Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
File: NVyaW8uDQBCKQchiduHLlKYefak.mft (raw, json)
Hash identifier: JBIIBE6D12ZlfvJxi8EaXOdXxium74Br86Vzqa5XneM=
Subject key identifier: 57:B2:97:B1:F8:A5:C4:2F:35:96:00:E1:0C:2F:2E:36:9E:4D:10:D1
Authority key identifier: 35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
Certificate issuer: /CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Certificate serial: 019A28F916294BF588DDD46BF8909DB0DDFF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
Manifest number: 0F92
Signing time: Tue 28 Oct 2025 04:00:03 +0000
Manifest this update: Tue 28 Oct 2025 04:00:03 +0000
Manifest next update: Wed 29 Oct 2025 04:00:03 +0000
Files and hashes: 1: 5KKpk9qEveM_ucLAOYR8lDjQsvs.roa (hash: FsEABHDgSk6DaTySsepeca9yMLpdy1J0E11YMBOaZ9k=)
2: NVyaW8uDQBCKQchiduHLlKYefak.crl (hash: L1rVNDBdJoapuDa1ULRTsYxJeX9CPXKcBehEENf3vHQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:28:f9:16:29:4b:f5:88:dd:d4:6b:f8:90:9d:b0:dd:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Validity
Not Before: Oct 28 04:00:03 2025 GMT
Not After : Oct 29 04:00:03 2025 GMT
Subject: CN=57b297b1f8a5c42f359600e10c2f2e369e4d10d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cc:3a:d6:a4:a7:fa:c9:f4:60:63:5b:22:d9:
ba:f6:6c:df:b5:7d:ee:f6:75:c3:1e:de:ff:a9:48:
b3:00:d8:d9:fd:23:c3:5e:79:88:d9:17:58:66:a8:
b3:8a:b6:06:9f:91:e6:67:d8:69:c8:d2:cd:54:8d:
5a:71:71:5a:91:cb:7e:64:f5:fd:45:0e:c4:a8:15:
3c:f4:83:7c:b1:7a:b5:b3:2a:4e:eb:82:81:87:93:
d6:d1:5e:af:c7:f9:13:20:b6:63:1a:80:dc:3f:ca:
ec:df:31:20:ed:d8:53:0f:58:59:e6:97:9a:55:8b:
12:4f:bb:61:f9:72:42:6f:f6:2b:bf:7b:39:e7:6b:
a5:28:0a:d2:9d:04:22:5c:f1:a7:8b:69:cf:d9:63:
35:f9:1a:da:b8:9d:ab:03:bb:ae:d4:65:ba:98:55:
77:65:3c:ca:1c:c6:03:5c:66:89:c5:8e:f4:a2:c5:
2c:a1:d5:0e:24:4e:7a:a4:68:8e:50:10:a3:8f:eb:
73:6d:28:05:41:2f:18:25:ed:f7:d6:d9:ec:6f:71:
42:d3:65:d9:97:b8:2d:5a:f4:e6:f6:84:65:da:e5:
ba:35:4e:0c:9a:ff:4e:21:1c:be:07:c4:ea:c1:92:
3d:a6:48:df:ac:28:7f:2a:df:42:a1:90:e6:36:7c:
b7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:B2:97:B1:F8:A5:C4:2F:35:96:00:E1:0C:2F:2E:36:9E:4D:10:D1
X509v3 Authority Key Identifier:
keyid:35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:6a:65:b1:4a:c2:be:ae:64:95:0e:bd:ac:81:08:1f:24:11:
c7:8c:0c:1b:fa:0a:35:30:88:3e:69:9f:cd:0f:34:dc:91:35:
61:87:a9:6d:81:5c:fb:49:8f:73:24:f6:24:bf:56:ef:cc:03:
db:2d:9e:9f:fb:b0:e8:7a:d0:4a:42:b1:95:dc:c7:d2:cd:25:
de:d5:17:d8:44:77:1c:6c:b5:f3:b0:cb:78:17:4e:f4:70:79:
ea:87:09:d3:59:4c:c5:60:81:76:1a:5c:d0:1a:fa:1b:46:af:
30:70:74:d7:c8:d9:e0:c9:a4:48:a7:a1:0d:c7:6e:d3:20:61:
9b:75:82:3b:b5:0e:58:ed:e1:bb:ae:cc:37:9e:af:c5:9c:31:
a1:83:8c:ef:a7:09:db:b0:be:04:f5:0a:d0:ad:8c:b8:76:39:
8e:a0:be:56:22:82:16:d3:c7:06:94:8d:b8:0b:fe:15:04:2e:
30:1c:60:c1:6e:3f:c0:74:2e:df:db:6c:c2:42:99:44:76:13:
c1:eb:10:91:e7:80:8b:5e:08:11:d7:da:23:bc:82:af:04:58:
af:6f:08:0c:34:56:a1:81:46:83:ce:58:0d:78:5f:f7:03:03:
55:17:7e:e2:22:4b:b8:45:ed:8a:b2:37:eb:2c:52:e2:2c:a3:
6f:d2:2d:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoo+RYpS/WI3dRr+JCdsN3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NWM5YTViY2I4MzQwMTA4YTQxYzg2Mjc2ZTFjYjk0YTYx
ZTdkYTkwHhcNMjUxMDI4MDQwMDAzWhcNMjUxMDI5MDQwMDAzWjAzMTEwLwYDVQQD
Eyg1N2IyOTdiMWY4YTVjNDJmMzU5NjAwZTEwYzJmMmUzNjllNGQxMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusw61qSn+sn0YGNbItm69mzftX3u
9nXDHt7/qUizANjZ/SPDXnmI2RdYZqizirYGn5HmZ9hpyNLNVI1acXFakct+ZPX9
RQ7EqBU89IN8sXq1sypO64KBh5PW0V6vx/kTILZjGoDcP8rs3zEg7dhTD1hZ5pea
VYsST7th+XJCb/Yrv3s552ulKArSnQQiXPGni2nP2WM1+RrauJ2rA7uu1GW6mFV3
ZTzKHMYDXGaJxY70osUsodUOJE56pGiOUBCjj+tzbSgFQS8YJe331tnsb3FC02XZ
l7gtWvTm9oRl2uW6NU4Mmv9OIRy+B8TqwZI9pkjfrCh/Kt9CoZDmNny3bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFeyl7H4pcQvNZYA4QwvLjaeTRDRMB8GA1UdIwQY
MBaAFDVcmlvLg0AQikHIYnbhy5SmHn2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTct
MzBkNjRmZjcwYjkwLzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTctMzBkNjRmZjcwYjkw
LzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc2plsUrC
vq5klQ69rIEIHyQRx4wMG/oKNTCIPmmfzQ803JE1YYepbYFc+0mPcyT2JL9W78wD
2y2en/uw6HrQSkKxldzH0s0l3tUX2ER3HGy187DLeBdO9HB56ocJ01lMxWCBdhpc
0Br6G0avMHB018jZ4MmkSKehDcdu0yBhm3WCO7UOWO3hu67MN56vxZwxoYOM76cJ
27C+BPUK0K2MuHY5jqC+ViKCFtPHBpSNuAv+FQQuMBxgwW4/wHQu39tswkKZRHYT
wesQkeeAi14IEdfaI7yCrwRYr28IDDRWoYFGg85YDXhf9wMDVRd+4iJLuEXtirI3
6yxS4iyjb9It0Q==
-----END CERTIFICATE-----
Generated at Tue Oct 28 06:23:13 2025 by rpki-client