Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft
File: nDKfMzH1ND8pDrSkHxbENjooLJA.mft (raw, json)
Hash identifier: arNC2Cckxtf2w0oOcF8fGqbFjWdqdxwMDzQVTEy8mZ8=
Subject key identifier: 2D:07:23:AB:C8:75:D4:CF:F9:E7:59:D8:CB:C6:FB:A0:67:FD:23:38
Authority key identifier: 9C:32:9F:33:31:F5:34:3F:29:0E:B4:A4:1F:16:C4:36:3A:28:2C:90
Certificate issuer: /CN=9c329f3331f5343f290eb4a41f16c4363a282c90
Certificate serial: 019A7225BD4B08B45A9CE783D79926D77DDD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 09:01:07 +0000
Manifest this update: Tue 11 Nov 2025 09:01:07 +0000
Manifest next update: Wed 12 Nov 2025 09:01:07 +0000
Files and hashes: 1: nDKfMzH1ND8pDrSkHxbENjooLJA.crl (hash: VsDYr4eYS/2peQATMfocuEjAhxhmanyYUFOxahcT+AU=)
2: xXqtZaQE8p1BJ-LrGDHK3ctGl88.roa (hash: 19HlQM5dbXIMn5dc2AbBJAmDmCjDbQENEnPoWF/ZUJA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:bd:4b:08:b4:5a:9c:e7:83:d7:99:26:d7:7d:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c329f3331f5343f290eb4a41f16c4363a282c90
Validity
Not Before: Nov 11 09:01:07 2025 GMT
Not After : Nov 12 09:01:07 2025 GMT
Subject: CN=2d0723abc875d4cff9e759d8cbc6fba067fd2338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:eb:2e:b8:1e:fa:fe:21:30:01:41:c6:d1:1d:
3a:5a:fb:16:46:d9:af:17:6b:ee:7d:21:65:fc:9c:
38:b0:d6:d5:09:9e:c0:c5:7a:40:9f:12:76:1a:b3:
af:97:7d:30:7b:a9:56:d4:96:c4:16:de:f8:93:45:
4a:01:11:08:fa:61:d8:4b:70:95:2d:3b:8a:42:35:
59:0d:1f:20:3a:e2:f2:03:8d:9f:c5:79:4c:ff:b7:
cc:4d:fa:07:a3:4e:06:18:4c:29:c8:d0:e8:28:9c:
87:f3:ae:d0:75:61:11:34:91:0a:60:59:e0:8b:07:
d4:7b:d6:1c:57:43:53:88:03:58:47:97:0b:6e:26:
e8:28:d5:b6:67:2e:98:24:3b:f7:84:68:6a:5c:40:
13:9b:90:9b:da:52:11:4e:1a:87:36:40:b3:3e:99:
dc:52:49:62:91:fb:ff:b2:06:eb:f2:8c:31:4f:88:
56:f9:cb:d3:e3:a4:4e:f6:45:3e:bf:ad:81:da:46:
79:c0:0c:a7:02:54:d0:37:1a:78:d0:fc:02:5b:b2:
f3:12:7e:a2:f9:2e:0a:b6:27:d8:f1:72:99:ad:32:
e3:30:cf:07:23:23:0d:8c:2c:7c:13:4d:14:40:c6:
44:73:0a:05:9b:b9:83:9a:3b:06:42:0b:ca:11:1f:
05:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:07:23:AB:C8:75:D4:CF:F9:E7:59:D8:CB:C6:FB:A0:67:FD:23:38
X509v3 Authority Key Identifier:
keyid:9C:32:9F:33:31:F5:34:3F:29:0E:B4:A4:1F:16:C4:36:3A:28:2C:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:a4:a6:96:58:92:9c:e2:6f:1f:c7:47:6e:eb:0b:67:cc:ab:
a9:0c:cd:00:e3:f2:df:7b:86:38:dc:36:35:59:70:65:94:27:
b4:72:cf:14:34:65:05:a8:d4:39:44:9d:f3:ca:29:47:f0:55:
7e:56:a6:b9:41:9e:0b:f4:df:f9:34:19:be:4e:4a:63:b0:32:
f1:bd:25:47:d6:23:89:22:b7:af:57:34:7b:cd:c8:fb:8c:9f:
e1:02:56:95:4b:ef:6e:aa:65:3b:87:ba:30:8c:31:cc:3b:a0:
75:9b:e9:ad:7e:c7:54:a3:65:d9:82:d6:f4:82:1c:ac:89:b0:
33:a7:25:92:e4:03:27:41:bd:ab:5a:ae:a1:5a:9d:fa:bd:fa:
a8:a8:3c:5b:d0:d9:ab:c1:21:14:db:9b:0a:db:cf:4b:85:04:
3c:45:1e:e0:06:19:6d:16:30:10:8a:bb:7b:b5:69:56:a6:b8:
47:16:ab:4f:23:43:95:ee:f4:95:30:48:b9:c9:76:f5:4c:b7:
e8:91:fe:2c:b9:e4:83:91:2f:43:65:5b:1b:2e:b1:d0:84:0e:
81:78:60:7b:6f:a3:ee:fb:a5:db:94:3c:6b:29:c5:ee:7d:c1:
d9:60:02:28:27:44:be:66:58:11:03:7e:d6:8d:db:c1:a0:df:
69:6f:d9:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJb1LCLRanOeD15km133dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMzI5ZjMzMzFmNTM0M2YyOTBlYjRhNDFmMTZjNDM2M2Ey
ODJjOTAwHhcNMjUxMTExMDkwMTA3WhcNMjUxMTEyMDkwMTA3WjAzMTEwLwYDVQQD
EygyZDA3MjNhYmM4NzVkNGNmZjllNzU5ZDhjYmM2ZmJhMDY3ZmQyMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+suuB76/iEwAUHG0R06WvsWRtmv
F2vufSFl/Jw4sNbVCZ7AxXpAnxJ2GrOvl30we6lW1JbEFt74k0VKAREI+mHYS3CV
LTuKQjVZDR8gOuLyA42fxXlM/7fMTfoHo04GGEwpyNDoKJyH867QdWERNJEKYFng
iwfUe9YcV0NTiANYR5cLbiboKNW2Zy6YJDv3hGhqXEATm5Cb2lIRThqHNkCzPpnc
Uklikfv/sgbr8owxT4hW+cvT46RO9kU+v62B2kZ5wAynAlTQNxp40PwCW7LzEn6i
+S4KtifY8XKZrTLjMM8HIyMNjCx8E00UQMZEcwoFm7mDmjsGQgvKER8FawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC0HI6vIddTP+edZ2MvG+6Bn/SM4MB8GA1UdIwQY
MBaAFJwynzMx9TQ/KQ60pB8WxDY6KCyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82MjQyMjAtYzA3Ni00YTFkLWFlZmIt
YjdmNWQ0Mzk1Y2MwLzEvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82MjQyMjAtYzA3Ni00YTFkLWFlZmItYjdmNWQ0Mzk1Y2Mw
LzEvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqqSmlliS
nOJvH8dHbusLZ8yrqQzNAOPy33uGONw2NVlwZZQntHLPFDRlBajUOUSd88opR/BV
flamuUGeC/Tf+TQZvk5KY7Ay8b0lR9YjiSK3r1c0e83I+4yf4QJWlUvvbqplO4e6
MIwxzDugdZvprX7HVKNl2YLW9IIcrImwM6clkuQDJ0G9q1quoVqd+r36qKg8W9DZ
q8EhFNubCtvPS4UEPEUe4AYZbRYwEIq7e7VpVqa4RxarTyNDle70lTBIucl29Uy3
6JH+LLnkg5EvQ2VbGy6x0IQOgXhge2+j7vul25Q8aynF7n3B2WACKCdEvmZYEQN+
1o3bwaDfaW/ZVQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:39:11 2025 by rpki-client