Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
File: nlaYDUienFO8gp8-jWPTg_ONDeM.mft (raw, json)
Hash identifier: ezlLFulFO6+mA9THWsbfE9Hj3em3khy0dAV5S8ozqmc=
Subject key identifier: E0:71:A9:3C:02:AE:EF:CB:4C:90:86:3F:3B:60:37:25:A0:0E:83:C5
Authority key identifier: 9E:56:98:0D:48:9E:9C:53:BC:82:9F:3E:8D:63:D3:83:F3:8D:0D:E3
Certificate issuer: /CN=9e56980d489e9c53bc829f3e8d63d383f38d0de3
Certificate serial: 019A4E18D5C4CB876CF424B17614A34B8525
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
Manifest number: 1669
Signing time: Tue 04 Nov 2025 09:00:41 +0000
Manifest this update: Tue 04 Nov 2025 09:00:41 +0000
Manifest next update: Wed 05 Nov 2025 09:00:41 +0000
Files and hashes: 1: 5LKnYfYeN0M1IwSjOCfaAZydc0E.roa (hash: R6rY8mHoFXXwwf30CLdp4brLxdq1SUoGP6TPbyDWGN8=)
2: nlaYDUienFO8gp8-jWPTg_ONDeM.crl (hash: DzswQyhGQMv+EHbqm6AToPyGzheSJIehGxFC1Mv1hO4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:d5:c4:cb:87:6c:f4:24:b1:76:14:a3:4b:85:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e56980d489e9c53bc829f3e8d63d383f38d0de3
Validity
Not Before: Nov 4 09:00:41 2025 GMT
Not After : Nov 5 09:00:41 2025 GMT
Subject: CN=e071a93c02aeefcb4c90863f3b603725a00e83c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fb:d0:c4:fa:90:60:1c:7a:5d:a1:d8:8f:56:
91:9c:eb:32:7d:c9:74:de:22:24:a9:94:05:1f:9e:
96:e3:66:0f:9f:1a:26:b6:09:f6:f6:65:2b:5b:3f:
58:a2:07:2b:7d:4a:6b:60:6f:f1:15:49:c8:cc:61:
12:c0:51:b5:c5:47:f6:de:36:46:9f:04:73:08:d6:
9b:df:ee:40:b4:2d:70:1e:6b:fd:a4:26:dc:db:91:
87:bb:67:22:62:88:e8:73:6c:13:8b:1c:35:b0:89:
57:ef:39:f9:1e:4e:69:17:fc:c3:ab:1b:56:cd:24:
94:40:8b:2d:e0:dd:40:d4:1e:15:34:d2:0f:c0:1b:
d2:28:e6:e5:6f:21:31:9a:17:73:66:88:44:18:72:
6b:e7:0b:2c:8a:24:a0:e5:1f:89:8d:bd:d3:ef:7a:
c2:ce:6e:0e:6b:a4:16:37:d4:45:7f:d0:97:2a:44:
b9:29:bb:a6:5a:2f:ba:2e:0b:b2:e2:a0:4e:a2:26:
a6:43:51:ad:1f:a2:c4:3b:56:3e:5c:1e:b7:0b:a8:
d7:d5:10:6b:1b:38:ad:09:26:05:2d:cc:74:75:e4:
c1:5b:f8:6d:80:89:12:6d:ee:00:14:a7:40:98:e0:
df:1d:2a:dc:eb:ec:b3:f5:2b:75:3d:68:15:d1:3e:
25:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:71:A9:3C:02:AE:EF:CB:4C:90:86:3F:3B:60:37:25:A0:0E:83:C5
X509v3 Authority Key Identifier:
keyid:9E:56:98:0D:48:9E:9C:53:BC:82:9F:3E:8D:63:D3:83:F3:8D:0D:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:f2:ae:1f:7e:e3:1d:2b:4f:68:27:f6:9c:c7:15:0b:1c:fb:
70:18:db:44:96:67:c1:e6:b3:63:9a:37:ba:f8:ef:fe:05:64:
2d:43:ad:c1:29:ba:b9:bb:56:c9:59:bd:7a:eb:c3:a7:16:5e:
4a:44:f5:fe:f6:fa:41:38:10:b4:86:f2:0c:6d:b8:53:da:6a:
d2:4a:be:df:87:1c:69:1b:e7:f1:20:de:8a:c0:21:01:df:2d:
cd:05:54:bd:27:dc:63:c3:58:42:da:72:04:0b:36:83:e5:5d:
c8:20:85:ff:73:2a:0e:ca:ee:2f:9f:f6:63:17:59:7d:f5:4a:
53:fa:d9:9a:77:f0:6b:67:b0:31:61:61:eb:11:9a:f9:ce:c3:
a1:92:ac:81:d3:a4:7e:62:2c:2e:22:8a:a4:cc:a2:67:35:45:
48:81:cf:e4:b9:cc:e9:56:32:8e:5e:7c:bd:f6:c7:4f:db:43:
3a:88:b0:93:69:fc:48:3f:63:7b:d1:cd:a5:07:9d:29:72:05:
16:c4:67:94:6c:37:70:30:c4:af:4e:56:05:ae:db:e5:36:7b:
25:fd:5d:8b:71:27:1d:d1:25:75:50:5a:bb:59:e4:b3:9a:51:
5d:bc:01:4d:9e:91:d1:0b:6a:ab:e7:cd:fc:09:31:dc:bf:c6:
c2:e7:24:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGNXEy4ds9CSxdhSjS4UlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTY5ODBkNDg5ZTljNTNiYzgyOWYzZThkNjNkMzgzZjM4
ZDBkZTMwHhcNMjUxMTA0MDkwMDQxWhcNMjUxMTA1MDkwMDQxWjAzMTEwLwYDVQQD
EyhlMDcxYTkzYzAyYWVlZmNiNGM5MDg2M2YzYjYwMzcyNWEwMGU4M2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/vQxPqQYBx6XaHYj1aRnOsyfcl0
3iIkqZQFH56W42YPnxomtgn29mUrWz9YogcrfUprYG/xFUnIzGESwFG1xUf23jZG
nwRzCNab3+5AtC1wHmv9pCbc25GHu2ciYojoc2wTixw1sIlX7zn5Hk5pF/zDqxtW
zSSUQIst4N1A1B4VNNIPwBvSKOblbyExmhdzZohEGHJr5wssiiSg5R+Jjb3T73rC
zm4Oa6QWN9RFf9CXKkS5KbumWi+6Lguy4qBOoiamQ1GtH6LEO1Y+XB63C6jX1RBr
GzitCSYFLcx0deTBW/htgIkSbe4AFKdAmODfHSrc6+yz9St1PWgV0T4lVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOBxqTwCru/LTJCGPztgNyWgDoPFMB8GA1UdIwQY
MBaAFJ5WmA1InpxTvIKfPo1j04PzjQ3jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMzAzNjAtMDMyOS00Y2YxLWEzN2Yt
ZGI3NDk4ZGFkZTBjLzEvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hMzAzNjAtMDMyOS00Y2YxLWEzN2YtZGI3NDk4ZGFkZTBj
LzEvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIfKuH37j
HStPaCf2nMcVCxz7cBjbRJZnweazY5o3uvjv/gVkLUOtwSm6ubtWyVm9euvDpxZe
SkT1/vb6QTgQtIbyDG24U9pq0kq+34ccaRvn8SDeisAhAd8tzQVUvSfcY8NYQtpy
BAs2g+VdyCCF/3MqDsruL5/2YxdZffVKU/rZmnfwa2ewMWFh6xGa+c7DoZKsgdOk
fmIsLiKKpMyiZzVFSIHP5LnM6VYyjl58vfbHT9tDOoiwk2n8SD9je9HNpQedKXIF
FsRnlGw3cDDEr05WBa7b5TZ7Jf1di3EnHdEldVBau1nks5pRXbwBTZ6R0Qtqq+fN
/Akx3L/Gwuckpg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:47:15 2025 by rpki-client