Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
File: nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft (raw, json)
Hash identifier: py8QABRQLwiMVONULk1Na6HrHI3lTNQWo2+0eBuIdtQ=
Subject key identifier: 8E:32:23:AE:01:A9:47:66:10:F8:0F:1F:82:CB:66:3D:30:B9:CD:C5
Authority key identifier: 9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
Certificate issuer: /CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Certificate serial: 019A4F62141082E7C05EE4539D97E935A205
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
Manifest number: 170F
Signing time: Tue 04 Nov 2025 15:00:18 +0000
Manifest this update: Tue 04 Nov 2025 15:00:18 +0000
Manifest next update: Wed 05 Nov 2025 15:00:18 +0000
Files and hashes: 1: CPqSq0ytAxDio98lkjeb_dYwRZ4.roa (hash: DBQ2P8ThG/7CNm8RF8WiO7psAqOGJ9hYf3OIiBNBEtw=)
2: nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl (hash: 6CDK7F3L6cawhMoXfjuwBIm/eptV7XfAXqKtQyWDwic=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:62:14:10:82:e7:c0:5e:e4:53:9d:97:e9:35:a2:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Validity
Not Before: Nov 4 15:00:18 2025 GMT
Not After : Nov 5 15:00:18 2025 GMT
Subject: CN=8e3223ae01a9476610f80f1f82cb663d30b9cdc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8a:cc:73:29:b4:58:0f:83:77:5c:01:bb:6f:
c2:00:3f:ac:9f:88:f0:4e:88:41:70:09:65:23:17:
8b:19:3c:a2:77:4f:b7:14:4b:e7:3d:6c:94:04:ba:
4c:c9:06:fc:54:a8:43:1e:21:20:af:6d:f4:66:56:
c6:e6:68:bc:72:54:4b:22:e3:0d:3b:ae:b1:e1:17:
0f:ad:6c:40:70:53:2d:38:b5:c7:ab:6a:a3:e5:7a:
49:ff:32:77:04:9a:75:1a:b8:a7:4c:c8:bf:34:7b:
0f:23:97:71:aa:19:9a:20:ee:e7:3e:8a:90:95:eb:
74:4b:59:e7:50:43:59:4e:eb:f4:71:06:af:6d:c7:
3a:21:ab:ed:b9:17:15:ec:6c:18:89:2e:6e:d1:29:
ac:2e:80:c3:6a:21:b4:5d:e1:30:7e:9d:50:7d:7d:
7c:ca:8c:c4:90:c0:57:9f:fe:65:09:01:c7:7e:fc:
2b:bd:d2:04:3d:90:92:45:e3:4d:b4:05:27:b4:3f:
01:30:19:9f:a7:ef:35:04:48:7f:db:bc:35:f7:f7:
c1:f3:0e:55:ea:ed:b7:a9:ec:b6:6c:ea:b3:2d:3f:
01:6b:48:36:48:70:25:1c:61:38:2b:af:ce:5d:47:
e4:0c:6d:1c:c2:30:93:ab:98:86:6d:35:06:e1:82:
19:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:32:23:AE:01:A9:47:66:10:F8:0F:1F:82:CB:66:3D:30:B9:CD:C5
X509v3 Authority Key Identifier:
keyid:9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:c7:a8:f0:fd:4c:82:89:cc:5c:08:8d:6c:d2:ff:ac:02:6a:
8a:81:6c:dd:ce:8d:56:e4:8c:65:8c:8e:04:df:65:4e:7a:03:
b5:91:9f:63:06:28:1a:a9:14:01:80:91:8f:ef:1a:46:49:ee:
d6:12:8f:14:37:ef:8f:f0:07:aa:f3:f2:c3:1d:1d:6c:f9:d8:
1d:25:c7:c7:3f:70:32:0d:79:d1:9f:e7:47:c3:5e:5d:81:67:
e0:e9:ca:a5:9b:e5:60:1f:d1:9f:f6:b1:7a:e7:0b:50:57:ff:
5c:9f:9c:85:0a:79:9f:13:3e:22:66:d8:fd:84:9e:a0:a6:87:
bd:5c:7a:bc:68:57:ca:4b:80:a2:94:24:72:86:eb:14:e4:c9:
03:b8:01:db:0c:06:f4:35:d5:d3:d8:a3:eb:85:93:74:b3:86:
1e:02:8c:94:f5:7b:68:2b:95:1e:ac:de:d3:13:e6:92:35:5b:
c2:56:da:56:9f:0d:7e:96:9a:63:a6:9f:2c:20:23:ba:13:44:
0f:6f:75:e7:55:30:2f:cf:b0:10:0c:95:79:30:0e:02:85:5d:
e4:bb:33:e8:3b:e9:ef:84:81:fb:f9:05:b7:87:76:37:ff:9b:
bb:7c:34:db:85:3b:e3:76:a7:cc:12:5a:f4:a5:1e:4e:12:52:
e4:e8:56:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYhQQgufAXuRTnZfpNaIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjM5YzA4ZWFkOTRiYjA0ZmMzZTZiNGE2NWU2ZTFjN2Rj
ZjM4ZjQwHhcNMjUxMTA0MTUwMDE4WhcNMjUxMTA1MTUwMDE4WjAzMTEwLwYDVQQD
Eyg4ZTMyMjNhZTAxYTk0NzY2MTBmODBmMWY4MmNiNjYzZDMwYjljZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnorMcym0WA+Dd1wBu2/CAD+sn4jw
TohBcAllIxeLGTyid0+3FEvnPWyUBLpMyQb8VKhDHiEgr230ZlbG5mi8clRLIuMN
O66x4RcPrWxAcFMtOLXHq2qj5XpJ/zJ3BJp1GrinTMi/NHsPI5dxqhmaIO7nPoqQ
let0S1nnUENZTuv0cQavbcc6IavtuRcV7GwYiS5u0SmsLoDDaiG0XeEwfp1QfX18
yozEkMBXn/5lCQHHfvwrvdIEPZCSReNNtAUntD8BMBmfp+81BEh/27w19/fB8w5V
6u23qey2bOqzLT8Ba0g2SHAlHGE4K6/OXUfkDG0cwjCTq5iGbTUG4YIZXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI4yI64BqUdmEPgPH4LLZj0wuc3FMB8GA1UdIwQY
MBaAFJ0jnAjq2UuwT8PmtKZebhx9zzj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAt
ZGJiMjkzMWEwZjY0LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAtZGJiMjkzMWEwZjY0
LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATseo8P1M
gonMXAiNbNL/rAJqioFs3c6NVuSMZYyOBN9lTnoDtZGfYwYoGqkUAYCRj+8aRknu
1hKPFDfvj/AHqvPywx0dbPnYHSXHxz9wMg150Z/nR8NeXYFn4OnKpZvlYB/Rn/ax
eucLUFf/XJ+chQp5nxM+ImbY/YSeoKaHvVx6vGhXykuAopQkcobrFOTJA7gB2wwG
9DXV09ij64WTdLOGHgKMlPV7aCuVHqze0xPmkjVbwlbaVp8NfpaaY6afLCAjuhNE
D29151UwL8+wEAyVeTAOAoVd5Lsz6Dvp74SB+/kFt4d2N/+bu3w024U743anzBJa
9KUeThJS5OhWSA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:57:45 2025 by rpki-client