Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/nfToC0ytTlC3iO3xaXZxLe7_bA0.mft
File: nfToC0ytTlC3iO3xaXZxLe7_bA0.mft (raw, json)
Hash identifier: 7dro0DltNwUXIPkdHOFICKhKwJJMBHm+71P2mNuYLws=
Subject key identifier: DB:5A:58:77:8E:DB:C5:7D:AB:14:E2:5A:2D:A8:67:D8:64:50:6E:98
Authority key identifier: 9D:F4:E8:0B:4C:AD:4E:50:B7:88:ED:F1:69:76:71:2D:EE:FF:6C:0D
Certificate issuer: /CN=9df4e80b4cad4e50b788edf16976712deeff6c0d
Certificate serial: 019A7225A9CF39E45D8A8C322210C68476DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfToC0ytTlC3iO3xaXZxLe7_bA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/nfToC0ytTlC3iO3xaXZxLe7_bA0.mft
Manifest number: 0FF3
Signing time: Tue 11 Nov 2025 09:01:02 +0000
Manifest this update: Tue 11 Nov 2025 09:01:02 +0000
Manifest next update: Wed 12 Nov 2025 09:01:02 +0000
Files and hashes: 1: mTtxU7O_lRz_UT2tjl3cUWas7pA.roa (hash: lHDy75xFNayt8SROCAEJF8vDi//tAi35Yjt2Fy8OX04=)
2: nfToC0ytTlC3iO3xaXZxLe7_bA0.crl (hash: PmU4Iiboai5KzZdsKsCz+LU4YXbmg9syKOjwLkRKYKo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/nfToC0ytTlC3iO3xaXZxLe7_bA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/nfToC0ytTlC3iO3xaXZxLe7_bA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfToC0ytTlC3iO3xaXZxLe7_bA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:a9:cf:39:e4:5d:8a:8c:32:22:10:c6:84:76:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df4e80b4cad4e50b788edf16976712deeff6c0d
Validity
Not Before: Nov 11 09:01:02 2025 GMT
Not After : Nov 12 09:01:02 2025 GMT
Subject: CN=db5a58778edbc57dab14e25a2da867d864506e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:29:38:7d:e1:bb:0c:2c:3d:42:e6:87:36:3e:
77:21:65:fb:ac:02:bc:12:81:6b:27:d0:ad:72:4a:
df:60:b3:61:ec:69:1f:eb:8d:ad:73:10:78:56:66:
b1:a1:f7:4d:23:f3:11:ae:81:c1:8d:b0:c6:27:71:
ae:ae:02:74:9a:3e:50:77:37:c3:e2:dc:07:9a:92:
da:5c:95:6d:e7:86:56:7f:7f:d8:a2:31:6d:51:e9:
e4:0b:f9:bb:ab:dc:52:9b:5d:31:43:fa:95:f9:5a:
c1:66:cc:c1:85:8b:7d:ae:65:25:30:46:cc:a4:ca:
1d:d9:c7:ae:a9:51:fb:a3:1c:16:87:be:7d:f4:68:
f3:f2:c6:f0:e5:ad:be:55:67:39:9a:6f:8a:9a:88:
d0:cf:18:82:c5:58:45:5e:64:55:77:4b:8f:46:ce:
17:47:81:7c:ed:f9:18:1d:c0:1d:61:56:0b:74:eb:
ac:22:99:10:b2:1d:e9:7e:df:b5:b1:d3:51:48:05:
a7:39:0d:e5:7d:40:b9:db:a5:9d:f1:b7:1b:76:5f:
94:f8:6e:f0:34:49:fb:90:dd:e4:37:53:ad:57:af:
e5:69:26:e4:79:1a:7f:95:fb:00:a3:71:2f:d0:fd:
8d:8b:59:e5:fa:4d:25:c7:70:22:80:58:76:c4:00:
38:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:5A:58:77:8E:DB:C5:7D:AB:14:E2:5A:2D:A8:67:D8:64:50:6E:98
X509v3 Authority Key Identifier:
keyid:9D:F4:E8:0B:4C:AD:4E:50:B7:88:ED:F1:69:76:71:2D:EE:FF:6C:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfToC0ytTlC3iO3xaXZxLe7_bA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/nfToC0ytTlC3iO3xaXZxLe7_bA0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/nfToC0ytTlC3iO3xaXZxLe7_bA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:db:e0:8f:5c:c6:fe:6f:71:70:bd:63:26:0f:21:1a:1b:7c:
8b:83:11:c3:8b:21:b2:5c:5c:f8:d8:9e:22:b4:63:0b:70:b6:
91:30:82:3b:51:c6:34:1f:b8:f0:f8:1d:f0:d3:16:4a:32:14:
33:82:d0:05:df:4f:72:0b:df:0a:ab:16:d7:60:bc:59:71:19:
b7:16:61:ba:c1:dc:79:5a:d6:74:3f:0b:5c:10:37:49:65:13:
4b:8a:6d:6f:a3:ae:d1:d0:2d:4a:25:45:4c:26:57:6f:35:27:
73:22:cb:b8:5a:92:c1:29:05:40:e4:de:c1:66:fa:ed:ed:6b:
5e:76:d5:02:49:d8:ae:b0:74:ee:46:4d:4a:a5:ad:22:91:5a:
33:f9:9a:e7:58:16:7f:44:6e:69:a7:6f:3b:d4:de:3b:6b:97:
ff:06:e6:51:d7:65:54:19:c3:c5:4a:8b:99:0f:c3:cf:9d:dd:
6a:d4:e2:be:9a:5b:37:bb:73:39:3e:d3:f9:e7:a5:62:78:c9:
6a:30:32:ef:e4:8c:31:6f:7c:88:77:e1:0e:4c:43:b6:fd:af:
08:27:06:97:95:36:4a:ec:91:33:50:50:25:bc:2e:5c:65:5b:
b0:84:ec:80:ed:38:a8:6c:94:6e:58:2e:3c:3f:07:b5:76:69:
ef:c7:b6:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJanPOeRdiowyIhDGhHbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZjRlODBiNGNhZDRlNTBiNzg4ZWRmMTY5NzY3MTJkZWVm
ZjZjMGQwHhcNMjUxMTExMDkwMTAyWhcNMjUxMTEyMDkwMTAyWjAzMTEwLwYDVQQD
EyhkYjVhNTg3NzhlZGJjNTdkYWIxNGUyNWEyZGE4NjdkODY0NTA2ZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoik4feG7DCw9QuaHNj53IWX7rAK8
EoFrJ9CtckrfYLNh7Gkf642tcxB4VmaxofdNI/MRroHBjbDGJ3GurgJ0mj5QdzfD
4twHmpLaXJVt54ZWf3/YojFtUenkC/m7q9xSm10xQ/qV+VrBZszBhYt9rmUlMEbM
pMod2ceuqVH7oxwWh7599Gjz8sbw5a2+VWc5mm+KmojQzxiCxVhFXmRVd0uPRs4X
R4F87fkYHcAdYVYLdOusIpkQsh3pft+1sdNRSAWnOQ3lfUC526Wd8bcbdl+U+G7w
NEn7kN3kN1OtV6/laSbkeRp/lfsAo3Ev0P2Ni1nl+k0lx3AigFh2xAA4iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtaWHeO28V9qxTiWi2oZ9hkUG6YMB8GA1UdIwQY
MBaAFJ306AtMrU5Qt4jt8Wl2cS3u/2wNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmZUb0MweXRUbEMzaU8zeGFYWnhMZTdfYkEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zNDAxMWQtMDFiZi00OGExLWE4YzMt
YzlmYzVmNDUyOTk1LzEvbmZUb0MweXRUbEMzaU8zeGFYWnhMZTdfYkEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zNDAxMWQtMDFiZi00OGExLWE4YzMtYzlmYzVmNDUyOTk1
LzEvbmZUb0MweXRUbEMzaU8zeGFYWnhMZTdfYkEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV9vgj1zG
/m9xcL1jJg8hGht8i4MRw4shslxc+NieIrRjC3C2kTCCO1HGNB+48Pgd8NMWSjIU
M4LQBd9PcgvfCqsW12C8WXEZtxZhusHceVrWdD8LXBA3SWUTS4ptb6Ou0dAtSiVF
TCZXbzUncyLLuFqSwSkFQOTewWb67e1rXnbVAknYrrB07kZNSqWtIpFaM/ma51gW
f0RuaadvO9TeO2uX/wbmUddlVBnDxUqLmQ/Dz53datTivppbN7tzOT7T+eelYnjJ
ajAy7+SMMW98iHfhDkxDtv2vCCcGl5U2SuyRM1BQJbwuXGVbsITsgO04qGyUblgu
PD8HtXZp78e23w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:30 2025 by rpki-client