Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
File: nSh1M866BkWhSM8QyMJ-qachoJ0.mft (raw, json)
Hash identifier: fz2t2tla8BQQx5RAeou4ap0HXuy+ziEioNanNBdaHVw=
Subject key identifier: 6F:A2:C4:9D:F3:75:F3:7F:25:A5:20:9D:9F:E9:36:77:C6:2F:15:2A
Authority key identifier: 9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
Certificate issuer: /CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Certificate serial: 0199240CEB3FDA0880F7F0508AACD78B040B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
Manifest number: 1671
Signing time: Sun 07 Sep 2025 12:00:50 +0000
Manifest this update: Sun 07 Sep 2025 12:00:50 +0000
Manifest next update: Mon 08 Sep 2025 12:00:50 +0000
Files and hashes: 1: MEQtA-51-LVqFHEVZDRMjfjnudY.roa (hash: mP68hXGlyjMnNhpMDZaBlI/pFMVdjYCWoJ7Gpxv9o84=)
2: Re1CMq4a8GRTlVAhciRLdjmNzME.roa (hash: e1LlxuTfucQ1ynw/jUhK7unO/vlcuYPu64TBZ3UmBVk=)
3: nSh1M866BkWhSM8QyMJ-qachoJ0.crl (hash: +4xF4tikoopNBaQqNQDcKdijXG9SFTXnbHv4jlMk4bU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:24:0c:eb:3f:da:08:80:f7:f0:50:8a:ac:d7:8b:04:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Validity
Not Before: Sep 7 12:00:50 2025 GMT
Not After : Sep 8 12:00:50 2025 GMT
Subject: CN=6fa2c49df375f37f25a5209d9fe93677c62f152a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6f:68:91:f6:7c:ce:b1:42:e0:61:d8:f0:80:
a8:1a:58:b0:06:7a:6f:32:14:5e:bf:06:09:13:3f:
84:f1:85:11:0b:9d:02:69:17:84:42:9d:23:53:1d:
a6:87:29:0d:18:1d:f6:21:ba:4b:32:ee:78:90:b7:
84:45:c6:cf:3c:15:bb:37:12:0d:d5:2d:5f:08:36:
e9:9a:54:e5:2c:4b:63:90:a7:5c:19:c1:57:d2:bc:
2a:dc:61:b1:59:06:98:e9:8f:20:8c:d1:9f:49:e5:
cd:13:3e:d7:63:28:f8:4e:cf:ac:b2:c5:bc:94:2e:
0f:c6:d0:b9:1d:0c:b8:e7:14:e1:68:af:e0:e2:aa:
00:1e:65:d9:00:1e:c0:7b:4b:b9:21:05:78:a6:95:
04:60:19:de:b5:65:2d:2c:e6:35:1d:fd:3d:5b:49:
d9:ff:5d:f5:af:d8:d0:25:80:50:ea:0a:ce:22:85:
cb:00:b1:ad:1d:70:a3:e1:7a:69:f2:6c:65:7a:1d:
32:e4:21:24:9c:54:d7:38:66:46:ca:4a:dd:31:65:
cc:da:7f:a4:c0:3a:e6:35:57:6b:86:10:7d:50:c3:
0c:f8:77:16:1d:70:a4:75:a8:00:19:2c:fc:75:94:
65:ab:18:72:ae:e7:f1:03:34:f7:0a:17:f7:db:8c:
c8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:A2:C4:9D:F3:75:F3:7F:25:A5:20:9D:9F:E9:36:77:C6:2F:15:2A
X509v3 Authority Key Identifier:
keyid:9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:e3:b5:01:1d:4f:1c:74:02:1f:d1:d8:2f:64:ed:49:82:4d:
1b:ec:60:26:5a:95:31:4e:b8:e8:4d:5e:3f:0c:ca:cc:43:e0:
62:65:b8:f6:14:ab:03:df:d6:ae:53:4b:33:f2:a7:eb:0e:bf:
8c:20:71:06:57:4e:09:05:74:34:e7:73:e7:06:78:b6:c7:5f:
4c:48:bc:cd:7e:34:d7:2f:5f:dc:f5:af:95:e5:bf:e3:cf:b6:
1d:c0:a4:54:ae:00:ba:1c:52:75:9f:19:ae:6a:de:4e:a0:f4:
74:b7:27:35:05:af:30:0c:44:d7:63:2d:6c:79:5c:c4:ca:4b:
08:a6:5b:f2:5c:1a:66:90:78:ac:cd:b7:8a:dd:af:0c:80:01:
a9:cf:d6:65:33:5c:8f:d4:d1:2c:dd:3c:3e:4a:62:c4:17:96:
3c:aa:8b:11:23:f5:33:bb:00:20:d9:84:55:de:8d:c8:b7:a3:
e5:0d:d5:3c:67:bc:d9:c8:87:3c:e4:e9:33:47:a6:91:d1:c0:
50:85:f4:90:e0:16:30:4b:fd:bd:be:9b:6c:4b:fb:a1:1d:df:
ea:16:7c:78:6a:7f:d2:df:85:03:39:25:ff:12:58:2b:1b:08:
8d:0f:fb:62:54:50:16:b0:4f:e7:53:77:44:f6:c8:e3:47:a5:
2f:27:fc:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDOs/2giA9/BQiqzXiwQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjg3NTMzY2ViYTA2NDVhMTQ4Y2YxMGM4YzI3ZWE5YTcy
MWEwOWQwHhcNMjUwOTA3MTIwMDUwWhcNMjUwOTA4MTIwMDUwWjAzMTEwLwYDVQQD
Eyg2ZmEyYzQ5ZGYzNzVmMzdmMjVhNTIwOWQ5ZmU5MzY3N2M2MmYxNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW9okfZ8zrFC4GHY8ICoGliwBnpv
MhRevwYJEz+E8YURC50CaReEQp0jUx2mhykNGB32IbpLMu54kLeERcbPPBW7NxIN
1S1fCDbpmlTlLEtjkKdcGcFX0rwq3GGxWQaY6Y8gjNGfSeXNEz7XYyj4Ts+sssW8
lC4PxtC5HQy45xThaK/g4qoAHmXZAB7Ae0u5IQV4ppUEYBnetWUtLOY1Hf09W0nZ
/131r9jQJYBQ6grOIoXLALGtHXCj4Xpp8mxleh0y5CEknFTXOGZGykrdMWXM2n+k
wDrmNVdrhhB9UMMM+HcWHXCkdagAGSz8dZRlqxhyrufxAzT3Chf324zIywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+ixJ3zdfN/JaUgnZ/pNnfGLxUqMB8GA1UdIwQY
MBaAFJ0odTPOugZFoUjPEMjCfqmnIaCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEt
MDIxMmIzZWFlOTdjLzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEtMDIxMmIzZWFlOTdj
LzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF+O1AR1P
HHQCH9HYL2TtSYJNG+xgJlqVMU646E1ePwzKzEPgYmW49hSrA9/WrlNLM/Kn6w6/
jCBxBldOCQV0NOdz5wZ4tsdfTEi8zX401y9f3PWvleW/48+2HcCkVK4AuhxSdZ8Z
rmreTqD0dLcnNQWvMAxE12MtbHlcxMpLCKZb8lwaZpB4rM23it2vDIABqc/WZTNc
j9TRLN08PkpixBeWPKqLESP1M7sAINmEVd6NyLej5Q3VPGe82ciHPOTpM0emkdHA
UIX0kOAWMEv9vb6bbEv7oR3f6hZ8eGp/0t+FAzkl/xJYKxsIjQ/7YlRQFrBP51N3
RPbI40elLyf8bw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:47:44 2025 by rpki-client