Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.mft
File: nurBz77ElK6UV8hm5jYYZcTzAEg.mft (raw, json)
Hash identifier: GlQloLLCIKMgpjNGh8uH6dM2oKQ1x2Ikl3mcQI40HHk=
Subject key identifier: A5:39:FD:8D:51:A0:5D:23:83:2E:71:F4:2E:3A:AD:3A:BF:87:F4:06
Authority key identifier: 9E:EA:C1:CF:BE:C4:94:AE:94:57:C8:66:E6:36:18:65:C4:F3:00:48
Certificate issuer: /CN=9eeac1cfbec494ae9457c866e6361865c4f30048
Certificate serial: 019A7149BE7BD84DB501407124862C56236F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nurBz77ElK6UV8hm5jYYZcTzAEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.mft
Manifest number: 0D1A
Signing time: Tue 11 Nov 2025 05:00:49 +0000
Manifest this update: Tue 11 Nov 2025 05:00:49 +0000
Manifest next update: Wed 12 Nov 2025 05:00:49 +0000
Files and hashes: 1: mmnZOOh4xZoAyB6ozP7dMz0vpOQ.roa (hash: MPgwr3P3oOg7+ut0sMgX1kiy6aK0r7pykdMfFbGH85I=)
2: nurBz77ElK6UV8hm5jYYZcTzAEg.crl (hash: FjmwIVD1peJYfO1yjskZCZcqsWdAi4qqMd+NaONEV+Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nurBz77ElK6UV8hm5jYYZcTzAEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:be:7b:d8:4d:b5:01:40:71:24:86:2c:56:23:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eeac1cfbec494ae9457c866e6361865c4f30048
Validity
Not Before: Nov 11 05:00:49 2025 GMT
Not After : Nov 12 05:00:49 2025 GMT
Subject: CN=a539fd8d51a05d23832e71f42e3aad3abf87f406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:75:8f:7a:ae:ec:68:9d:01:3a:b7:a9:8e:8b:
98:ee:3b:eb:a9:a7:48:95:53:41:cc:6e:ff:a7:a3:
4e:b1:e9:0d:95:05:49:e2:80:ad:c3:26:69:b5:bc:
4b:7d:c2:8a:51:75:e0:48:9f:e8:b5:47:73:fa:89:
b4:29:6d:b8:34:01:25:04:6b:36:9f:ed:56:1a:43:
25:7c:15:bf:c2:ef:8c:17:d7:78:78:12:4e:54:82:
4c:79:4f:75:8b:6f:6d:a6:f4:11:c1:97:4e:29:24:
3c:8b:b3:0f:bd:a1:d2:3c:41:34:46:c3:81:fe:1c:
df:3f:89:7b:2b:cf:39:ba:77:9b:c7:4a:d2:40:aa:
37:77:6c:fd:43:60:e1:01:e4:5c:e6:07:ab:a0:de:
ac:63:9c:58:72:a2:fc:a2:ae:e4:10:34:24:3c:91:
57:75:a0:0a:ff:cd:4d:dc:90:98:c0:91:ca:ac:4d:
8c:2c:f2:34:f2:06:1f:f0:aa:9d:4e:b8:48:f8:eb:
b6:a9:d1:50:4f:2c:08:a7:95:4a:c6:96:da:2c:57:
07:cf:7b:53:37:78:2a:0b:35:d1:c7:e1:40:61:6b:
57:49:f1:95:0d:36:df:b3:a2:7f:fd:68:d6:2c:e2:
61:d7:35:71:7d:72:55:8c:3a:df:26:8a:15:7e:5b:
1b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:39:FD:8D:51:A0:5D:23:83:2E:71:F4:2E:3A:AD:3A:BF:87:F4:06
X509v3 Authority Key Identifier:
keyid:9E:EA:C1:CF:BE:C4:94:AE:94:57:C8:66:E6:36:18:65:C4:F3:00:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nurBz77ElK6UV8hm5jYYZcTzAEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
05:96:b3:60:ef:87:cb:a4:70:da:8a:aa:e9:63:b1:5f:b8:08:
eb:77:fe:ac:34:ce:76:35:c1:77:ab:97:bc:8b:e8:24:04:de:
f0:36:35:2e:2b:fa:0c:a9:61:8e:ff:90:84:a8:d6:3a:5d:b3:
ed:8b:15:ed:ed:42:48:94:98:de:2a:a4:14:13:17:f4:c7:30:
59:22:a5:75:94:09:ca:e3:96:63:f7:8a:eb:41:ff:3c:6c:ff:
e1:49:a1:65:9c:eb:f6:ca:c1:5c:03:3e:95:68:00:ee:89:58:
cb:9c:44:dc:f5:1e:e9:b4:1f:67:eb:ce:2b:53:6d:27:63:49:
a8:27:2a:66:31:da:79:24:09:c8:b0:2d:da:78:cf:07:86:f5:
23:82:46:33:1f:82:55:7b:c4:27:49:b6:ac:1c:0c:e3:80:ab:
35:4b:c3:ca:ed:f1:38:ad:15:d1:98:eb:22:df:7d:0d:7c:f6:
49:32:e0:1b:59:3d:dd:39:e2:d5:b7:5b:12:df:e9:7e:75:df:
a5:d2:98:50:ee:44:52:21:ee:39:af:31:1d:53:65:d1:58:1b:
c2:04:3b:54:b8:f1:5c:8a:20:3d:e6:ff:fa:00:b3:21:65:2d:
e4:90:4b:f6:b4:2d:bf:ae:02:b5:43:f1:06:af:63:36:f8:f4:
fe:5c:62:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSb572E21AUBxJIYsViNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZWFjMWNmYmVjNDk0YWU5NDU3Yzg2NmU2MzYxODY1YzRm
MzAwNDgwHhcNMjUxMTExMDUwMDQ5WhcNMjUxMTEyMDUwMDQ5WjAzMTEwLwYDVQQD
EyhhNTM5ZmQ4ZDUxYTA1ZDIzODMyZTcxZjQyZTNhYWQzYWJmODdmNDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznWPeq7saJ0BOrepjouY7jvrqadI
lVNBzG7/p6NOsekNlQVJ4oCtwyZptbxLfcKKUXXgSJ/otUdz+om0KW24NAElBGs2
n+1WGkMlfBW/wu+MF9d4eBJOVIJMeU91i29tpvQRwZdOKSQ8i7MPvaHSPEE0RsOB
/hzfP4l7K885unebx0rSQKo3d2z9Q2DhAeRc5geroN6sY5xYcqL8oq7kEDQkPJFX
daAK/81N3JCYwJHKrE2MLPI08gYf8KqdTrhI+Ou2qdFQTywIp5VKxpbaLFcHz3tT
N3gqCzXRx+FAYWtXSfGVDTbfs6J//WjWLOJh1zVxfXJVjDrfJooVflsbCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKU5/Y1RoF0jgy5x9C46rTq/h/QGMB8GA1UdIwQY
MBaAFJ7qwc++xJSulFfIZuY2GGXE8wBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnVyQno3N0VsSzZVVjhobTVqWVlaY1R6QUVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80N2U2MDktYjZiNy00NDNiLThhMDQt
ZTI4NWNkOGNhZDEyLzEvbnVyQno3N0VsSzZVVjhobTVqWVlaY1R6QUVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80N2U2MDktYjZiNy00NDNiLThhMDQtZTI4NWNkOGNhZDEy
LzEvbnVyQno3N0VsSzZVVjhobTVqWVlaY1R6QUVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABZazYO+H
y6Rw2oqq6WOxX7gI63f+rDTOdjXBd6uXvIvoJATe8DY1Liv6DKlhjv+QhKjWOl2z
7YsV7e1CSJSY3iqkFBMX9McwWSKldZQJyuOWY/eK60H/PGz/4UmhZZzr9srBXAM+
lWgA7olYy5xE3PUe6bQfZ+vOK1NtJ2NJqCcqZjHaeSQJyLAt2njPB4b1I4JGMx+C
VXvEJ0m2rBwM44CrNUvDyu3xOK0V0ZjrIt99DXz2STLgG1k93Tni1bdbEt/pfnXf
pdKYUO5EUiHuOa8xHVNl0VgbwgQ7VLjxXIogPeb/+gCzIWUt5JBL9rQtv64CtUPx
Bq9jNvj0/lxisA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:12:32 2025 by rpki-client