Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File: NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier: v697XDuFk50ft+ZvbVHboYU7DH1H5RniSrGvCJ+x5pk=
Subject key identifier: B3:E6:DB:8B:C9:4F:70:2B:CC:2E:44:41:4C:0E:5C:70:15:2E:96:5E
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer: /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial: 019A18E25E9773EE822A2A7A19F3AA3D985E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number: 0390
Signing time: Sat 25 Oct 2025 01:01:19 +0000
Manifest this update: Sat 25 Oct 2025 01:01:19 +0000
Manifest next update: Sun 26 Oct 2025 01:01:19 +0000
Files and hashes: 1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: kWhaztRacrQ4jJM1OspnOf7y6y+P/Av56R7izypfouw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 01:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:18:e2:5e:97:73:ee:82:2a:2a:7a:19:f3:aa:3d:98:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
Validity
Not Before: Oct 25 01:01:19 2025 GMT
Not After : Oct 26 01:01:19 2025 GMT
Subject: CN=b3e6db8bc94f702bcc2e44414c0e5c70152e965e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d1:43:2c:8d:56:dc:83:df:42:7f:43:c3:56:
04:4e:bd:02:70:45:bb:5c:e9:6a:34:2d:fd:74:fd:
85:60:55:a0:fd:58:bb:00:c3:5b:a6:88:3a:02:bf:
68:c1:89:08:e4:a0:98:30:d0:d9:e2:a8:ea:22:97:
3c:63:7b:6f:e7:2a:d4:cd:85:ca:60:67:64:a1:db:
0b:73:38:bf:80:4a:cb:83:4e:41:5f:aa:dc:f7:f4:
9f:c2:1d:cc:a4:91:f1:5e:ba:a2:1f:f6:52:9e:07:
1d:dd:86:18:4f:63:4d:ae:01:69:cd:a7:25:ce:b6:
37:57:6c:cb:7b:e0:45:34:52:46:98:51:d5:ad:46:
36:a8:89:47:ee:96:88:0d:6f:82:54:82:78:ad:1b:
b2:14:03:84:b1:f4:77:9b:7d:c3:0b:40:87:02:db:
de:27:67:b3:7c:d1:6b:5b:66:13:12:20:dd:4b:43:
28:4a:3a:07:7b:4d:a1:d3:e8:49:47:e7:13:18:ce:
69:65:74:cb:53:af:f7:5d:36:0a:f1:2e:fc:35:3e:
18:81:f6:aa:a0:2e:6f:3a:37:c2:b9:7d:fa:86:57:
ba:2c:74:00:b4:5b:ce:be:3c:89:b6:4b:2b:40:fa:
09:c8:6c:f3:63:79:73:3b:8a:9e:e0:cf:7f:0a:28:
e1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E6:DB:8B:C9:4F:70:2B:CC:2E:44:41:4C:0E:5C:70:15:2E:96:5E
X509v3 Authority Key Identifier:
keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:f7:c9:06:6c:25:2e:72:7b:05:cc:92:e1:da:1f:d0:55:39:
ea:ad:c9:07:44:1c:42:ad:01:44:33:9d:9f:bb:0c:b3:9e:4b:
ba:d7:d0:40:a4:ce:98:77:43:f5:42:91:0d:d9:49:f9:e9:8c:
c6:23:39:57:e1:8f:ad:eb:24:e2:6f:af:0d:8c:3f:3a:2a:24:
e4:17:3a:fe:f6:1f:30:a3:1c:52:3b:4e:ac:5d:52:ec:c2:63:
1f:e2:13:fc:30:d1:cd:59:58:aa:06:5c:56:9a:65:7f:1c:fb:
51:98:2c:00:5e:e7:c3:05:a5:98:e4:e6:49:bb:0d:54:df:24:
36:33:76:5c:72:c7:08:ed:ec:c0:aa:75:e0:27:97:0b:93:df:
fb:4f:48:81:a5:db:eb:c3:64:54:4f:da:01:e3:e2:1b:90:ef:
db:45:7b:fd:03:a6:80:54:ea:cf:5a:42:97:ff:39:29:fa:04:
15:11:dc:f1:7c:9a:89:dd:4a:f2:3c:b2:63:51:03:ff:3c:4f:
39:c8:f9:bb:55:4e:43:76:c5:fa:b0:ca:c5:3e:fa:b6:6a:1d:
4c:57:fd:42:fb:94:38:66:8d:fd:51:32:03:7b:20:43:c2:a5:
53:4d:5e:7d:e9:55:4d:07:d5:36:30:bb:f1:e6:b4:73:19:36:
d2:4f:4a:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoY4l6Xc+6CKip6GfOqPZheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjUxMDI1MDEwMTE5WhcNMjUxMDI2MDEwMTE5WjAzMTEwLwYDVQQD
EyhiM2U2ZGI4YmM5NGY3MDJiY2MyZTQ0NDE0YzBlNWM3MDE1MmU5NjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9FDLI1W3IPfQn9Dw1YETr0CcEW7
XOlqNC39dP2FYFWg/Vi7AMNbpog6Ar9owYkI5KCYMNDZ4qjqIpc8Y3tv5yrUzYXK
YGdkodsLczi/gErLg05BX6rc9/Sfwh3MpJHxXrqiH/ZSngcd3YYYT2NNrgFpzacl
zrY3V2zLe+BFNFJGmFHVrUY2qIlH7paIDW+CVIJ4rRuyFAOEsfR3m33DC0CHAtve
J2ezfNFrW2YTEiDdS0MoSjoHe02h0+hJR+cTGM5pZXTLU6/3XTYK8S78NT4Ygfaq
oC5vOjfCuX36hle6LHQAtFvOvjyJtksrQPoJyGzzY3lzO4qe4M9/CijhyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLPm24vJT3ArzC5EQUwOXHAVLpZeMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjvfJBmwl
LnJ7BcyS4dof0FU56q3JB0QcQq0BRDOdn7sMs55LutfQQKTOmHdD9UKRDdlJ+emM
xiM5V+GPresk4m+vDYw/Oiok5Bc6/vYfMKMcUjtOrF1S7MJjH+IT/DDRzVlYqgZc
Vpplfxz7UZgsAF7nwwWlmOTmSbsNVN8kNjN2XHLHCO3swKp14CeXC5Pf+09IgaXb
68NkVE/aAePiG5Dv20V7/QOmgFTqz1pCl/85KfoEFRHc8Xyaid1K8jyyY1ED/zxP
Ocj5u1VOQ3bF+rDKxT76tmodTFf9QvuUOGaN/VEyA3sgQ8KlU01efelVTQfVNjC7
8ea0cxk20k9KPg==
-----END CERTIFICATE-----
Generated at Sat Oct 25 10:41:59 2025 by rpki-client