Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
File: NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft (raw, json)
Hash identifier: EBswPQHleus5eHb1sKfol0OZfXSWgEKRiUVOkjPTQLM=
Subject key identifier: 4B:F2:7B:A9:C3:14:3F:24:A2:D0:B2:E7:D0:31:F9:8D:C1:CE:9B:0D
Authority key identifier: 35:D7:DB:AA:75:EF:34:20:D8:D9:45:91:30:ED:01:DC:53:51:36:FB
Certificate issuer: /CN=35d7dbaa75ef3420d8d9459130ed01dc535136fb
Certificate serial: 019A714A0A084A7CF2AF632CEE3CE6267990
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdfbqnXvNCDY2UWRMO0B3FNRNvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
Manifest number: 04F0
Signing time: Tue 11 Nov 2025 05:01:08 +0000
Manifest this update: Tue 11 Nov 2025 05:01:08 +0000
Manifest next update: Wed 12 Nov 2025 05:01:08 +0000
Files and hashes: 1: NdfbqnXvNCDY2UWRMO0B3FNRNvs.crl (hash: wnNZJBbFAfp5NiUtV8pKO+0e4mDZd5jgwMsU1bmAtH4=)
2: okivhnQi7w6GWYPlNEAmkXkmxpY.roa (hash: k4R8rWTOlMy3O5fk1lka5CmGZaX0JQEHHbZQX1i51u4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
rsync://rpki.ripe.net/repository/DEFAULT/NdfbqnXvNCDY2UWRMO0B3FNRNvs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:0a:08:4a:7c:f2:af:63:2c:ee:3c:e6:26:79:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35d7dbaa75ef3420d8d9459130ed01dc535136fb
Validity
Not Before: Nov 11 05:01:08 2025 GMT
Not After : Nov 12 05:01:08 2025 GMT
Subject: CN=4bf27ba9c3143f24a2d0b2e7d031f98dc1ce9b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f0:7c:54:a4:f8:2f:22:d4:ef:19:47:e2:3e:
1e:b5:5b:ab:0b:b3:a5:90:de:7c:f3:10:db:61:c5:
90:a6:4a:e2:21:83:ab:40:e1:fa:e6:94:22:0c:47:
1b:01:0f:2d:4d:56:93:cf:12:1c:5f:d6:9a:d4:ce:
66:31:29:9c:f7:50:10:3a:43:60:c5:4f:82:a5:f9:
6d:a5:0e:aa:10:c4:30:83:69:1f:de:00:54:39:f5:
d1:ae:e5:0d:40:86:10:58:7a:15:4a:7f:10:58:f2:
15:2a:7e:df:9b:04:1a:00:51:19:53:04:dc:3a:10:
b8:02:56:aa:69:72:3e:c9:30:bb:16:0f:ec:f3:37:
b4:22:69:c8:35:b1:ff:36:80:a7:75:62:2a:d3:50:
92:db:6f:0d:c4:98:c4:4d:15:0d:1a:cc:de:00:20:
62:89:6f:31:7c:66:a8:10:0c:56:cb:ba:f9:ae:c1:
9a:a8:65:4b:d4:06:3f:f7:2b:bf:2f:9b:d7:69:18:
16:ac:d1:28:76:1a:d0:27:b5:f6:fe:c4:50:e6:3c:
22:f8:cc:a7:ec:dd:1f:2e:ca:f0:f2:f0:09:c9:a8:
7d:b3:57:ec:db:82:b6:7c:70:1b:fa:3d:53:f4:fe:
6e:2c:6d:e6:8b:9c:5e:67:22:07:96:07:c9:91:b2:
55:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F2:7B:A9:C3:14:3F:24:A2:D0:B2:E7:D0:31:F9:8D:C1:CE:9B:0D
X509v3 Authority Key Identifier:
keyid:35:D7:DB:AA:75:EF:34:20:D8:D9:45:91:30:ED:01:DC:53:51:36:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdfbqnXvNCDY2UWRMO0B3FNRNvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:b3:29:e2:42:97:76:50:6a:d9:67:76:d3:d8:6b:04:e9:96:
ab:ec:a8:8e:3f:e6:de:60:ee:63:de:24:9b:34:ff:4c:c4:e1:
45:20:cf:19:a3:23:bc:41:22:47:f3:b3:e0:f1:a0:b9:9f:fc:
43:25:54:a7:b3:db:20:3d:a4:5b:63:32:26:29:d5:41:d4:65:
f3:05:af:7f:71:95:ff:0a:d8:1e:8d:1b:08:f7:07:88:e9:89:
e2:94:f4:7e:1c:f6:1c:1d:02:8e:f9:0a:42:9d:bd:c5:18:34:
5a:18:e7:ca:a1:ec:9a:a3:68:96:ac:de:c3:02:e6:1e:a7:ac:
e5:ef:ae:c2:0b:b5:34:e9:93:48:f9:51:83:ab:86:12:8b:d9:
6a:00:3f:46:36:26:54:59:d9:21:e1:5c:6b:6e:5c:a8:a5:ea:
69:59:8a:bd:b9:c1:0f:2e:50:9d:c5:25:b1:2c:40:99:d9:74:
d3:e8:69:f2:9a:6d:a3:26:c6:1b:29:36:b2:a7:5c:1c:3a:3f:
48:66:69:ec:20:87:d3:4e:b0:20:79:ce:22:61:49:20:4c:c5:
62:20:59:27:61:52:32:98:c8:df:1a:84:0e:1f:27:2e:4d:17:
f7:5f:c2:94:2c:33:ba:8c:79:3a:27:67:e6:46:67:33:11:f8:
5d:de:83:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSgoISnzyr2Ms7jzmJnmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZDdkYmFhNzVlZjM0MjBkOGQ5NDU5MTMwZWQwMWRjNTM1
MTM2ZmIwHhcNMjUxMTExMDUwMTA4WhcNMjUxMTEyMDUwMTA4WjAzMTEwLwYDVQQD
Eyg0YmYyN2JhOWMzMTQzZjI0YTJkMGIyZTdkMDMxZjk4ZGMxY2U5YjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/B8VKT4LyLU7xlH4j4etVurC7Ol
kN588xDbYcWQpkriIYOrQOH65pQiDEcbAQ8tTVaTzxIcX9aa1M5mMSmc91AQOkNg
xU+CpfltpQ6qEMQwg2kf3gBUOfXRruUNQIYQWHoVSn8QWPIVKn7fmwQaAFEZUwTc
OhC4AlaqaXI+yTC7Fg/s8ze0ImnINbH/NoCndWIq01CS228NxJjETRUNGszeACBi
iW8xfGaoEAxWy7r5rsGaqGVL1AY/9yu/L5vXaRgWrNEodhrQJ7X2/sRQ5jwi+Myn
7N0fLsrw8vAJyah9s1fs24K2fHAb+j1T9P5uLG3mi5xeZyIHlgfJkbJVzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEvye6nDFD8kotCy59Ax+Y3BzpsNMB8GA1UdIwQY
MBaAFDXX26p17zQg2NlFkTDtAdxTUTb7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmRmYnFuWHZOQ0RZMlVXUk1PMEIzRk5STnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi85YThhM2ItOWI0NC00OWNhLWI2NzQt
ZDkyYzkzODBhZjMzLzEvTmRmYnFuWHZOQ0RZMlVXUk1PMEIzRk5STnZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi85YThhM2ItOWI0NC00OWNhLWI2NzQtZDkyYzkzODBhZjMz
LzEvTmRmYnFuWHZOQ0RZMlVXUk1PMEIzRk5STnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAErMp4kKX
dlBq2Wd209hrBOmWq+yojj/m3mDuY94kmzT/TMThRSDPGaMjvEEiR/Oz4PGguZ/8
QyVUp7PbID2kW2MyJinVQdRl8wWvf3GV/wrYHo0bCPcHiOmJ4pT0fhz2HB0CjvkK
Qp29xRg0WhjnyqHsmqNolqzewwLmHqes5e+uwgu1NOmTSPlRg6uGEovZagA/RjYm
VFnZIeFca25cqKXqaVmKvbnBDy5QncUlsSxAmdl00+hp8pptoybGGyk2sqdcHDo/
SGZp7CCH006wIHnOImFJIEzFYiBZJ2FSMpjI3xqEDh8nLk0X91/ClCwzuox5Oidn
5kZnMxH4Xd6DCA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:48 2025 by rpki-client