Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
File: NADZSQmD598yx88Xyh6tTwX3lkY.mft (raw, json)
Hash identifier: t5xEijUfvbK2Fse/cN3m0YkRI2KML+5mgVnBlGPjLys=
Subject key identifier: 98:24:37:91:ED:50:4C:42:96:A8:C1:57:4D:8C:2E:6F:AD:6E:D6:3A
Authority key identifier: 34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
Certificate issuer: /CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Certificate serial: 01975D259189712D4A6E14803271E077ACC4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
Manifest number: 06F9
Signing time: Wed 11 Jun 2025 04:00:32 +0000
Manifest this update: Wed 11 Jun 2025 04:00:32 +0000
Manifest next update: Thu 12 Jun 2025 04:00:32 +0000
Files and hashes: 1: NADZSQmD598yx88Xyh6tTwX3lkY.crl (hash: FPGj7g3PZhKuaa31fAKcfIsThfcsshW+blJhWkqxYh4=)
2: wGV9gdNmWFtWWUn9dwqAU6O3Xlw.roa (hash: e5ewBGv57i41ziAigHZZOeL98kqI4hYVQ5SbzM8SjnI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 23:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:25:91:89:71:2d:4a:6e:14:80:32:71:e0:77:ac:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Validity
Not Before: Jun 11 04:00:32 2025 GMT
Not After : Jun 12 04:00:32 2025 GMT
Subject: CN=98243791ed504c4296a8c1574d8c2e6fad6ed63a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:65:f4:73:e8:bb:08:8b:e5:9e:9d:83:fe:e9:
b9:38:13:02:10:28:de:b9:ac:10:32:98:68:ce:e1:
45:4b:b5:d8:f5:3f:e8:f8:b8:ff:af:93:f4:ee:7f:
f1:f3:81:ee:56:c6:8b:f0:5c:21:a0:2c:30:a7:54:
e4:b8:2c:35:6b:a0:17:b6:9b:7e:ad:b6:5a:80:f7:
87:86:5d:81:06:1c:83:75:6c:7d:9a:0a:80:96:bc:
f4:1d:fb:94:a8:35:29:dd:e4:f3:34:1b:68:93:76:
0e:18:af:26:7d:86:ee:47:b8:92:c5:33:28:f7:4b:
9b:4c:ce:8b:1a:66:75:3f:e8:05:f7:42:56:d9:e9:
c7:cd:e7:93:bb:dc:c7:c7:3c:bd:b7:47:56:db:fd:
77:23:1b:1f:70:b8:3a:14:1f:ec:c4:bb:be:e4:f1:
80:cb:01:ab:ef:d3:e5:79:9b:6f:ad:e1:d8:ed:3e:
50:b9:ac:fa:63:57:9d:ed:e1:cb:65:63:94:f5:41:
16:06:6e:11:9c:f7:03:be:09:8f:56:22:25:57:af:
39:ef:d3:c0:e9:ca:7f:2b:1c:7f:bb:d6:e8:62:94:
7d:5e:53:15:a7:84:8a:d2:ff:61:4a:f8:de:1f:40:
60:20:b6:98:be:6d:b3:ce:cc:92:e7:5a:e2:8e:73:
74:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:24:37:91:ED:50:4C:42:96:A8:C1:57:4D:8C:2E:6F:AD:6E:D6:3A
X509v3 Authority Key Identifier:
keyid:34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bc:ab:f0:c6:2f:44:6e:e4:af:d2:67:6a:a0:9b:f6:cf:39:1f:
85:6f:60:03:88:88:3b:93:18:68:44:c1:9a:0d:06:7f:2a:75:
01:6d:c4:ea:59:ea:ad:8c:5e:de:6d:82:e6:87:2f:34:99:4e:
7f:5f:4d:b2:84:78:f8:e4:b1:de:c4:27:85:a9:9b:e6:96:9c:
0d:49:16:72:2f:01:f4:14:21:d6:6b:8b:94:1c:24:38:95:3f:
61:58:c3:1f:10:51:d2:0e:08:db:63:80:35:8f:1d:c7:4d:18:
2b:e0:08:e6:45:c3:53:04:74:4d:3d:ec:a6:f8:49:3c:57:fd:
24:4e:f4:34:15:07:9f:99:0d:66:45:ff:bf:a7:cf:9b:db:b8:
70:cc:22:b6:e6:36:93:6a:d7:f4:77:17:9b:e9:43:2e:e7:79:
31:5d:fe:7d:6b:a6:45:7e:2e:eb:d8:8a:55:11:95:c2:a4:41:
cd:60:9d:dc:c1:d6:de:36:d6:79:c7:d9:d7:ed:71:6a:65:60:
f6:82:88:1d:32:f2:79:c4:48:9e:6f:10:ab:1c:10:2b:d0:a8:
91:6b:5c:ad:5f:0e:26:9e:1e:65:5e:08:db:7d:2b:91:67:c8:
b0:47:1f:c6:19:cd:5c:15:1b:71:b9:6d:9a:01:ca:40:77:df:
0d:01:29:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddJZGJcS1KbhSAMnHgd6zEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDBkOTQ5MDk4M2U3ZGYzMmM3Y2YxN2NhMWVhZDRmMDVm
Nzk2NDYwHhcNMjUwNjExMDQwMDMyWhcNMjUwNjEyMDQwMDMyWjAzMTEwLwYDVQQD
Eyg5ODI0Mzc5MWVkNTA0YzQyOTZhOGMxNTc0ZDhjMmU2ZmFkNmVkNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2X0c+i7CIvlnp2D/um5OBMCECje
uawQMphozuFFS7XY9T/o+Lj/r5P07n/x84HuVsaL8FwhoCwwp1TkuCw1a6AXtpt+
rbZagPeHhl2BBhyDdWx9mgqAlrz0HfuUqDUp3eTzNBtok3YOGK8mfYbuR7iSxTMo
90ubTM6LGmZ1P+gF90JW2enHzeeTu9zHxzy9t0dW2/13IxsfcLg6FB/sxLu+5PGA
ywGr79PleZtvreHY7T5Quaz6Y1ed7eHLZWOU9UEWBm4RnPcDvgmPViIlV68579PA
6cp/Kxx/u9boYpR9XlMVp4SK0v9hSvjeH0BgILaYvm2zzsyS51rijnN0WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgkN5HtUExClqjBV02MLm+tbtY6MB8GA1UdIwQY
MBaAFDQA2UkJg+ffMsfPF8oerU8F95ZGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYt
ZjQ5NDZmMDNmNTQyLzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYtZjQ5NDZmMDNmNTQy
LzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvKvwxi9E
buSv0mdqoJv2zzkfhW9gA4iIO5MYaETBmg0Gfyp1AW3E6lnqrYxe3m2C5ocvNJlO
f19NsoR4+OSx3sQnhamb5pacDUkWci8B9BQh1muLlBwkOJU/YVjDHxBR0g4I22OA
NY8dx00YK+AI5kXDUwR0TT3spvhJPFf9JE70NBUHn5kNZkX/v6fPm9u4cMwituY2
k2rX9HcXm+lDLud5MV3+fWumRX4u69iKVRGVwqRBzWCd3MHW3jbWecfZ1+1xamVg
9oKIHTLyecRInm8QqxwQK9CokWtcrV8OJp4eZV4I230rkWfIsEcfxhnNXBUbcblt
mgHKQHffDQEpHg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:31:55 2025 by rpki-client