Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
File: NQtAztNuMfkF4abo4DxiHp-_yyk.mft (raw, json)
Hash identifier: Ejk0g3sSctzhgqRF9Uho2ZChd+4jW1lbb/eUDAwMWwE=
Subject key identifier: 77:BE:D9:12:C9:57:14:69:1C:87:A3:5D:77:90:C9:D3:77:33:E9:D9
Authority key identifier: 35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
Certificate issuer: /CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Certificate serial: 019A71B8BF06FA1F0709BAAFCF3228B0EBCE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
Manifest number: 145C
Signing time: Tue 11 Nov 2025 07:02:04 +0000
Manifest this update: Tue 11 Nov 2025 07:02:04 +0000
Manifest next update: Wed 12 Nov 2025 07:02:04 +0000
Files and hashes: 1: NQtAztNuMfkF4abo4DxiHp-_yyk.crl (hash: +mkDUOJp8NTEozqC6nDN9MjpBOjqmGyowJyBsSu1C5k=)
2: u7-gL9wSp2bGW7DIF24NVuhmOKc.roa (hash: tP75Wdne3vqUbGN0hrtXpkGNXdZlPHZwjnI3xiXFlak=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:bf:06:fa:1f:07:09:ba:af:cf:32:28:b0:eb:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Validity
Not Before: Nov 11 07:02:04 2025 GMT
Not After : Nov 12 07:02:04 2025 GMT
Subject: CN=77bed912c95714691c87a35d7790c9d37733e9d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:eb:37:21:80:2a:df:69:10:ad:40:42:a2:bc:
fb:4f:5b:76:23:7c:60:0b:1e:46:4b:9c:84:9a:17:
e8:0e:fb:1b:61:55:90:13:e2:3e:27:f2:42:96:e3:
b1:5f:dc:0c:d9:b1:79:bb:00:96:a2:71:59:bb:36:
5b:4e:5e:d2:57:df:06:7c:26:96:bd:df:2f:47:9d:
9a:5f:77:9f:6c:5d:ea:8a:47:db:40:25:4c:32:cb:
f3:77:69:ea:41:de:a9:4a:3d:83:12:af:08:ee:31:
86:1d:9c:22:6c:b7:07:7c:e1:05:24:db:b5:1c:1a:
78:c0:16:0e:6c:24:ca:1d:f4:f3:63:1b:96:2d:81:
c1:40:fc:4f:b8:8c:5f:bd:63:4f:a8:4e:2d:81:ce:
af:33:a6:3d:c7:92:79:5c:71:2c:d0:20:68:ac:d2:
30:33:58:56:3e:17:cc:26:0b:22:83:cf:72:43:57:
27:51:6c:6a:1c:c8:66:5e:d1:9f:9b:01:5a:fd:01:
cf:48:b9:00:28:e4:5e:74:3b:2d:87:28:28:03:b1:
16:47:f8:d8:43:1e:88:d9:e2:5d:76:2f:ef:b8:25:
f4:5f:7f:7e:d6:2e:a6:03:c9:a5:6a:51:fd:61:a3:
50:95:11:9e:5d:e7:7e:e3:7d:18:5d:1b:2d:42:ed:
12:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:BE:D9:12:C9:57:14:69:1C:87:A3:5D:77:90:C9:D3:77:33:E9:D9
X509v3 Authority Key Identifier:
keyid:35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:b6:43:9d:bf:a5:c1:ea:8a:8a:c1:e0:1f:56:cb:64:2a:4f:
9f:9f:d1:02:14:92:f5:08:7b:10:e0:ab:5d:b6:f1:dd:2f:ca:
17:3e:6e:78:9c:49:6d:d4:79:f8:18:7e:7a:93:a3:92:47:11:
41:d2:2e:2f:37:8a:53:b4:ea:a5:88:0f:56:3b:4d:b1:65:0e:
a3:0a:09:21:8c:6f:f0:90:bc:83:af:e8:68:42:2d:57:1c:9c:
33:98:c3:06:42:ee:43:a5:14:fd:b5:dc:06:7f:05:2a:85:44:
4e:bc:fe:0b:d6:2f:62:85:6c:5a:c9:85:90:9a:d6:62:1c:89:
7e:ab:ca:a8:f0:af:8d:83:22:8c:44:2c:7b:2b:55:2b:e2:4d:
4e:1d:a7:4b:f4:b0:ad:25:e6:cf:b2:7f:37:29:95:83:c9:a3:
44:d6:c5:91:26:5e:da:f2:a3:f3:96:5d:20:88:05:7d:15:7a:
4f:7d:4f:74:ff:b2:4a:43:92:38:f6:1a:9e:83:aa:4e:4b:6d:
25:b5:a1:40:d7:28:38:a5:95:79:70:db:57:39:64:07:52:04:
ad:42:7d:2e:3d:29:a1:4a:50:9e:7d:a1:b3:43:5d:d1:a6:97:
97:20:32:d4:b3:bc:6c:ef:df:60:30:45:a1:ca:ec:f3:68:ad:
e8:1d:ea:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuL8G+h8HCbqvzzIosOvOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGI0MGNlZDM2ZTMxZjkwNWUxYTZlOGUwM2M2MjFlOWZi
ZmNiMjkwHhcNMjUxMTExMDcwMjA0WhcNMjUxMTEyMDcwMjA0WjAzMTEwLwYDVQQD
Eyg3N2JlZDkxMmM5NTcxNDY5MWM4N2EzNWQ3NzkwYzlkMzc3MzNlOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApes3IYAq32kQrUBCorz7T1t2I3xg
Cx5GS5yEmhfoDvsbYVWQE+I+J/JCluOxX9wM2bF5uwCWonFZuzZbTl7SV98GfCaW
vd8vR52aX3efbF3qikfbQCVMMsvzd2nqQd6pSj2DEq8I7jGGHZwibLcHfOEFJNu1
HBp4wBYObCTKHfTzYxuWLYHBQPxPuIxfvWNPqE4tgc6vM6Y9x5J5XHEs0CBorNIw
M1hWPhfMJgsig89yQ1cnUWxqHMhmXtGfmwFa/QHPSLkAKORedDsthygoA7EWR/jY
Qx6I2eJddi/vuCX0X39+1i6mA8mlalH9YaNQlRGeXed+430YXRstQu0S1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHe+2RLJVxRpHIejXXeQydN3M+nZMB8GA1UdIwQY
MBaAFDULQM7TbjH5BeGm6OA8Yh6fv8spMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTkt
NzJmNmNhNzU3YTA4LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTktNzJmNmNhNzU3YTA4
LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnLZDnb+l
weqKisHgH1bLZCpPn5/RAhSS9Qh7EOCrXbbx3S/KFz5ueJxJbdR5+Bh+epOjkkcR
QdIuLzeKU7TqpYgPVjtNsWUOowoJIYxv8JC8g6/oaEItVxycM5jDBkLuQ6UU/bXc
Bn8FKoVETrz+C9YvYoVsWsmFkJrWYhyJfqvKqPCvjYMijEQseytVK+JNTh2nS/Sw
rSXmz7J/NymVg8mjRNbFkSZe2vKj85ZdIIgFfRV6T31PdP+ySkOSOPYanoOqTktt
JbWhQNcoOKWVeXDbVzlkB1IErUJ9Lj0poUpQnn2hs0Nd0aaXlyAy1LO8bO/fYDBF
ocrs82it6B3q8A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:19:17 2025 by rpki-client