Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
File: nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft (raw, json)
Hash identifier: rm0nMjcUy7cxshacq9g1g7gnsxujnbgv4yXPJBZMoDs=
Subject key identifier: 2A:70:B2:51:CB:51:DB:B4:73:80:AC:4D:58:62:EE:0C:28:B2:F8:A4
Authority key identifier: 9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E
Certificate issuer: /CN=9d3627d9766514578942420050bf83a8b129166e
Certificate serial: 019A71136E3EF0F611986F0C7914B8B6F901
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
Manifest number: 13AF
Signing time: Tue 11 Nov 2025 04:01:29 +0000
Manifest this update: Tue 11 Nov 2025 04:01:29 +0000
Manifest next update: Wed 12 Nov 2025 04:01:29 +0000
Files and hashes: 1: nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl (hash: ZcAc3uthqBhYG1B50Gv3cOGzzTRChfNQhRFj+rVBYCY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:6e:3e:f0:f6:11:98:6f:0c:79:14:b8:b6:f9:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d3627d9766514578942420050bf83a8b129166e
Validity
Not Before: Nov 11 04:01:29 2025 GMT
Not After : Nov 12 04:01:29 2025 GMT
Subject: CN=2a70b251cb51dbb47380ac4d5862ee0c28b2f8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:25:8f:c2:2f:1c:12:66:8a:e5:7a:11:c0:43:
3b:51:fa:09:39:79:cb:fa:be:e6:f9:b2:3b:53:3c:
3a:e9:4b:b4:c4:0d:45:29:98:e5:ff:c1:ab:7f:7c:
95:98:01:78:e4:f2:31:89:e9:a3:9f:6c:00:45:e2:
d7:71:3f:07:cd:20:d2:32:74:6a:3a:50:43:d8:b5:
25:f2:7b:d5:f9:ea:f1:ab:92:95:99:d4:bc:38:5d:
75:28:b8:cc:8a:86:2c:58:fd:92:9f:f7:b4:11:f5:
8b:b6:a3:74:57:ce:37:44:11:a4:30:f5:42:2c:bf:
41:27:f2:49:23:45:11:19:3a:6d:59:47:45:2e:0b:
1f:fb:99:a3:a7:81:29:e2:53:34:80:4b:99:e7:8a:
e3:6c:33:b3:92:43:29:63:e8:1c:f3:71:b2:c3:96:
fd:e0:23:6b:bc:30:32:32:24:b8:7b:49:e9:96:50:
19:b5:0c:dd:b4:4a:ae:5d:67:c0:1b:a8:90:3d:fc:
d4:6c:db:7c:1a:5b:90:07:56:c0:44:96:d1:b0:9c:
a5:67:55:25:0b:fe:92:c5:c9:64:8c:ac:e6:e9:4f:
1b:eb:68:dd:65:8e:ed:64:ac:0a:a3:8c:a5:6a:bb:
c8:b5:d3:fe:30:58:dd:4f:62:02:8f:49:ab:0d:16:
b7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:70:B2:51:CB:51:DB:B4:73:80:AC:4D:58:62:EE:0C:28:B2:F8:A4
X509v3 Authority Key Identifier:
keyid:9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:2c:f8:5c:81:03:3e:2d:fb:4a:2b:55:38:ee:29:47:a3:73:
63:8a:3e:26:fd:6d:27:54:27:c9:f3:36:63:81:d8:f2:5c:2e:
1a:e6:be:3b:2c:e2:d9:9e:df:5b:23:d7:3e:17:bb:67:32:be:
6b:b1:cf:43:6b:d8:d2:e8:04:be:6f:2c:ee:8f:d0:c2:41:6b:
43:ae:7c:d7:55:70:3e:78:db:17:38:1a:56:fb:6b:ea:fc:bb:
6b:96:bd:fd:c6:81:d5:d5:30:f5:5b:00:29:2b:f2:f0:cf:3d:
5a:1f:3b:4a:9d:5a:b6:98:c8:c8:68:40:fb:bc:ff:b8:d7:09:
ae:ee:58:7c:32:b0:b7:cc:dc:08:b6:bb:0d:c2:f5:4b:5d:98:
03:70:e2:91:d4:e7:b3:27:38:fa:75:a0:94:e2:c2:5d:18:f4:
0d:31:b2:4b:de:e0:1e:e3:dc:1e:41:6f:a7:e2:86:17:38:60:
a6:f8:ca:90:71:48:5b:82:92:68:fc:fe:c7:c0:92:41:d0:fb:
83:81:b2:4e:31:21:13:4b:d7:60:38:a1:11:34:3d:af:01:8f:
78:7c:14:79:58:7b:5b:b2:8a:95:b2:20:40:c2:69:36:3c:d0:
87:02:5a:3b:fe:f0:0e:bb:e5:ca:33:90:d5:95:ab:9e:8f:4f:
f0:12:52:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE24+8PYRmG8MeRS4tvkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzYyN2Q5NzY2NTE0NTc4OTQyNDIwMDUwYmY4M2E4YjEy
OTE2NmUwHhcNMjUxMTExMDQwMTI5WhcNMjUxMTEyMDQwMTI5WjAzMTEwLwYDVQQD
EygyYTcwYjI1MWNiNTFkYmI0NzM4MGFjNGQ1ODYyZWUwYzI4YjJmOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiWPwi8cEmaK5XoRwEM7UfoJOXnL
+r7m+bI7Uzw66Uu0xA1FKZjl/8Grf3yVmAF45PIxiemjn2wAReLXcT8HzSDSMnRq
OlBD2LUl8nvV+erxq5KVmdS8OF11KLjMioYsWP2Sn/e0EfWLtqN0V843RBGkMPVC
LL9BJ/JJI0URGTptWUdFLgsf+5mjp4Ep4lM0gEuZ54rjbDOzkkMpY+gc83Gyw5b9
4CNrvDAyMiS4e0npllAZtQzdtEquXWfAG6iQPfzUbNt8GluQB1bARJbRsJylZ1Ul
C/6SxclkjKzm6U8b62jdZY7tZKwKo4ylarvItdP+MFjdT2ICj0mrDRa3bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpwslHLUdu0c4CsTVhi7gwosvikMB8GA1UdIwQY
MBaAFJ02J9l2ZRRXiUJCAFC/g6ixKRZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2Qt
MWQ1ZGQyMjU4YzRlLzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2QtMWQ1ZGQyMjU4YzRl
LzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiyz4XIED
Pi37SitVOO4pR6NzY4o+Jv1tJ1QnyfM2Y4HY8lwuGua+Oyzi2Z7fWyPXPhe7ZzK+
a7HPQ2vY0ugEvm8s7o/QwkFrQ65811VwPnjbFzgaVvtr6vy7a5a9/caB1dUw9VsA
KSvy8M89Wh87Sp1atpjIyGhA+7z/uNcJru5YfDKwt8zcCLa7DcL1S12YA3DikdTn
syc4+nWglOLCXRj0DTGyS97gHuPcHkFvp+KGFzhgpvjKkHFIW4KSaPz+x8CSQdD7
g4GyTjEhE0vXYDihETQ9rwGPeHwUeVh7W7KKlbIgQMJpNjzQhwJaO/7wDrvlyjOQ
1ZWrno9P8BJSww==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:08:57 2025 by rpki-client