Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/25f375-140f-46e9-967e-6e459a58e1d6/1/nKkOfa8VwXwbmrxXIVe8fZF7OZE.mft
File: nKkOfa8VwXwbmrxXIVe8fZF7OZE.mft (raw, json)
Hash identifier: oVICXG9itrjBTCYJzN7inEiembdmh1zakyJepdVw5xY=
Subject key identifier: CD:23:29:5F:E7:5F:88:29:F1:6F:F6:5B:D9:9B:96:AC:FB:3F:33:34
Authority key identifier: 9C:A9:0E:7D:AF:15:C1:7C:1B:9A:BC:57:21:57:BC:7D:91:7B:39:91
Certificate issuer: /CN=9ca90e7daf15c17c1b9abc572157bc7d917b3991
Certificate serial: 019A71B7836125D0C3ECA7FCECEC009C2C8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nKkOfa8VwXwbmrxXIVe8fZF7OZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/25f375-140f-46e9-967e-6e459a58e1d6/1/nKkOfa8VwXwbmrxXIVe8fZF7OZE.mft
Manifest number: 12A5
Signing time: Tue 11 Nov 2025 07:00:43 +0000
Manifest this update: Tue 11 Nov 2025 07:00:43 +0000
Manifest next update: Wed 12 Nov 2025 07:00:43 +0000
Files and hashes: 1: nKkOfa8VwXwbmrxXIVe8fZF7OZE.crl (hash: 4dRuCf//nXGVyqCaileQE1CyfXUzAQIcyoDrYqReb/I=)
2: rbFhRWy7PnH1-c74EqjQ8O_SsH8.roa (hash: +OgMhgDQLZldm2bdOQKGi3uI3dnjtK1GBopk2ba9vPU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/25f375-140f-46e9-967e-6e459a58e1d6/1/nKkOfa8VwXwbmrxXIVe8fZF7OZE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/25f375-140f-46e9-967e-6e459a58e1d6/1/nKkOfa8VwXwbmrxXIVe8fZF7OZE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nKkOfa8VwXwbmrxXIVe8fZF7OZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:83:61:25:d0:c3:ec:a7:fc:ec:ec:00:9c:2c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ca90e7daf15c17c1b9abc572157bc7d917b3991
Validity
Not Before: Nov 11 07:00:43 2025 GMT
Not After : Nov 12 07:00:43 2025 GMT
Subject: CN=cd23295fe75f8829f16ff65bd99b96acfb3f3334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:83:29:5b:46:ca:5f:1c:83:ca:c3:da:d8:10:
36:21:70:e8:18:7f:44:ee:66:eb:b1:f2:ca:ad:a6:
a9:e9:17:de:9e:e7:4a:f7:79:64:f2:54:a3:b7:e8:
fa:25:3f:25:50:d6:8c:16:c3:21:eb:d7:c8:f6:4e:
66:00:36:69:de:88:21:f2:0e:e1:c3:4b:58:2c:fe:
71:74:41:ce:91:83:a9:97:1e:82:32:69:bc:d2:4e:
22:42:96:95:f2:a8:d6:1a:81:21:cd:cd:f4:08:c4:
57:5c:9d:b5:64:b1:42:bc:02:05:0a:81:a2:53:54:
52:3f:11:0a:79:dd:c6:3c:e4:99:a9:43:23:0d:15:
fc:7f:5c:1f:e7:4e:e5:01:ca:7b:56:32:5c:92:21:
b1:94:6b:f5:a8:b8:91:42:fb:07:0e:27:91:bd:ae:
75:be:f5:b8:8d:f1:73:ed:0f:1d:76:99:0b:37:c9:
ae:bd:90:a5:f1:9a:39:10:9b:64:49:5e:b9:98:74:
1d:0e:84:6f:21:5a:0f:c2:5a:74:c6:8a:99:61:8a:
03:07:2b:1d:96:c3:fb:bc:e3:c9:99:ca:09:1f:8e:
48:50:81:42:c3:6c:c1:e6:9e:0c:3f:e9:37:5f:84:
36:e8:89:8d:40:67:b6:06:a5:00:9f:6f:af:4b:e0:
7a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:23:29:5F:E7:5F:88:29:F1:6F:F6:5B:D9:9B:96:AC:FB:3F:33:34
X509v3 Authority Key Identifier:
keyid:9C:A9:0E:7D:AF:15:C1:7C:1B:9A:BC:57:21:57:BC:7D:91:7B:39:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nKkOfa8VwXwbmrxXIVe8fZF7OZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/25f375-140f-46e9-967e-6e459a58e1d6/1/nKkOfa8VwXwbmrxXIVe8fZF7OZE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/25f375-140f-46e9-967e-6e459a58e1d6/1/nKkOfa8VwXwbmrxXIVe8fZF7OZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:3a:03:4c:2d:6d:74:d1:a7:08:79:dc:96:ed:7c:fd:61:8b:
e1:0b:da:41:ce:ee:0e:5b:29:71:27:81:ef:c1:e6:a5:2f:93:
1f:fb:4f:3e:83:d0:3c:26:ab:8b:c2:fa:33:b1:bb:2b:73:c9:
6e:05:f6:24:ba:d7:b7:62:63:62:d5:4e:ac:4a:f4:2a:28:00:
d8:33:31:5a:95:44:9c:a9:80:88:3c:46:8e:ce:70:d6:bc:96:
30:d2:3c:f0:84:6b:30:13:f9:17:0d:b8:12:eb:6e:33:3b:b5:
65:95:68:45:fe:75:d3:46:c8:3c:e9:91:69:ae:22:45:1f:b1:
f8:2d:cf:7f:61:e7:30:37:92:a7:f4:5e:e1:b2:4e:eb:02:77:
10:5c:f8:6d:18:32:26:a5:35:97:00:2d:72:61:c1:47:dd:ff:
17:bf:16:97:72:f9:ee:1d:c2:c0:8a:4a:df:b1:c3:aa:1e:f8:
7e:5f:07:e0:cf:3f:e8:0d:d1:71:7f:9e:1b:63:28:c2:9e:34:
81:64:f1:03:7c:bd:cf:d8:b7:c9:cf:9c:b2:73:e6:bd:b9:ec:
36:a5:b5:9e:ca:4b:3b:f8:e4:1b:ce:6f:6d:72:49:6f:48:b1:
69:97:3e:0a:9d:8e:ed:9c:a4:8f:ac:2d:af:b7:7a:a2:89:95:
12:99:dd:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4NhJdDD7Kf87OwAnCyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYTkwZTdkYWYxNWMxN2MxYjlhYmM1NzIxNTdiYzdkOTE3
YjM5OTEwHhcNMjUxMTExMDcwMDQzWhcNMjUxMTEyMDcwMDQzWjAzMTEwLwYDVQQD
EyhjZDIzMjk1ZmU3NWY4ODI5ZjE2ZmY2NWJkOTliOTZhY2ZiM2YzMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4MpW0bKXxyDysPa2BA2IXDoGH9E
7mbrsfLKraap6RfenudK93lk8lSjt+j6JT8lUNaMFsMh69fI9k5mADZp3ogh8g7h
w0tYLP5xdEHOkYOplx6CMmm80k4iQpaV8qjWGoEhzc30CMRXXJ21ZLFCvAIFCoGi
U1RSPxEKed3GPOSZqUMjDRX8f1wf507lAcp7VjJckiGxlGv1qLiRQvsHDieRva51
vvW4jfFz7Q8ddpkLN8muvZCl8Zo5EJtkSV65mHQdDoRvIVoPwlp0xoqZYYoDBysd
lsP7vOPJmcoJH45IUIFCw2zB5p4MP+k3X4Q26ImNQGe2BqUAn2+vS+B6VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM0jKV/nX4gp8W/2W9mblqz7PzM0MB8GA1UdIwQY
MBaAFJypDn2vFcF8G5q8VyFXvH2RezmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbktrT2ZhOFZ3WHdibXJ4WElWZThmWkY3T1pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8yNWYzNzUtMTQwZi00NmU5LTk2N2Ut
NmU0NTlhNThlMWQ2LzEvbktrT2ZhOFZ3WHdibXJ4WElWZThmWkY3T1pFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8yNWYzNzUtMTQwZi00NmU5LTk2N2UtNmU0NTlhNThlMWQ2
LzEvbktrT2ZhOFZ3WHdibXJ4WElWZThmWkY3T1pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHzoDTC1t
dNGnCHnclu18/WGL4QvaQc7uDlspcSeB78HmpS+TH/tPPoPQPCari8L6M7G7K3PJ
bgX2JLrXt2JjYtVOrEr0KigA2DMxWpVEnKmAiDxGjs5w1ryWMNI88IRrMBP5Fw24
EutuMzu1ZZVoRf5100bIPOmRaa4iRR+x+C3Pf2HnMDeSp/Re4bJO6wJ3EFz4bRgy
JqU1lwAtcmHBR93/F78Wl3L57h3CwIpK37HDqh74fl8H4M8/6A3RcX+eG2Mowp40
gWTxA3y9z9i3yc+csnPmvbnsNqW1nspLO/jkG85vbXJJb0ixaZc+Cp2O7Zykj6wt
r7d6oomVEpndbQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:20:10 2025 by rpki-client