Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
File: NgHDzOanHKshpLut8KuE3ePyurI.mft (raw, json)
Hash identifier: K1Ucik1LjBzZUkRCW+y5l9otrT5T0ETGzDtpgRGHYJ4=
Subject key identifier: 0D:E3:33:45:69:DE:3B:02:1F:6A:EA:06:5C:7E:F1:EC:A8:C1:F2:01
Authority key identifier: 36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
Certificate issuer: /CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Certificate serial: 019A71B866DD4CF371D77E8486EC038F6EB2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 07:01:41 +0000
Manifest this update: Tue 11 Nov 2025 07:01:41 +0000
Manifest next update: Wed 12 Nov 2025 07:01:41 +0000
Files and hashes: 1: Mk7YYF4o9LB74wKwKgBbcKzvyH8.roa (hash: OCqXIpcMD6jOp7DHnSx2liWfa4cjdFDkG92oQWOUUNo=)
2: NgHDzOanHKshpLut8KuE3ePyurI.crl (hash: iLTwBbdOsLzoF7kkZAmqh5MG7gpuBVbg/nqfKy1KtOg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:66:dd:4c:f3:71:d7:7e:84:86:ec:03:8f:6e:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Validity
Not Before: Nov 11 07:01:41 2025 GMT
Not After : Nov 12 07:01:41 2025 GMT
Subject: CN=0de3334569de3b021f6aea065c7ef1eca8c1f201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:90:3d:41:f1:60:cf:4c:4f:83:db:d6:08:d0:
aa:0c:8e:0e:e1:83:49:2d:22:96:53:ca:b5:63:55:
bc:04:6e:95:81:e9:27:10:51:b2:c3:55:10:c4:98:
c6:e4:a8:3b:4b:fc:99:fb:54:e9:d8:68:f5:61:68:
35:fc:c3:ec:9b:69:36:60:f4:af:14:cd:35:20:43:
44:5b:63:28:f3:83:f6:23:47:43:ef:93:4d:37:60:
25:66:48:75:77:59:f5:b3:a8:6a:ad:70:6d:c6:d8:
65:79:b9:dc:24:6a:c6:30:32:4f:53:8e:ef:a6:d9:
9a:ed:0b:f8:3d:78:59:0c:d0:d1:23:aa:98:f7:17:
54:69:dd:6f:64:49:0c:62:0d:89:76:4d:f6:0f:8d:
c6:69:f4:5a:24:90:53:73:77:bd:c0:2c:78:07:83:
90:57:b7:6c:f7:60:83:2f:8e:70:ab:60:b7:44:0e:
11:58:e3:77:5b:a7:36:75:88:74:f4:f4:04:0f:21:
fd:25:3f:85:cb:a5:e2:f3:9d:51:b7:04:04:e6:dd:
5a:f1:d0:21:6f:d8:62:f4:5a:d5:b3:de:1a:91:c0:
80:d5:15:77:e6:03:02:82:02:bb:61:88:14:8c:82:
92:c7:1a:83:8e:3a:1e:4a:2d:80:27:66:cc:fa:c5:
8f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E3:33:45:69:DE:3B:02:1F:6A:EA:06:5C:7E:F1:EC:A8:C1:F2:01
X509v3 Authority Key Identifier:
keyid:36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:42:1b:ae:18:d3:11:e3:63:c3:4d:f3:fd:7f:fe:ff:d9:ad:
4b:19:3e:4a:f4:b2:42:9f:3b:03:87:8c:25:10:0b:e9:16:8f:
45:4f:a9:8b:f3:b9:af:d0:e6:52:15:89:26:28:8d:68:ef:75:
ca:8e:f5:08:58:1a:2b:4c:ed:cf:04:e6:bc:c4:f8:4c:44:1e:
95:a5:77:70:9d:c3:0c:b6:2d:34:07:82:a4:51:f3:ae:b2:60:
7c:ff:c5:13:ab:b6:0c:d4:41:37:eb:4f:7f:12:14:68:d5:66:
8a:3e:24:00:e9:83:4b:41:59:b4:76:14:f3:78:78:9e:fa:4d:
df:63:a2:5d:28:cf:03:ff:7f:b8:74:8f:3e:23:d5:7f:d2:c7:
6c:e1:cd:52:0a:55:37:ad:f4:a6:38:9a:c8:9f:a5:9d:36:88:
d1:01:73:22:7d:f2:c0:ba:f8:fe:be:81:b5:92:46:cb:c4:49:
c0:4e:fb:39:b4:93:c7:48:ce:7f:6e:a9:89:2b:c1:b5:44:05:
6e:17:53:cb:4e:44:d4:90:9a:42:42:3a:70:f2:e6:33:48:91:
18:de:01:7a:c8:ce:52:c3:be:86:37:41:e0:b1:1c:3b:60:c2:
40:b2:6f:d7:5e:c3:36:b6:d5:c6:0d:6b:42:39:4c:e5:a2:0a:
9a:b8:a6:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGbdTPNx136EhuwDj26yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MDFjM2NjZTZhNzFjYWIyMWE0YmJhZGYwYWI4NGRkZTNm
MmJhYjIwHhcNMjUxMTExMDcwMTQxWhcNMjUxMTEyMDcwMTQxWjAzMTEwLwYDVQQD
EygwZGUzMzM0NTY5ZGUzYjAyMWY2YWVhMDY1YzdlZjFlY2E4YzFmMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpA9QfFgz0xPg9vWCNCqDI4O4YNJ
LSKWU8q1Y1W8BG6VgeknEFGyw1UQxJjG5Kg7S/yZ+1Tp2Gj1YWg1/MPsm2k2YPSv
FM01IENEW2Mo84P2I0dD75NNN2AlZkh1d1n1s6hqrXBtxthlebncJGrGMDJPU47v
ptma7Qv4PXhZDNDRI6qY9xdUad1vZEkMYg2Jdk32D43GafRaJJBTc3e9wCx4B4OQ
V7ds92CDL45wq2C3RA4RWON3W6c2dYh09PQEDyH9JT+Fy6Xi851RtwQE5t1a8dAh
b9hi9FrVs94akcCA1RV35gMCggK7YYgUjIKSxxqDjjoeSi2AJ2bM+sWPUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA3jM0Vp3jsCH2rqBlx+8eyowfIBMB8GA1UdIwQY
MBaAFDYBw8zmpxyrIaS7rfCrhN3j8rqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUt
ODAxZWYzOGRlYTljLzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUtODAxZWYzOGRlYTlj
LzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApEIbrhjT
EeNjw03z/X/+/9mtSxk+SvSyQp87A4eMJRAL6RaPRU+pi/O5r9DmUhWJJiiNaO91
yo71CFgaK0ztzwTmvMT4TEQelaV3cJ3DDLYtNAeCpFHzrrJgfP/FE6u2DNRBN+tP
fxIUaNVmij4kAOmDS0FZtHYU83h4nvpN32OiXSjPA/9/uHSPPiPVf9LHbOHNUgpV
N630pjiayJ+lnTaI0QFzIn3ywLr4/r6BtZJGy8RJwE77ObSTx0jOf26piSvBtUQF
bhdTy05E1JCaQkI6cPLmM0iRGN4BesjOUsO+hjdB4LEcO2DCQLJv117DNrbVxg1r
QjlM5aIKmrimsw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:00 2025 by rpki-client