Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.mft
File: nYy-lCn5RJlbPJNL2vZglrURSNQ.mft (raw, json)
Hash identifier: ZWG4417xXUlvS3OiBUc3sgzeQWLKt34R1iqFeQhuPPo=
Subject key identifier: 87:5B:32:CB:32:E5:48:9E:87:BC:EA:D2:7B:50:07:19:60:56:6B:7B
Authority key identifier: 9D:8C:BE:94:29:F9:44:99:5B:3C:93:4B:DA:F6:60:96:B5:11:48:D4
Certificate issuer: /CN=9d8cbe9429f944995b3c934bdaf66096b51148d4
Certificate serial: 019A7225CC89BCFB2622E3BDC9DEBBBCF26B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nYy-lCn5RJlbPJNL2vZglrURSNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.mft
Manifest number: 066C
Signing time: Tue 11 Nov 2025 09:01:11 +0000
Manifest this update: Tue 11 Nov 2025 09:01:11 +0000
Manifest next update: Wed 12 Nov 2025 09:01:11 +0000
Files and hashes: 1: nYy-lCn5RJlbPJNL2vZglrURSNQ.crl (hash: OJ8BmBzRpIyyN5iiTgbwaausGnDsd2cv0Zh765BW90Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nYy-lCn5RJlbPJNL2vZglrURSNQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:cc:89:bc:fb:26:22:e3:bd:c9:de:bb:bc:f2:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d8cbe9429f944995b3c934bdaf66096b51148d4
Validity
Not Before: Nov 11 09:01:11 2025 GMT
Not After : Nov 12 09:01:11 2025 GMT
Subject: CN=875b32cb32e5489e87bcead27b50071960566b7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:78:16:15:6a:9c:78:87:86:ac:78:48:c1:b6:
38:95:e8:9c:c7:c4:77:fa:ea:1a:f5:6b:72:82:8d:
8b:3b:22:1d:95:1d:06:44:b3:39:d6:4e:ab:e2:ad:
0f:25:1f:ae:19:20:9b:c4:42:e8:2d:f3:2b:91:a1:
c2:fc:85:96:5e:9a:0d:95:19:a2:cc:d4:db:d9:87:
b2:c5:3a:d5:1f:cf:20:f0:5d:41:58:bb:87:a8:9f:
ce:ec:e0:7f:a3:62:8d:de:7a:ea:3e:56:e5:a0:31:
63:73:10:f1:1b:75:5c:6e:6c:6d:f7:1d:38:61:2b:
01:4b:00:26:81:8b:c8:d4:39:11:11:12:90:f8:d4:
7b:c3:af:42:92:1f:7c:a9:48:6a:88:0b:93:a1:ff:
2c:54:5e:59:aa:cf:a9:22:10:d1:93:8e:e6:5e:7e:
58:ff:c0:da:32:03:9c:2a:46:84:df:32:bf:73:64:
f8:1e:24:42:25:ff:08:f6:83:30:91:70:b1:37:15:
50:65:ad:e3:df:c2:56:8c:7d:31:c5:82:89:29:b3:
9b:c1:15:a3:10:7d:5c:41:e1:13:06:74:6d:87:82:
50:0e:12:63:55:91:fc:b9:55:56:a9:cb:c6:c0:0b:
8b:51:55:67:bf:43:5c:ef:59:27:00:83:8a:da:61:
84:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5B:32:CB:32:E5:48:9E:87:BC:EA:D2:7B:50:07:19:60:56:6B:7B
X509v3 Authority Key Identifier:
keyid:9D:8C:BE:94:29:F9:44:99:5B:3C:93:4B:DA:F6:60:96:B5:11:48:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nYy-lCn5RJlbPJNL2vZglrURSNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/23d64f-5192-4dd6-b026-ee9116d7e1d6/1/nYy-lCn5RJlbPJNL2vZglrURSNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:48:9b:c1:33:04:0c:c7:18:66:d6:c9:03:15:21:4a:b6:15:
8d:17:e9:bf:03:c2:4d:a9:5a:1b:3c:30:46:41:ba:1c:2f:c9:
89:52:ef:1a:bc:5d:fc:67:d2:de:74:a6:f1:87:86:54:68:d6:
6b:73:b2:5c:1d:95:58:8e:40:bd:ee:11:39:08:f4:8e:fe:0e:
fc:63:2e:b6:19:f7:8d:ca:d4:b8:af:1d:e6:12:4e:77:f6:72:
40:d9:07:63:96:a5:1f:a5:9c:d3:59:48:37:9c:99:4a:34:0b:
fa:85:dd:e9:fb:8b:77:00:89:38:0b:6b:60:4b:4c:53:4a:b7:
ed:08:f1:0f:05:fa:77:ac:08:d3:00:41:b8:fa:46:66:49:d1:
e8:72:d7:7d:fd:76:b8:49:f6:68:6d:da:e4:2c:e1:04:5e:55:
2f:bf:1f:7b:42:51:c4:eb:2d:b6:c7:0f:38:b7:db:e3:3b:cd:
50:ac:90:13:38:e9:d0:f9:fc:df:84:2d:d2:36:cf:19:e2:06:
77:1b:63:62:39:e8:c6:ca:44:b8:62:bf:27:89:9b:0d:5d:dd:
70:42:eb:31:93:99:66:3d:57:6a:d7:1a:7e:53:df:79:9a:98:
76:24:bd:ac:77:14:46:ee:9a:7b:4a:b6:40:4a:c7:de:00:d4:
0d:fb:f4:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJcyJvPsmIuO9yd67vPJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOGNiZTk0MjlmOTQ0OTk1YjNjOTM0YmRhZjY2MDk2YjUx
MTQ4ZDQwHhcNMjUxMTExMDkwMTExWhcNMjUxMTEyMDkwMTExWjAzMTEwLwYDVQQD
Eyg4NzViMzJjYjMyZTU0ODllODdiY2VhZDI3YjUwMDcxOTYwNTY2YjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ngWFWqceIeGrHhIwbY4leicx8R3
+uoa9Wtygo2LOyIdlR0GRLM51k6r4q0PJR+uGSCbxELoLfMrkaHC/IWWXpoNlRmi
zNTb2YeyxTrVH88g8F1BWLuHqJ/O7OB/o2KN3nrqPlbloDFjcxDxG3Vcbmxt9x04
YSsBSwAmgYvI1DkRERKQ+NR7w69Ckh98qUhqiAuTof8sVF5Zqs+pIhDRk47mXn5Y
/8DaMgOcKkaE3zK/c2T4HiRCJf8I9oMwkXCxNxVQZa3j38JWjH0xxYKJKbObwRWj
EH1cQeETBnRth4JQDhJjVZH8uVVWqcvGwAuLUVVnv0Nc71knAIOK2mGEXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIdbMssy5Uieh7zq0ntQBxlgVmt7MB8GA1UdIwQY
MBaAFJ2MvpQp+USZWzyTS9r2YJa1EUjUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbll5LWxDbjVSSmxiUEpOTDJ2WmdsclVSU05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8yM2Q2NGYtNTE5Mi00ZGQ2LWIwMjYt
ZWU5MTE2ZDdlMWQ2LzEvbll5LWxDbjVSSmxiUEpOTDJ2WmdsclVSU05RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8yM2Q2NGYtNTE5Mi00ZGQ2LWIwMjYtZWU5MTE2ZDdlMWQ2
LzEvbll5LWxDbjVSSmxiUEpOTDJ2WmdsclVSU05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASEibwTME
DMcYZtbJAxUhSrYVjRfpvwPCTalaGzwwRkG6HC/JiVLvGrxd/GfS3nSm8YeGVGjW
a3OyXB2VWI5Ave4ROQj0jv4O/GMuthn3jcrUuK8d5hJOd/ZyQNkHY5alH6Wc01lI
N5yZSjQL+oXd6fuLdwCJOAtrYEtMU0q37QjxDwX6d6wI0wBBuPpGZknR6HLXff12
uEn2aG3a5CzhBF5VL78fe0JRxOsttscPOLfb4zvNUKyQEzjp0Pn834Qt0jbPGeIG
dxtjYjnoxspEuGK/J4mbDV3dcELrMZOZZj1XatcaflPfeZqYdiS9rHcURu6ae0q2
QErH3gDUDfv09Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:13:53 2025 by rpki-client