Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
File: Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json)
Hash identifier: rnIhZonFWaaPqq6sf4Swtt/XNRp78S5ywjeOQwhV6ng=
Subject key identifier: 6B:F7:45:D4:A6:C1:A6:F0:01:27:9F:26:0E:D7:60:E6:1A:79:5C:67
Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
Certificate issuer: /CN=362af487954c9b96a6e75c258d0437a38449ba90
Certificate serial: 019A7225DC3544FD7A4D97BFC4D7522E279B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
Manifest number: 15CB
Signing time: Tue 11 Nov 2025 09:01:15 +0000
Manifest this update: Tue 11 Nov 2025 09:01:15 +0000
Manifest next update: Wed 12 Nov 2025 09:01:15 +0000
Files and hashes: 1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: 3jijt3H+aYvvpm7L5VwcFVhfAOejdgV4Hu5gBK9mwIA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:dc:35:44:fd:7a:4d:97:bf:c4:d7:52:2e:27:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90
Validity
Not Before: Nov 11 09:01:15 2025 GMT
Not After : Nov 12 09:01:15 2025 GMT
Subject: CN=6bf745d4a6c1a6f001279f260ed760e61a795c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:97:e5:9e:8f:bc:cd:2c:1c:eb:14:9c:81:04:
c4:1b:2f:07:ef:2e:2d:d4:e1:38:5c:d5:0c:bb:f8:
fe:39:20:0b:56:e0:b6:c1:ee:e3:6f:4a:18:43:a5:
b6:b6:8a:21:ac:d8:41:04:2c:fc:62:07:b8:69:8c:
6c:38:43:01:65:e5:4b:bb:8c:00:e1:f8:30:a7:f9:
a8:e8:fd:b0:18:d4:04:47:54:3d:b2:e9:91:43:41:
b3:f5:29:b4:2d:1b:d1:5e:31:33:e0:b3:92:cc:17:
02:a7:d6:15:d1:c0:a5:4e:84:08:f7:de:26:b9:ba:
53:e7:7a:50:03:4c:82:c4:a7:c9:90:df:29:85:75:
06:90:40:14:f4:56:ea:ce:70:36:6e:fb:05:7d:1e:
54:a6:99:61:e7:90:4d:2d:5f:25:25:d0:98:2b:83:
5c:a1:3e:48:75:da:ba:2f:9c:06:47:79:1b:06:f8:
5b:fe:9b:78:b2:c4:3f:be:f6:c5:9a:1e:16:6f:3a:
64:83:58:8c:5e:1a:57:4d:31:bc:d1:0b:5e:d6:f4:
29:0b:8a:d5:8b:84:19:42:2a:b3:35:e7:b2:40:18:
41:2b:5a:14:b0:23:32:06:62:38:ba:94:1e:5c:4c:
52:1a:69:23:37:ce:fe:1b:1e:7a:d4:c7:29:35:3d:
80:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F7:45:D4:A6:C1:A6:F0:01:27:9F:26:0E:D7:60:E6:1A:79:5C:67
X509v3 Authority Key Identifier:
keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:dd:b0:08:3a:44:4c:64:fd:23:2b:f1:cb:dc:0c:49:8c:a6:
06:12:3f:76:13:5a:d0:54:f4:e1:24:6b:2d:22:ca:ae:3f:e8:
6a:25:78:a3:07:b8:9e:53:af:4b:c9:b4:94:ea:e5:dd:10:44:
46:a9:9c:3d:2c:93:80:f8:91:f6:5f:d7:a1:61:eb:5a:83:17:
0c:a8:87:58:54:50:18:b7:f2:0c:3a:c2:08:fa:8e:c3:bb:37:
18:63:da:21:2f:fd:03:6d:b3:44:e6:21:48:1b:8a:49:06:03:
a3:27:2d:8e:45:47:30:fe:8b:93:b9:13:2e:2a:42:63:af:23:
71:29:2e:df:d8:a7:4f:09:8c:df:95:2e:a3:d0:b1:d8:54:4f:
57:3f:fb:01:5f:20:69:11:a4:bd:4e:8e:0b:77:0f:c1:0d:ed:
90:54:cc:29:42:57:ea:5d:6c:29:96:53:9e:55:2e:b6:e3:ba:
8e:ea:0d:2c:86:5b:9e:b5:ca:a7:7f:2c:67:4e:24:dc:fa:d4:
d9:51:b1:8e:e4:86:78:56:20:1e:3c:e1:54:e1:74:53:13:ef:
66:99:60:e1:0e:14:23:62:e3:88:76:5e:fa:46:31:c2:51:8e:
7c:4a:ca:77:3d:ab:2f:ac:4f:03:48:f5:48:cc:bc:55:29:48:
eb:8b:e7:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJdw1RP16TZe/xNdSLiebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0
OWJhOTAwHhcNMjUxMTExMDkwMTE1WhcNMjUxMTEyMDkwMTE1WjAzMTEwLwYDVQQD
Eyg2YmY3NDVkNGE2YzFhNmYwMDEyNzlmMjYwZWQ3NjBlNjFhNzk1YzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5flno+8zSwc6xScgQTEGy8H7y4t
1OE4XNUMu/j+OSALVuC2we7jb0oYQ6W2toohrNhBBCz8Yge4aYxsOEMBZeVLu4wA
4fgwp/mo6P2wGNQER1Q9sumRQ0Gz9Sm0LRvRXjEz4LOSzBcCp9YV0cClToQI994m
ubpT53pQA0yCxKfJkN8phXUGkEAU9FbqznA2bvsFfR5Upplh55BNLV8lJdCYK4Nc
oT5Iddq6L5wGR3kbBvhb/pt4ssQ/vvbFmh4Wbzpkg1iMXhpXTTG80Qte1vQpC4rV
i4QZQiqzNeeyQBhBK1oUsCMyBmI4upQeXExSGmkjN87+Gx561McpNT2AWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGv3RdSmwabwASefJg7XYOYaeVxnMB8GA1UdIwQY
MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt
NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2
LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHN2wCDpE
TGT9Iyvxy9wMSYymBhI/dhNa0FT04SRrLSLKrj/oaiV4owe4nlOvS8m0lOrl3RBE
RqmcPSyTgPiR9l/XoWHrWoMXDKiHWFRQGLfyDDrCCPqOw7s3GGPaIS/9A22zROYh
SBuKSQYDoyctjkVHMP6Lk7kTLipCY68jcSku39inTwmM35Uuo9Cx2FRPVz/7AV8g
aRGkvU6OC3cPwQ3tkFTMKUJX6l1sKZZTnlUutuO6juoNLIZbnrXKp38sZ04k3PrU
2VGxjuSGeFYgHjzhVOF0UxPvZplg4Q4UI2LjiHZe+kYxwlGOfErKdz2rL6xPA0j1
SMy8VSlI64vnuQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:17:09 2025 by rpki-client