Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/84b575-5563-4f1b-865a-815eea33b35b/1/NPwYIZBVFuYYMg6eRxoTsqqslv8.mft
File: NPwYIZBVFuYYMg6eRxoTsqqslv8.mft (raw, json)
Hash identifier: RC6xT/sgN5v9xpkOlUWSxz3NRBXW9X7r1BJCkMIZm1Q=
Subject key identifier: 8F:80:DB:6A:7E:FE:F6:9C:BC:0F:B6:83:4D:8A:49:80:45:62:CD:78
Authority key identifier: 34:FC:18:21:90:55:16:E6:18:32:0E:9E:47:1A:13:B2:AA:AC:96:FF
Certificate issuer: /CN=34fc1821905516e618320e9e471a13b2aaac96ff
Certificate serial: 019A7225AFA721C0E5F023E40E034CCEA501
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPwYIZBVFuYYMg6eRxoTsqqslv8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/84b575-5563-4f1b-865a-815eea33b35b/1/NPwYIZBVFuYYMg6eRxoTsqqslv8.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 09:01:03 +0000
Manifest this update: Tue 11 Nov 2025 09:01:03 +0000
Manifest next update: Wed 12 Nov 2025 09:01:03 +0000
Files and hashes: 1: NPwYIZBVFuYYMg6eRxoTsqqslv8.crl (hash: rt7r+A6JCAWsw8PqI7RJtNVyKvGTWTQnf2dCBzwwlK8=)
2: rYKTx0nL3KpouO_aEG54Y81fax4.roa (hash: U8k6Z6wFvQxh2jmlJpmKkiKIDJ2daF7abfgpCSFD+Kw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/84b575-5563-4f1b-865a-815eea33b35b/1/NPwYIZBVFuYYMg6eRxoTsqqslv8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/84b575-5563-4f1b-865a-815eea33b35b/1/NPwYIZBVFuYYMg6eRxoTsqqslv8.mft
rsync://rpki.ripe.net/repository/DEFAULT/NPwYIZBVFuYYMg6eRxoTsqqslv8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:af:a7:21:c0:e5:f0:23:e4:0e:03:4c:ce:a5:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34fc1821905516e618320e9e471a13b2aaac96ff
Validity
Not Before: Nov 11 09:01:03 2025 GMT
Not After : Nov 12 09:01:03 2025 GMT
Subject: CN=8f80db6a7efef69cbc0fb6834d8a49804562cd78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c2:7c:33:2b:3e:d4:6e:92:36:cf:0d:62:65:
ff:78:23:9f:5b:3c:62:39:1c:47:e0:00:65:bc:b4:
83:37:da:e7:e8:8e:8f:bd:96:07:f3:c2:b6:d2:b2:
2c:22:d2:f4:b2:1d:65:fd:17:5e:41:84:01:8a:a8:
10:4a:4f:ef:e5:c8:d7:d8:6f:6f:d5:c2:5e:70:42:
a4:b7:ef:85:d7:5c:4c:6c:47:80:bf:1f:b5:ce:6b:
d0:0c:d0:50:78:dd:ee:46:bd:99:11:1b:17:a4:4b:
78:d6:2a:25:48:94:f8:4d:d6:ce:d5:4b:d1:8c:33:
dd:d0:1e:8d:5a:66:dc:34:04:d2:22:d7:b3:c7:9d:
09:85:e4:b9:91:8e:ec:a4:55:b7:bc:23:17:2e:aa:
42:6f:74:64:2f:8c:e5:35:d9:47:44:5b:35:7a:58:
40:69:f0:a2:5d:c7:7d:b4:c4:53:25:90:d8:1b:7b:
f2:a9:ef:fa:91:06:e0:f2:fe:1c:44:d5:4f:99:f6:
92:4b:f8:5b:c6:a5:0c:95:2f:45:a4:a0:96:13:a1:
86:6d:96:c0:d8:4e:44:84:e3:79:a1:d2:7f:61:dd:
b2:ba:06:b0:24:25:ce:f2:eb:83:d3:27:c3:d8:06:
69:33:f8:7a:87:55:4c:1d:40:9e:a4:be:d8:fe:e8:
60:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:80:DB:6A:7E:FE:F6:9C:BC:0F:B6:83:4D:8A:49:80:45:62:CD:78
X509v3 Authority Key Identifier:
keyid:34:FC:18:21:90:55:16:E6:18:32:0E:9E:47:1A:13:B2:AA:AC:96:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPwYIZBVFuYYMg6eRxoTsqqslv8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/84b575-5563-4f1b-865a-815eea33b35b/1/NPwYIZBVFuYYMg6eRxoTsqqslv8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/84b575-5563-4f1b-865a-815eea33b35b/1/NPwYIZBVFuYYMg6eRxoTsqqslv8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:a5:b5:b3:85:ce:f4:77:6b:9a:b7:6f:7e:e5:03:f0:89:eb:
88:59:79:23:7e:69:25:6f:97:17:c2:87:a6:42:a6:4a:c7:28:
97:4f:55:8b:c3:f7:c5:4f:be:0c:20:58:e9:56:d5:1b:3f:0a:
5e:3f:a6:d8:d0:70:4e:f4:8d:61:3e:23:bf:cf:f4:a8:a8:3e:
ed:1a:d0:59:b0:8b:81:7b:91:00:1d:af:40:ff:46:ca:fc:3e:
8d:4c:88:6f:82:c9:e2:7b:7e:87:77:79:72:ad:08:7d:dd:97:
b5:0f:b0:3f:d4:ab:6f:44:59:22:59:9e:1b:ee:32:fa:18:d8:
18:d1:54:b1:e5:ec:84:c3:86:b6:b7:08:05:1b:15:1b:11:91:
fe:e1:67:1d:b5:74:46:5d:22:56:1c:cb:ac:1b:e8:8c:86:3a:
84:d0:20:08:f3:8b:74:8c:5c:78:ba:91:0d:49:a1:f4:57:96:
d4:07:1f:04:7f:69:dc:fd:35:dd:a4:8b:06:f3:a9:37:9c:24:
c7:11:ce:17:d4:77:8f:6e:ac:8d:30:55:a2:57:e7:8d:a7:0d:
b9:c7:f0:90:47:74:03:e3:e3:22:c6:a4:8e:a3:ce:57:5b:db:
c3:d4:05:9b:28:7b:1d:cb:c9:18:9d:28:80:7d:b4:33:9c:32:
e3:be:7e:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJa+nIcDl8CPkDgNMzqUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZmMxODIxOTA1NTE2ZTYxODMyMGU5ZTQ3MWExM2IyYWFh
Yzk2ZmYwHhcNMjUxMTExMDkwMTAzWhcNMjUxMTEyMDkwMTAzWjAzMTEwLwYDVQQD
Eyg4ZjgwZGI2YTdlZmVmNjljYmMwZmI2ODM0ZDhhNDk4MDQ1NjJjZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MJ8Mys+1G6SNs8NYmX/eCOfWzxi
ORxH4ABlvLSDN9rn6I6PvZYH88K20rIsItL0sh1l/RdeQYQBiqgQSk/v5cjX2G9v
1cJecEKkt++F11xMbEeAvx+1zmvQDNBQeN3uRr2ZERsXpEt41iolSJT4TdbO1UvR
jDPd0B6NWmbcNATSItezx50JheS5kY7spFW3vCMXLqpCb3RkL4zlNdlHRFs1elhA
afCiXcd9tMRTJZDYG3vyqe/6kQbg8v4cRNVPmfaSS/hbxqUMlS9FpKCWE6GGbZbA
2E5EhON5odJ/Yd2yugawJCXO8uuD0yfD2AZpM/h6h1VMHUCepL7Y/uhgywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI+A22p+/vacvA+2g02KSYBFYs14MB8GA1UdIwQY
MBaAFDT8GCGQVRbmGDIOnkcaE7KqrJb/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlB3WUlaQlZGdVlZTWc2ZVJ4b1RzcXFzbHY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84NGI1NzUtNTU2My00ZjFiLTg2NWEt
ODE1ZWVhMzNiMzViLzEvTlB3WUlaQlZGdVlZTWc2ZVJ4b1RzcXFzbHY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84NGI1NzUtNTU2My00ZjFiLTg2NWEtODE1ZWVhMzNiMzVi
LzEvTlB3WUlaQlZGdVlZTWc2ZVJ4b1RzcXFzbHY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj6W1s4XO
9HdrmrdvfuUD8InriFl5I35pJW+XF8KHpkKmSscol09Vi8P3xU++DCBY6VbVGz8K
Xj+m2NBwTvSNYT4jv8/0qKg+7RrQWbCLgXuRAB2vQP9Gyvw+jUyIb4LJ4nt+h3d5
cq0Ifd2XtQ+wP9Srb0RZIlmeG+4y+hjYGNFUseXshMOGtrcIBRsVGxGR/uFnHbV0
Rl0iVhzLrBvojIY6hNAgCPOLdIxceLqRDUmh9FeW1AcfBH9p3P013aSLBvOpN5wk
xxHOF9R3j26sjTBVolfnjacNucfwkEd0A+PjIsakjqPOV1vbw9QFmyh7HcvJGJ0o
gH20M5wy475+mw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:58:38 2025 by rpki-client