Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
File: nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft (raw, json)
Hash identifier: b1NbriwliH9IcXd04TtdlOxtkYwIkdjE2Nc+eIchxF0=
Subject key identifier: 68:FC:1A:B7:93:F0:49:AE:8C:A0:CA:2C:DD:32:9A:1B:D6:A0:9D:F6
Authority key identifier: 9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
Certificate issuer: /CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Certificate serial: 019A7225F332306D3F7B13E398B2CAB18490
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 09:01:20 +0000
Manifest this update: Tue 11 Nov 2025 09:01:20 +0000
Manifest next update: Wed 12 Nov 2025 09:01:20 +0000
Files and hashes: 1: CPqSq0ytAxDio98lkjeb_dYwRZ4.roa (hash: DBQ2P8ThG/7CNm8RF8WiO7psAqOGJ9hYf3OIiBNBEtw=)
2: nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl (hash: 6PGBtHrz+fF/gd4AnIn8aNZndrfRVvba1opuSu2pT5M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:f3:32:30:6d:3f:7b:13:e3:98:b2:ca:b1:84:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Validity
Not Before: Nov 11 09:01:20 2025 GMT
Not After : Nov 12 09:01:20 2025 GMT
Subject: CN=68fc1ab793f049ae8ca0ca2cdd329a1bd6a09df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8c:13:67:52:47:f4:2f:ae:c6:9a:e8:27:a5:
f0:b6:44:39:12:86:b8:a8:80:da:66:14:a0:d2:d6:
42:e6:f7:53:ff:6e:57:5c:48:63:76:32:07:40:d0:
68:11:7c:e6:5e:d2:2c:e8:1c:95:49:6a:c2:ac:4a:
94:6f:94:83:9b:01:7b:f3:23:2a:84:02:cf:85:11:
80:fa:89:69:fb:e6:b7:81:fa:16:0e:8e:9d:48:69:
ab:26:62:1f:98:bc:08:c6:18:98:b0:89:ad:aa:6a:
1f:b2:cb:62:d0:59:15:b5:a9:8c:71:c5:6e:47:e8:
bd:ea:4e:ab:ef:47:91:89:fa:a3:8b:ee:39:1f:51:
f8:be:40:a1:37:c3:ae:a8:94:ec:48:e1:58:f6:b2:
16:06:4f:16:de:48:0a:4b:c7:4c:1c:58:18:81:8d:
47:b4:a7:7a:32:d1:b9:28:da:b4:c2:18:b7:cc:4a:
1b:d2:bd:fb:1b:b2:9f:23:8b:b9:ee:af:9b:5a:05:
15:4a:a9:28:a3:ee:1d:b1:09:39:66:d0:e0:19:49:
b5:f4:b3:5f:f5:05:3c:f5:89:a5:a3:95:d5:db:8e:
08:47:59:3d:63:c3:51:db:f2:db:ec:00:67:66:5f:
f7:06:6e:fc:25:34:35:7c:aa:5a:e2:ff:2a:79:27:
02:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FC:1A:B7:93:F0:49:AE:8C:A0:CA:2C:DD:32:9A:1B:D6:A0:9D:F6
X509v3 Authority Key Identifier:
keyid:9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:8e:c7:50:f0:eb:83:90:6a:9f:ae:89:c0:15:4e:4d:a3:b1:
41:1b:13:7f:94:9a:fe:7c:2c:fd:97:40:87:18:91:45:01:66:
40:9e:11:a8:66:9c:e3:04:7d:48:12:5d:f2:1e:68:ae:83:b3:
42:66:2a:b2:73:57:38:18:82:3c:1c:b9:07:7f:fa:67:8d:bf:
a1:06:fe:3f:0b:ae:3f:4e:a9:c6:7b:96:f9:d7:88:1b:71:eb:
e8:48:b6:10:7d:c5:d2:89:88:b1:9f:6b:5c:a2:eb:78:46:ab:
78:98:ca:33:e5:66:1a:0b:89:72:2f:81:54:8b:5b:68:4c:85:
81:c2:dd:a8:ea:8f:c7:5b:dc:48:43:b4:92:50:06:b0:ab:5a:
75:ec:7e:dd:4c:88:b8:de:93:ac:2e:bb:73:a3:43:25:b8:db:
6c:a0:29:21:3f:d6:d1:a7:1d:7b:27:ae:3b:21:13:f3:8b:1e:
1a:5c:2d:01:dc:90:a0:fb:95:22:4f:65:fc:25:74:46:77:bf:
97:7a:94:c6:54:5a:d1:f5:4c:16:9e:14:b7:f1:f3:01:b0:f5:
f2:8a:b7:23:dd:b7:5e:73:b5:9e:0c:2a:4a:5e:09:40:dc:db:
cf:34:86:d0:1d:2c:e0:b8:80:8c:7f:3a:58:9a:4b:52:fc:19:
87:68:a2:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJfMyMG0/exPjmLLKsYSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjM5YzA4ZWFkOTRiYjA0ZmMzZTZiNGE2NWU2ZTFjN2Rj
ZjM4ZjQwHhcNMjUxMTExMDkwMTIwWhcNMjUxMTEyMDkwMTIwWjAzMTEwLwYDVQQD
Eyg2OGZjMWFiNzkzZjA0OWFlOGNhMGNhMmNkZDMyOWExYmQ2YTA5ZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYwTZ1JH9C+uxproJ6XwtkQ5Eoa4
qIDaZhSg0tZC5vdT/25XXEhjdjIHQNBoEXzmXtIs6ByVSWrCrEqUb5SDmwF78yMq
hALPhRGA+olp++a3gfoWDo6dSGmrJmIfmLwIxhiYsImtqmofssti0FkVtamMccVu
R+i96k6r70eRifqji+45H1H4vkChN8OuqJTsSOFY9rIWBk8W3kgKS8dMHFgYgY1H
tKd6MtG5KNq0whi3zEob0r37G7KfI4u57q+bWgUVSqkoo+4dsQk5ZtDgGUm19LNf
9QU89Ymlo5XV244IR1k9Y8NR2/Lb7ABnZl/3Bm78JTQ1fKpa4v8qeScCfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGj8GreT8EmujKDKLN0ymhvWoJ32MB8GA1UdIwQY
MBaAFJ0jnAjq2UuwT8PmtKZebhx9zzj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAt
ZGJiMjkzMWEwZjY0LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAtZGJiMjkzMWEwZjY0
LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO47HUPDr
g5Bqn66JwBVOTaOxQRsTf5Sa/nws/ZdAhxiRRQFmQJ4RqGac4wR9SBJd8h5oroOz
QmYqsnNXOBiCPBy5B3/6Z42/oQb+PwuuP06pxnuW+deIG3Hr6Ei2EH3F0omIsZ9r
XKLreEareJjKM+VmGguJci+BVItbaEyFgcLdqOqPx1vcSEO0klAGsKtadex+3UyI
uN6TrC67c6NDJbjbbKApIT/W0acdeyeuOyET84seGlwtAdyQoPuVIk9l/CV0Rne/
l3qUxlRa0fVMFp4Ut/HzAbD18oq3I923XnO1ngwqSl4JQNzbzzSG0B0s4LiAjH86
WJpLUvwZh2iiJA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:27:15 2025 by rpki-client