Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
File: nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json)
Hash identifier: XYVi0GA5DjoU5UJkKo4ZQtV9Ndh3ZzfEdqIFKgUBnQk=
Subject key identifier: BF:30:DC:45:58:F7:D5:F4:B3:D6:3A:EE:E1:A0:44:69:84:4C:BB:CD
Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
Certificate issuer: /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Certificate serial: 019A4EF427B25021E35437F2630F1CD0141F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
Manifest number: 0985
Signing time: Tue 04 Nov 2025 13:00:15 +0000
Manifest this update: Tue 04 Nov 2025 13:00:15 +0000
Manifest next update: Wed 05 Nov 2025 13:00:15 +0000
Files and hashes: 1: cb8dWgekdgTmGEn_puzoSrtajs0.roa (hash: klMt7aeT4NJnkoShXspgSHaq5Jk7n53EuU54bLRTaLc=)
2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: +HWhZhoiQW9DbT86cwDeTircy5jMYdSo43ZGWaE8oio=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:27:b2:50:21:e3:54:37:f2:63:0f:1c:d0:14:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Validity
Not Before: Nov 4 13:00:15 2025 GMT
Not After : Nov 5 13:00:15 2025 GMT
Subject: CN=bf30dc4558f7d5f4b3d63aeee1a04469844cbbcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:76:95:b6:b6:f0:5d:a2:73:61:73:9c:54:aa:
c7:06:89:7e:67:14:f5:54:fa:44:d0:57:be:7b:33:
a3:c2:47:9f:c8:7a:0f:8e:b1:95:a5:6d:26:a8:7a:
e3:9e:db:1a:2d:f1:7d:3d:cf:c6:f6:0b:9a:34:85:
dc:f2:48:61:18:77:24:c4:a3:b2:58:c0:80:4d:5e:
a4:cd:11:ae:d0:88:58:91:87:dc:38:36:59:4e:ad:
ba:c8:3d:b9:f2:63:83:80:c2:0f:c1:b9:81:8a:c1:
a3:1b:1c:a8:73:0e:23:60:00:3f:43:3e:ae:c8:a6:
46:e0:a9:ea:e7:45:a0:04:cb:e0:9b:bb:63:57:eb:
fa:50:3d:5d:6f:b8:e0:40:95:e6:35:41:28:d8:28:
2b:f2:8e:54:4c:fc:63:0a:69:0b:ef:0b:ea:a8:0d:
99:40:0a:94:e0:d2:97:13:ed:92:c3:77:27:8e:a6:
9f:4a:9e:c9:c2:30:97:27:f8:1c:33:23:97:8e:11:
42:34:88:38:fb:a8:80:78:38:71:8f:97:54:b5:bd:
b3:40:ef:ee:e4:c6:46:e9:9b:13:79:ee:c9:49:cc:
74:bd:f7:ae:ab:2d:b4:d6:cf:d8:c6:53:41:3b:19:
5c:9b:04:f7:b4:37:86:b9:93:6c:e4:ff:63:df:30:
9f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:30:DC:45:58:F7:D5:F4:B3:D6:3A:EE:E1:A0:44:69:84:4C:BB:CD
X509v3 Authority Key Identifier:
keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cf:41:46:b3:1b:55:01:53:10:62:24:95:ff:bc:7a:33:23:93:
e9:a3:08:25:42:e7:bc:d4:b9:c1:6c:d7:12:0c:87:43:9d:a0:
94:ed:89:ee:37:87:f8:dc:50:bb:c9:ac:bd:98:e0:13:8d:15:
e2:c8:58:76:6f:0a:9e:16:a0:4a:55:4c:2e:52:31:8b:9d:73:
92:16:3e:ba:dd:18:66:99:cd:ec:1e:03:39:dc:ae:a0:43:e3:
41:36:b5:da:aa:47:89:7f:11:1a:6b:0e:b5:cc:09:26:e7:7f:
50:af:68:3a:38:49:e3:a7:cd:80:69:7b:1d:ea:ec:34:f8:19:
4f:4c:6b:81:45:ce:68:a7:d2:37:91:8e:38:3e:b9:5b:25:79:
9f:5a:97:af:01:d1:39:4c:fb:09:f6:2d:7b:47:8d:e1:43:c3:
ad:de:dd:b2:3c:93:9c:10:55:a3:d8:48:42:78:e9:d0:71:18:
4e:43:a1:c5:53:19:7b:1b:0a:73:8a:be:3a:12:f5:3e:9b:8e:
6c:61:83:3a:31:37:11:64:fc:e6:63:7c:fc:f3:3f:84:69:26:
59:8c:3a:0c:29:ff:a2:23:2a:06:20:fa:fb:b5:f0:0d:c1:d7:
97:8a:de:cf:ab:ed:ca:25:6c:ca:b7:47:f9:5b:58:1b:6b:7a:
ea:36:67:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9CeyUCHjVDfyYw8c0BQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx
ZTkxYTAwHhcNMjUxMTA0MTMwMDE1WhcNMjUxMTA1MTMwMDE1WjAzMTEwLwYDVQQD
EyhiZjMwZGM0NTU4ZjdkNWY0YjNkNjNhZWVlMWEwNDQ2OTg0NGNiYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03aVtrbwXaJzYXOcVKrHBol+ZxT1
VPpE0Fe+ezOjwkefyHoPjrGVpW0mqHrjntsaLfF9Pc/G9guaNIXc8khhGHckxKOy
WMCATV6kzRGu0IhYkYfcODZZTq26yD258mODgMIPwbmBisGjGxyocw4jYAA/Qz6u
yKZG4Knq50WgBMvgm7tjV+v6UD1db7jgQJXmNUEo2Cgr8o5UTPxjCmkL7wvqqA2Z
QAqU4NKXE+2Sw3cnjqafSp7JwjCXJ/gcMyOXjhFCNIg4+6iAeDhxj5dUtb2zQO/u
5MZG6ZsTee7JScx0vfeuqy201s/YxlNBOxlcmwT3tDeGuZNs5P9j3zCfLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL8w3EVY99X0s9Y67uGgRGmETLvNMB8GA1UdIwQY
MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt
ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0
LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz0FGsxtV
AVMQYiSV/7x6MyOT6aMIJULnvNS5wWzXEgyHQ52glO2J7jeH+NxQu8msvZjgE40V
4shYdm8KnhagSlVMLlIxi51zkhY+ut0YZpnN7B4DOdyuoEPjQTa12qpHiX8RGmsO
tcwJJud/UK9oOjhJ46fNgGl7HersNPgZT0xrgUXOaKfSN5GOOD65WyV5n1qXrwHR
OUz7CfYte0eN4UPDrd7dsjyTnBBVo9hIQnjp0HEYTkOhxVMZexsKc4q+OhL1PpuO
bGGDOjE3EWT85mN8/PM/hGkmWYw6DCn/oiMqBiD6+7XwDcHXl4rez6vtyiVsyrdH
+VtYG2t66jZn+Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:35:14 2025 by rpki-client