Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
File: NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json)
Hash identifier: m+llc34UNxX3WwqBVqJ2mts9S1aMkL4AkImDpm2Z8Mo=
Subject key identifier: 1E:BC:C9:90:E8:27:CB:72:D6:2C:AF:5E:8D:31:35:C6:50:D8:36:0F
Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
Certificate issuer: /CN=35483328b012c4d1968fc205de024af2f9b1dabc
Certificate serial: 0197654D4B83EB65DF5C5E0E92B6A7F022A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
Manifest number: 022A
Signing time: Thu 12 Jun 2025 18:00:53 +0000
Manifest this update: Thu 12 Jun 2025 18:00:53 +0000
Manifest next update: Fri 13 Jun 2025 18:00:53 +0000
Files and hashes: 1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: B26mvMVJFwFCgrIIBxvvdzWbJK4AjL0cCENQcf3it6Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 18:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:65:4d:4b:83:eb:65:df:5c:5e:0e:92:b6:a7:f0:22:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc
Validity
Not Before: Jun 12 18:00:53 2025 GMT
Not After : Jun 13 18:00:53 2025 GMT
Subject: CN=1ebcc990e827cb72d62caf5e8d3135c650d8360f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2a:91:50:21:32:e2:41:68:1c:9e:80:d7:a0:
e0:dc:2b:95:55:67:fd:c2:6a:65:5e:17:b3:d4:dd:
46:3c:0e:7b:42:2c:dd:76:7e:f0:71:61:ff:98:cb:
da:05:f3:7e:98:de:18:af:f1:bc:6d:b3:ed:cf:ab:
10:eb:5e:93:d9:ba:c3:a8:53:b0:43:f5:14:18:87:
75:60:4b:c8:a1:09:db:62:db:af:b5:8f:39:4b:89:
04:fd:be:4e:a5:fb:a8:a6:c3:38:6e:b2:38:7a:61:
9b:9f:30:21:d1:fc:a3:e1:ee:99:e1:37:aa:1c:2c:
a7:7d:1c:e8:e7:26:85:5b:c0:3f:78:85:1b:1d:d9:
a2:9c:f2:5f:fc:95:ff:92:21:73:0b:b0:a3:5c:90:
e1:06:ef:16:46:5c:ea:30:54:4f:14:8d:c3:22:92:
d1:cf:97:32:7c:68:17:d8:37:26:bc:ea:21:57:98:
92:1b:0d:64:46:a4:68:59:e8:6f:58:c8:74:4c:1f:
9d:89:e4:01:3a:4d:2b:70:79:8a:f8:c4:5e:97:c0:
be:d5:59:28:0a:fd:d1:81:d3:43:40:bc:06:a5:d0:
47:1b:09:55:4c:b8:60:37:c8:0f:53:0b:d5:b3:36:
23:68:b3:75:53:bc:2e:b6:64:2f:81:04:a1:e2:00:
0e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:BC:C9:90:E8:27:CB:72:D6:2C:AF:5E:8D:31:35:C6:50:D8:36:0F
X509v3 Authority Key Identifier:
keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
05:4c:c0:de:63:3a:7f:9b:04:a7:81:d7:9b:f5:9d:a3:cb:a0:
6f:70:bb:ca:c6:3d:20:89:30:ba:8b:3b:11:37:1c:f4:5d:c4:
8f:08:7e:54:e6:1a:66:d6:8c:0f:16:e5:ae:e8:05:29:51:65:
1b:6c:14:e5:1b:35:76:b2:c5:a2:fc:c2:83:1b:2c:71:70:a8:
1d:37:ef:a1:44:d8:ad:17:87:9e:ec:5f:12:80:77:d4:0f:82:
60:f4:e7:4c:0c:1e:3e:e0:15:4c:cf:fb:9d:cc:e6:2e:82:53:
3e:e6:6c:4b:42:ad:54:8e:32:dd:37:b4:db:c2:d5:d7:f5:ce:
49:e8:00:b8:2c:4b:70:61:ba:98:b1:51:9a:8a:99:91:db:ab:
1a:ca:e5:e4:0a:30:bd:ab:0d:e4:69:8f:68:bd:33:df:aa:d7:
3d:44:45:f8:07:b8:de:12:e8:b2:42:f3:9c:f2:ed:ff:a4:04:
82:a1:14:6c:d8:cb:cd:2c:72:d1:26:09:05:a3:2e:e0:71:af:
05:0d:8d:10:6c:35:44:39:f6:04:32:88:6d:2a:2e:89:81:e0:
ac:ad:2d:79:57:45:ff:d6:8a:56:7c:37:80:74:a7:bb:0f:fd:
ed:88:a8:12:72:dc:92:fe:66:20:29:a6:27:4e:b4:83:ac:5a:
0e:9e:de:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlTUuD62XfXF4Okran8CKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli
MWRhYmMwHhcNMjUwNjEyMTgwMDUzWhcNMjUwNjEzMTgwMDUzWjAzMTEwLwYDVQQD
EygxZWJjYzk5MGU4MjdjYjcyZDYyY2FmNWU4ZDMxMzVjNjUwZDgzNjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiqRUCEy4kFoHJ6A16Dg3CuVVWf9
wmplXhez1N1GPA57Qizddn7wcWH/mMvaBfN+mN4Yr/G8bbPtz6sQ616T2brDqFOw
Q/UUGId1YEvIoQnbYtuvtY85S4kE/b5OpfuopsM4brI4emGbnzAh0fyj4e6Z4Teq
HCynfRzo5yaFW8A/eIUbHdminPJf/JX/kiFzC7CjXJDhBu8WRlzqMFRPFI3DIpLR
z5cyfGgX2DcmvOohV5iSGw1kRqRoWehvWMh0TB+dieQBOk0rcHmK+MRel8C+1Vko
Cv3RgdNDQLwGpdBHGwlVTLhgN8gPUwvVszYjaLN1U7wutmQvgQSh4gAOhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB68yZDoJ8ty1iyvXo0xNcZQ2DYPMB8GA1UdIwQY
MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt
ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi
LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABUzA3mM6
f5sEp4HXm/Wdo8ugb3C7ysY9IIkwuos7ETcc9F3Ejwh+VOYaZtaMDxblrugFKVFl
G2wU5Rs1drLFovzCgxsscXCoHTfvoUTYrReHnuxfEoB31A+CYPTnTAwePuAVTM/7
nczmLoJTPuZsS0KtVI4y3Te028LV1/XOSegAuCxLcGG6mLFRmoqZkdurGsrl5Aow
vasN5GmPaL0z36rXPURF+Ae43hLoskLznPLt/6QEgqEUbNjLzSxy0SYJBaMu4HGv
BQ2NEGw1RDn2BDKIbSouiYHgrK0teVdF/9aKVnw3gHSnuw/97YioEnLckv5mICmm
J060g6xaDp7emw==
-----END CERTIFICATE-----
Generated at Fri Jun 13 04:02:43 2025 by rpki-client