Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
File: NADZSQmD598yx88Xyh6tTwX3lkY.mft (raw, json)
Hash identifier: W7wA+rSw6KCUzx2jn3aUda88Tq9Y+7k4P/NBe4euBwQ=
Subject key identifier: BA:A8:3B:B2:8B:31:97:01:7D:C3:C6:2C:AB:F1:F6:62:56:F7:B6:EF
Authority key identifier: 34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
Certificate issuer: /CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Certificate serial: 019A23D2D60CAC3AB1B3E36AEFB0373060FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
Manifest number: 0869
Signing time: Mon 27 Oct 2025 04:00:11 +0000
Manifest this update: Mon 27 Oct 2025 04:00:11 +0000
Manifest next update: Tue 28 Oct 2025 04:00:11 +0000
Files and hashes: 1: NADZSQmD598yx88Xyh6tTwX3lkY.crl (hash: qECW2bv+S/VMEjdUyF28dGZqwLaJCp3UkLV22bunSxI=)
2: wGV9gdNmWFtWWUn9dwqAU6O3Xlw.roa (hash: e5ewBGv57i41ziAigHZZOeL98kqI4hYVQ5SbzM8SjnI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 04:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:23:d2:d6:0c:ac:3a:b1:b3:e3:6a:ef:b0:37:30:60:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Validity
Not Before: Oct 27 04:00:11 2025 GMT
Not After : Oct 28 04:00:11 2025 GMT
Subject: CN=baa83bb28b3197017dc3c62cabf1f66256f7b6ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b5:1e:71:46:2e:47:7f:b9:f0:f7:fa:9a:9c:
2e:45:2d:bd:71:c8:91:29:4d:1f:fb:45:2c:17:71:
fe:44:0b:6c:19:0c:27:73:2e:17:b3:c0:bc:37:e6:
fa:f8:c3:38:66:91:5c:d2:3e:fe:ef:8e:a1:78:f5:
01:54:96:6c:7c:53:a9:eb:cb:24:e9:2f:3e:cd:14:
9a:85:68:01:7e:ab:40:90:02:4a:81:8e:73:f5:a6:
2f:ce:ef:4e:1c:36:ab:5b:dc:27:f7:b4:cd:84:ab:
9d:d0:d4:ee:78:52:78:9d:22:83:d9:aa:4c:91:a6:
a8:08:4a:f3:b5:52:ad:85:6c:31:a6:50:a4:d3:5d:
64:10:7b:2d:c9:e5:a5:45:b3:5c:e5:9c:90:47:fc:
c8:72:38:fd:6d:f6:cb:d8:a3:94:f9:9e:60:7b:f0:
d7:ba:3b:b3:28:75:47:0c:4b:0c:b4:2c:87:f2:07:
61:73:f8:ad:05:c6:46:91:20:1a:23:6d:21:bd:79:
7f:73:f1:99:ca:6d:21:ff:47:79:90:0b:62:1a:cd:
8b:61:49:18:dc:db:30:f7:41:8c:0e:74:fb:76:89:
04:79:d9:1a:51:88:56:48:eb:b6:16:95:c5:e3:f9:
cf:08:4e:20:21:ae:92:3e:f0:39:1c:2a:0e:31:ca:
78:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A8:3B:B2:8B:31:97:01:7D:C3:C6:2C:AB:F1:F6:62:56:F7:B6:EF
X509v3 Authority Key Identifier:
keyid:34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:c3:6c:34:72:3d:ba:0f:14:4d:c3:31:05:82:ad:f2:ad:2e:
7a:bf:8d:2a:9f:60:fa:9e:fb:ca:84:d5:7b:5b:0e:b8:3e:eb:
e6:52:1c:0a:68:f4:33:9d:3d:cb:17:6c:04:79:fe:c6:64:d1:
33:8c:4e:ce:99:c8:87:bf:90:07:e7:71:4e:34:36:dd:ac:f5:
1d:77:2c:ed:ad:32:f0:cd:43:04:cb:5d:1b:1b:19:cd:a4:d5:
6f:ca:1d:92:54:3e:65:00:07:d8:53:a7:a8:df:e6:d4:51:48:
49:33:8f:b0:65:2c:d7:e9:75:76:0b:55:0f:de:bd:2f:2c:c6:
7e:01:6b:3f:e3:d5:41:87:25:df:78:1b:16:2d:df:51:d9:be:
66:4a:07:1b:ac:12:70:97:9c:4d:95:1f:8c:ad:25:41:72:6e:
1d:66:e8:83:13:2c:e0:15:80:3e:c3:e3:df:06:3b:38:24:bd:
70:1f:50:c1:76:bb:c0:bc:71:82:6a:4f:8e:66:2d:fc:0c:a6:
50:44:8b:f2:c1:2e:9f:22:59:7d:8a:46:e2:f8:0f:14:43:23:
7c:50:d1:17:41:ea:3b:9f:4f:f6:6f:e9:0c:d5:88:26:26:20:
c1:12:73:0d:40:5f:dc:ed:34:d6:02:c9:d9:dc:e1:53:58:20:
02:4b:8a:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoj0tYMrDqxs+Nq77A3MGD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDBkOTQ5MDk4M2U3ZGYzMmM3Y2YxN2NhMWVhZDRmMDVm
Nzk2NDYwHhcNMjUxMDI3MDQwMDExWhcNMjUxMDI4MDQwMDExWjAzMTEwLwYDVQQD
EyhiYWE4M2JiMjhiMzE5NzAxN2RjM2M2MmNhYmYxZjY2MjU2ZjdiNmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrUecUYuR3+58Pf6mpwuRS29cciR
KU0f+0UsF3H+RAtsGQwncy4Xs8C8N+b6+MM4ZpFc0j7+746hePUBVJZsfFOp68sk
6S8+zRSahWgBfqtAkAJKgY5z9aYvzu9OHDarW9wn97TNhKud0NTueFJ4nSKD2apM
kaaoCErztVKthWwxplCk011kEHstyeWlRbNc5ZyQR/zIcjj9bfbL2KOU+Z5ge/DX
ujuzKHVHDEsMtCyH8gdhc/itBcZGkSAaI20hvXl/c/GZym0h/0d5kAtiGs2LYUkY
3Nsw90GMDnT7dokEedkaUYhWSOu2FpXF4/nPCE4gIa6SPvA5HCoOMcp45wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLqoO7KLMZcBfcPGLKvx9mJW97bvMB8GA1UdIwQY
MBaAFDQA2UkJg+ffMsfPF8oerU8F95ZGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYt
ZjQ5NDZmMDNmNTQyLzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYtZjQ5NDZmMDNmNTQy
LzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU8NsNHI9
ug8UTcMxBYKt8q0uer+NKp9g+p77yoTVe1sOuD7r5lIcCmj0M509yxdsBHn+xmTR
M4xOzpnIh7+QB+dxTjQ23az1HXcs7a0y8M1DBMtdGxsZzaTVb8odklQ+ZQAH2FOn
qN/m1FFISTOPsGUs1+l1dgtVD969LyzGfgFrP+PVQYcl33gbFi3fUdm+ZkoHG6wS
cJecTZUfjK0lQXJuHWbogxMs4BWAPsPj3wY7OCS9cB9QwXa7wLxxgmpPjmYt/Aym
UESL8sEunyJZfYpG4vgPFEMjfFDRF0HqO59P9m/pDNWIJiYgwRJzDUBf3O001gLJ
2dzhU1ggAkuK2g==
-----END CERTIFICATE-----
Generated at Mon Oct 27 09:23:35 2025 by rpki-client