Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
File: nSh1M866BkWhSM8QyMJ-qachoJ0.mft (raw, json)
Hash identifier: JYzyz3BiNAzOZtvNxewCY44ndaT2opP1+7CT9rFknrQ=
Subject key identifier: 5B:87:60:6C:48:05:14:3D:4B:66:8B:E4:01:9B:09:17:8A:6F:AB:9D
Authority key identifier: 9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
Certificate issuer: /CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Certificate serial: 019A7225E054CB8680D12054EB166A06E6E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 09:01:15 +0000
Manifest this update: Tue 11 Nov 2025 09:01:15 +0000
Manifest next update: Wed 12 Nov 2025 09:01:15 +0000
Files and hashes: 1: MEQtA-51-LVqFHEVZDRMjfjnudY.roa (hash: mP68hXGlyjMnNhpMDZaBlI/pFMVdjYCWoJ7Gpxv9o84=)
2: Re1CMq4a8GRTlVAhciRLdjmNzME.roa (hash: e1LlxuTfucQ1ynw/jUhK7unO/vlcuYPu64TBZ3UmBVk=)
3: nSh1M866BkWhSM8QyMJ-qachoJ0.crl (hash: fWmBk7okcp7nhDbBY753OeeWH0kAH568T6AGIh+6QWI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:e0:54:cb:86:80:d1:20:54:eb:16:6a:06:e6:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Validity
Not Before: Nov 11 09:01:15 2025 GMT
Not After : Nov 12 09:01:15 2025 GMT
Subject: CN=5b87606c4805143d4b668be4019b09178a6fab9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b4:1c:8e:21:05:d8:09:87:39:fc:60:7c:4b:
71:20:f9:93:ed:0f:39:a0:b5:54:bd:dc:76:57:dc:
b0:8e:67:ec:e8:d8:22:83:0a:2d:5b:a5:10:f6:4e:
a8:d0:53:a9:2d:dc:54:c7:6f:e6:89:c5:4d:39:bf:
37:00:60:7c:1f:61:c2:5a:d3:8c:89:5c:71:f6:c6:
ed:d0:b7:cf:9d:85:72:dd:44:63:7d:52:41:30:18:
bf:50:78:67:78:42:5a:7a:e6:94:76:0e:22:d8:91:
0a:39:9e:32:51:95:6c:b8:5d:48:21:b6:0b:47:88:
ae:4e:82:34:16:67:5a:1f:99:7f:c5:74:1d:b2:1c:
18:2e:0d:f2:cb:3d:1b:c4:51:9e:b4:da:a5:53:53:
f9:51:95:e6:23:ed:ff:37:f3:cd:ae:28:65:fc:68:
5a:d8:4e:83:f9:8c:cb:b0:e4:19:ff:78:25:b5:b2:
04:bd:35:e7:b4:0a:6f:2b:e3:a8:2f:7b:e2:b5:eb:
d2:55:42:9b:90:13:44:54:13:72:75:4e:72:ca:43:
f2:08:3e:35:24:33:03:36:f4:31:ed:f2:df:3f:07:
d2:aa:07:1c:c3:1e:f1:9c:89:9b:64:06:ab:81:b8:
72:39:3a:81:df:03:17:2f:62:ce:ae:1d:b0:34:94:
a2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:87:60:6C:48:05:14:3D:4B:66:8B:E4:01:9B:09:17:8A:6F:AB:9D
X509v3 Authority Key Identifier:
keyid:9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:6b:b4:97:b5:43:2a:b1:70:a7:19:97:17:43:79:7c:cd:1c:
51:79:c9:37:9d:f6:2d:3c:23:c9:0c:9c:d0:ea:56:05:ae:6b:
80:ea:c6:2b:a8:bc:89:6f:1a:65:81:cb:e7:2b:82:19:3c:2c:
ce:4c:c1:5e:38:3d:77:63:be:50:bc:b0:43:ea:31:55:f4:da:
82:5f:b8:0e:8d:89:81:78:ca:e7:81:20:2a:6e:34:65:9d:7e:
75:01:f8:6a:a3:3c:db:d5:73:71:30:ea:f3:4b:63:8e:eb:9c:
8e:a7:08:89:38:75:ed:c9:3a:41:4d:64:7e:0b:aa:7e:2b:cb:
19:e4:05:26:ac:ce:35:fa:b5:9a:58:8d:90:a2:54:a0:fa:98:
5d:79:c2:c6:68:6f:c9:bc:04:6a:83:aa:ad:30:df:3c:c4:f7:
0b:8f:32:94:3c:98:bf:da:a5:62:24:b4:a8:91:16:cd:b7:93:
b7:b6:06:f6:c5:9a:b2:03:4a:b2:ad:46:a2:07:ff:4f:ec:fe:
65:55:a6:e8:79:a4:bd:5f:cb:69:3d:3f:2e:bc:63:d4:cc:c0:
6c:3f:7a:e5:27:58:8b:cd:b1:9d:f9:b9:23:ea:8f:6b:d6:9c:
a0:3d:3e:e2:ca:d3:bc:81:5c:5f:54:9d:a1:b1:06:25:5b:f4:
69:50:a5:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJeBUy4aA0SBU6xZqBubjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjg3NTMzY2ViYTA2NDVhMTQ4Y2YxMGM4YzI3ZWE5YTcy
MWEwOWQwHhcNMjUxMTExMDkwMTE1WhcNMjUxMTEyMDkwMTE1WjAzMTEwLwYDVQQD
Eyg1Yjg3NjA2YzQ4MDUxNDNkNGI2NjhiZTQwMTliMDkxNzhhNmZhYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLQcjiEF2AmHOfxgfEtxIPmT7Q85
oLVUvdx2V9ywjmfs6NgigwotW6UQ9k6o0FOpLdxUx2/micVNOb83AGB8H2HCWtOM
iVxx9sbt0LfPnYVy3URjfVJBMBi/UHhneEJaeuaUdg4i2JEKOZ4yUZVsuF1IIbYL
R4iuToI0FmdaH5l/xXQdshwYLg3yyz0bxFGetNqlU1P5UZXmI+3/N/PNrihl/Gha
2E6D+YzLsOQZ/3gltbIEvTXntApvK+OoL3vitevSVUKbkBNEVBNydU5yykPyCD41
JDMDNvQx7fLfPwfSqgccwx7xnImbZAargbhyOTqB3wMXL2LOrh2wNJSiCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFuHYGxIBRQ9S2aL5AGbCReKb6udMB8GA1UdIwQY
MBaAFJ0odTPOugZFoUjPEMjCfqmnIaCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEt
MDIxMmIzZWFlOTdjLzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEtMDIxMmIzZWFlOTdj
LzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADGu0l7VD
KrFwpxmXF0N5fM0cUXnJN532LTwjyQyc0OpWBa5rgOrGK6i8iW8aZYHL5yuCGTws
zkzBXjg9d2O+ULywQ+oxVfTagl+4Do2JgXjK54EgKm40ZZ1+dQH4aqM829VzcTDq
80tjjuucjqcIiTh17ck6QU1kfguqfivLGeQFJqzONfq1mliNkKJUoPqYXXnCxmhv
ybwEaoOqrTDfPMT3C48ylDyYv9qlYiS0qJEWzbeTt7YG9sWasgNKsq1Gogf/T+z+
ZVWm6HmkvV/LaT0/Lrxj1MzAbD965SdYi82xnfm5I+qPa9acoD0+4srTvIFcX1Sd
obEGJVv0aVClRQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:35:53 2025 by rpki-client