Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/ff25d7-5ffa-4686-8326-69d79c9d0721/1/nfbRY1k964rv8HL-yljm8_HE5-U.mft
File: nfbRY1k964rv8HL-yljm8_HE5-U.mft (raw, json)
Hash identifier: oeQntxbZ3ClGX6mh1gpbOM0yLrglWqBMoh4CMripvf8=
Subject key identifier: FF:D9:04:31:E0:07:F0:2C:3F:BB:72:04:45:61:69:22:A8:22:55:E1
Authority key identifier: 9D:F6:D1:63:59:3D:EB:8A:EF:F0:72:FE:CA:58:E6:F3:F1:C4:E7:E5
Certificate issuer: /CN=9df6d163593deb8aeff072feca58e6f3f1c4e7e5
Certificate serial: 0197477988FC1F8BFACF2FB577015861E89E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfbRY1k964rv8HL-yljm8_HE5-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/ff25d7-5ffa-4686-8326-69d79c9d0721/1/nfbRY1k964rv8HL-yljm8_HE5-U.mft
Manifest number: 0C17
Signing time: Fri 06 Jun 2025 23:00:36 +0000
Manifest this update: Fri 06 Jun 2025 23:00:36 +0000
Manifest next update: Sat 07 Jun 2025 23:00:36 +0000
Files and hashes: 1: XM057xIBl4X4QJASTmfkRwaiNaE.roa (hash: vZ1H1/yQjb9EVPL0oyydRTCpB/F5AEPyVx/M+2z5CZ0=)
2: nfbRY1k964rv8HL-yljm8_HE5-U.crl (hash: PhAGk26zkLGopuAUT40Tajh9VFtxrXLdo8U5SEKzp1c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/ff25d7-5ffa-4686-8326-69d79c9d0721/1/nfbRY1k964rv8HL-yljm8_HE5-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/ff25d7-5ffa-4686-8326-69d79c9d0721/1/nfbRY1k964rv8HL-yljm8_HE5-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfbRY1k964rv8HL-yljm8_HE5-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:47:79:88:fc:1f:8b:fa:cf:2f:b5:77:01:58:61:e8:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df6d163593deb8aeff072feca58e6f3f1c4e7e5
Validity
Not Before: Jun 6 23:00:36 2025 GMT
Not After : Jun 7 23:00:36 2025 GMT
Subject: CN=ffd90431e007f02c3fbb720445616922a82255e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d5:9e:88:8a:c7:2c:4c:84:09:f1:74:95:64:
0e:b2:f2:8f:73:13:45:60:25:75:84:a5:f0:48:58:
4e:8d:75:f1:f4:03:40:30:11:26:b4:6a:8c:61:2d:
e3:1e:c6:88:a2:4f:31:13:8f:f5:33:5d:74:96:d0:
b9:8a:c7:69:1e:69:c7:96:dc:08:05:ae:0a:64:8c:
e8:53:0f:3b:e2:b6:1d:7c:13:a2:41:c2:1e:2d:ca:
31:32:c5:21:98:2a:1f:ce:60:61:c7:a6:96:34:ab:
74:56:a3:9e:3e:9d:99:97:55:40:21:b5:a4:70:9f:
8e:c6:6d:a8:e0:ad:c0:f3:55:fe:b8:89:73:8d:a6:
95:e6:5d:71:a3:83:3c:05:6a:95:27:16:88:76:4a:
4b:4d:d9:d2:71:77:94:b4:54:7d:06:27:e3:ba:a1:
29:78:cb:da:24:07:82:8a:86:65:a3:26:3e:fa:d6:
10:5c:9b:f1:c1:33:92:7b:f6:cc:f2:39:8a:00:7f:
1f:e6:0c:1c:bd:0d:ef:3a:36:f1:2e:7b:cb:34:83:
bf:e9:94:7e:8d:90:c1:04:13:be:ed:6c:08:fc:a6:
89:47:c0:94:75:34:6f:5d:0d:1e:aa:6e:c2:9b:ee:
69:60:dd:7c:6a:32:98:27:f0:ed:3d:27:d0:9f:c4:
9f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:D9:04:31:E0:07:F0:2C:3F:BB:72:04:45:61:69:22:A8:22:55:E1
X509v3 Authority Key Identifier:
keyid:9D:F6:D1:63:59:3D:EB:8A:EF:F0:72:FE:CA:58:E6:F3:F1:C4:E7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfbRY1k964rv8HL-yljm8_HE5-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ff25d7-5ffa-4686-8326-69d79c9d0721/1/nfbRY1k964rv8HL-yljm8_HE5-U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ff25d7-5ffa-4686-8326-69d79c9d0721/1/nfbRY1k964rv8HL-yljm8_HE5-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b3:53:20:50:9d:79:d7:3e:6a:3f:7b:65:f4:79:9f:87:c3:de:
a7:37:7d:f5:3f:e1:56:6c:a3:f8:f2:24:f9:a4:c8:19:bf:f1:
da:a4:4d:d9:0e:a7:97:b5:1b:d3:ef:85:1c:98:17:65:f1:f3:
56:8e:21:12:e9:a2:73:c8:81:42:c1:89:fa:32:9d:68:36:90:
76:f6:c7:3a:1e:8d:5a:8f:de:92:d4:80:26:9e:59:57:78:dd:
1d:5b:dd:fe:4c:a5:a2:05:f0:bc:5f:17:a1:39:e8:43:42:22:
ac:9d:da:04:35:41:36:f5:55:0b:03:48:24:96:07:b2:b2:2c:
86:e7:ed:a6:4b:20:9a:66:40:6a:42:ad:09:63:d7:9f:7a:52:
87:a0:41:af:99:53:29:ed:6b:e6:1a:85:79:22:9e:5b:ad:48:
72:49:be:b5:f6:5e:da:6f:3c:08:e7:e2:10:39:2f:88:a9:21:
6d:72:15:40:a6:f9:96:0d:9d:48:8d:47:67:7a:d9:6c:5f:bf:
47:07:9a:b5:59:cc:1a:49:7a:84:ce:b2:bd:8a:85:60:9b:16:
35:b6:a1:e1:54:d4:6f:ce:4d:26:c8:54:32:44:08:69:56:89:
78:1c:ef:a5:ae:77:a3:43:38:42:c1:49:a7:be:3a:62:53:ed:
8a:c2:51:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHeYj8H4v6zy+1dwFYYeieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZjZkMTYzNTkzZGViOGFlZmYwNzJmZWNhNThlNmYzZjFj
NGU3ZTUwHhcNMjUwNjA2MjMwMDM2WhcNMjUwNjA3MjMwMDM2WjAzMTEwLwYDVQQD
EyhmZmQ5MDQzMWUwMDdmMDJjM2ZiYjcyMDQ0NTYxNjkyMmE4MjI1NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttWeiIrHLEyECfF0lWQOsvKPcxNF
YCV1hKXwSFhOjXXx9ANAMBEmtGqMYS3jHsaIok8xE4/1M110ltC5isdpHmnHltwI
Ba4KZIzoUw874rYdfBOiQcIeLcoxMsUhmCofzmBhx6aWNKt0VqOePp2Zl1VAIbWk
cJ+Oxm2o4K3A81X+uIlzjaaV5l1xo4M8BWqVJxaIdkpLTdnScXeUtFR9BifjuqEp
eMvaJAeCioZloyY++tYQXJvxwTOSe/bM8jmKAH8f5gwcvQ3vOjbxLnvLNIO/6ZR+
jZDBBBO+7WwI/KaJR8CUdTRvXQ0eqm7Cm+5pYN18ajKYJ/DtPSfQn8SfpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/ZBDHgB/AsP7tyBEVhaSKoIlXhMB8GA1UdIwQY
MBaAFJ320WNZPeuK7/By/spY5vPxxOflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmZiUlkxazk2NHJ2OEhMLXlsam04X0hFNS1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mZjI1ZDctNWZmYS00Njg2LTgzMjYt
NjlkNzljOWQwNzIxLzEvbmZiUlkxazk2NHJ2OEhMLXlsam04X0hFNS1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mZjI1ZDctNWZmYS00Njg2LTgzMjYtNjlkNzljOWQwNzIx
LzEvbmZiUlkxazk2NHJ2OEhMLXlsam04X0hFNS1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs1MgUJ15
1z5qP3tl9Hmfh8Pepzd99T/hVmyj+PIk+aTIGb/x2qRN2Q6nl7Ub0++FHJgXZfHz
Vo4hEumic8iBQsGJ+jKdaDaQdvbHOh6NWo/ektSAJp5ZV3jdHVvd/kylogXwvF8X
oTnoQ0IirJ3aBDVBNvVVCwNIJJYHsrIshuftpksgmmZAakKtCWPXn3pSh6BBr5lT
Ke1r5hqFeSKeW61Ickm+tfZe2m88COfiEDkviKkhbXIVQKb5lg2dSI1HZ3rZbF+/
RweatVnMGkl6hM6yvYqFYJsWNbah4VTUb85NJshUMkQIaVaJeBzvpa53o0M4QsFJ
p746YlPtisJRQg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 01:29:27 2025 by rpki-client