Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.mft
File: niX4djqjUWiba6M2JpqyHE4BILM.mft (raw, json)
Hash identifier: ibMHMZxePvHG554R0LDP7BaO8NjKQ4VluElzkxS4j04=
Subject key identifier: 42:0E:B6:22:7E:8C:54:48:64:12:40:51:B7:CD:BA:A9:88:17:5F:3F
Authority key identifier: 9E:25:F8:76:3A:A3:51:68:9B:6B:A3:36:26:9A:B2:1C:4E:01:20:B3
Certificate issuer: /CN=9e25f8763aa351689b6ba336269ab21c4e0120b3
Certificate serial: 019A722663C422FBC29241462F532D73E2A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/niX4djqjUWiba6M2JpqyHE4BILM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.mft
Manifest number: 0543
Signing time: Tue 11 Nov 2025 09:01:49 +0000
Manifest this update: Tue 11 Nov 2025 09:01:49 +0000
Manifest next update: Wed 12 Nov 2025 09:01:49 +0000
Files and hashes: 1: 3lv0MS0KMvs2NqTlqtd3HvxtHfA.roa (hash: Jn8Yd6x4goPshXFFHZFFSl5WpHb8SXFgvxZ7Lsgfvu4=)
2: niX4djqjUWiba6M2JpqyHE4BILM.crl (hash: pcNRGUqb1Cb/x4FjxOhSkWenMoQjoXMNWlOjaWgjPGw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.mft
rsync://rpki.ripe.net/repository/DEFAULT/niX4djqjUWiba6M2JpqyHE4BILM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:63:c4:22:fb:c2:92:41:46:2f:53:2d:73:e2:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e25f8763aa351689b6ba336269ab21c4e0120b3
Validity
Not Before: Nov 11 09:01:49 2025 GMT
Not After : Nov 12 09:01:49 2025 GMT
Subject: CN=420eb6227e8c544864124051b7cdbaa988175f3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c1:38:e6:1b:46:80:36:52:84:76:4b:3d:e5:
ae:2c:d5:49:ce:fd:19:d3:08:e6:fc:28:e2:f8:11:
d9:d6:b8:32:10:ec:b8:25:a9:a5:55:78:31:eb:06:
96:ce:2f:65:23:ae:58:de:12:1c:17:ff:0b:4d:ee:
3c:42:6c:cf:72:03:2c:37:38:45:e5:bf:ae:96:5c:
52:e2:a5:a6:e7:b4:5c:27:da:2f:37:10:e7:e7:cb:
34:15:31:85:1f:e1:5a:d9:c7:71:b2:4a:c7:54:07:
6d:3a:82:8a:51:5f:ae:9d:5b:d6:63:e5:1c:34:8f:
0c:9c:da:09:64:cf:41:aa:85:91:64:84:3f:ca:d2:
1a:54:32:5e:ab:48:f4:df:77:41:7d:1d:1c:f6:2b:
63:92:0c:e1:7c:18:f1:f3:69:23:f9:af:c7:93:dc:
f9:c3:a9:d1:3b:f3:27:55:6e:11:2c:9a:d2:70:04:
cc:d6:da:98:93:3d:b2:e3:e1:97:ce:76:0a:12:ff:
55:e3:ac:c6:fa:d8:64:f6:16:d2:5b:10:b5:9a:e0:
90:34:2d:44:d4:50:dd:2c:69:c4:91:7f:4a:d4:6c:
31:62:1f:0c:9e:b0:f6:ab:ba:d2:a2:d7:3c:57:b7:
45:55:60:d6:40:d3:cc:46:a1:86:f0:dd:29:58:1e:
d3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0E:B6:22:7E:8C:54:48:64:12:40:51:B7:CD:BA:A9:88:17:5F:3F
X509v3 Authority Key Identifier:
keyid:9E:25:F8:76:3A:A3:51:68:9B:6B:A3:36:26:9A:B2:1C:4E:01:20:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/niX4djqjUWiba6M2JpqyHE4BILM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:e8:a9:23:85:7e:44:72:30:59:83:c9:02:d7:9d:e5:6b:71:
a4:b4:03:eb:aa:83:26:55:12:bb:c4:88:7a:47:0d:b5:f2:49:
ad:fa:c4:b8:3d:7a:95:a3:d9:72:d3:8c:1a:2e:04:4e:f4:0b:
5a:4b:37:ec:1b:86:3b:f2:f0:48:71:0a:e0:87:03:f3:38:7c:
85:c3:c9:2a:55:4a:a3:69:6d:1e:38:c0:8c:cd:f3:d8:00:2c:
17:c4:0f:b0:47:7d:41:35:f1:cb:96:2d:eb:b5:b2:aa:d5:3a:
88:9e:86:03:d2:4e:03:46:ee:32:a6:94:5f:26:c6:7b:dc:3e:
7a:c5:75:10:55:ff:7d:dd:c4:a8:22:99:b3:83:79:4e:35:ef:
50:87:d1:b7:34:21:57:f5:24:84:ed:86:79:e2:6d:31:2a:5d:
3e:b2:f8:b2:ae:ba:3a:02:1a:f9:fd:1d:27:c4:9a:f2:84:e0:
b5:bb:c7:54:79:f1:23:76:73:a3:3d:3b:d0:4e:15:e8:ab:ed:
46:94:bc:34:c2:cc:c0:2f:9d:6f:5e:10:d4:03:8f:c0:f9:75:
63:7d:1e:94:64:ae:94:45:9d:b1:2a:77:f3:e8:28:72:29:e8:
9a:8b:86:1c:82:a7:cf:27:27:19:14:c5:1d:8b:d2:15:9f:18:
51:b9:32:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJmPEIvvCkkFGL1Mtc+KjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMjVmODc2M2FhMzUxNjg5YjZiYTMzNjI2OWFiMjFjNGUw
MTIwYjMwHhcNMjUxMTExMDkwMTQ5WhcNMjUxMTEyMDkwMTQ5WjAzMTEwLwYDVQQD
Eyg0MjBlYjYyMjdlOGM1NDQ4NjQxMjQwNTFiN2NkYmFhOTg4MTc1ZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuME45htGgDZShHZLPeWuLNVJzv0Z
0wjm/Cji+BHZ1rgyEOy4JamlVXgx6waWzi9lI65Y3hIcF/8LTe48QmzPcgMsNzhF
5b+ullxS4qWm57RcJ9ovNxDn58s0FTGFH+Fa2cdxskrHVAdtOoKKUV+unVvWY+Uc
NI8MnNoJZM9BqoWRZIQ/ytIaVDJeq0j033dBfR0c9itjkgzhfBjx82kj+a/Hk9z5
w6nRO/MnVW4RLJrScATM1tqYkz2y4+GXznYKEv9V46zG+thk9hbSWxC1muCQNC1E
1FDdLGnEkX9K1GwxYh8MnrD2q7rSotc8V7dFVWDWQNPMRqGG8N0pWB7T2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIOtiJ+jFRIZBJAUbfNuqmIF18/MB8GA1UdIwQY
MBaAFJ4l+HY6o1Fom2ujNiaashxOASCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmlYNGRqcWpVV2liYTZNMkpwcXlIRTRCSUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8wYTQ1NjQtYTUyNS00NjE1LTlhM2Et
ODkzMGViYjgzZTMxLzEvbmlYNGRqcWpVV2liYTZNMkpwcXlIRTRCSUxNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8wYTQ1NjQtYTUyNS00NjE1LTlhM2EtODkzMGViYjgzZTMx
LzEvbmlYNGRqcWpVV2liYTZNMkpwcXlIRTRCSUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATuipI4V+
RHIwWYPJAted5WtxpLQD66qDJlUSu8SIekcNtfJJrfrEuD16laPZctOMGi4ETvQL
Wks37BuGO/LwSHEK4IcD8zh8hcPJKlVKo2ltHjjAjM3z2AAsF8QPsEd9QTXxy5Yt
67WyqtU6iJ6GA9JOA0buMqaUXybGe9w+esV1EFX/fd3EqCKZs4N5TjXvUIfRtzQh
V/UkhO2GeeJtMSpdPrL4sq66OgIa+f0dJ8Sa8oTgtbvHVHnxI3Zzoz070E4V6Kvt
RpS8NMLMwC+db14Q1AOPwPl1Y30elGSulEWdsSp38+gocinomouGHIKnzycnGRTF
HYvSFZ8YUbkyPg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:44 2025 by rpki-client