Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.mft
File: nlY8Qm0ark7R5_WVNnSQIgiehHk.mft (raw, json)
Hash identifier: lvaAyY2+TRWdudMI8C7/IPuzcwLIav+kdz8nNGwtMag=
Subject key identifier: 43:28:25:E6:21:F4:62:31:82:9A:4E:14:12:EF:04:33:9F:25:0D:7C
Authority key identifier: 9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79
Certificate issuer: /CN=9e563c426d1aae4ed1e7f59536749022089e8479
Certificate serial: 019A73389EF010EA680D027470F1ACAD031E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.mft
Manifest number: 0BE1
Signing time: Tue 11 Nov 2025 14:01:21 +0000
Manifest this update: Tue 11 Nov 2025 14:01:21 +0000
Manifest next update: Wed 12 Nov 2025 14:01:21 +0000
Files and hashes: 1: DLPCyIKM7jz79PsqVnrxNoMgYXE.roa (hash: +QgaTeTZpZ2fDtls8hcOtAF0lYWHQbDmqjy56TBm3AY=)
2: nlY8Qm0ark7R5_WVNnSQIgiehHk.crl (hash: 3yHlronw8m1PFbxzJXQ78PIjuODGqWQ8IG3ynFnpt3Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.mft
rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:9e:f0:10:ea:68:0d:02:74:70:f1:ac:ad:03:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e563c426d1aae4ed1e7f59536749022089e8479
Validity
Not Before: Nov 11 14:01:21 2025 GMT
Not After : Nov 12 14:01:21 2025 GMT
Subject: CN=432825e621f46231829a4e1412ef04339f250d7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:29:7c:40:16:93:ca:38:19:3f:ee:c8:45:7c:
f9:08:46:e2:44:29:fe:83:b5:07:22:f3:46:a2:cb:
6c:92:9c:d2:0a:a9:04:d7:4e:19:da:22:c6:64:94:
e2:c3:2a:da:c5:3b:81:40:a7:dc:e7:5c:ab:a3:69:
8a:3d:41:a6:6b:b9:4d:b4:4e:04:19:a4:25:fb:ef:
f3:4a:8c:d1:8c:29:47:6b:07:5d:f8:dd:06:b6:c0:
7f:04:2f:51:f5:b5:f8:61:e2:69:7a:ea:34:7b:fe:
3d:dc:a7:a0:82:70:f0:d8:b7:4b:1c:56:45:4b:eb:
99:57:e5:e0:53:ac:02:12:5a:8a:d1:95:3a:37:8c:
ce:4b:56:84:f0:01:1f:6b:34:f5:08:83:f4:8b:8d:
e0:c8:dd:a7:31:b6:79:36:a2:7e:60:8f:62:90:da:
1a:52:a3:e3:ba:25:ce:36:3e:ee:22:ee:ef:12:6d:
31:40:fe:14:e2:26:ad:0c:16:db:ba:77:ed:54:ea:
2e:a3:7c:97:62:db:98:2a:97:96:82:a9:9f:26:85:
e0:b2:52:d9:f3:ae:b3:cf:9c:e1:66:3a:4d:fb:04:
00:9c:59:40:92:05:bb:c5:e2:d0:b9:62:90:7a:ff:
72:68:c1:eb:3c:1b:f5:e7:88:c8:d2:96:a3:6e:83:
a4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:28:25:E6:21:F4:62:31:82:9A:4E:14:12:EF:04:33:9F:25:0D:7C
X509v3 Authority Key Identifier:
keyid:9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:fb:69:f4:54:24:63:32:d7:99:c0:1b:97:e3:31:fd:e6:ab:
c8:88:05:cf:3b:6a:ff:5f:c6:55:18:95:70:c6:97:80:6d:98:
76:b8:e9:2b:08:6f:3b:02:b8:3f:52:6a:d7:90:8f:22:77:5f:
8d:27:4d:e5:98:c3:11:34:c0:82:c6:d7:0e:9c:a7:fd:f2:f4:
a9:c8:ad:56:00:f3:c0:84:bc:3f:49:a9:a9:03:8d:70:55:31:
73:8e:38:b5:78:61:67:a3:24:3c:7b:2e:ba:f4:fd:35:ed:2d:
fe:cb:9a:fb:74:d1:89:40:6d:85:70:73:60:0b:47:53:70:7a:
3b:5c:4b:3d:1b:f2:0e:a2:33:df:ae:ab:e5:3e:b1:72:2c:75:
db:53:b1:0e:18:8d:96:e0:7b:36:d8:85:e8:4f:61:59:cd:7a:
31:5f:c0:b6:c9:70:29:72:c6:2b:4e:d6:fb:d3:ea:50:89:12:
0a:5d:ae:f0:12:80:a0:63:dc:cb:77:47:c1:10:77:15:91:d4:
53:2e:88:09:3e:b8:ce:30:10:62:4e:7e:13:4b:ff:dc:2e:8f:
d2:75:d1:cb:dc:fc:28:9a:6c:82:c0:7f:1e:14:8b:da:15:16:
5c:b9:49:2e:23:19:f7:c5:92:33:10:8e:41:c8:82:d5:29:47:
83:ac:08:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOJ7wEOpoDQJ0cPGsrQMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTYzYzQyNmQxYWFlNGVkMWU3ZjU5NTM2NzQ5MDIyMDg5
ZTg0NzkwHhcNMjUxMTExMTQwMTIxWhcNMjUxMTEyMTQwMTIxWjAzMTEwLwYDVQQD
Eyg0MzI4MjVlNjIxZjQ2MjMxODI5YTRlMTQxMmVmMDQzMzlmMjUwZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyl8QBaTyjgZP+7IRXz5CEbiRCn+
g7UHIvNGostskpzSCqkE104Z2iLGZJTiwyraxTuBQKfc51yro2mKPUGma7lNtE4E
GaQl++/zSozRjClHawdd+N0GtsB/BC9R9bX4YeJpeuo0e/493KeggnDw2LdLHFZF
S+uZV+XgU6wCElqK0ZU6N4zOS1aE8AEfazT1CIP0i43gyN2nMbZ5NqJ+YI9ikNoa
UqPjuiXONj7uIu7vEm0xQP4U4iatDBbbunftVOouo3yXYtuYKpeWgqmfJoXgslLZ
866zz5zhZjpN+wQAnFlAkgW7xeLQuWKQev9yaMHrPBv154jI0pajboOk2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEMoJeYh9GIxgppOFBLvBDOfJQ18MB8GA1UdIwQY
MBaAFJ5WPEJtGq5O0ef1lTZ0kCIInoR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAt
YWZiY2YzNjZiYjA3LzEvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAtYWZiY2YzNjZiYjA3
LzEvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFvtp9FQk
YzLXmcAbl+Mx/earyIgFzztq/1/GVRiVcMaXgG2YdrjpKwhvOwK4P1Jq15CPIndf
jSdN5ZjDETTAgsbXDpyn/fL0qcitVgDzwIS8P0mpqQONcFUxc444tXhhZ6MkPHsu
uvT9Ne0t/sua+3TRiUBthXBzYAtHU3B6O1xLPRvyDqIz366r5T6xcix121OxDhiN
luB7NtiF6E9hWc16MV/AtslwKXLGK07W+9PqUIkSCl2u8BKAoGPcy3dHwRB3FZHU
Uy6ICT64zjAQYk5+E0v/3C6P0nXRy9z8KJpsgsB/HhSL2hUWXLlJLiMZ98WSMxCO
QciC1SlHg6wIug==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:39:25 2025 by rpki-client