Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.mft
File: NdKSnxZS-ViBLQmaIz8zrTRFu_s.mft (raw, json)
Hash identifier: N4uC4+RcMNMTrWdZ/rAdCamhzyVyDID9Voit53UfKYo=
Subject key identifier: 36:67:9B:85:81:00:03:43:EC:A4:3B:89:6B:97:4D:58:3C:B2:47:BE
Authority key identifier: 35:D2:92:9F:16:52:F9:58:81:2D:09:9A:23:3F:33:AD:34:45:BB:FB
Certificate issuer: /CN=35d2929f1652f958812d099a233f33ad3445bbfb
Certificate serial: 019A4D74143B8F11A1FE96067EAC1AB9E25E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdKSnxZS-ViBLQmaIz8zrTRFu_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.mft
Manifest number: 16CB
Signing time: Tue 04 Nov 2025 06:00:44 +0000
Manifest this update: Tue 04 Nov 2025 06:00:44 +0000
Manifest next update: Wed 05 Nov 2025 06:00:44 +0000
Files and hashes: 1: NdKSnxZS-ViBLQmaIz8zrTRFu_s.crl (hash: QKO+yPdZJKtWpKi1c0aKkdFvGvmlFzBy/Lg4R91lt5M=)
2: RvuQkZ_J-wvlyDc9DwQMRfdbRuc.roa (hash: ZwW8RhsC1c6THaCJDOUF+Lquzo4U71ipuOUtISL9Y48=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/NdKSnxZS-ViBLQmaIz8zrTRFu_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:74:14:3b:8f:11:a1:fe:96:06:7e:ac:1a:b9:e2:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35d2929f1652f958812d099a233f33ad3445bbfb
Validity
Not Before: Nov 4 06:00:44 2025 GMT
Not After : Nov 5 06:00:44 2025 GMT
Subject: CN=36679b8581000343eca43b896b974d583cb247be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:03:f3:45:96:d5:cd:5d:71:87:48:9b:c4:38:
0d:ec:e2:12:5b:8f:4f:d9:e2:69:d8:67:f3:2e:d8:
03:bb:c9:45:f7:2b:30:e6:3c:35:86:35:36:86:79:
dc:44:d4:42:95:c6:b4:55:dd:05:55:73:ba:63:ef:
7e:94:d4:34:6e:8e:b4:e1:ba:f4:9b:12:3c:60:dc:
71:2c:5c:10:7e:36:a9:9f:e7:5e:3b:db:6e:56:61:
5c:7b:da:8a:a9:d5:fb:90:bf:ad:ed:fd:5d:c8:93:
ca:89:65:46:df:5f:fb:33:cf:6d:57:89:f4:34:57:
af:1c:45:93:e9:1a:50:44:91:f8:d8:0f:16:9f:54:
47:4d:22:d3:54:fa:fb:c9:3c:34:1b:b5:6a:b3:12:
22:d1:eb:23:33:74:c7:9d:b4:7a:e7:01:0b:c1:53:
39:87:79:5e:55:03:5a:5f:5a:fb:fd:2a:ac:72:f1:
d7:81:ae:45:eb:b7:9b:73:b0:44:65:21:8d:47:77:
dd:bd:2e:26:9b:36:9d:a1:62:a7:8f:40:c0:d1:b9:
5e:d3:3d:36:f8:1d:a2:55:94:4a:9b:cc:01:b7:dd:
5b:d0:3b:41:19:ae:2c:a8:cf:cf:86:e3:29:b7:a0:
b2:56:0c:32:20:0b:90:e3:a8:d1:66:a1:7a:28:96:
f8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:67:9B:85:81:00:03:43:EC:A4:3B:89:6B:97:4D:58:3C:B2:47:BE
X509v3 Authority Key Identifier:
keyid:35:D2:92:9F:16:52:F9:58:81:2D:09:9A:23:3F:33:AD:34:45:BB:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdKSnxZS-ViBLQmaIz8zrTRFu_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:43:86:31:dc:07:63:d3:ff:22:a9:59:50:1d:4f:a0:56:47:
99:ff:90:f1:c0:32:d5:29:7d:88:83:a1:99:f4:44:97:c2:b0:
52:d0:cc:4b:a2:5f:12:c6:fb:3b:aa:75:ab:0c:ef:54:12:e0:
97:95:d9:c6:e2:73:bf:4a:b5:72:d3:a4:c4:82:c3:9c:9e:a2:
a3:dd:cb:f7:75:08:49:3d:c7:57:94:be:ea:ee:d6:b8:17:72:
c6:62:8b:31:ac:3f:b2:62:3c:16:a3:94:6f:69:58:f5:c8:9b:
0a:70:0c:3a:f5:34:bd:b6:20:37:b8:3a:91:09:07:47:eb:6d:
4d:37:ab:d3:e6:8a:c1:b2:4a:31:e7:be:e9:50:07:c8:a9:eb:
f2:47:08:d6:d6:ee:34:de:08:82:c3:f8:a7:b5:0e:b0:03:ec:
4c:63:0a:3f:16:83:5c:c4:25:38:f3:a7:31:3a:01:44:44:68:
86:35:01:29:3e:b1:ce:9f:03:62:c9:3f:9a:da:81:bd:69:70:
30:c7:88:62:0d:e1:91:bb:17:a1:78:06:c3:5a:79:0d:82:6c:
98:82:3f:7b:63:e9:60:49:8d:7d:9b:a9:9c:47:55:7e:fc:6c:
cd:86:f4:8f:9b:4c:c1:ee:57:f9:26:3e:1f:4c:f8:23:89:b7:
fe:44:72:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdBQ7jxGh/pYGfqwaueJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZDI5MjlmMTY1MmY5NTg4MTJkMDk5YTIzM2YzM2FkMzQ0
NWJiZmIwHhcNMjUxMTA0MDYwMDQ0WhcNMjUxMTA1MDYwMDQ0WjAzMTEwLwYDVQQD
EygzNjY3OWI4NTgxMDAwMzQzZWNhNDNiODk2Yjk3NGQ1ODNjYjI0N2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgPzRZbVzV1xh0ibxDgN7OISW49P
2eJp2GfzLtgDu8lF9ysw5jw1hjU2hnncRNRClca0Vd0FVXO6Y+9+lNQ0bo604br0
mxI8YNxxLFwQfjapn+deO9tuVmFce9qKqdX7kL+t7f1dyJPKiWVG31/7M89tV4n0
NFevHEWT6RpQRJH42A8Wn1RHTSLTVPr7yTw0G7VqsxIi0esjM3THnbR65wELwVM5
h3leVQNaX1r7/SqscvHXga5F67ebc7BEZSGNR3fdvS4mmzadoWKnj0DA0ble0z02
+B2iVZRKm8wBt91b0DtBGa4sqM/PhuMpt6CyVgwyIAuQ46jRZqF6KJb46QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDZnm4WBAAND7KQ7iWuXTVg8ske+MB8GA1UdIwQY
MBaAFDXSkp8WUvlYgS0JmiM/M600Rbv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmRLU254WlMtVmlCTFFtYUl6OHpyVFJGdV9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jNDljYTAtOTUyZS00OTVhLThlYjEt
YjI4MGQ0YzYyNzQ1LzEvTmRLU254WlMtVmlCTFFtYUl6OHpyVFJGdV9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jNDljYTAtOTUyZS00OTVhLThlYjEtYjI4MGQ0YzYyNzQ1
LzEvTmRLU254WlMtVmlCTFFtYUl6OHpyVFJGdV9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf0OGMdwH
Y9P/IqlZUB1PoFZHmf+Q8cAy1Sl9iIOhmfREl8KwUtDMS6JfEsb7O6p1qwzvVBLg
l5XZxuJzv0q1ctOkxILDnJ6io93L93UIST3HV5S+6u7WuBdyxmKLMaw/smI8FqOU
b2lY9cibCnAMOvU0vbYgN7g6kQkHR+ttTTer0+aKwbJKMee+6VAHyKnr8kcI1tbu
NN4IgsP4p7UOsAPsTGMKPxaDXMQlOPOnMToBRERohjUBKT6xzp8DYsk/mtqBvWlw
MMeIYg3hkbsXoXgGw1p5DYJsmII/e2PpYEmNfZupnEdVfvxszYb0j5tMwe5X+SY+
H0z4I4m3/kRyxA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:52:57 2025 by rpki-client