Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.mft
File: nzbQijzYpC9Goslt_XLtjO4nlHc.mft (raw, json)
Hash identifier: 5HXNBv+jOe+RDrRgj3MlBRtumO/mm+dYoC4pYo5wl2Y=
Subject key identifier: 89:AB:70:5B:39:4A:35:AF:D8:12:82:2C:CC:A5:04:2E:60:7B:50:E1
Authority key identifier: 9F:36:D0:8A:3C:D8:A4:2F:46:A2:C9:6D:FD:72:ED:8C:EE:27:94:77
Certificate issuer: /CN=9f36d08a3cd8a42f46a2c96dfd72ed8cee279477
Certificate serial: 019A711328CC3BA0B1B221C24357791570DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzbQijzYpC9Goslt_XLtjO4nlHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.mft
Manifest number: 0D26
Signing time: Tue 11 Nov 2025 04:01:12 +0000
Manifest this update: Tue 11 Nov 2025 04:01:12 +0000
Manifest next update: Wed 12 Nov 2025 04:01:12 +0000
Files and hashes: 1: nzbQijzYpC9Goslt_XLtjO4nlHc.crl (hash: fj4cdPHFKbn5yTpNyyTbiwCvfrABE+iZBH33FTLvBdE=)
2: twzQnUgBAT35ET2oNZWOjjEoBE4.roa (hash: HIWNIMTAhxf1Wnub1ymBGmdU28kJ6snFsV9+PWAEB7E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/nzbQijzYpC9Goslt_XLtjO4nlHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:28:cc:3b:a0:b1:b2:21:c2:43:57:79:15:70:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f36d08a3cd8a42f46a2c96dfd72ed8cee279477
Validity
Not Before: Nov 11 04:01:12 2025 GMT
Not After : Nov 12 04:01:12 2025 GMT
Subject: CN=89ab705b394a35afd812822ccca5042e607b50e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:88:32:fe:40:34:ee:1a:c1:ff:d2:44:a4:31:
52:67:11:25:2f:e4:48:cd:8d:1c:88:20:2a:51:31:
71:f2:34:32:14:52:48:6d:fd:b8:21:e3:fd:b7:fe:
24:a1:a1:05:d5:1c:10:0b:11:6e:29:34:eb:78:3d:
c8:7f:8e:d0:b6:be:04:3d:1b:8a:28:d1:f5:5c:4f:
94:53:ae:83:52:b1:4f:65:f1:59:e8:4c:14:9d:08:
71:99:13:5b:21:ed:86:f1:72:89:04:a8:d5:c4:b9:
60:b2:de:0f:bc:8b:8f:ae:79:a1:2a:01:1b:0c:12:
c1:30:39:01:28:22:ba:4c:98:fe:68:9f:51:74:48:
4b:c9:d2:79:28:c1:f3:c1:e0:03:5e:37:03:ff:13:
fb:59:a1:37:35:de:a7:b7:cd:91:4b:1a:00:32:b3:
36:19:7b:03:1d:68:f8:ff:29:fd:09:8c:f6:3a:7a:
f7:11:a8:2d:28:2e:18:a8:2b:74:0b:be:33:d9:cf:
b6:d5:a8:7b:2e:1d:83:26:9f:36:28:a5:e4:d0:db:
8d:f6:fb:9f:74:d4:99:10:df:8d:7e:46:26:19:12:
26:24:0e:0d:d5:96:99:17:1c:5f:da:47:54:3b:26:
3f:0e:48:44:64:89:3f:b0:bd:df:1e:4c:22:17:ac:
cc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:AB:70:5B:39:4A:35:AF:D8:12:82:2C:CC:A5:04:2E:60:7B:50:E1
X509v3 Authority Key Identifier:
keyid:9F:36:D0:8A:3C:D8:A4:2F:46:A2:C9:6D:FD:72:ED:8C:EE:27:94:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzbQijzYpC9Goslt_XLtjO4nlHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:09:66:d5:15:03:a1:2c:63:83:c0:02:ca:b8:fd:b8:7c:09:
e3:58:89:f0:36:65:da:13:8f:0a:06:17:93:9e:26:86:aa:67:
2f:c4:ad:47:cc:f3:fb:15:34:68:ef:19:61:a0:82:e1:69:bb:
58:1a:f1:8d:e7:3b:c7:3b:f5:8a:e0:3a:ee:6e:6f:5d:b9:34:
78:28:87:f7:68:98:68:ef:e1:ea:2e:54:f7:83:d7:e8:06:b9:
90:36:63:20:e6:ef:15:dd:bd:c3:11:c9:e8:49:f4:fa:a2:82:
24:48:6b:38:30:65:42:79:37:7c:88:b1:17:1f:68:26:59:84:
f4:0f:27:61:62:12:57:8d:26:aa:f4:de:4f:99:30:45:92:d4:
20:3f:9a:76:0f:a6:d7:f1:aa:b7:34:dc:90:12:90:a9:f7:ed:
d7:5f:13:c2:90:a3:6f:0d:2d:f0:d1:94:54:91:5a:e9:ba:d1:
f2:44:4c:57:c2:7f:28:d9:6e:82:bf:21:ff:31:c3:37:c6:aa:
3e:b6:84:09:f6:33:96:8a:41:ac:ae:6d:ec:af:89:c4:c0:17:
67:d3:f3:05:c3:6d:9c:de:b7:2e:2e:16:c3:35:32:c4:71:f7:
b2:4b:35:b6:21:15:43:16:0f:15:37:79:e7:2c:65:50:aa:5c:
ee:e4:ff:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEyjMO6CxsiHCQ1d5FXDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzZkMDhhM2NkOGE0MmY0NmEyYzk2ZGZkNzJlZDhjZWUy
Nzk0NzcwHhcNMjUxMTExMDQwMTEyWhcNMjUxMTEyMDQwMTEyWjAzMTEwLwYDVQQD
Eyg4OWFiNzA1YjM5NGEzNWFmZDgxMjgyMmNjY2E1MDQyZTYwN2I1MGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyogy/kA07hrB/9JEpDFSZxElL+RI
zY0ciCAqUTFx8jQyFFJIbf24IeP9t/4koaEF1RwQCxFuKTTreD3If47Qtr4EPRuK
KNH1XE+UU66DUrFPZfFZ6EwUnQhxmRNbIe2G8XKJBKjVxLlgst4PvIuPrnmhKgEb
DBLBMDkBKCK6TJj+aJ9RdEhLydJ5KMHzweADXjcD/xP7WaE3Nd6nt82RSxoAMrM2
GXsDHWj4/yn9CYz2Onr3EagtKC4YqCt0C74z2c+21ah7Lh2DJp82KKXk0NuN9vuf
dNSZEN+NfkYmGRImJA4N1ZaZFxxf2kdUOyY/DkhEZIk/sL3fHkwiF6zMmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFImrcFs5SjWv2BKCLMylBC5ge1DhMB8GA1UdIwQY
MBaAFJ820Io82KQvRqLJbf1y7YzuJ5R3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpiUWlqellwQzlHb3NsdF9YTHRqTzRubEhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yZmJiYTctZWEwZS00MDg5LTk3Mjct
YzMzMzcyYzlkNTA3LzEvbnpiUWlqellwQzlHb3NsdF9YTHRqTzRubEhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yZmJiYTctZWEwZS00MDg5LTk3MjctYzMzMzcyYzlkNTA3
LzEvbnpiUWlqellwQzlHb3NsdF9YTHRqTzRubEhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeQlm1RUD
oSxjg8ACyrj9uHwJ41iJ8DZl2hOPCgYXk54mhqpnL8StR8zz+xU0aO8ZYaCC4Wm7
WBrxjec7xzv1iuA67m5vXbk0eCiH92iYaO/h6i5U94PX6Aa5kDZjIObvFd29wxHJ
6En0+qKCJEhrODBlQnk3fIixFx9oJlmE9A8nYWISV40mqvTeT5kwRZLUID+adg+m
1/GqtzTckBKQqfft118TwpCjbw0t8NGUVJFa6brR8kRMV8J/KNlugr8h/zHDN8aq
PraECfYzlopBrK5t7K+JxMAXZ9PzBcNtnN63Li4WwzUyxHH3sks1tiEVQxYPFTd5
5yxlUKpc7uT/tw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:16:24 2025 by rpki-client