Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft
File: NiQhSOPmNqkDQ_PpUES439udHNk.mft (raw, json)
Hash identifier: skRlBP/SQ7tkfNu8LqeeIgD4rvfwh+KsWmmyqZNAeRk=
Subject key identifier: 34:DB:14:2E:7E:84:C3:F5:11:27:91:81:41:07:FC:C9:E0:E5:8E:81
Authority key identifier: 36:24:21:48:E3:E6:36:A9:03:43:F3:E9:50:44:B8:DF:DB:9D:1C:D9
Certificate issuer: /CN=36242148e3e636a90343f3e95044b8dfdb9d1cd9
Certificate serial: 019A53ACE434A6D379BDD16303F04B433999
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft
Manifest number: 026A
Signing time: Wed 05 Nov 2025 11:00:30 +0000
Manifest this update: Wed 05 Nov 2025 11:00:30 +0000
Manifest next update: Thu 06 Nov 2025 11:00:30 +0000
Files and hashes: 1: NiQhSOPmNqkDQ_PpUES439udHNk.crl (hash: mCGwlYSYDPWEGjXcsTWLpszFI7oKTP4f/XGuaUsXOE4=)
2: zIR-Nz3H2D4s_KM8Bm98PoR8Mws.roa (hash: vxeo0iUuDX5Ze9Stf4uTh6KeWV+Vu5qvbWwTZuqVEFY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 11:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:ac:e4:34:a6:d3:79:bd:d1:63:03:f0:4b:43:39:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36242148e3e636a90343f3e95044b8dfdb9d1cd9
Validity
Not Before: Nov 5 11:00:30 2025 GMT
Not After : Nov 6 11:00:30 2025 GMT
Subject: CN=34db142e7e84c3f5112791814107fcc9e0e58e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:17:99:21:fe:0a:16:b3:24:c9:bb:13:07:a0:
77:9a:f7:8f:c8:77:39:4a:04:60:da:af:95:84:c2:
f5:01:4d:3c:d4:40:f3:0c:6f:31:72:aa:17:49:6e:
56:7a:ed:73:90:60:ee:a7:0d:60:94:88:1a:7d:78:
71:20:1a:22:3e:a5:11:3c:6f:ba:13:9d:c0:f0:25:
70:40:ee:d5:89:e6:27:9c:5b:97:03:75:d7:4e:cb:
f4:c4:e1:dd:d0:d2:16:aa:0b:d2:9a:62:5e:69:4a:
b3:09:8e:4e:12:2b:4b:6d:dd:5b:2b:68:6f:52:58:
41:b3:ac:90:30:e1:90:49:14:dc:6e:33:24:b2:7a:
42:65:1d:49:24:a5:42:e6:64:e4:e7:3d:35:d6:52:
27:e4:ff:99:9f:58:76:17:6f:b9:1a:07:63:01:33:
cf:ed:92:6c:b6:42:19:05:b0:8d:c2:d6:8e:fb:46:
f5:de:5b:44:dd:8f:29:7f:31:f7:00:30:6c:80:bb:
34:88:62:d2:47:5e:f2:3b:e2:ad:e8:d4:69:1e:c2:
ae:2f:1c:f3:57:08:a3:b0:a1:cd:1e:a1:b3:a2:34:
ee:7c:b8:91:14:27:07:45:74:c5:73:ef:ea:8a:c4:
4a:de:2a:c3:f2:8a:ee:b0:84:b5:22:71:f0:c3:cb:
f0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:DB:14:2E:7E:84:C3:F5:11:27:91:81:41:07:FC:C9:E0:E5:8E:81
X509v3 Authority Key Identifier:
keyid:36:24:21:48:E3:E6:36:A9:03:43:F3:E9:50:44:B8:DF:DB:9D:1C:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b9:67:94:a3:87:f2:1a:c8:c1:af:f6:b4:62:ee:f2:71:c2:94:
06:92:76:4b:2a:14:7b:a9:18:0d:88:24:ef:55:74:6d:2b:ba:
63:d7:5a:e5:a2:21:6a:41:2f:5c:aa:f4:84:5a:3a:41:2f:9d:
5d:62:59:51:7d:94:75:92:10:ce:da:f9:2f:a3:31:c5:bc:68:
4d:1e:7b:ae:bc:71:a1:bf:33:ce:d9:a0:ee:62:2d:14:eb:42:
95:7a:6d:d4:1c:46:39:2c:2b:62:ee:48:b3:67:ab:0f:84:87:
51:ca:09:9f:62:ec:77:98:8c:4a:93:40:e5:7f:ed:ff:5f:8a:
eb:94:41:66:ed:78:71:e8:fa:f4:e6:64:aa:06:f1:c0:a7:55:
d1:cc:4b:a0:c8:70:1a:be:1b:ce:fe:11:a1:eb:08:4f:03:0f:
b5:49:03:ba:0d:5a:a1:cc:db:22:9d:f8:a6:75:35:fb:45:d2:
04:d5:ad:af:73:29:be:f1:af:de:a1:6a:7d:8b:15:6f:15:72:
20:f9:75:b7:9f:21:39:cc:03:3c:82:7d:05:68:72:74:c3:24:
b5:0c:2b:1f:37:65:b2:85:58:07:1f:27:c9:e4:68:b4:49:a2:
11:56:98:d4:cd:08:1f:43:84:49:d1:10:e8:22:98:50:50:f1:
30:7f:01:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTrOQ0ptN5vdFjA/BLQzmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjQyMTQ4ZTNlNjM2YTkwMzQzZjNlOTUwNDRiOGRmZGI5
ZDFjZDkwHhcNMjUxMTA1MTEwMDMwWhcNMjUxMTA2MTEwMDMwWjAzMTEwLwYDVQQD
EygzNGRiMTQyZTdlODRjM2Y1MTEyNzkxODE0MTA3ZmNjOWUwZTU4ZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuReZIf4KFrMkybsTB6B3mvePyHc5
SgRg2q+VhML1AU081EDzDG8xcqoXSW5Weu1zkGDupw1glIgafXhxIBoiPqURPG+6
E53A8CVwQO7VieYnnFuXA3XXTsv0xOHd0NIWqgvSmmJeaUqzCY5OEitLbd1bK2hv
UlhBs6yQMOGQSRTcbjMksnpCZR1JJKVC5mTk5z011lIn5P+Zn1h2F2+5GgdjATPP
7ZJstkIZBbCNwtaO+0b13ltE3Y8pfzH3ADBsgLs0iGLSR17yO+Kt6NRpHsKuLxzz
VwijsKHNHqGzojTufLiRFCcHRXTFc+/qisRK3irD8orusIS1InHww8vwXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDTbFC5+hMP1ESeRgUEH/Mng5Y6BMB8GA1UdIwQY
MBaAFDYkIUjj5japA0Pz6VBEuN/bnRzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zYzNkYTAtZDNmOC00YWEyLTgzMzQt
MjZkNzU5MzY1NDAyLzEvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zYzNkYTAtZDNmOC00YWEyLTgzMzQtMjZkNzU5MzY1NDAy
LzEvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuWeUo4fy
GsjBr/a0Yu7yccKUBpJ2SyoUe6kYDYgk71V0bSu6Y9da5aIhakEvXKr0hFo6QS+d
XWJZUX2UdZIQztr5L6MxxbxoTR57rrxxob8zztmg7mItFOtClXpt1BxGOSwrYu5I
s2erD4SHUcoJn2Lsd5iMSpNA5X/t/1+K65RBZu14cej69OZkqgbxwKdV0cxLoMhw
Gr4bzv4RoesITwMPtUkDug1aoczbIp34pnU1+0XSBNWtr3MpvvGv3qFqfYsVbxVy
IPl1t58hOcwDPIJ9BWhydMMktQwrHzdlsoVYBx8nyeRotEmiEVaY1M0IH0OESdEQ
6CKYUFDxMH8BSg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:57:01 2025 by rpki-client