Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/NIVmBh42jK_xiBviusZzff08Hbo.mft
File: NIVmBh42jK_xiBviusZzff08Hbo.mft (raw, json)
Hash identifier: Gma9eOOdBw6o9koivXAOPFnh1kh5r/fF1Lkq0Z4KmoY=
Subject key identifier: 27:19:E6:49:7F:12:39:94:35:71:A9:3C:AE:AE:CC:B4:5A:1F:E3:D3
Authority key identifier: 34:85:66:06:1E:36:8C:AF:F1:88:1B:E2:BA:C6:73:7D:FD:3C:1D:BA
Certificate issuer: /CN=348566061e368caff1881be2bac6737dfd3c1dba
Certificate serial: 019A4E867A3525036218751F73DF31400CB1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NIVmBh42jK_xiBviusZzff08Hbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/NIVmBh42jK_xiBviusZzff08Hbo.mft
Manifest number: 170B
Signing time: Tue 04 Nov 2025 11:00:27 +0000
Manifest this update: Tue 04 Nov 2025 11:00:27 +0000
Manifest next update: Wed 05 Nov 2025 11:00:27 +0000
Files and hashes: 1: 0_2q2dp_nihFIcTaoAnETvnQKo4.roa (hash: bKtto0Xp3QOWNDaUxe4CkFxL1b1NtMArjGe69yHE/5w=)
2: NIVmBh42jK_xiBviusZzff08Hbo.crl (hash: LvbBaRKVmaHasv8evCejKxlTFrsoVFd1IAxZ1QPO3pI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/NIVmBh42jK_xiBviusZzff08Hbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/NIVmBh42jK_xiBviusZzff08Hbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NIVmBh42jK_xiBviusZzff08Hbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:7a:35:25:03:62:18:75:1f:73:df:31:40:0c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=348566061e368caff1881be2bac6737dfd3c1dba
Validity
Not Before: Nov 4 11:00:27 2025 GMT
Not After : Nov 5 11:00:27 2025 GMT
Subject: CN=2719e6497f1239943571a93caeaeccb45a1fe3d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:55:5c:fd:7b:e0:03:f3:94:ac:49:5c:0c:c7:
44:33:04:1c:88:e7:61:ad:65:3f:6f:1a:75:40:25:
db:ea:2d:55:48:0a:8d:6e:49:a0:0b:ec:7e:03:35:
a6:3b:90:d6:71:64:77:aa:08:b8:ce:05:20:72:9b:
80:0f:86:7f:9b:94:74:fb:ce:64:58:b5:50:c9:e7:
16:48:99:50:65:3f:b7:0f:94:44:60:e0:c3:a3:08:
7d:22:65:b6:cc:2f:13:e8:b0:aa:32:14:64:d7:e2:
bd:90:88:b7:d1:53:be:7d:4f:50:0f:d7:54:52:f8:
db:27:f5:3b:7f:4b:25:ac:1e:c1:ab:51:df:ee:70:
f2:ea:51:f2:0f:9d:de:cb:c7:95:fb:72:b4:c1:b2:
53:8d:6b:35:dd:0d:4e:55:49:bc:c9:ba:9a:60:d3:
d2:58:95:32:9c:fe:21:32:29:df:b3:73:5f:55:f3:
39:bd:a0:e8:04:17:26:8c:25:e6:b5:92:58:7b:5b:
a1:b4:47:e4:1f:ab:3b:e6:7b:bd:df:d8:a2:18:bf:
c6:6d:85:96:e7:19:84:67:e4:ad:69:96:50:a3:b5:
0c:0f:7a:28:6d:2c:b8:ab:82:cd:03:43:61:5e:5c:
c7:8b:3a:20:d5:4b:f1:58:b0:09:fd:5a:c0:18:74:
c0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:19:E6:49:7F:12:39:94:35:71:A9:3C:AE:AE:CC:B4:5A:1F:E3:D3
X509v3 Authority Key Identifier:
keyid:34:85:66:06:1E:36:8C:AF:F1:88:1B:E2:BA:C6:73:7D:FD:3C:1D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIVmBh42jK_xiBviusZzff08Hbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/NIVmBh42jK_xiBviusZzff08Hbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/NIVmBh42jK_xiBviusZzff08Hbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:2e:2e:fe:90:15:80:61:9d:27:48:5f:c7:80:e8:b4:96:9b:
57:6c:36:c9:bf:3b:7d:7a:f6:23:3a:5c:41:10:c7:64:c2:f2:
ce:55:4f:57:6b:03:02:17:ee:c6:0f:93:df:1c:de:78:e9:68:
8f:a9:3d:5d:c5:82:56:fb:ef:20:9a:e3:26:7a:df:fe:2e:c4:
4f:fa:93:2c:ea:41:72:96:e4:8f:2e:03:97:3a:18:24:1b:fa:
a8:13:82:25:ce:d9:8f:c0:15:a9:cf:61:58:c4:4b:4f:74:0d:
a2:29:28:55:41:e9:a6:b6:9d:95:a2:74:d1:65:37:f0:71:34:
95:f3:bd:93:25:f4:ca:0d:db:89:31:20:b6:d9:1f:84:b0:d8:
f1:40:a8:1c:37:53:71:1b:54:e2:84:99:c5:3d:78:07:b7:95:
a8:41:a4:13:12:f0:ae:62:10:19:41:4a:9a:93:88:97:a4:5c:
06:1f:39:db:23:a9:79:f9:1a:93:f3:c9:15:03:93:d2:ba:67:
22:0a:f0:5e:26:d6:36:dd:81:de:78:85:4b:12:b7:7e:a6:28:
91:0b:62:27:b3:42:0e:0f:39:2e:27:6e:bc:7a:85:5f:c9:a0:
48:de:62:75:a5:63:71:59:53:7b:34:c4:2f:5f:37:ab:f7:b2:
6f:08:a4:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhno1JQNiGHUfc98xQAyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ODU2NjA2MWUzNjhjYWZmMTg4MWJlMmJhYzY3MzdkZmQz
YzFkYmEwHhcNMjUxMTA0MTEwMDI3WhcNMjUxMTA1MTEwMDI3WjAzMTEwLwYDVQQD
EygyNzE5ZTY0OTdmMTIzOTk0MzU3MWE5M2NhZWFlY2NiNDVhMWZlM2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFVc/XvgA/OUrElcDMdEMwQciOdh
rWU/bxp1QCXb6i1VSAqNbkmgC+x+AzWmO5DWcWR3qgi4zgUgcpuAD4Z/m5R0+85k
WLVQyecWSJlQZT+3D5REYODDowh9ImW2zC8T6LCqMhRk1+K9kIi30VO+fU9QD9dU
UvjbJ/U7f0slrB7Bq1Hf7nDy6lHyD53ey8eV+3K0wbJTjWs13Q1OVUm8ybqaYNPS
WJUynP4hMinfs3NfVfM5vaDoBBcmjCXmtZJYe1uhtEfkH6s75nu939iiGL/GbYWW
5xmEZ+StaZZQo7UMD3oobSy4q4LNA0NhXlzHizog1UvxWLAJ/VrAGHTAewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCcZ5kl/EjmUNXGpPK6uzLRaH+PTMB8GA1UdIwQY
MBaAFDSFZgYeNoyv8Ygb4rrGc339PB26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTklWbUJoNDJqS194aUJ2aXVzWnpmZjA4SGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hZmZhYTEtMGU3Yi00MDFlLWE3YzUt
MDYyNzBlYTgyMTU0LzEvTklWbUJoNDJqS194aUJ2aXVzWnpmZjA4SGJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hZmZhYTEtMGU3Yi00MDFlLWE3YzUtMDYyNzBlYTgyMTU0
LzEvTklWbUJoNDJqS194aUJ2aXVzWnpmZjA4SGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqi4u/pAV
gGGdJ0hfx4DotJabV2w2yb87fXr2IzpcQRDHZMLyzlVPV2sDAhfuxg+T3xzeeOlo
j6k9XcWCVvvvIJrjJnrf/i7ET/qTLOpBcpbkjy4DlzoYJBv6qBOCJc7Zj8AVqc9h
WMRLT3QNoikoVUHppradlaJ00WU38HE0lfO9kyX0yg3biTEgttkfhLDY8UCoHDdT
cRtU4oSZxT14B7eVqEGkExLwrmIQGUFKmpOIl6RcBh852yOpefkak/PJFQOT0rpn
IgrwXibWNt2B3niFSxK3fqYokQtiJ7NCDg85LiduvHqFX8mgSN5idaVjcVlTezTE
L183q/eybwikPA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:21 2025 by rpki-client