Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.mft
File: nY85NIPUicQp_Biwk0LXbQr-QkQ.mft (raw, json)
Hash identifier: phfLbMH5/QWOL1fA8w0dC/Y3QGiZmd5BtZPiawV2lI8=
Subject key identifier: 5A:01:FA:B8:4A:3F:AE:CA:6C:0F:8E:51:1F:F8:9E:EC:DC:71:CF:7F
Authority key identifier: 9D:8F:39:34:83:D4:89:C4:29:FC:18:B0:93:42:D7:6D:0A:FE:42:44
Certificate issuer: /CN=9d8f393483d489c429fc18b09342d76d0afe4244
Certificate serial: 019A730179EF1E047CC34DF000E66BA11C70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nY85NIPUicQp_Biwk0LXbQr-QkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.mft
Manifest number: 1309
Signing time: Tue 11 Nov 2025 13:01:07 +0000
Manifest this update: Tue 11 Nov 2025 13:01:07 +0000
Manifest next update: Wed 12 Nov 2025 13:01:07 +0000
Files and hashes: 1: fCKBgjNaPgCYlEAaSC02t2TX-HQ.roa (hash: z50OwHqPJLgmTj1OD+z+QDtPxp5JJkD8lN3khIG3bwQ=)
2: nY85NIPUicQp_Biwk0LXbQr-QkQ.crl (hash: Rlh0EpaX4tHMTYcbAXB4U8ts9E7kiN4LYNM+srikVYI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nY85NIPUicQp_Biwk0LXbQr-QkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:79:ef:1e:04:7c:c3:4d:f0:00:e6:6b:a1:1c:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d8f393483d489c429fc18b09342d76d0afe4244
Validity
Not Before: Nov 11 13:01:07 2025 GMT
Not After : Nov 12 13:01:07 2025 GMT
Subject: CN=5a01fab84a3faeca6c0f8e511ff89eecdc71cf7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ff:c9:13:2d:f3:c3:cd:89:00:b7:05:7d:b9:
0e:94:a1:ac:fe:37:7a:16:58:ae:ba:d7:eb:38:13:
eb:c6:bc:b9:34:52:08:71:36:ae:17:bc:64:68:a8:
8e:5b:e2:cb:76:42:49:83:b6:ec:33:49:59:5a:d3:
a5:7b:8a:bf:5f:e8:64:b2:14:d2:b1:26:35:f4:7b:
b0:9b:1b:da:15:40:a6:71:b2:7e:6e:a9:6e:73:99:
2d:78:ae:8d:0a:0c:f1:ab:4d:9e:67:31:93:fe:f0:
56:7e:51:02:f4:d9:bf:4d:d3:53:ee:a2:18:af:96:
cc:b2:21:00:a7:aa:41:cd:4f:4a:21:9c:fb:cb:47:
cf:5d:14:00:1d:c2:0a:96:1c:c8:76:42:e5:6c:ce:
c9:4c:a6:5b:f3:81:a6:fd:86:04:59:61:0d:12:b6:
8a:51:b5:c8:be:d6:43:03:76:33:c8:f1:6f:ca:37:
5c:a2:0d:1c:45:17:83:16:9a:d6:c3:44:32:76:a4:
36:fb:8c:b4:fa:a8:d4:79:91:c7:28:3b:28:ae:ad:
91:d4:9e:f1:af:0b:d9:08:cd:10:c0:aa:dd:bc:85:
e1:cc:f6:5a:32:f1:82:70:57:f0:b4:5f:2f:48:b4:
95:74:4a:8c:6e:77:b2:c2:af:0b:2e:2d:52:48:27:
9d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:01:FA:B8:4A:3F:AE:CA:6C:0F:8E:51:1F:F8:9E:EC:DC:71:CF:7F
X509v3 Authority Key Identifier:
keyid:9D:8F:39:34:83:D4:89:C4:29:FC:18:B0:93:42:D7:6D:0A:FE:42:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nY85NIPUicQp_Biwk0LXbQr-QkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:28:de:b1:b7:b5:49:39:f1:44:72:f2:d9:bd:f3:bb:63:36:
c2:62:98:ad:4b:17:4f:04:7a:41:ef:fb:ef:72:73:57:cf:dc:
bb:b4:94:8f:18:51:ae:bc:ad:cd:e8:8f:ae:88:b4:07:97:e1:
0e:fa:b4:6a:ce:e8:30:b8:c9:46:23:02:fd:98:82:a0:cd:32:
4d:0e:f4:6c:06:52:30:53:7a:b5:d4:df:e0:a0:e2:0a:8d:23:
ec:83:23:8a:5f:56:10:87:52:93:71:1b:19:f5:b2:a0:27:07:
45:f6:75:4c:1c:4a:cb:10:dd:e1:e8:72:b6:e4:5e:b3:2a:41:
71:47:53:cb:97:0d:72:89:d5:36:29:34:73:a4:5b:64:26:6f:
83:6d:15:32:75:5a:87:4c:1e:0e:3c:ac:a1:f9:c4:01:59:2a:
ff:ac:31:4e:c2:0c:36:0d:da:6f:9b:9a:dd:f7:c4:d2:15:a8:
31:f9:47:2f:60:89:c4:39:f1:99:53:37:8e:94:b3:e3:6c:51:
48:21:e0:3b:9b:d6:e0:55:60:60:f1:16:7e:c3:e9:40:85:af:
4a:59:1b:0a:64:b7:bf:2c:a6:de:f2:1f:b3:33:ff:92:ca:3a:
d6:50:2e:23:6d:7a:31:ca:5e:e5:b9:14:ea:16:38:15:32:f6:
ac:91:cb:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAXnvHgR8w03wAOZroRxwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOGYzOTM0ODNkNDg5YzQyOWZjMThiMDkzNDJkNzZkMGFm
ZTQyNDQwHhcNMjUxMTExMTMwMTA3WhcNMjUxMTEyMTMwMTA3WjAzMTEwLwYDVQQD
Eyg1YTAxZmFiODRhM2ZhZWNhNmMwZjhlNTExZmY4OWVlY2RjNzFjZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf/JEy3zw82JALcFfbkOlKGs/jd6
FliuutfrOBPrxry5NFIIcTauF7xkaKiOW+LLdkJJg7bsM0lZWtOle4q/X+hkshTS
sSY19HuwmxvaFUCmcbJ+bqluc5kteK6NCgzxq02eZzGT/vBWflEC9Nm/TdNT7qIY
r5bMsiEAp6pBzU9KIZz7y0fPXRQAHcIKlhzIdkLlbM7JTKZb84Gm/YYEWWENEraK
UbXIvtZDA3YzyPFvyjdcog0cRReDFprWw0QydqQ2+4y0+qjUeZHHKDsorq2R1J7x
rwvZCM0QwKrdvIXhzPZaMvGCcFfwtF8vSLSVdEqMbneywq8LLi1SSCedAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFoB+rhKP67KbA+OUR/4nuzccc9/MB8GA1UdIwQY
MBaAFJ2POTSD1InEKfwYsJNC120K/kJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblk4NU5JUFVpY1FwX0Jpd2swTFhiUXItUWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85ZTgxNjYtMTYwZi00Y2UyLTkwMTct
MWUxNTFhYTFhZmRjLzEvblk4NU5JUFVpY1FwX0Jpd2swTFhiUXItUWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85ZTgxNjYtMTYwZi00Y2UyLTkwMTctMWUxNTFhYTFhZmRj
LzEvblk4NU5JUFVpY1FwX0Jpd2swTFhiUXItUWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMCjesbe1
STnxRHLy2b3zu2M2wmKYrUsXTwR6Qe/773JzV8/cu7SUjxhRrrytzeiProi0B5fh
Dvq0as7oMLjJRiMC/ZiCoM0yTQ70bAZSMFN6tdTf4KDiCo0j7IMjil9WEIdSk3Eb
GfWyoCcHRfZ1TBxKyxDd4ehytuResypBcUdTy5cNconVNik0c6RbZCZvg20VMnVa
h0weDjysofnEAVkq/6wxTsIMNg3ab5ua3ffE0hWoMflHL2CJxDnxmVM3jpSz42xR
SCHgO5vW4FVgYPEWfsPpQIWvSlkbCmS3vyym3vIfszP/kso61lAuI216Mcpe5bkU
6hY4FTL2rJHLFA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:09:38 2025 by rpki-client