Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
File: NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft (raw, json)
Hash identifier: Rr21mLUiGVfhZpNaWUtbbEHGZEPETtqgbCjro/mxy58=
Subject key identifier: 80:1C:03:B1:E1:AF:12:F0:3A:DE:46:EA:CD:35:AF:FE:18:A0:FD:3B
Authority key identifier: 35:D7:DB:AA:75:EF:34:20:D8:D9:45:91:30:ED:01:DC:53:51:36:FB
Certificate issuer: /CN=35d7dbaa75ef3420d8d9459130ed01dc535136fb
Certificate serial: 01992330FED177FC78A0743092B8C0272214
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdfbqnXvNCDY2UWRMO0B3FNRNvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
Manifest number: 0443
Signing time: Sun 07 Sep 2025 08:00:37 +0000
Manifest this update: Sun 07 Sep 2025 08:00:37 +0000
Manifest next update: Mon 08 Sep 2025 08:00:37 +0000
Files and hashes: 1: NdfbqnXvNCDY2UWRMO0B3FNRNvs.crl (hash: LHE35RjVXpKOeR7BfDg45FcHaISvW72xmNEshNw7Ooc=)
2: okivhnQi7w6GWYPlNEAmkXkmxpY.roa (hash: k4R8rWTOlMy3O5fk1lka5CmGZaX0JQEHHbZQX1i51u4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
rsync://rpki.ripe.net/repository/DEFAULT/NdfbqnXvNCDY2UWRMO0B3FNRNvs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:30:fe:d1:77:fc:78:a0:74:30:92:b8:c0:27:22:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35d7dbaa75ef3420d8d9459130ed01dc535136fb
Validity
Not Before: Sep 7 08:00:37 2025 GMT
Not After : Sep 8 08:00:37 2025 GMT
Subject: CN=801c03b1e1af12f03ade46eacd35affe18a0fd3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6e:8e:d7:61:96:66:01:fb:0b:2b:ce:50:0b:
1b:6d:51:4a:86:e3:03:08:67:9d:e0:22:90:b2:60:
26:bd:84:58:fb:a4:d8:d2:eb:a9:53:ed:99:d3:bd:
bd:8d:ef:56:60:c4:fe:81:71:47:8a:de:67:aa:1b:
61:1b:1a:06:f5:f4:e7:c3:c1:1b:e0:e0:c6:94:5a:
50:64:9e:94:1d:de:90:08:0a:e6:21:ea:25:f3:0a:
54:1d:bf:59:f9:15:06:c8:fe:37:e2:75:ee:a9:28:
ec:e6:dc:ac:ad:7e:f5:d2:ce:c0:d3:6d:3c:b4:48:
c6:2e:91:68:1c:6b:ac:15:c7:eb:74:37:56:46:1b:
f5:c5:8c:3a:9a:e1:4f:1f:3e:7a:d3:d2:ff:5e:22:
45:77:bc:c7:0e:d5:01:26:cd:99:72:fa:08:4e:17:
bc:23:4e:62:ef:49:01:2c:1b:4b:eb:45:c3:d4:c9:
f8:f3:6e:43:f9:c5:7b:60:8b:d8:a3:6e:84:a8:6f:
2f:7d:58:ae:b5:7f:90:0e:7f:5e:ef:d2:a5:3e:ae:
d7:87:a4:9b:fc:86:80:3b:f2:4a:72:9e:3e:05:91:
93:2b:c7:9c:21:48:09:4e:40:02:4a:8d:07:1c:45:
05:8a:92:1b:ad:e1:70:88:97:3e:80:2a:b7:a1:9a:
c4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:1C:03:B1:E1:AF:12:F0:3A:DE:46:EA:CD:35:AF:FE:18:A0:FD:3B
X509v3 Authority Key Identifier:
keyid:35:D7:DB:AA:75:EF:34:20:D8:D9:45:91:30:ED:01:DC:53:51:36:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdfbqnXvNCDY2UWRMO0B3FNRNvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:7e:1b:6f:d2:27:2c:05:f6:df:28:62:c6:a1:74:8b:7d:d0:
03:3d:3e:ba:90:15:76:3e:a1:f3:03:c4:d8:d1:62:e2:fe:05:
94:91:e8:87:1d:23:75:91:91:14:5d:c4:73:4f:df:69:b6:0c:
ca:27:36:64:8b:51:ae:87:4a:36:d5:ce:88:95:69:64:b2:31:
65:d4:39:46:6a:69:11:be:b1:ec:f5:c6:e6:c6:c8:28:8b:ed:
20:80:c8:e5:a4:6f:00:38:5a:e4:65:79:35:23:9d:86:fc:41:
1e:d7:21:1f:1a:8f:9d:c7:68:a6:64:5b:ac:24:3d:c8:64:89:
af:d3:7f:a1:55:56:5e:b3:87:2d:56:bf:ee:69:1f:01:0e:3f:
a6:de:9d:fd:c6:ac:c8:02:53:ba:f0:37:9c:a4:0f:fa:8d:aa:
7f:5b:f4:4e:fe:12:62:06:96:d9:66:0e:02:50:a5:73:3a:73:
e0:37:87:50:d8:1f:72:ab:ef:5c:8c:d0:46:bd:0e:06:ad:34:
35:13:bb:cc:56:2f:39:28:1a:ca:43:87:f5:76:06:fe:be:03:
35:e2:bc:1f:37:f1:45:90:22:96:81:30:01:d2:d7:ce:b8:3e:
c5:74:ed:2d:39:2a:c4:f5:dc:a1:76:0c:5c:2e:8a:b4:53:49:
9a:0a:4f:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMP7Rd/x4oHQwkrjAJyIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZDdkYmFhNzVlZjM0MjBkOGQ5NDU5MTMwZWQwMWRjNTM1
MTM2ZmIwHhcNMjUwOTA3MDgwMDM3WhcNMjUwOTA4MDgwMDM3WjAzMTEwLwYDVQQD
Eyg4MDFjMDNiMWUxYWYxMmYwM2FkZTQ2ZWFjZDM1YWZmZTE4YTBmZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm6O12GWZgH7CyvOUAsbbVFKhuMD
CGed4CKQsmAmvYRY+6TY0uupU+2Z0729je9WYMT+gXFHit5nqhthGxoG9fTnw8Eb
4ODGlFpQZJ6UHd6QCArmIeol8wpUHb9Z+RUGyP434nXuqSjs5tysrX710s7A0208
tEjGLpFoHGusFcfrdDdWRhv1xYw6muFPHz5609L/XiJFd7zHDtUBJs2ZcvoIThe8
I05i70kBLBtL60XD1Mn4825D+cV7YIvYo26EqG8vfViutX+QDn9e79KlPq7Xh6Sb
/IaAO/JKcp4+BZGTK8ecIUgJTkACSo0HHEUFipIbreFwiJc+gCq3oZrEPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIAcA7HhrxLwOt5G6s01r/4YoP07MB8GA1UdIwQY
MBaAFDXX26p17zQg2NlFkTDtAdxTUTb7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmRmYnFuWHZOQ0RZMlVXUk1PMEIzRk5STnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi85YThhM2ItOWI0NC00OWNhLWI2NzQt
ZDkyYzkzODBhZjMzLzEvTmRmYnFuWHZOQ0RZMlVXUk1PMEIzRk5STnZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi85YThhM2ItOWI0NC00OWNhLWI2NzQtZDkyYzkzODBhZjMz
LzEvTmRmYnFuWHZOQ0RZMlVXUk1PMEIzRk5STnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgX4bb9In
LAX23yhixqF0i33QAz0+upAVdj6h8wPE2NFi4v4FlJHohx0jdZGRFF3Ec0/fabYM
yic2ZItRrodKNtXOiJVpZLIxZdQ5RmppEb6x7PXG5sbIKIvtIIDI5aRvADha5GV5
NSOdhvxBHtchHxqPncdopmRbrCQ9yGSJr9N/oVVWXrOHLVa/7mkfAQ4/pt6d/cas
yAJTuvA3nKQP+o2qf1v0Tv4SYgaW2WYOAlClczpz4DeHUNgfcqvvXIzQRr0OBq00
NRO7zFYvOSgaykOH9XYG/r4DNeK8HzfxRZAiloEwAdLXzrg+xXTtLTkqxPXcoXYM
XC6KtFNJmgpPCA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:49:47 2025 by rpki-client