Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft
File: NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft (raw, json)
Hash identifier: BcVDqR9vYmjgMJkB4D2nqt5+ivbjgZo4RtIz0uPC7KI=
Subject key identifier: 29:EF:27:79:AF:E1:A5:88:F2:40:49:BE:21:6F:E5:43:B7:48:91:8B
Authority key identifier: 35:F1:A5:73:91:51:53:DE:82:89:0E:AE:13:03:06:7F:A6:8B:28:77
Certificate issuer: /CN=35f1a573915153de82890eae1303067fa68b2877
Certificate serial: 019A28C25F5A174704B351C82D2522EFAB9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft
Manifest number: 11FB
Signing time: Tue 28 Oct 2025 03:00:18 +0000
Manifest this update: Tue 28 Oct 2025 03:00:18 +0000
Manifest next update: Wed 29 Oct 2025 03:00:18 +0000
Files and hashes: 1: 64AufSKo0ctGsskBfGJHYgegDUM.roa (hash: TxQbijMyiwaYhEgR6gv3I6pa/f1D2b/JYXZHussR2b4=)
2: NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl (hash: Qn+UwiMfWTmocW3UlfUmoJdmVIFML1lYa7jWXnM14cA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 03:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:28:c2:5f:5a:17:47:04:b3:51:c8:2d:25:22:ef:ab:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35f1a573915153de82890eae1303067fa68b2877
Validity
Not Before: Oct 28 03:00:18 2025 GMT
Not After : Oct 29 03:00:18 2025 GMT
Subject: CN=29ef2779afe1a588f24049be216fe543b748918b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6f:31:c0:cd:3b:87:76:4b:eb:06:af:97:5b:
e2:93:0f:f3:64:ad:4c:e2:86:88:88:d9:ab:1a:14:
5b:cf:a4:4b:d8:d5:81:7f:7e:29:a9:02:5d:28:e9:
a4:ec:c5:a7:07:5d:9b:c3:55:d3:e6:e8:fb:62:87:
6e:9d:09:4a:72:fc:8b:da:1d:fc:7a:98:a4:1d:a6:
7a:4f:ef:14:bc:a9:ee:26:c0:34:da:cd:b9:0a:3c:
80:fd:12:8c:30:aa:c3:81:d1:14:71:39:25:9b:fa:
65:ad:84:56:3f:32:e6:a5:f0:00:7d:6a:9a:e5:41:
45:e3:5b:d6:7f:da:2b:9c:9e:0d:f9:89:3e:bb:fb:
00:c7:ba:36:5b:fe:0e:5e:5e:51:f1:57:6c:e8:d5:
00:86:e4:e1:a2:d7:da:9e:3e:1a:c8:8b:80:1f:63:
0f:2f:cc:55:5e:ef:dd:80:b1:5c:b0:f6:b9:d3:4d:
e3:61:89:e6:62:46:0b:96:08:64:0e:de:9e:64:7b:
eb:22:e6:28:6b:1a:28:c8:a6:cf:71:dd:2d:73:9f:
c0:e8:97:97:18:4c:19:fe:6b:dc:4f:fa:26:05:c6:
82:fd:51:c1:a8:b6:5c:5d:8d:1e:34:ca:b6:fa:03:
ae:19:49:13:b5:1d:7e:21:02:16:83:f3:e7:22:60:
68:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:EF:27:79:AF:E1:A5:88:F2:40:49:BE:21:6F:E5:43:B7:48:91:8B
X509v3 Authority Key Identifier:
keyid:35:F1:A5:73:91:51:53:DE:82:89:0E:AE:13:03:06:7F:A6:8B:28:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:da:74:d6:ad:db:96:8c:2e:3e:42:d6:9c:d0:39:f2:40:bd:
fd:8a:7e:f0:52:7f:af:22:62:22:d4:97:19:5f:ef:62:da:75:
7b:55:a0:f3:7e:23:21:67:a5:3e:39:a3:c4:d1:bb:6e:7e:ff:
fe:3c:31:45:6c:ca:48:88:7c:b5:bd:80:7c:03:ce:e9:bd:65:
ed:f6:fe:0f:21:e0:08:90:cd:13:24:e7:48:3d:70:63:6d:78:
67:e0:c6:23:7d:a1:6d:b6:5e:4a:3d:10:c7:52:d6:3d:62:2a:
0f:13:06:2c:c8:42:04:df:2e:67:c9:19:f8:d4:5a:a0:1d:10:
f4:0f:38:3f:42:9f:fa:70:01:da:79:ff:83:5d:48:27:9f:d6:
84:ea:68:f3:de:32:e2:04:31:66:a8:49:6d:50:43:ba:f1:d0:
cf:56:60:16:65:90:12:fc:34:a9:9d:0e:a4:ed:c2:4d:4c:69:
52:43:80:36:ff:b4:cb:d8:ee:cc:15:53:64:0f:ee:60:ee:ea:
da:7a:99:c6:c5:5f:ea:e0:d3:e2:06:7e:c1:53:43:81:26:81:
4c:30:ea:b6:6d:05:a2:b0:4d:0b:5c:c5:f3:79:41:4a:40:93:
59:d6:5a:f4:32:8d:b8:5c:e6:d2:84:cd:86:bd:a4:f0:12:62:
1d:48:d3:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoowl9aF0cEs1HILSUi76udMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjFhNTczOTE1MTUzZGU4Mjg5MGVhZTEzMDMwNjdmYTY4
YjI4NzcwHhcNMjUxMDI4MDMwMDE4WhcNMjUxMDI5MDMwMDE4WjAzMTEwLwYDVQQD
EygyOWVmMjc3OWFmZTFhNTg4ZjI0MDQ5YmUyMTZmZTU0M2I3NDg5MThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG8xwM07h3ZL6wavl1vikw/zZK1M
4oaIiNmrGhRbz6RL2NWBf34pqQJdKOmk7MWnB12bw1XT5uj7YodunQlKcvyL2h38
epikHaZ6T+8UvKnuJsA02s25CjyA/RKMMKrDgdEUcTklm/plrYRWPzLmpfAAfWqa
5UFF41vWf9ornJ4N+Yk+u/sAx7o2W/4OXl5R8Vds6NUAhuThotfanj4ayIuAH2MP
L8xVXu/dgLFcsPa5003jYYnmYkYLlghkDt6eZHvrIuYoaxooyKbPcd0tc5/A6JeX
GEwZ/mvcT/omBcaC/VHBqLZcXY0eNMq2+gOuGUkTtR1+IQIWg/PnImBocQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCnvJ3mv4aWI8kBJviFv5UO3SJGLMB8GA1UdIwQY
MBaAFDXxpXORUVPegokOrhMDBn+miyh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kYThiNmItMTlmYS00OTc2LWJhYTAt
MzI5MjExMDI5YTFhLzEvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kYThiNmItMTlmYS00OTc2LWJhYTAtMzI5MjExMDI5YTFh
LzEvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdtp01q3b
lowuPkLWnNA58kC9/Yp+8FJ/ryJiItSXGV/vYtp1e1Wg834jIWelPjmjxNG7bn7/
/jwxRWzKSIh8tb2AfAPO6b1l7fb+DyHgCJDNEyTnSD1wY214Z+DGI32hbbZeSj0Q
x1LWPWIqDxMGLMhCBN8uZ8kZ+NRaoB0Q9A84P0Kf+nAB2nn/g11IJ5/WhOpo894y
4gQxZqhJbVBDuvHQz1ZgFmWQEvw0qZ0OpO3CTUxpUkOANv+0y9juzBVTZA/uYO7q
2nqZxsVf6uDT4gZ+wVNDgSaBTDDqtm0ForBNC1zF83lBSkCTWdZa9DKNuFzm0oTN
hr2k8BJiHUjTiQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 12:37:01 2025 by rpki-client