Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/1b55df-3012-4c03-8a1d-b631c6d1c5e8/1/M-9NaJSNJyyfOEhtdTIRy16oTis.mft
File: M-9NaJSNJyyfOEhtdTIRy16oTis.mft (raw, json)
Hash identifier: Parf2mwgg2WIcQ9AEXMatMYJthig3y9k/Ldtnn66B1c=
Subject key identifier: 66:FB:F5:C9:A1:7A:0F:3F:E7:CE:FB:46:62:2C:30:9E:AD:81:62:59
Authority key identifier: 33:EF:4D:68:94:8D:27:2C:9F:38:48:6D:75:32:11:CB:5E:A8:4E:2B
Certificate issuer: /CN=33ef4d68948d272c9f38486d753211cb5ea84e2b
Certificate serial: 019A725CC189F87AED95D3EC998DE805A485
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-9NaJSNJyyfOEhtdTIRy16oTis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/1b55df-3012-4c03-8a1d-b631c6d1c5e8/1/M-9NaJSNJyyfOEhtdTIRy16oTis.mft
Manifest number: 3C
Signing time: Tue 11 Nov 2025 10:01:12 +0000
Manifest this update: Tue 11 Nov 2025 10:01:12 +0000
Manifest next update: Wed 12 Nov 2025 10:01:12 +0000
Files and hashes: 1: M-9NaJSNJyyfOEhtdTIRy16oTis.crl (hash: ZQiyF05jWh36fcsmsggmqE7NjvGH7PV28dfzc4C1p5I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/1b55df-3012-4c03-8a1d-b631c6d1c5e8/1/M-9NaJSNJyyfOEhtdTIRy16oTis.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/1b55df-3012-4c03-8a1d-b631c6d1c5e8/1/M-9NaJSNJyyfOEhtdTIRy16oTis.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-9NaJSNJyyfOEhtdTIRy16oTis.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:c1:89:f8:7a:ed:95:d3:ec:99:8d:e8:05:a4:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ef4d68948d272c9f38486d753211cb5ea84e2b
Validity
Not Before: Nov 11 10:01:12 2025 GMT
Not After : Nov 12 10:01:12 2025 GMT
Subject: CN=66fbf5c9a17a0f3fe7cefb46622c309ead816259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:67:36:ab:30:28:8a:51:e6:9b:ab:dc:53:a7:
7a:b4:be:ec:72:c3:59:af:61:b5:e7:74:ea:35:b7:
3d:7c:cf:3c:15:9e:1c:34:f1:ed:95:91:c5:2b:1a:
1e:ad:4c:14:af:14:d9:ab:d8:5d:74:14:ad:79:d1:
42:45:9d:86:bc:d8:9c:09:d0:a7:81:de:6f:81:0c:
ac:bc:8d:9f:ab:c0:32:9b:f1:05:0b:68:51:e9:90:
11:3a:c0:cb:00:89:57:35:47:87:e7:61:bf:78:62:
76:20:ed:39:ee:6a:fd:97:de:16:70:a6:9e:db:26:
5c:51:d8:ae:f8:9f:09:32:1d:69:13:21:60:ba:14:
d8:75:1f:66:7a:67:9e:4f:de:5e:24:f2:0b:be:1e:
2f:cd:9c:aa:58:c1:63:cf:6d:38:c5:6e:ae:f2:c3:
15:4f:4e:7f:a8:b4:e8:7f:df:6e:c0:22:b4:b5:11:
a3:74:c1:6d:35:00:b8:95:f7:8e:90:ad:34:18:28:
0a:0d:7f:d9:eb:db:8c:33:f4:aa:01:60:75:45:3a:
57:af:09:74:1f:1a:12:08:78:99:4d:8f:79:c6:e5:
02:fd:8c:e6:06:3d:6a:1b:96:09:ed:8f:9c:dd:57:
27:87:93:2f:9f:43:8b:3b:69:5b:6f:7f:da:c6:f5:
3d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:FB:F5:C9:A1:7A:0F:3F:E7:CE:FB:46:62:2C:30:9E:AD:81:62:59
X509v3 Authority Key Identifier:
keyid:33:EF:4D:68:94:8D:27:2C:9F:38:48:6D:75:32:11:CB:5E:A8:4E:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-9NaJSNJyyfOEhtdTIRy16oTis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/1b55df-3012-4c03-8a1d-b631c6d1c5e8/1/M-9NaJSNJyyfOEhtdTIRy16oTis.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/1b55df-3012-4c03-8a1d-b631c6d1c5e8/1/M-9NaJSNJyyfOEhtdTIRy16oTis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:61:f8:10:3b:b4:ee:ad:55:43:b1:0f:e1:3c:58:d8:4e:1a:
62:b3:7e:1b:42:f7:97:15:03:e2:6c:15:be:b2:ee:f5:51:74:
71:75:a0:49:db:72:77:36:5c:90:fe:e3:09:7b:ea:fc:f4:26:
f7:f1:cd:11:a9:95:c9:42:0d:25:ee:56:e8:36:f1:5b:c5:dd:
9e:da:ed:24:5d:9f:79:e0:19:42:2e:20:cf:09:ec:b6:ed:cc:
04:16:c2:27:fc:dd:70:87:b8:cd:34:60:75:e6:48:2b:6a:06:
f1:8a:e9:92:af:a2:dd:5d:78:dd:d4:d0:d2:c3:30:97:79:e7:
f4:e5:6d:9a:26:dd:b4:68:f5:9f:f1:98:4d:c6:7a:38:45:f1:
b8:34:44:bb:82:d8:53:50:a3:08:2e:bb:15:d7:bf:6c:39:c0:
f4:94:7a:39:78:a0:c2:b5:47:a2:a0:c9:a8:2d:be:7f:a0:6d:
dd:08:65:85:0d:7b:93:77:9f:c0:76:58:0b:cd:c7:c4:8b:c3:
a8:ab:a4:3b:f5:17:81:a3:b0:8c:a5:49:a2:8e:a4:86:81:32:
4b:eb:36:f5:7c:2a:2b:d5:49:a1:a8:39:85:42:54:9e:d8:8d:
77:2f:25:ad:4b:0b:b7:f4:a8:40:fc:29:ad:53:06:e6:cb:8c:
ff:26:b0:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXMGJ+HrtldPsmY3oBaSFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWY0ZDY4OTQ4ZDI3MmM5ZjM4NDg2ZDc1MzIxMWNiNWVh
ODRlMmIwHhcNMjUxMTExMTAwMTEyWhcNMjUxMTEyMTAwMTEyWjAzMTEwLwYDVQQD
Eyg2NmZiZjVjOWExN2EwZjNmZTdjZWZiNDY2MjJjMzA5ZWFkODE2MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGc2qzAoilHmm6vcU6d6tL7scsNZ
r2G153TqNbc9fM88FZ4cNPHtlZHFKxoerUwUrxTZq9hddBStedFCRZ2GvNicCdCn
gd5vgQysvI2fq8Aym/EFC2hR6ZAROsDLAIlXNUeH52G/eGJ2IO057mr9l94WcKae
2yZcUdiu+J8JMh1pEyFguhTYdR9memeeT95eJPILvh4vzZyqWMFjz204xW6u8sMV
T05/qLTof99uwCK0tRGjdMFtNQC4lfeOkK00GCgKDX/Z69uMM/SqAWB1RTpXrwl0
HxoSCHiZTY95xuUC/YzmBj1qG5YJ7Y+c3Vcnh5Mvn0OLO2lbb3/axvU9cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGb79cmheg8/5877RmIsMJ6tgWJZMB8GA1UdIwQY
MBaAFDPvTWiUjScsnzhIbXUyEcteqE4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS05TmFKU05KeXlmT0VodGRUSVJ5MTZvVGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8xYjU1ZGYtMzAxMi00YzAzLThhMWQt
YjYzMWM2ZDFjNWU4LzEvTS05TmFKU05KeXlmT0VodGRUSVJ5MTZvVGlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8xYjU1ZGYtMzAxMi00YzAzLThhMWQtYjYzMWM2ZDFjNWU4
LzEvTS05TmFKU05KeXlmT0VodGRUSVJ5MTZvVGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPmH4EDu0
7q1VQ7EP4TxY2E4aYrN+G0L3lxUD4mwVvrLu9VF0cXWgSdtydzZckP7jCXvq/PQm
9/HNEamVyUINJe5W6DbxW8XdntrtJF2feeAZQi4gzwnstu3MBBbCJ/zdcIe4zTRg
deZIK2oG8Yrpkq+i3V143dTQ0sMwl3nn9OVtmibdtGj1n/GYTcZ6OEXxuDREu4LY
U1CjCC67Fde/bDnA9JR6OXigwrVHoqDJqC2+f6Bt3QhlhQ17k3efwHZYC83HxIvD
qKukO/UXgaOwjKVJoo6khoEyS+s29XwqK9VJoag5hUJUntiNdy8lrUsLt/SoQPwp
rVMG5suM/yawBQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:37:34 2025 by rpki-client