Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
File: nB7k05z6obOseZwX94grjOTigSA.mft (raw, json)
Hash identifier: 2ctKm068eBqB8kbVGhAQQLi+WrOtCn8Gj5BCtRfahW8=
Subject key identifier: 71:B1:15:27:59:04:EE:51:A8:73:F8:94:12:78:B3:0A:2C:CE:14:91
Authority key identifier: 9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20
Certificate issuer: /CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
Certificate serial: 019A22F72D144155CC05701CCBEE7EFD991C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
Manifest number: 09A9
Signing time: Mon 27 Oct 2025 00:00:15 +0000
Manifest this update: Mon 27 Oct 2025 00:00:15 +0000
Manifest next update: Tue 28 Oct 2025 00:00:15 +0000
Files and hashes: 1: egM_lo5hkg5KA7_uP-5h7pmD4BM.roa (hash: LWEk9cOjEXdGtew0n3bgwHhe3Zn8McfotK81AHI+3M0=)
2: nB7k05z6obOseZwX94grjOTigSA.crl (hash: bC5Aof1AUTSMJ2YMOWmo2IzD4z1p35mopE86xrB1120=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:22:f7:2d:14:41:55:cc:05:70:1c:cb:ee:7e:fd:99:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
Validity
Not Before: Oct 27 00:00:15 2025 GMT
Not After : Oct 28 00:00:15 2025 GMT
Subject: CN=71b115275904ee51a873f8941278b30a2cce1491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b9:28:fb:c8:41:38:ca:20:b6:d7:35:75:1a:
b6:e7:07:5a:da:0a:17:c4:e9:bc:7d:a1:57:63:53:
03:f2:17:6f:e6:29:48:87:93:2b:92:5d:ad:de:55:
35:db:8a:4a:af:62:86:71:fb:98:e7:b1:44:0b:14:
49:81:99:02:0e:58:1d:67:a9:d6:d3:4d:67:d6:53:
e4:70:ac:b2:26:a9:19:38:5d:53:f0:5d:7d:21:fc:
02:1e:2d:fe:37:26:73:aa:ce:b0:ce:2f:6c:09:57:
19:eb:65:66:db:58:34:2f:71:dc:6e:5e:3c:76:79:
0e:c1:5c:b5:f0:01:11:ee:d9:51:a5:63:8a:ae:4e:
92:55:ca:c9:d9:f1:c5:29:00:ca:e5:4b:49:0e:6a:
40:91:fa:5f:41:f2:ca:f9:14:20:e9:c9:a9:23:4e:
32:76:4b:02:13:d5:5a:17:48:46:71:99:97:14:65:
c7:cf:84:a7:04:f9:b2:8e:82:48:eb:02:11:e0:1f:
21:bd:de:d1:26:45:ae:8b:ad:ef:cf:38:19:a7:0b:
9c:9f:55:f7:ec:2b:90:44:68:ff:0a:e4:f1:6f:8b:
7f:0b:68:bd:00:f4:e1:4e:91:24:f3:c7:8f:3d:f2:
1f:45:51:99:1f:86:df:90:ca:ad:1d:d1:98:80:7c:
43:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B1:15:27:59:04:EE:51:A8:73:F8:94:12:78:B3:0A:2C:CE:14:91
X509v3 Authority Key Identifier:
keyid:9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b7:93:ac:0a:94:97:c1:47:24:c3:41:13:75:ab:fb:cc:a7:6e:
36:2c:65:72:a8:ef:4f:53:b2:9b:1b:cb:4d:46:bd:dc:b8:b2:
43:65:3c:db:7d:e7:f0:b3:7b:d2:cb:4f:f7:ed:b6:aa:95:79:
4c:4c:26:18:1d:ec:59:0e:6f:41:a4:b6:3e:49:29:5b:d6:d8:
7c:6d:6e:22:85:23:f4:03:60:48:89:03:b0:8e:cc:21:2e:be:
94:2d:85:f7:e4:52:cf:cc:2f:51:6c:51:a8:7c:46:68:a5:6f:
c7:33:a7:c8:4d:99:77:90:30:89:0e:cf:34:03:e5:7d:f4:83:
43:8e:0a:74:69:ff:eb:64:d4:dc:8a:ab:d0:f3:ff:5d:0b:74:
d8:b0:23:88:8a:5c:5a:fb:d3:47:28:68:37:de:bc:18:e8:69:
3c:f0:91:13:77:5a:c7:c6:04:dd:d0:ca:b7:5a:38:b8:e8:81:
cf:b4:52:20:59:ea:76:12:2f:23:cf:ee:17:f7:14:92:0e:4c:
b6:94:e6:f9:e4:bb:f0:cd:d8:b8:bf:75:7a:f4:73:a9:5f:29:
b1:3c:4c:ef:2e:00:58:84:3f:04:11:62:81:16:7b:91:bb:ed:
1f:42:2a:ef:e4:1e:49:ff:0c:45:91:b5:8b:a4:e9:0e:29:8b:
35:6a:c0:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoi9y0UQVXMBXAcy+5+/ZkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWVlNGQzOWNmYWExYjNhYzc5OWMxN2Y3ODgyYjhjZTRl
MjgxMjAwHhcNMjUxMDI3MDAwMDE1WhcNMjUxMDI4MDAwMDE1WjAzMTEwLwYDVQQD
Eyg3MWIxMTUyNzU5MDRlZTUxYTg3M2Y4OTQxMjc4YjMwYTJjY2UxNDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Lko+8hBOMogttc1dRq25wda2goX
xOm8faFXY1MD8hdv5ilIh5Mrkl2t3lU124pKr2KGcfuY57FECxRJgZkCDlgdZ6nW
001n1lPkcKyyJqkZOF1T8F19IfwCHi3+NyZzqs6wzi9sCVcZ62Vm21g0L3Hcbl48
dnkOwVy18AER7tlRpWOKrk6SVcrJ2fHFKQDK5UtJDmpAkfpfQfLK+RQg6cmpI04y
dksCE9VaF0hGcZmXFGXHz4SnBPmyjoJI6wIR4B8hvd7RJkWui63vzzgZpwucn1X3
7CuQRGj/CuTxb4t/C2i9APThTpEk88ePPfIfRVGZH4bfkMqtHdGYgHxDhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHGxFSdZBO5RqHP4lBJ4swoszhSRMB8GA1UdIwQY
MBaAFJwe5NOc+qGzrHmcF/eIK4zk4oEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAt
YmQ0NjVjZTcxMWJiLzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAtYmQ0NjVjZTcxMWJi
LzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt5OsCpSX
wUckw0ETdav7zKduNixlcqjvT1OymxvLTUa93LiyQ2U8233n8LN70stP9+22qpV5
TEwmGB3sWQ5vQaS2PkkpW9bYfG1uIoUj9ANgSIkDsI7MIS6+lC2F9+RSz8wvUWxR
qHxGaKVvxzOnyE2Zd5AwiQ7PNAPlffSDQ44KdGn/62TU3Iqr0PP/XQt02LAjiIpc
WvvTRyhoN968GOhpPPCRE3dax8YE3dDKt1o4uOiBz7RSIFnqdhIvI8/uF/cUkg5M
tpTm+eS78M3YuL91evRzqV8psTxM7y4AWIQ/BBFigRZ7kbvtH0Iq7+QeSf8MRZG1
i6TpDimLNWrALw==
-----END CERTIFICATE-----
Generated at Mon Oct 27 06:53:34 2025 by rpki-client