
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
File: NADZSQmD598yx88Xyh6tTwX3lkY.mft (raw, json)
Hash identifier: sNyItSdszls/lut63k1CrnIsLbolPZv2n4bZyPjjgwk=
Subject key identifier: BF:3C:E4:B9:7B:A3:C7:F2:7C:09:1D:8A:08:9D:51:6A:5D:14:DD:7D
Authority key identifier: 34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
Certificate issuer: /CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Certificate serial: 019764DF2BC1499B5F2942F3FA5545F505E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
Manifest number: 06FD
Signing time: Thu 12 Jun 2025 16:00:36 +0000
Manifest this update: Thu 12 Jun 2025 16:00:36 +0000
Manifest next update: Fri 13 Jun 2025 16:00:36 +0000
Files and hashes: 1: NADZSQmD598yx88Xyh6tTwX3lkY.crl (hash: 5RP0MTWMADG0s+gzLdlAW0LUrRZOfJbKhf464ZP5Vn8=)
2: wGV9gdNmWFtWWUn9dwqAU6O3Xlw.roa (hash: e5ewBGv57i41ziAigHZZOeL98kqI4hYVQ5SbzM8SjnI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 13:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:64:df:2b:c1:49:9b:5f:29:42:f3:fa:55:45:f5:05:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Validity
Not Before: Jun 12 16:00:36 2025 GMT
Not After : Jun 13 16:00:36 2025 GMT
Subject: CN=bf3ce4b97ba3c7f27c091d8a089d516a5d14dd7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:65:d7:f6:b4:e9:65:e5:73:44:f1:be:eb:9c:
0b:96:ab:95:72:3e:20:ef:6e:7c:a4:18:6d:8c:22:
07:d7:b7:bc:db:99:64:af:12:c7:cd:89:d5:4c:93:
5e:5c:21:67:0a:bd:34:13:2d:6f:7e:66:2e:92:74:
05:c9:ea:e2:8c:73:f3:e0:36:24:4d:99:6b:d2:53:
a9:7c:dc:93:fa:34:18:a9:8a:b4:ea:c6:18:95:2f:
7f:24:6e:23:a0:a4:50:42:ff:fb:17:2b:d5:61:41:
f4:cd:fa:b3:b4:d7:b1:2e:c3:df:5e:5f:fa:47:62:
6c:c8:19:51:d3:b8:3e:b4:d1:fe:a2:6b:2b:36:d1:
e1:75:18:2e:75:83:38:68:1f:da:06:97:d9:97:f6:
39:00:d5:36:a6:2d:20:ac:8b:f1:64:37:74:13:ca:
02:ce:6c:65:15:cf:fc:88:a1:26:21:6c:06:7a:4d:
32:e6:91:69:14:ec:8c:28:ea:4d:6d:25:e4:0d:7e:
91:5d:20:99:23:6c:da:50:c5:76:f3:ac:23:4d:ff:
43:ce:91:b3:9f:46:c7:5d:f9:68:8e:00:8c:c0:21:
eb:f0:51:46:05:9b:77:44:eb:ed:d9:14:df:f4:bc:
69:5c:1f:3d:7b:e2:1d:2c:ba:4b:bd:6f:81:42:0e:
71:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3C:E4:B9:7B:A3:C7:F2:7C:09:1D:8A:08:9D:51:6A:5D:14:DD:7D
X509v3 Authority Key Identifier:
keyid:34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:99:02:ec:f7:26:50:35:c8:bf:a9:f6:d9:c8:17:35:3a:d3:
3b:15:e4:3a:4c:ed:4a:d5:01:df:a0:fb:8f:49:05:76:7c:d1:
60:00:46:cb:20:f6:4b:22:94:cf:ea:fb:06:d6:4e:27:b5:57:
e2:e6:f4:cc:c2:78:6e:82:fc:2c:d1:20:e6:c1:64:dc:15:f1:
89:35:c7:0a:79:b1:a6:fc:e1:24:a5:f4:31:72:47:d0:c3:d0:
63:ae:eb:36:d0:7b:1c:00:ef:e0:2c:87:ce:0d:81:63:1c:3e:
a8:a7:a6:47:1a:98:af:6f:e6:bb:1f:38:7e:ab:4d:1d:bd:8d:
bf:32:eb:7f:1b:22:f0:fe:72:1c:39:1b:f5:29:ee:fb:67:98:
8b:2e:b6:57:0b:56:64:03:47:e9:8e:f8:14:f5:83:06:be:18:
5c:d4:9d:d0:7e:64:5c:b4:c9:df:17:43:49:e6:ef:fa:54:68:
71:80:bf:3c:19:0e:d7:13:df:d8:af:3d:38:62:2c:01:6d:d6:
60:0e:5f:be:6b:7f:99:15:1d:50:cb:1f:70:0a:07:90:78:12:
81:e1:82:c2:9e:7d:c4:47:b4:0e:6c:06:10:1c:aa:d1:f8:1b:
e6:d3:f6:a7:8f:ef:61:a2:83:7a:a5:10:bc:a7:4d:d6:91:0d:
7a:56:46:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdk3yvBSZtfKULz+lVF9QXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDBkOTQ5MDk4M2U3ZGYzMmM3Y2YxN2NhMWVhZDRmMDVm
Nzk2NDYwHhcNMjUwNjEyMTYwMDM2WhcNMjUwNjEzMTYwMDM2WjAzMTEwLwYDVQQD
EyhiZjNjZTRiOTdiYTNjN2YyN2MwOTFkOGEwODlkNTE2YTVkMTRkZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2XX9rTpZeVzRPG+65wLlquVcj4g
7258pBhtjCIH17e825lkrxLHzYnVTJNeXCFnCr00Ey1vfmYuknQFyerijHPz4DYk
TZlr0lOpfNyT+jQYqYq06sYYlS9/JG4joKRQQv/7FyvVYUH0zfqztNexLsPfXl/6
R2JsyBlR07g+tNH+omsrNtHhdRgudYM4aB/aBpfZl/Y5ANU2pi0grIvxZDd0E8oC
zmxlFc/8iKEmIWwGek0y5pFpFOyMKOpNbSXkDX6RXSCZI2zaUMV286wjTf9DzpGz
n0bHXflojgCMwCHr8FFGBZt3ROvt2RTf9LxpXB89e+IdLLpLvW+BQg5xdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL885Ll7o8fyfAkdigidUWpdFN19MB8GA1UdIwQY
MBaAFDQA2UkJg+ffMsfPF8oerU8F95ZGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYt
ZjQ5NDZmMDNmNTQyLzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYtZjQ5NDZmMDNmNTQy
LzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM5kC7Pcm
UDXIv6n22cgXNTrTOxXkOkztStUB36D7j0kFdnzRYABGyyD2SyKUz+r7BtZOJ7VX
4ub0zMJ4boL8LNEg5sFk3BXxiTXHCnmxpvzhJKX0MXJH0MPQY67rNtB7HADv4CyH
zg2BYxw+qKemRxqYr2/mux84fqtNHb2NvzLrfxsi8P5yHDkb9Snu+2eYiy62VwtW
ZANH6Y74FPWDBr4YXNSd0H5kXLTJ3xdDSebv+lRocYC/PBkO1xPf2K89OGIsAW3W
YA5fvmt/mRUdUMsfcAoHkHgSgeGCwp59xEe0DmwGEByq0fgb5tP2p4/vYaKDeqUQ
vKdN1pENelZGVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 17:49:19 2025 by rpki-client