Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft
File: nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft (raw, json)
Hash identifier: AqR6AXYK3rBhcVMeM5JhgMD/GfPjn9UTvSvzEV67Es4=
Subject key identifier: B6:6E:E9:7B:B7:85:77:9B:71:D5:1C:5F:B1:8B:78:A5:26:C9:CC:49
Authority key identifier: 9D:0E:2B:9E:69:F5:62:DF:14:CF:77:2B:DE:05:F7:DA:CD:E2:59:61
Certificate issuer: /CN=9d0e2b9e69f562df14cf772bde05f7dacde25961
Certificate serial: 019A4E4FF399E390F9AC4051F588B83E62E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft
Manifest number: 0DDF
Signing time: Tue 04 Nov 2025 10:00:53 +0000
Manifest this update: Tue 04 Nov 2025 10:00:53 +0000
Manifest next update: Wed 05 Nov 2025 10:00:53 +0000
Files and hashes: 1: aRmXLbWgvqCrB_ieixDwg5bWHH4.roa (hash: NkuU0nUuwUULqqtGwJsRiK14f6VjdQm0HvAAtBo3GJQ=)
2: nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.crl (hash: 0OrwoHP0O54wehPiMb5XSmZNHujEI5vkijP7/hNQEqs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:f3:99:e3:90:f9:ac:40:51:f5:88:b8:3e:62:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d0e2b9e69f562df14cf772bde05f7dacde25961
Validity
Not Before: Nov 4 10:00:53 2025 GMT
Not After : Nov 5 10:00:53 2025 GMT
Subject: CN=b66ee97bb785779b71d51c5fb18b78a526c9cc49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dc:8d:fc:9d:2b:77:f9:99:e5:fb:d3:a9:6a:
cf:12:bb:da:44:ff:dc:a5:e9:36:8b:7a:cb:f1:82:
57:5d:11:1d:94:c2:d7:48:7c:22:b9:47:9b:f2:cf:
56:78:33:91:9a:bf:3a:fa:c9:cc:43:02:c6:01:8b:
4c:c7:53:d6:0e:0d:19:75:c6:98:79:38:7f:81:8f:
04:44:be:45:50:ef:5a:62:17:36:78:e6:e1:cd:7b:
b5:82:4d:31:54:08:80:db:5d:7d:2e:e1:d0:58:f5:
59:d9:0a:45:f9:ed:90:2c:24:3e:73:0f:af:e0:a7:
5a:cc:13:f9:a0:29:9a:87:bf:4c:d4:6c:92:b5:a5:
ba:ee:1d:a7:a2:7a:21:c8:4d:e8:9c:ee:64:2f:e0:
0a:b8:3b:77:ca:48:6a:9d:88:82:9f:fa:ca:2c:c3:
e6:bf:3d:8e:78:41:bf:2f:8a:a4:db:60:52:24:ed:
37:41:e9:0e:96:62:11:19:3c:23:51:98:ba:80:c6:
ed:7d:6b:6d:33:73:57:25:e4:5c:c8:b2:e7:bf:c8:
b9:8f:70:4c:44:05:31:94:8b:ea:5f:38:68:e1:ca:
85:5b:eb:02:06:55:09:70:2f:ef:73:81:ae:9d:2c:
6f:4d:fa:5b:5b:c6:24:c4:76:b3:bc:f5:5b:dd:4f:
4b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6E:E9:7B:B7:85:77:9B:71:D5:1C:5F:B1:8B:78:A5:26:C9:CC:49
X509v3 Authority Key Identifier:
keyid:9D:0E:2B:9E:69:F5:62:DF:14:CF:77:2B:DE:05:F7:DA:CD:E2:59:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:e0:3d:03:0f:2f:38:40:dc:2e:49:23:7f:87:13:b3:03:19:
14:65:e8:b6:a8:66:be:63:79:c0:3a:a0:80:12:1c:2a:1b:79:
16:9e:bf:7a:18:64:8a:5e:8b:23:99:23:80:d8:26:2b:75:51:
76:3c:87:7c:62:20:98:da:fd:af:3a:a2:7d:02:02:35:d7:d6:
a3:4d:13:b2:6f:76:b9:8d:90:ae:95:be:9f:83:bf:5e:c3:70:
af:1f:01:e1:73:37:64:1b:b7:e7:3a:b8:0b:69:e0:bf:d3:48:
4c:e8:44:a9:33:02:ac:ac:77:f0:65:1d:6c:32:18:d4:27:33:
61:77:db:86:43:4a:72:b6:71:58:d0:3d:e7:cc:60:8b:fb:c9:
f0:d4:0f:df:99:62:6b:d0:cf:fa:99:21:ef:e6:1e:66:86:70:
6c:39:13:32:b3:27:ab:69:b9:1f:5a:4b:cd:bb:36:0a:d6:8e:
e0:aa:ee:31:43:e4:48:9c:2f:be:db:3e:ee:f9:65:95:d0:7b:
e5:a6:7a:39:2f:b3:61:80:04:bd:e0:ba:9c:17:eb:58:36:00:
43:da:91:55:64:48:87:f7:2b:f7:9a:7f:3f:59:f0:5c:cf:9d:
6c:80:d3:4b:97:7c:2e:6c:96:16:0d:dd:e0:21:d1:c2:9e:00:
8c:ab:b1:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT/OZ45D5rEBR9Yi4PmLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMGUyYjllNjlmNTYyZGYxNGNmNzcyYmRlMDVmN2RhY2Rl
MjU5NjEwHhcNMjUxMTA0MTAwMDUzWhcNMjUxMTA1MTAwMDUzWjAzMTEwLwYDVQQD
EyhiNjZlZTk3YmI3ODU3NzliNzFkNTFjNWZiMThiNzhhNTI2YzljYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9yN/J0rd/mZ5fvTqWrPErvaRP/c
pek2i3rL8YJXXREdlMLXSHwiuUeb8s9WeDORmr86+snMQwLGAYtMx1PWDg0ZdcaY
eTh/gY8ERL5FUO9aYhc2eObhzXu1gk0xVAiA2119LuHQWPVZ2QpF+e2QLCQ+cw+v
4KdazBP5oCmah79M1GyStaW67h2nonohyE3onO5kL+AKuDt3ykhqnYiCn/rKLMPm
vz2OeEG/L4qk22BSJO03QekOlmIRGTwjUZi6gMbtfWttM3NXJeRcyLLnv8i5j3BM
RAUxlIvqXzho4cqFW+sCBlUJcC/vc4GunSxvTfpbW8YkxHazvPVb3U9LzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZu6Xu3hXebcdUcX7GLeKUmycxJMB8GA1UdIwQY
MBaAFJ0OK55p9WLfFM93K94F99rN4llhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblE0cm5tbjFZdDhVejNjcjNnWDMyczNpV1dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8yNWJlMmYtOTJlYi00Y2RlLWEyNDct
ZDhkYzM0MDM2Y2U3LzEvblE0cm5tbjFZdDhVejNjcjNnWDMyczNpV1dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8yNWJlMmYtOTJlYi00Y2RlLWEyNDctZDhkYzM0MDM2Y2U3
LzEvblE0cm5tbjFZdDhVejNjcjNnWDMyczNpV1dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUuA9Aw8v
OEDcLkkjf4cTswMZFGXotqhmvmN5wDqggBIcKht5Fp6/ehhkil6LI5kjgNgmK3VR
djyHfGIgmNr9rzqifQICNdfWo00Tsm92uY2QrpW+n4O/XsNwrx8B4XM3ZBu35zq4
C2ngv9NITOhEqTMCrKx38GUdbDIY1CczYXfbhkNKcrZxWNA958xgi/vJ8NQP35li
a9DP+pkh7+YeZoZwbDkTMrMnq2m5H1pLzbs2CtaO4KruMUPkSJwvvts+7vllldB7
5aZ6OS+zYYAEveC6nBfrWDYAQ9qRVWRIh/cr95p/P1nwXM+dbIDTS5d8LmyWFg3d
4CHRwp4AjKux0w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:01:04 2025 by rpki-client