Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
File: nGfqNKARpHc4cVg-w5VOeR2MAo0.mft (raw, json)
Hash identifier: DMeDQ7+nXqlx7f4jToFM6leNAyOp+Z9Won5RPRHHPV8=
Subject key identifier: 53:73:3A:2E:23:F6:0A:8B:AA:48:08:2B:09:C3:F2:5B:F7:E0:80:21
Authority key identifier: 9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D
Certificate issuer: /CN=9c67ea34a011a4773871583ec3954e791d8c028d
Certificate serial: 019A7293F18EE544CF9510A06D43C060DCAC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
Manifest number: 0E04
Signing time: Tue 11 Nov 2025 11:01:29 +0000
Manifest this update: Tue 11 Nov 2025 11:01:29 +0000
Manifest next update: Wed 12 Nov 2025 11:01:29 +0000
Files and hashes: 1: NCPzn1GpZq4vT4gRDeBcmpEUhRQ.roa (hash: Vq8Q1+OKJnlcLx/yX0O6NcYNdeQRXSpw2T1WMWL6+Zw=)
2: nGfqNKARpHc4cVg-w5VOeR2MAo0.crl (hash: 3WdczYDYz77nQ1Q6PNukBSU8vW+FkTy6v2dCBM0p01s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:f1:8e:e5:44:cf:95:10:a0:6d:43:c0:60:dc:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c67ea34a011a4773871583ec3954e791d8c028d
Validity
Not Before: Nov 11 11:01:29 2025 GMT
Not After : Nov 12 11:01:29 2025 GMT
Subject: CN=53733a2e23f60a8baa48082b09c3f25bf7e08021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b2:1b:2b:cb:cd:d9:5f:3e:23:54:bd:0b:85:
3d:e7:23:f2:2b:87:7a:a0:c7:08:02:f7:a0:12:99:
b0:11:3a:0c:e0:99:40:88:ab:5e:48:c1:09:e9:a3:
65:9d:e1:37:45:a3:9e:30:62:bc:fa:ab:5f:96:ab:
c3:02:96:37:f1:df:af:af:de:ab:5f:6f:f3:fe:05:
ce:07:06:68:24:d4:69:1e:43:d4:df:7b:45:26:9e:
b1:ae:2b:3d:c3:1a:de:0e:6e:b8:99:c4:6f:f2:5d:
c8:14:1b:21:c0:1b:b4:e7:72:04:c0:55:27:a4:3a:
d6:bd:95:9c:5f:68:d7:55:79:71:46:55:90:76:1d:
f3:50:ff:fa:40:9e:e6:00:f7:86:2d:be:44:b0:76:
47:d0:cd:b6:82:a3:52:db:cf:52:09:b3:74:ed:45:
8f:d1:4c:47:c1:52:ff:1b:e0:43:ee:d1:5c:8d:8e:
8d:4b:8a:a7:9b:23:65:b5:d0:63:77:84:56:e1:ab:
12:34:4b:12:66:6b:c3:2c:df:06:b3:83:16:36:c8:
dd:c3:67:17:4a:a0:1c:aa:16:0d:f6:6f:01:57:35:
c2:5c:ad:ac:cc:3a:ca:42:23:90:9d:f4:7b:76:47:
de:19:29:81:db:72:45:1a:c9:0a:c0:62:a6:fe:6a:
7c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:73:3A:2E:23:F6:0A:8B:AA:48:08:2B:09:C3:F2:5B:F7:E0:80:21
X509v3 Authority Key Identifier:
keyid:9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:25:b2:b4:8c:54:2b:6a:dc:99:b8:e2:89:43:d9:fb:62:40:
df:44:e0:fc:3c:0b:b5:76:91:55:ec:a3:cc:1c:13:0b:de:79:
c0:fd:b7:b6:ab:38:70:ee:41:a9:ee:46:d8:fb:e2:50:d5:70:
df:0b:97:9a:27:ae:b2:83:cf:ec:a6:20:35:aa:79:4b:8c:b5:
bb:ab:84:6e:7f:99:69:a5:15:55:1a:5c:af:97:82:6e:72:b0:
3d:8a:90:d4:c3:f0:de:01:3e:15:c0:8d:c6:0e:4c:d8:61:c8:
7b:13:82:3c:20:cf:e8:37:e9:aa:ad:36:ae:08:95:53:13:2e:
ee:f8:3b:0c:6d:ac:13:c6:6d:2d:b9:ef:f8:da:5c:a8:0e:00:
9b:79:d1:46:62:bb:db:95:c3:10:6d:fd:20:c7:c6:d9:b9:73:
8a:aa:b4:b6:5a:5b:8c:54:a1:9f:04:71:9a:71:69:fe:ad:02:
7d:16:36:f2:7e:0a:93:e7:a9:38:a4:7b:59:29:73:f9:e1:e1:
d9:ee:0b:cf:5e:14:b1:7a:dd:1a:40:1a:dc:2a:40:ca:a8:58:
49:f3:10:af:f9:3b:30:35:30:5c:fb:b0:33:d4:88:a2:5d:88:
87:2d:aa:a4:3c:ac:53:ea:40:89:92:fc:f8:b5:87:95:a0:dd:
a1:a2:92:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk/GO5UTPlRCgbUPAYNysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNjdlYTM0YTAxMWE0NzczODcxNTgzZWMzOTU0ZTc5MWQ4
YzAyOGQwHhcNMjUxMTExMTEwMTI5WhcNMjUxMTEyMTEwMTI5WjAzMTEwLwYDVQQD
Eyg1MzczM2EyZTIzZjYwYThiYWE0ODA4MmIwOWMzZjI1YmY3ZTA4MDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLIbK8vN2V8+I1S9C4U95yPyK4d6
oMcIAvegEpmwEToM4JlAiKteSMEJ6aNlneE3RaOeMGK8+qtflqvDApY38d+vr96r
X2/z/gXOBwZoJNRpHkPU33tFJp6xris9wxreDm64mcRv8l3IFBshwBu053IEwFUn
pDrWvZWcX2jXVXlxRlWQdh3zUP/6QJ7mAPeGLb5EsHZH0M22gqNS289SCbN07UWP
0UxHwVL/G+BD7tFcjY6NS4qnmyNltdBjd4RW4asSNEsSZmvDLN8Gs4MWNsjdw2cX
SqAcqhYN9m8BVzXCXK2szDrKQiOQnfR7dkfeGSmB23JFGskKwGKm/mp8YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFNzOi4j9gqLqkgIKwnD8lv34IAhMB8GA1UdIwQY
MBaAFJxn6jSgEaR3OHFYPsOVTnkdjAKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgt
ODJjNjdjNjllOTIzLzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgtODJjNjdjNjllOTIz
LzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARCWytIxU
K2rcmbjiiUPZ+2JA30Tg/DwLtXaRVeyjzBwTC955wP23tqs4cO5Bqe5G2PviUNVw
3wuXmieusoPP7KYgNap5S4y1u6uEbn+ZaaUVVRpcr5eCbnKwPYqQ1MPw3gE+FcCN
xg5M2GHIexOCPCDP6Dfpqq02rgiVUxMu7vg7DG2sE8ZtLbnv+NpcqA4Am3nRRmK7
25XDEG39IMfG2blziqq0tlpbjFShnwRxmnFp/q0CfRY28n4Kk+epOKR7WSlz+eHh
2e4Lz14UsXrdGkAa3CpAyqhYSfMQr/k7MDUwXPuwM9SIol2Ihy2qpDysU+pAiZL8
+LWHlaDdoaKSbw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:40:22 2025 by rpki-client