Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
File: NQtAztNuMfkF4abo4DxiHp-_yyk.mft (raw, json)
Hash identifier: cw22kqjrlJlVu+3tltW/6ygyGVWIwuQV7I989iuMF9E=
Subject key identifier: 90:E5:8F:F9:D2:76:A1:2D:4B:9C:31:52:1B:27:A0:33:FA:9B:DD:A6
Authority key identifier: 35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
Certificate issuer: /CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Certificate serial: 019A52D21C754978C6B1FD465D521963D75B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
Manifest number: 144C
Signing time: Wed 05 Nov 2025 07:01:32 +0000
Manifest this update: Wed 05 Nov 2025 07:01:32 +0000
Manifest next update: Thu 06 Nov 2025 07:01:32 +0000
Files and hashes: 1: NQtAztNuMfkF4abo4DxiHp-_yyk.crl (hash: bYKQmMBAdyjuHlaluCa6DNsOttqopmfctbRKhlMiRVo=)
2: u7-gL9wSp2bGW7DIF24NVuhmOKc.roa (hash: tP75Wdne3vqUbGN0hrtXpkGNXdZlPHZwjnI3xiXFlak=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 07:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d2:1c:75:49:78:c6:b1:fd:46:5d:52:19:63:d7:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Validity
Not Before: Nov 5 07:01:32 2025 GMT
Not After : Nov 6 07:01:32 2025 GMT
Subject: CN=90e58ff9d276a12d4b9c31521b27a033fa9bdda6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b8:7b:11:90:a7:4a:56:4c:5f:12:d9:0c:1e:
3f:cd:a6:a0:c0:ab:01:6f:2a:92:02:86:f3:44:41:
6a:e1:70:7a:62:c0:46:14:88:9b:81:f0:7a:1e:db:
47:ae:da:af:05:ec:61:29:f0:97:79:6a:f6:f6:a4:
d9:6c:09:17:01:58:5a:4c:7a:5c:ef:d6:8a:88:b4:
00:a0:2d:6b:1e:56:da:e7:7b:92:88:77:16:cd:86:
a1:f9:f6:f8:bf:01:9a:b6:c1:ae:74:00:31:f5:6d:
da:59:ae:ae:d0:e2:65:b5:40:eb:a5:c0:72:19:45:
19:6a:76:ee:d2:9e:aa:03:23:73:04:c5:1d:0f:40:
01:80:14:0d:6e:f4:c9:5c:54:61:6f:82:8b:54:9c:
91:20:75:7c:d1:72:d9:90:8c:63:d6:73:b2:ac:33:
7f:8d:ee:d0:25:ad:4b:a5:ef:53:95:25:16:4d:27:
4a:6b:ce:89:df:1c:37:67:30:00:ec:8e:e8:dc:1e:
29:cd:02:fc:d1:1b:52:41:e7:3e:3a:2f:01:8e:8f:
8a:01:e2:ee:82:3f:b2:9b:65:1d:6a:52:d0:e0:ca:
46:29:00:92:f0:12:ce:56:4c:1d:8c:3e:a1:96:09:
f3:7d:32:b7:a9:10:e2:65:06:77:1b:bf:3e:73:dd:
57:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:E5:8F:F9:D2:76:A1:2D:4B:9C:31:52:1B:27:A0:33:FA:9B:DD:A6
X509v3 Authority Key Identifier:
keyid:35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:13:39:f7:20:de:d4:c8:24:84:42:ba:1e:92:b2:02:3e:1a:
2c:b2:5c:6c:9f:84:0f:c5:8e:ac:99:83:af:b5:16:f3:b8:c3:
28:c1:66:15:b6:d6:4d:9a:28:bc:bc:8e:0d:4f:11:7e:63:05:
b6:f1:7b:4d:09:2f:c8:92:53:93:01:44:fd:15:08:81:34:21:
17:0a:a1:47:85:d7:05:1e:96:b4:4e:dd:d9:57:2e:eb:1f:49:
d5:fb:63:f6:79:52:04:27:8b:f9:c6:6b:72:0e:be:40:37:15:
94:fa:a4:84:2d:9a:7c:3d:0b:c1:4f:6f:fd:c6:89:bf:56:66:
4d:fa:d1:82:54:86:c2:23:c8:a3:b0:e1:d4:94:23:c7:97:54:
07:82:21:03:6f:72:8e:64:41:7b:84:45:b3:0f:b2:f6:f3:a9:
9e:27:3c:8e:67:e6:51:d9:57:a5:69:59:ad:fe:5f:3a:fc:8a:
a7:ca:43:59:d2:19:49:01:4b:bb:07:74:83:19:96:bd:d7:05:
9a:b7:55:99:16:b4:bf:00:5b:38:b0:10:35:43:9d:e7:d4:b1:
80:ac:44:bc:0a:71:48:c9:9f:70:e3:d6:36:74:a4:e5:a1:fb:
58:e9:aa:01:26:41:55:34:69:ec:17:24:9c:84:88:1f:5b:6d:
1a:f4:54:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0hx1SXjGsf1GXVIZY9dbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGI0MGNlZDM2ZTMxZjkwNWUxYTZlOGUwM2M2MjFlOWZi
ZmNiMjkwHhcNMjUxMTA1MDcwMTMyWhcNMjUxMTA2MDcwMTMyWjAzMTEwLwYDVQQD
Eyg5MGU1OGZmOWQyNzZhMTJkNGI5YzMxNTIxYjI3YTAzM2ZhOWJkZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07h7EZCnSlZMXxLZDB4/zaagwKsB
byqSAobzREFq4XB6YsBGFIibgfB6HttHrtqvBexhKfCXeWr29qTZbAkXAVhaTHpc
79aKiLQAoC1rHlba53uSiHcWzYah+fb4vwGatsGudAAx9W3aWa6u0OJltUDrpcBy
GUUZanbu0p6qAyNzBMUdD0ABgBQNbvTJXFRhb4KLVJyRIHV80XLZkIxj1nOyrDN/
je7QJa1Lpe9TlSUWTSdKa86J3xw3ZzAA7I7o3B4pzQL80RtSQec+Oi8Bjo+KAeLu
gj+ym2UdalLQ4MpGKQCS8BLOVkwdjD6hlgnzfTK3qRDiZQZ3G78+c91XMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJDlj/nSdqEtS5wxUhsnoDP6m92mMB8GA1UdIwQY
MBaAFDULQM7TbjH5BeGm6OA8Yh6fv8spMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTkt
NzJmNmNhNzU3YTA4LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTktNzJmNmNhNzU3YTA4
LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALRM59yDe
1MgkhEK6HpKyAj4aLLJcbJ+ED8WOrJmDr7UW87jDKMFmFbbWTZoovLyODU8RfmMF
tvF7TQkvyJJTkwFE/RUIgTQhFwqhR4XXBR6WtE7d2Vcu6x9J1ftj9nlSBCeL+cZr
cg6+QDcVlPqkhC2afD0LwU9v/caJv1ZmTfrRglSGwiPIo7Dh1JQjx5dUB4IhA29y
jmRBe4RFsw+y9vOpnic8jmfmUdlXpWlZrf5fOvyKp8pDWdIZSQFLuwd0gxmWvdcF
mrdVmRa0vwBbOLAQNUOd59SxgKxEvApxSMmfcOPWNnSk5aH7WOmqASZBVTRp7Bck
nISIH1ttGvRUDQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:07:05 2025 by rpki-client