MBaAFJ3+MKAUeEYl2yydyQrjzhXlSojsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmY0d29CUjRSaVhiTEozSkN1UE9GZVZLaU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zZDE0OTUtMGVmOC00OWIxLTk5ZTIt
NjA0ZTIzNzQ3NzY5LzEvbmY0d29CUjRSaVhiTEozSkN1UE9GZVZLaU93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zZDE0OTUtMGVmOC00OWIxLTk5ZTItNjA0ZTIzNzQ3NzY5
LzEvbmY0d29CUjRSaVhiTEozSkN1UE9GZVZLaU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASN7q+SqW
oD0BOpl7OQIqnPgjFfOmmUh/zqLSK5lkL3nUbNgTNX3ayntXFfWqNQS7EKfGnr2d
IUbN7tDA6wxkm8YnU5gBcuG8QgBQt6OpuyLOT2qNk1x5Sx83eO6MIgnZS2gz4TCS
cypE8YxaAIkAvDsOlbszbxg0UGrGFelBdXHDZ5OH+iiccAnmahQHd2lQQEMhGJSt
yILpS1cPxocHuFYbYwyuVmJ0tr+0ChIwa4AmcDwECxxCZK6PFHTDuji/t/hy8DeQ
unMKi3mdfxhoARzTNDFJWLej+7N+xO5MgDo9UTHhlCz3IZ41R7+QNfey7bFuMkA9
sHOXQwrJX37oAA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:07:00 2025 by rpki-client