Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/0a24b5-b9ad-48a6-adf7-9fd84c79b0ef/1/NT8X9Luxk0bcWvwMI1h5--Y1fG0.mft
File: NT8X9Luxk0bcWvwMI1h5--Y1fG0.mft (raw, json)
Hash identifier: xtFXwcVF3eds+IG2c3VNpUz41/eBiD6RsjuqRzNwoqo=
Subject key identifier: 96:FE:3E:8B:DC:DD:3C:82:D2:60:F9:64:E2:E4:3D:6C:18:26:28:70
Authority key identifier: 35:3F:17:F4:BB:B1:93:46:DC:5A:FC:0C:23:58:79:FB:E6:35:7C:6D
Certificate issuer: /CN=353f17f4bbb19346dc5afc0c235879fbe6357c6d
Certificate serial: 019A21AD8BBC5BE2D067E9385D0A0AF8CFC1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NT8X9Luxk0bcWvwMI1h5--Y1fG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/0a24b5-b9ad-48a6-adf7-9fd84c79b0ef/1/NT8X9Luxk0bcWvwMI1h5--Y1fG0.mft
Manifest number: 0F74
Signing time: Sun 26 Oct 2025 18:00:12 +0000
Manifest this update: Sun 26 Oct 2025 18:00:12 +0000
Manifest next update: Mon 27 Oct 2025 18:00:12 +0000
Files and hashes: 1: NT8X9Luxk0bcWvwMI1h5--Y1fG0.crl (hash: ipc6t2gz8owd6SJh2oerrPcqlCxlb91Vz8WN/jqmYGQ=)
2: ZIEntIvRdoyNG_9f7umqM8GaOP0.roa (hash: fyIclvXxfmafIM00Oljz1bkGgUIAKrrEkFW8CDlF9q4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/0a24b5-b9ad-48a6-adf7-9fd84c79b0ef/1/NT8X9Luxk0bcWvwMI1h5--Y1fG0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/0a24b5-b9ad-48a6-adf7-9fd84c79b0ef/1/NT8X9Luxk0bcWvwMI1h5--Y1fG0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NT8X9Luxk0bcWvwMI1h5--Y1fG0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 18:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:21:ad:8b:bc:5b:e2:d0:67:e9:38:5d:0a:0a:f8:cf:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=353f17f4bbb19346dc5afc0c235879fbe6357c6d
Validity
Not Before: Oct 26 18:00:12 2025 GMT
Not After : Oct 27 18:00:12 2025 GMT
Subject: CN=96fe3e8bdcdd3c82d260f964e2e43d6c18262870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:83:9f:84:cf:84:33:f2:b3:56:94:0d:b8:bc:
8b:37:c0:6d:84:e1:d8:9a:5f:e9:88:21:bb:44:4b:
d0:52:e0:b1:5c:53:24:01:66:3b:9f:33:db:f0:6d:
1b:61:8d:e6:22:e3:d7:f9:d9:a7:2d:2d:bc:f8:8e:
09:dc:6d:51:f7:88:c9:d1:54:4c:e1:7b:c1:14:c0:
2c:e9:12:6d:9e:68:a3:11:b1:2b:09:d6:fd:cc:a9:
85:c8:ac:3c:cc:1f:01:78:21:fa:7c:52:10:2c:3f:
8c:27:c5:f9:19:1c:8f:51:c8:67:39:09:c4:cd:7e:
23:ee:72:41:0b:54:3c:81:ab:27:4d:1a:93:ba:41:
ad:e8:42:60:d8:d1:49:8b:85:c4:52:90:04:48:66:
3d:93:c0:23:a6:c5:51:35:65:be:03:9d:30:28:46:
41:98:db:e2:de:bf:b0:1d:63:bc:65:cd:3c:3f:72:
58:32:33:17:fa:12:48:a9:46:6f:e7:1b:05:e4:46:
20:7c:7e:2e:6e:91:7f:3e:cd:66:c5:f4:58:24:38:
2f:d5:a6:fd:ac:5f:c1:3e:65:32:d8:a5:6f:fe:ff:
fb:87:0b:8b:9e:83:dc:23:b7:ae:fc:73:bb:bd:93:
7e:fd:d7:40:41:75:60:17:85:82:2b:21:10:89:f2:
58:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:FE:3E:8B:DC:DD:3C:82:D2:60:F9:64:E2:E4:3D:6C:18:26:28:70
X509v3 Authority Key Identifier:
keyid:35:3F:17:F4:BB:B1:93:46:DC:5A:FC:0C:23:58:79:FB:E6:35:7C:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NT8X9Luxk0bcWvwMI1h5--Y1fG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0a24b5-b9ad-48a6-adf7-9fd84c79b0ef/1/NT8X9Luxk0bcWvwMI1h5--Y1fG0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0a24b5-b9ad-48a6-adf7-9fd84c79b0ef/1/NT8X9Luxk0bcWvwMI1h5--Y1fG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:09:56:2e:2b:cc:6f:77:4e:ed:89:8c:2d:6c:0e:c1:b8:20:
75:70:64:90:ce:07:e6:f1:0f:02:9e:3e:50:3e:d5:4c:c3:ab:
74:ca:5b:f3:dd:33:f8:51:6e:21:d8:44:76:97:e2:a5:e7:96:
f2:17:64:cc:e2:15:b7:f1:82:15:a1:64:9e:8b:68:c4:94:8f:
a1:27:89:91:04:53:dd:44:73:d4:91:68:35:72:7b:0e:fd:5a:
4b:25:fd:7f:85:6c:cc:97:ce:ac:db:51:de:b2:b6:c9:98:04:
13:5b:16:ff:09:75:1f:fd:c9:42:24:5f:df:bd:86:e7:1f:27:
a2:89:e9:95:28:2e:a5:b6:e3:bc:dd:79:30:04:d6:8d:85:19:
b5:ba:06:a0:d9:21:92:8e:48:20:58:bd:15:98:69:e7:b2:8d:
88:5d:41:d4:f9:58:00:b7:1e:e6:43:b6:74:3b:cd:3a:cd:55:
11:b3:d5:af:be:f6:6f:27:09:48:a9:20:46:1e:83:77:e7:bb:
1a:70:71:b3:60:de:00:23:bf:39:c3:6f:bd:58:42:59:4c:e0:
a8:68:f0:d1:27:0a:49:09:02:08:bb:e2:c2:9c:b2:70:99:55:
d8:64:c6:68:38:2a:03:3f:f9:dc:02:77:13:98:19:77:33:06:
6d:83:b5:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZohrYu8W+LQZ+k4XQoK+M/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1M2YxN2Y0YmJiMTkzNDZkYzVhZmMwYzIzNTg3OWZiZTYz
NTdjNmQwHhcNMjUxMDI2MTgwMDEyWhcNMjUxMDI3MTgwMDEyWjAzMTEwLwYDVQQD
Eyg5NmZlM2U4YmRjZGQzYzgyZDI2MGY5NjRlMmU0M2Q2YzE4MjYyODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoOfhM+EM/KzVpQNuLyLN8BthOHY
ml/piCG7REvQUuCxXFMkAWY7nzPb8G0bYY3mIuPX+dmnLS28+I4J3G1R94jJ0VRM
4XvBFMAs6RJtnmijEbErCdb9zKmFyKw8zB8BeCH6fFIQLD+MJ8X5GRyPUchnOQnE
zX4j7nJBC1Q8gasnTRqTukGt6EJg2NFJi4XEUpAESGY9k8AjpsVRNWW+A50wKEZB
mNvi3r+wHWO8Zc08P3JYMjMX+hJIqUZv5xsF5EYgfH4ubpF/Ps1mxfRYJDgv1ab9
rF/BPmUy2KVv/v/7hwuLnoPcI7eu/HO7vZN+/ddAQXVgF4WCKyEQifJY4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJb+Povc3TyC0mD5ZOLkPWwYJihwMB8GA1UdIwQY
MBaAFDU/F/S7sZNG3Fr8DCNYefvmNXxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlQ4WDlMdXhrMGJjV3Z3TUkxaDUtLVkxZkcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wYTI0YjUtYjlhZC00OGE2LWFkZjct
OWZkODRjNzliMGVmLzEvTlQ4WDlMdXhrMGJjV3Z3TUkxaDUtLVkxZkcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wYTI0YjUtYjlhZC00OGE2LWFkZjctOWZkODRjNzliMGVm
LzEvTlQ4WDlMdXhrMGJjV3Z3TUkxaDUtLVkxZkcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABAlWLivM
b3dO7YmMLWwOwbggdXBkkM4H5vEPAp4+UD7VTMOrdMpb890z+FFuIdhEdpfipeeW
8hdkzOIVt/GCFaFknotoxJSPoSeJkQRT3URz1JFoNXJ7Dv1aSyX9f4VszJfOrNtR
3rK2yZgEE1sW/wl1H/3JQiRf372G5x8noonplSgupbbjvN15MATWjYUZtboGoNkh
ko5IIFi9FZhp57KNiF1B1PlYALce5kO2dDvNOs1VEbPVr772bycJSKkgRh6Dd+e7
GnBxs2DeACO/OcNvvVhCWUzgqGjw0ScKSQkCCLviwpyycJlV2GTGaDgqAz/53AJ3
E5gZdzMGbYO14Q==
-----END CERTIFICATE-----
Generated at Mon Oct 27 01:28:33 2025 by rpki-client