Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
File: NYx3zUAYPEEVsr8NznFuC8XQv9U.mft (raw, json)
Hash identifier: XMP16QTECTpP8zNMKlYf+20GOXHf4zWpUdf92/IDtGQ=
Subject key identifier: 2C:FB:43:71:5F:1D:37:06:86:06:AE:CD:9C:3E:62:E1:AD:62:41:4A
Authority key identifier: 35:8C:77:CD:40:18:3C:41:15:B2:BF:0D:CE:71:6E:0B:C5:D0:BF:D5
Certificate issuer: /CN=358c77cd40183c4115b2bf0dce716e0bc5d0bfd5
Certificate serial: 019A4E18D2B1C653D0D5184B97E17B4E5638
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
Manifest number: 0477
Signing time: Tue 04 Nov 2025 09:00:40 +0000
Manifest this update: Tue 04 Nov 2025 09:00:40 +0000
Manifest next update: Wed 05 Nov 2025 09:00:40 +0000
Files and hashes: 1: NYx3zUAYPEEVsr8NznFuC8XQv9U.crl (hash: ANMqO5e0WjUnx+bb8SNfUgIfyQELWmYdiU12E6MqI9Q=)
2: zdd_itkr61DwlSbiF7xORGma-Mg.roa (hash: s7+y8n33Kdf5OFXebrrUAhH6tASSitV8ofo7STn/T1o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:d2:b1:c6:53:d0:d5:18:4b:97:e1:7b:4e:56:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=358c77cd40183c4115b2bf0dce716e0bc5d0bfd5
Validity
Not Before: Nov 4 09:00:40 2025 GMT
Not After : Nov 5 09:00:40 2025 GMT
Subject: CN=2cfb43715f1d37068606aecd9c3e62e1ad62414a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:96:db:3d:94:44:b0:31:54:a4:65:58:99:5b:
91:b8:9b:83:62:03:cb:ea:67:52:d3:cc:4d:59:78:
4d:95:25:6f:74:a6:87:1c:9f:d8:f5:d4:a4:aa:b8:
c9:b1:a1:a8:0c:a6:25:a7:07:7d:01:f2:34:2f:1c:
ed:35:88:62:7a:d4:27:26:42:c7:b0:c8:16:2d:4a:
ff:eb:6e:59:3e:34:fc:2c:da:8f:34:71:2c:ce:fd:
f0:dd:3c:48:4e:49:c4:7a:52:32:3a:2c:9a:ad:f6:
fe:2b:a5:e4:57:39:fc:a0:80:08:86:15:86:7d:ba:
77:60:b3:91:f6:2e:99:46:d2:07:0a:40:75:8c:71:
cc:ed:d8:59:98:18:ba:74:2e:ca:13:2e:a8:55:77:
40:eb:a8:7b:75:4f:3d:b6:10:a5:8d:00:29:27:33:
fd:11:2a:b9:0d:e6:b2:5f:38:0f:5e:94:de:0d:ad:
b5:14:6c:6f:a6:10:c9:2c:40:54:08:f4:09:2f:26:
75:b5:28:4b:4b:e7:51:01:38:56:48:78:c2:26:9f:
3c:4e:f4:99:e7:7d:26:0f:98:1e:55:ed:e1:dc:3e:
a7:01:d9:3c:47:70:bc:bb:f1:8a:5d:43:cc:b3:39:
14:e9:fc:8e:55:06:9c:6f:16:b2:c7:27:c6:37:ce:
b4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:FB:43:71:5F:1D:37:06:86:06:AE:CD:9C:3E:62:E1:AD:62:41:4A
X509v3 Authority Key Identifier:
keyid:35:8C:77:CD:40:18:3C:41:15:B2:BF:0D:CE:71:6E:0B:C5:D0:BF:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:12:68:a7:63:40:69:f0:8c:81:d7:0e:40:ae:e6:6a:b8:98:
f1:cd:1e:40:56:f1:ee:0e:3d:51:a6:98:2c:2b:b2:59:0b:66:
52:00:d3:c6:9d:83:59:e4:9f:ac:5d:de:1a:90:54:a4:0b:93:
1c:01:1f:aa:06:35:77:68:aa:b3:b2:93:76:ee:a2:a6:54:c5:
30:a3:ad:c0:03:dd:33:82:80:52:fb:ab:93:c7:f6:59:a5:d3:
27:a0:2f:3c:9d:dc:ba:8e:5a:d9:86:51:dd:46:b6:36:ea:e6:
9f:c2:1e:48:69:db:d5:bf:16:ef:71:49:4a:a2:a1:64:7f:86:
3e:77:49:11:a5:19:59:63:e5:9e:56:92:50:9b:95:07:f7:44:
bf:24:c2:16:bb:78:fc:91:be:14:45:0c:70:d4:18:b0:4d:fa:
ca:29:a2:40:b4:90:88:b3:8b:4a:86:d1:1b:22:08:8f:62:f8:
02:62:f8:01:4b:c7:d9:35:24:d3:3b:1f:b9:d0:85:36:46:e0:
a4:4f:81:1c:15:b0:2f:07:cd:8c:6a:67:ac:f6:22:2e:35:26:
3e:92:48:78:02:15:3e:fa:d8:64:a2:77:8d:25:c0:bc:81:11:
22:9c:49:42:d9:7f:fc:21:5b:5f:ed:ad:eb:59:c4:5a:be:d1:
8e:ef:2b:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGNKxxlPQ1RhLl+F7TlY4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OGM3N2NkNDAxODNjNDExNWIyYmYwZGNlNzE2ZTBiYzVk
MGJmZDUwHhcNMjUxMTA0MDkwMDQwWhcNMjUxMTA1MDkwMDQwWjAzMTEwLwYDVQQD
EygyY2ZiNDM3MTVmMWQzNzA2ODYwNmFlY2Q5YzNlNjJlMWFkNjI0MTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05bbPZREsDFUpGVYmVuRuJuDYgPL
6mdS08xNWXhNlSVvdKaHHJ/Y9dSkqrjJsaGoDKYlpwd9AfI0LxztNYhietQnJkLH
sMgWLUr/625ZPjT8LNqPNHEszv3w3TxITknEelIyOiyarfb+K6XkVzn8oIAIhhWG
fbp3YLOR9i6ZRtIHCkB1jHHM7dhZmBi6dC7KEy6oVXdA66h7dU89thCljQApJzP9
ESq5DeayXzgPXpTeDa21FGxvphDJLEBUCPQJLyZ1tShLS+dRAThWSHjCJp88TvSZ
530mD5geVe3h3D6nAdk8R3C8u/GKXUPMszkU6fyOVQacbxayxyfGN860NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCz7Q3FfHTcGhgauzZw+YuGtYkFKMB8GA1UdIwQY
MBaAFDWMd81AGDxBFbK/Dc5xbgvF0L/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTJiNDEtN2RjNi00NWE0LWFhMDgt
MzE1MWExNzk0Yjk3LzEvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTJiNDEtN2RjNi00NWE0LWFhMDgtMzE1MWExNzk0Yjk3
LzEvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmBJop2NA
afCMgdcOQK7mariY8c0eQFbx7g49UaaYLCuyWQtmUgDTxp2DWeSfrF3eGpBUpAuT
HAEfqgY1d2iqs7KTdu6iplTFMKOtwAPdM4KAUvurk8f2WaXTJ6AvPJ3cuo5a2YZR
3Ua2Nurmn8IeSGnb1b8W73FJSqKhZH+GPndJEaUZWWPlnlaSUJuVB/dEvyTCFrt4
/JG+FEUMcNQYsE36yimiQLSQiLOLSobRGyIIj2L4AmL4AUvH2TUk0zsfudCFNkbg
pE+BHBWwLwfNjGpnrPYiLjUmPpJIeAIVPvrYZKJ3jSXAvIERIpxJQtl//CFbX+2t
61nEWr7Rju8rxg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:23 2025 by rpki-client