Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
File: NDLzVG3kPONceHHFVLizDvY1wlE.mft (raw, json)
Hash identifier: IWaN3gRW0EVTg04bqRUj2EPI5HsPJZWhQFi7t6b211c=
Subject key identifier: E1:2D:EF:65:6D:F6:30:D1:85:4F:C4:B9:8E:22:ED:03:E3:05:8B:D2
Authority key identifier: 34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51
Certificate issuer: /CN=3432f3546de43ce35c7871c554b8b30ef635c251
Certificate serial: 0198744FEB7AC7C7881E1EBC1DC28207BF0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
Manifest number: 01BE
Signing time: Mon 04 Aug 2025 09:00:51 +0000
Manifest this update: Mon 04 Aug 2025 09:00:51 +0000
Manifest next update: Tue 05 Aug 2025 09:00:51 +0000
Files and hashes: 1: NDLzVG3kPONceHHFVLizDvY1wlE.crl (hash: Ed2Ba3Jsp6LIBroXmdn8xvzsbbK1+1J07NFaCP5SjE8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:4f:eb:7a:c7:c7:88:1e:1e:bc:1d:c2:82:07:bf:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3432f3546de43ce35c7871c554b8b30ef635c251
Validity
Not Before: Aug 4 09:00:51 2025 GMT
Not After : Aug 5 09:00:51 2025 GMT
Subject: CN=e12def656df630d1854fc4b98e22ed03e3058bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bf:4c:c3:fd:2a:26:05:8d:26:5e:10:1b:6e:
47:f3:66:23:8f:48:dd:af:9a:bb:de:72:24:55:0d:
52:da:1c:3a:b5:50:73:d1:d6:41:43:75:60:5e:d2:
48:2e:b8:eb:1a:68:65:bb:53:41:e1:86:b4:c0:74:
35:fa:2b:52:e2:31:d0:89:2a:b3:c7:be:9c:ce:d2:
b6:fd:5b:cd:92:dd:b6:05:95:fc:a2:86:5f:44:20:
2e:4a:5f:f2:c6:41:53:18:fc:43:83:2f:18:b0:fc:
5a:47:5b:55:40:f4:d7:42:22:fa:e9:0d:a8:6d:36:
45:56:22:52:9e:d1:7d:c1:0c:41:2b:2a:18:8f:01:
2b:dd:1b:7c:61:46:2f:6c:cc:ff:12:d8:e6:03:07:
06:fb:ab:1f:6f:a8:da:86:d7:e0:49:97:d9:96:33:
cb:89:75:f7:83:c1:ab:75:6e:d5:92:57:af:ef:bc:
54:44:b9:1f:d5:93:eb:ce:bc:ee:94:17:da:ea:ac:
93:aa:f7:bf:47:9c:f1:13:cf:e9:1f:ba:5b:22:0b:
54:2f:42:ad:63:29:8c:fa:cd:d0:55:f8:53:2c:2e:
90:2e:2e:3e:69:e4:f8:47:6e:fe:a1:f7:d8:0c:58:
2e:a5:98:98:dd:55:d3:06:d7:9a:2e:11:3f:24:6b:
f9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:2D:EF:65:6D:F6:30:D1:85:4F:C4:B9:8E:22:ED:03:E3:05:8B:D2
X509v3 Authority Key Identifier:
keyid:34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:c9:3a:ac:c0:ec:f7:c3:6e:dc:98:5a:5e:aa:35:7c:b7:17:
10:59:04:0e:46:a4:c6:e1:ec:27:bc:34:d3:8e:48:83:66:f5:
73:09:ef:fc:6d:5e:ae:7f:87:b9:1b:16:10:90:2c:6e:00:2b:
86:45:84:bc:62:73:4c:88:11:a8:c2:56:ac:8c:77:80:5e:19:
aa:5f:08:4c:d1:b6:04:d2:c5:eb:3a:d7:a9:32:cd:52:54:3d:
cf:2d:b5:ec:84:88:b5:f2:42:cb:fe:9f:90:29:28:68:48:30:
f0:65:12:2b:cf:1f:f3:c5:39:2b:a1:7d:2e:4e:41:3f:1a:76:
14:11:ea:99:ef:40:f6:ba:61:25:50:e0:53:32:13:d5:99:fc:
4d:6e:34:40:b1:ef:0f:e1:87:7e:f0:43:b3:13:93:c4:69:60:
73:bb:2e:1d:91:b6:df:1a:f7:c4:a9:60:87:70:8e:01:71:24:
cc:9f:a8:f8:0e:99:16:1f:61:4d:f2:da:e7:29:20:1a:14:03:
49:4d:16:ea:76:db:45:36:d6:30:2a:52:40:80:46:50:56:bf:
fa:b0:c1:41:19:c6:ec:c5:06:b7:b6:8b:57:ce:f8:4c:d1:b2:
c2:98:3d:d2:be:31:c5:ce:0d:2a:4a:18:2c:ab:f7:f1:c4:fd:
7e:75:a9:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0T+t6x8eIHh68HcKCB78OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzJmMzU0NmRlNDNjZTM1Yzc4NzFjNTU0YjhiMzBlZjYz
NWMyNTEwHhcNMjUwODA0MDkwMDUxWhcNMjUwODA1MDkwMDUxWjAzMTEwLwYDVQQD
EyhlMTJkZWY2NTZkZjYzMGQxODU0ZmM0Yjk4ZTIyZWQwM2UzMDU4YmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL9Mw/0qJgWNJl4QG25H82Yjj0jd
r5q73nIkVQ1S2hw6tVBz0dZBQ3VgXtJILrjrGmhlu1NB4Ya0wHQ1+itS4jHQiSqz
x76cztK2/VvNkt22BZX8ooZfRCAuSl/yxkFTGPxDgy8YsPxaR1tVQPTXQiL66Q2o
bTZFViJSntF9wQxBKyoYjwEr3Rt8YUYvbMz/EtjmAwcG+6sfb6jahtfgSZfZljPL
iXX3g8GrdW7Vklev77xURLkf1ZPrzrzulBfa6qyTqve/R5zxE8/pH7pbIgtUL0Kt
YymM+s3QVfhTLC6QLi4+aeT4R27+offYDFgupZiY3VXTBteaLhE/JGv5IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOEt72Vt9jDRhU/EuY4i7QPjBYvSMB8GA1UdIwQY
MBaAFDQy81Rt5DzjXHhxxVS4sw72NcJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjct
NjYzOGMzZWI0MDI3LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjctNjYzOGMzZWI0MDI3
LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACsk6rMDs
98Nu3JhaXqo1fLcXEFkEDkakxuHsJ7w0045Ig2b1cwnv/G1ern+HuRsWEJAsbgAr
hkWEvGJzTIgRqMJWrIx3gF4Zql8ITNG2BNLF6zrXqTLNUlQ9zy217ISItfJCy/6f
kCkoaEgw8GUSK88f88U5K6F9Lk5BPxp2FBHqme9A9rphJVDgUzIT1Zn8TW40QLHv
D+GHfvBDsxOTxGlgc7suHZG23xr3xKlgh3COAXEkzJ+o+A6ZFh9hTfLa5ykgGhQD
SU0W6nbbRTbWMCpSQIBGUFa/+rDBQRnG7MUGt7aLV874TNGywpg90r4xxc4NKkoY
LKv38cT9fnWprQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:22:17 2025 by rpki-client