Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.mft
File: nzcg6XD6oOB_UKY4nnrlOvpDnas.mft (raw, json)
Hash identifier: 2RWr0/K/kYHjLm+cGV10+8c05s4STQTuroTmTzcHyTQ=
Subject key identifier: 3C:A9:32:88:82:33:9A:8E:F0:45:D6:A6:1D:8C:3C:FF:6C:E2:62:04
Authority key identifier: 9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
Certificate issuer: /CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Certificate serial: 019A2AB0DBE5569669FCEFE41F98DE1A4CF6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.mft
Manifest number: 16FF
Signing time: Tue 28 Oct 2025 12:00:24 +0000
Manifest this update: Tue 28 Oct 2025 12:00:24 +0000
Manifest next update: Wed 29 Oct 2025 12:00:24 +0000
Files and hashes: 1: Etd-zR5nQJ_3oZWsvX_yh9qZs04.roa (hash: Va9UidVPtYR8CQHobQQrWe+S/Z2ABdjjbhF7ggqh2M0=)
2: nzcg6XD6oOB_UKY4nnrlOvpDnas.crl (hash: urQJJOxTViDx+pmD/SwX+tGrRmrxv1eyqDxDrAVtcRU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.mft
rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 12:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:b0:db:e5:56:96:69:fc:ef:e4:1f:98:de:1a:4c:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Validity
Not Before: Oct 28 12:00:24 2025 GMT
Not After : Oct 29 12:00:24 2025 GMT
Subject: CN=3ca9328882339a8ef045d6a61d8c3cff6ce26204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:05:05:85:ef:2d:a6:a1:da:7c:03:0e:13:82:
5b:28:90:6c:1e:67:21:3d:b0:d6:31:fd:54:a0:c8:
4f:4d:d6:65:08:57:2f:ab:f0:a5:e5:b9:7b:b9:5b:
ea:95:56:6c:8f:28:c9:5c:ed:a6:09:a9:00:e1:e6:
8a:d7:a4:69:0e:73:e3:85:3f:6e:5b:11:2d:1f:92:
4a:ec:25:ac:3e:c1:a5:9b:dc:b0:08:12:a8:e6:bd:
6e:49:35:00:b6:3f:37:f6:5e:a6:c4:36:8a:51:c5:
7a:25:36:fc:c8:d3:d0:59:41:a0:e8:c2:79:56:35:
ed:e8:87:73:4d:78:6a:de:22:78:b1:be:f2:86:52:
e5:bb:c1:89:99:67:21:a8:fe:6c:fd:3a:99:54:f3:
de:13:2d:ae:33:aa:bd:da:f1:de:41:e2:79:77:40:
ac:c2:4e:74:8e:81:43:0a:76:cc:3a:15:e6:9d:8b:
99:60:aa:8d:e1:f4:bf:2f:2d:73:9f:88:47:b0:2c:
f6:89:1c:04:e6:7f:96:14:df:91:d8:60:51:ce:ba:
39:28:4d:54:d2:32:ad:94:09:a2:8f:56:65:1d:d9:
e4:16:91:5e:62:96:f7:41:7d:c1:b5:b1:06:a8:71:
ed:93:a3:6e:44:74:d7:62:84:20:ca:1a:49:e2:a2:
6e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A9:32:88:82:33:9A:8E:F0:45:D6:A6:1D:8C:3C:FF:6C:E2:62:04
X509v3 Authority Key Identifier:
keyid:9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:a7:24:3a:ef:b5:d1:33:64:dd:fb:26:86:61:f9:2a:60:06:
2d:97:5a:5b:36:c2:18:c5:52:eb:75:e3:b8:7b:cc:de:47:3e:
c3:e1:11:3e:85:ca:94:87:91:71:5c:24:27:4f:7b:0f:51:53:
ab:ff:48:18:4b:30:33:5d:9a:a1:2e:a5:03:06:1c:00:06:55:
0f:51:25:fd:05:85:16:19:3f:80:3b:c2:40:ab:d8:13:0f:7d:
8e:b3:38:5f:65:df:04:ae:93:53:9f:06:cb:1d:57:51:65:ac:
59:6f:c9:11:49:4e:74:4b:a1:18:9f:bf:07:2c:16:e1:c0:64:
68:52:06:11:df:1a:7b:b6:5b:0a:f6:9b:4a:56:2c:75:d5:4e:
05:32:be:e7:a0:5b:6a:99:79:1f:6b:e7:40:b7:a4:fb:28:eb:
99:de:fa:ea:cb:11:f9:e3:6d:e5:77:e3:9b:d2:1e:ce:63:24:
bf:64:08:1b:58:8e:38:0a:2a:95:97:b9:66:95:ec:21:b3:5f:
67:13:e9:d2:d1:e3:dc:4a:d6:b5:64:17:69:e5:5b:79:06:18:
97:23:32:a5:4b:96:d3:87:e3:3d:02:db:48:d2:74:3f:4e:4b:
86:54:57:18:ab:1c:80:55:7b:0d:d6:85:dd:a0:0f:0b:4e:c8:
63:f3:8c:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoqsNvlVpZp/O/kH5jeGkz2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzcyMGU5NzBmYWEwZTA3ZjUwYTYzODllN2FlNTNhZmE0
MzlkYWIwHhcNMjUxMDI4MTIwMDI0WhcNMjUxMDI5MTIwMDI0WjAzMTEwLwYDVQQD
EygzY2E5MzI4ODgyMzM5YThlZjA0NWQ2YTYxZDhjM2NmZjZjZTI2MjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQUFhe8tpqHafAMOE4JbKJBsHmch
PbDWMf1UoMhPTdZlCFcvq/Cl5bl7uVvqlVZsjyjJXO2mCakA4eaK16RpDnPjhT9u
WxEtH5JK7CWsPsGlm9ywCBKo5r1uSTUAtj839l6mxDaKUcV6JTb8yNPQWUGg6MJ5
VjXt6IdzTXhq3iJ4sb7yhlLlu8GJmWchqP5s/TqZVPPeEy2uM6q92vHeQeJ5d0Cs
wk50joFDCnbMOhXmnYuZYKqN4fS/Ly1zn4hHsCz2iRwE5n+WFN+R2GBRzro5KE1U
0jKtlAmij1ZlHdnkFpFeYpb3QX3BtbEGqHHtk6NuRHTXYoQgyhpJ4qJuoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDypMoiCM5qO8EXWph2MPP9s4mIEMB8GA1UdIwQY
MBaAFJ83IOlw+qDgf1CmOJ565Tr6Q52rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQt
MTJlNmEwZDQzMThhLzEvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQtMTJlNmEwZDQzMThh
LzEvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhKckOu+1
0TNk3fsmhmH5KmAGLZdaWzbCGMVS63XjuHvM3kc+w+ERPoXKlIeRcVwkJ097D1FT
q/9IGEswM12aoS6lAwYcAAZVD1El/QWFFhk/gDvCQKvYEw99jrM4X2XfBK6TU58G
yx1XUWWsWW/JEUlOdEuhGJ+/BywW4cBkaFIGEd8ae7ZbCvabSlYsddVOBTK+56Bb
apl5H2vnQLek+yjrmd766ssR+eNt5Xfjm9IezmMkv2QIG1iOOAoqlZe5ZpXsIbNf
ZxPp0tHj3ErWtWQXaeVbeQYYlyMypUuW04fjPQLbSNJ0P05LhlRXGKscgFV7DdaF
3aAPC07IY/OMTw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 16:39:44 2025 by rpki-client