Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft
File: nDKfMzH1ND8pDrSkHxbENjooLJA.mft (raw, json)
Hash identifier: oDr/dHzB3rIqcFYUqAVaWwzJ5TPslSODpa8yQesL6Ls=
Subject key identifier: 33:F6:C7:DC:32:19:29:D4:0D:C3:C3:65:E1:4F:8A:AF:69:3E:57:EC
Authority key identifier: 9C:32:9F:33:31:F5:34:3F:29:0E:B4:A4:1F:16:C4:36:3A:28:2C:90
Certificate issuer: /CN=9c329f3331f5343f290eb4a41f16c4363a282c90
Certificate serial: 019A533F190576200F69908EED300E51AD62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft
Manifest number: 1710
Signing time: Wed 05 Nov 2025 09:00:35 +0000
Manifest this update: Wed 05 Nov 2025 09:00:35 +0000
Manifest next update: Thu 06 Nov 2025 09:00:35 +0000
Files and hashes: 1: nDKfMzH1ND8pDrSkHxbENjooLJA.crl (hash: 79oz3OqLCwIsEkjz6qcPetgVGPRjzRtUiRkrrRiNHsA=)
2: xXqtZaQE8p1BJ-LrGDHK3ctGl88.roa (hash: 19HlQM5dbXIMn5dc2AbBJAmDmCjDbQENEnPoWF/ZUJA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:3f:19:05:76:20:0f:69:90:8e:ed:30:0e:51:ad:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c329f3331f5343f290eb4a41f16c4363a282c90
Validity
Not Before: Nov 5 09:00:35 2025 GMT
Not After : Nov 6 09:00:35 2025 GMT
Subject: CN=33f6c7dc321929d40dc3c365e14f8aaf693e57ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8c:09:62:19:d8:10:93:27:ac:10:51:c6:8a:
82:ee:ad:76:28:72:90:a1:1c:3e:ff:7a:af:8f:f4:
79:bf:98:fe:89:f0:71:cb:ec:43:4e:59:39:e4:59:
ce:b0:21:83:ff:dc:58:76:f1:4b:27:1e:6c:f4:30:
6a:ec:2d:c7:00:29:c1:f0:5f:1c:eb:99:2b:27:97:
04:26:8c:42:a6:d8:b1:ae:90:2f:d7:b1:dc:e2:b8:
a3:37:91:dd:f4:86:24:37:d0:69:ac:c7:26:a2:50:
e1:10:9b:f4:8c:c5:eb:a6:77:da:09:c2:a4:02:2e:
6d:d5:02:22:fc:00:3c:dc:1a:01:01:e4:c2:db:ba:
a2:f5:fd:c7:23:29:18:b8:eb:9b:54:8c:f0:35:71:
9c:17:34:1d:b9:6e:17:bd:d2:a1:42:0b:07:d2:b6:
a9:5d:14:85:e2:f5:40:94:83:e3:20:4e:6e:6d:0f:
cf:15:14:da:55:dd:22:72:3d:84:fc:83:c2:cb:7f:
f9:35:5a:ff:e6:fa:3f:d0:da:d1:7a:63:05:7a:f2:
03:09:9e:7d:ce:f4:bb:88:01:46:ad:e6:72:10:e4:
6d:28:fa:a2:c6:f5:6e:82:7f:85:32:d2:ea:7a:11:
47:fb:ee:90:e8:d3:7d:13:50:23:26:22:02:af:93:
c5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F6:C7:DC:32:19:29:D4:0D:C3:C3:65:E1:4F:8A:AF:69:3E:57:EC
X509v3 Authority Key Identifier:
keyid:9C:32:9F:33:31:F5:34:3F:29:0E:B4:A4:1F:16:C4:36:3A:28:2C:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:ae:ed:af:64:e2:68:89:5d:3b:59:43:ca:ba:3e:6b:7b:7a:
d5:a7:2d:75:3a:ea:2a:47:7a:c5:b2:27:0d:93:fc:21:5f:22:
f5:05:23:88:fa:67:5f:d2:52:7c:ad:56:7b:6b:ca:c1:90:73:
11:be:d2:c3:84:1b:9b:13:e4:3b:fb:d4:ee:6d:bf:8d:84:0d:
c5:cf:ca:90:ac:36:13:40:ab:cc:5b:c5:0c:6c:70:5d:00:a4:
91:78:82:bd:ab:05:86:10:6a:22:51:80:fa:fe:23:67:00:39:
ae:5d:0f:91:8e:82:fd:f1:c6:49:e8:e4:55:2f:0e:ed:4a:13:
53:04:3d:48:bb:e9:09:a8:e4:10:5e:65:39:ac:d1:44:c3:bf:
ce:ae:e7:75:cb:5e:30:4e:cb:e5:58:cd:de:f9:d9:3d:6b:67:
c6:c3:1c:2a:c7:68:65:9f:94:5e:ae:c0:06:31:d9:f4:4d:b7:
40:c5:9c:c3:16:67:d3:ae:40:7a:f7:24:8a:32:28:e8:99:58:
f8:2e:12:26:ef:09:1c:5a:bf:86:7a:60:6b:23:f6:09:91:9a:
e7:c0:e5:fb:5c:f7:8e:87:b6:8f:3a:22:a2:b7:ae:6a:50:68:
68:d4:61:37:4c:14:fa:10:03:57:6d:30:48:21:f8:66:9b:3d:
1e:b9:db:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTPxkFdiAPaZCO7TAOUa1iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMzI5ZjMzMzFmNTM0M2YyOTBlYjRhNDFmMTZjNDM2M2Ey
ODJjOTAwHhcNMjUxMTA1MDkwMDM1WhcNMjUxMTA2MDkwMDM1WjAzMTEwLwYDVQQD
EygzM2Y2YzdkYzMyMTkyOWQ0MGRjM2MzNjVlMTRmOGFhZjY5M2U1N2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYwJYhnYEJMnrBBRxoqC7q12KHKQ
oRw+/3qvj/R5v5j+ifBxy+xDTlk55FnOsCGD/9xYdvFLJx5s9DBq7C3HACnB8F8c
65krJ5cEJoxCptixrpAv17Hc4rijN5Hd9IYkN9BprMcmolDhEJv0jMXrpnfaCcKk
Ai5t1QIi/AA83BoBAeTC27qi9f3HIykYuOubVIzwNXGcFzQduW4XvdKhQgsH0rap
XRSF4vVAlIPjIE5ubQ/PFRTaVd0icj2E/IPCy3/5NVr/5vo/0NrRemMFevIDCZ59
zvS7iAFGreZyEORtKPqixvVugn+FMtLqehFH++6Q6NN9E1AjJiICr5PF+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDP2x9wyGSnUDcPDZeFPiq9pPlfsMB8GA1UdIwQY
MBaAFJwynzMx9TQ/KQ60pB8WxDY6KCyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82MjQyMjAtYzA3Ni00YTFkLWFlZmIt
YjdmNWQ0Mzk1Y2MwLzEvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82MjQyMjAtYzA3Ni00YTFkLWFlZmItYjdmNWQ0Mzk1Y2Mw
LzEvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ67tr2Ti
aIldO1lDyro+a3t61actdTrqKkd6xbInDZP8IV8i9QUjiPpnX9JSfK1We2vKwZBz
Eb7Sw4QbmxPkO/vU7m2/jYQNxc/KkKw2E0CrzFvFDGxwXQCkkXiCvasFhhBqIlGA
+v4jZwA5rl0PkY6C/fHGSejkVS8O7UoTUwQ9SLvpCajkEF5lOazRRMO/zq7ndcte
ME7L5VjN3vnZPWtnxsMcKsdoZZ+UXq7ABjHZ9E23QMWcwxZn065AevckijIo6JlY
+C4SJu8JHFq/hnpgayP2CZGa58Dl+1z3joe2jzoioreualBoaNRhN0wU+hADV20w
SCH4Zps9HrnbhQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:11:46 2025 by rpki-client