Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
File: n0XrWiiMaO1g29m4fk6CBsqckz8.mft (raw, json)
Hash identifier: VbTKXqr9JSTgTxFLBrdhuHNtrkTn9j2hjMODorJkT9Y=
Subject key identifier: 12:D1:29:DF:CB:A8:56:4A:28:67:A4:1F:92:B6:46:78:C1:C1:15:A0
Authority key identifier: 9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F
Certificate issuer: /CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f
Certificate serial: 019A71B7E3F5B1F003580E9DA527C998BD24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
Manifest number: 10F9
Signing time: Tue 11 Nov 2025 07:01:08 +0000
Manifest this update: Tue 11 Nov 2025 07:01:08 +0000
Manifest next update: Wed 12 Nov 2025 07:01:08 +0000
Files and hashes: 1: n0XrWiiMaO1g29m4fk6CBsqckz8.crl (hash: JPhmLi5XaS2FS2ja8vgQzhDGy65Q2iiyq1HIplclIRM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:e3:f5:b1:f0:03:58:0e:9d:a5:27:c9:98:bd:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f
Validity
Not Before: Nov 11 07:01:08 2025 GMT
Not After : Nov 12 07:01:08 2025 GMT
Subject: CN=12d129dfcba8564a2867a41f92b64678c1c115a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:83:95:de:61:32:e8:71:fa:6a:b8:2b:e3:22:
67:a3:98:10:05:46:d0:0e:35:28:7f:ce:50:8a:bc:
20:c6:c2:0d:20:e2:f1:a8:d4:67:64:65:83:e7:25:
e5:61:79:c9:af:eb:d5:a7:ea:5e:38:05:0e:2f:2e:
35:d3:f9:4c:c7:11:fd:55:8a:51:b2:a0:23:3b:b4:
ee:d2:84:78:9a:b2:d1:29:68:c2:5b:38:4b:7b:de:
44:e3:8b:7d:a1:7c:f1:fc:7a:b8:41:29:e4:b2:24:
dc:5d:28:4b:5a:db:e2:6f:f4:b3:07:a8:5c:45:2d:
5e:64:67:df:fe:a7:18:79:28:d0:d1:2a:3c:c4:de:
bf:90:5c:04:97:31:41:ab:60:cc:fc:34:84:34:c2:
92:8f:75:cf:0c:c8:75:8f:85:d6:86:1b:c0:19:84:
8b:5e:bc:fd:63:6a:da:6a:fb:f9:b9:52:68:51:af:
ac:ea:f7:c6:61:0d:33:86:a0:81:35:1e:6a:70:40:
6e:cc:af:e8:d4:41:64:79:6d:cd:70:5a:2b:6d:7f:
31:49:f0:3a:75:32:0f:60:8e:ce:44:09:b1:d3:87:
dc:16:f3:50:cd:28:7b:77:6f:8b:c9:64:87:74:6a:
22:97:c7:9e:68:97:39:8d:5c:c0:cc:a2:fd:c2:b5:
f2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:D1:29:DF:CB:A8:56:4A:28:67:A4:1F:92:B6:46:78:C1:C1:15:A0
X509v3 Authority Key Identifier:
keyid:9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c6:7d:d9:dc:95:a4:24:43:13:f2:03:39:dc:a8:a3:07:a8:9f:
12:5f:61:52:a0:ed:57:df:d5:be:8f:52:e8:0a:52:17:ee:5e:
f7:7a:df:4d:14:51:9b:0c:04:f2:9d:bb:03:0c:35:18:64:c8:
50:9b:ea:f9:86:2f:a2:e8:01:fb:a7:fc:a6:b4:b6:2d:a0:7e:
91:4a:1d:98:97:a9:2c:a3:be:d0:db:1c:71:8f:24:ba:e4:53:
6d:4d:6b:b1:99:c3:2a:5b:02:14:8d:5e:7f:a3:fd:8a:49:be:
13:5f:f2:0f:da:2a:9f:e3:26:56:9b:4c:89:89:de:73:66:e0:
c8:bd:91:d2:30:10:ca:62:db:d0:5b:bb:53:84:ea:bc:1b:53:
02:ed:45:35:b3:1d:22:18:8f:45:a0:1e:da:b4:c2:a0:84:84:
00:72:34:8f:9d:ed:7b:84:3c:79:ae:00:8d:c7:4b:ec:91:ad:
fe:be:04:0a:68:3a:16:36:d1:9b:33:94:d2:9a:5d:dc:5d:0b:
2f:55:f7:87:b6:3d:80:63:42:09:cc:1e:63:69:8d:ac:b0:41:
c2:b8:43:57:73:4c:37:a3:c4:bf:98:b4:73:64:6c:2e:35:63:
18:c4:42:56:4c:28:11:60:d5:b8:7b:6c:a2:44:fd:14:7b:87:
29:90:c6:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+P1sfADWA6dpSfJmL0kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNDVlYjVhMjg4YzY4ZWQ2MGRiZDliODdlNGU4MjA2Y2E5
YzkzM2YwHhcNMjUxMTExMDcwMTA4WhcNMjUxMTEyMDcwMTA4WjAzMTEwLwYDVQQD
EygxMmQxMjlkZmNiYTg1NjRhMjg2N2E0MWY5MmI2NDY3OGMxYzExNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4OV3mEy6HH6argr4yJno5gQBUbQ
DjUof85QirwgxsINIOLxqNRnZGWD5yXlYXnJr+vVp+peOAUOLy410/lMxxH9VYpR
sqAjO7Tu0oR4mrLRKWjCWzhLe95E44t9oXzx/Hq4QSnksiTcXShLWtvib/SzB6hc
RS1eZGff/qcYeSjQ0So8xN6/kFwElzFBq2DM/DSENMKSj3XPDMh1j4XWhhvAGYSL
Xrz9Y2raavv5uVJoUa+s6vfGYQ0zhqCBNR5qcEBuzK/o1EFkeW3NcForbX8xSfA6
dTIPYI7ORAmx04fcFvNQzSh7d2+LyWSHdGoil8eeaJc5jVzAzKL9wrXypQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBLRKd/LqFZKKGekH5K2RnjBwRWgMB8GA1UdIwQY
MBaAFJ9F61oojGjtYNvZuH5OggbKnJM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEt
NTVmZDZkYzFhMWQ4LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEtNTVmZDZkYzFhMWQ4
LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxn3Z3JWk
JEMT8gM53KijB6ifEl9hUqDtV9/Vvo9S6ApSF+5e93rfTRRRmwwE8p27Aww1GGTI
UJvq+YYvougB+6f8prS2LaB+kUodmJepLKO+0NsccY8kuuRTbU1rsZnDKlsCFI1e
f6P9ikm+E1/yD9oqn+MmVptMiYnec2bgyL2R0jAQymLb0Fu7U4TqvBtTAu1FNbMd
IhiPRaAe2rTCoISEAHI0j53te4Q8ea4AjcdL7JGt/r4ECmg6FjbRmzOU0ppd3F0L
L1X3h7Y9gGNCCcweY2mNrLBBwrhDV3NMN6PEv5i0c2RsLjVjGMRCVkwoEWDVuHts
okT9FHuHKZDGVw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:36:00 2025 by rpki-client