Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
File: nSh1M866BkWhSM8QyMJ-qachoJ0.mft (raw, json)
Hash identifier: vCaSMizGheI5PfQYy2VbJwEMNV9oMl3gS1XLV/LQ84s=
Subject key identifier: D7:9F:AB:F9:64:2D:4E:32:B7:B1:8D:A1:6A:49:DF:6B:03:35:B8:C7
Authority key identifier: 9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
Certificate issuer: /CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Certificate serial: 019A4D7443E3B705B360A67CDB5221281E5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
Manifest number: 170B
Signing time: Tue 04 Nov 2025 06:00:56 +0000
Manifest this update: Tue 04 Nov 2025 06:00:56 +0000
Manifest next update: Wed 05 Nov 2025 06:00:56 +0000
Files and hashes: 1: MEQtA-51-LVqFHEVZDRMjfjnudY.roa (hash: mP68hXGlyjMnNhpMDZaBlI/pFMVdjYCWoJ7Gpxv9o84=)
2: Re1CMq4a8GRTlVAhciRLdjmNzME.roa (hash: e1LlxuTfucQ1ynw/jUhK7unO/vlcuYPu64TBZ3UmBVk=)
3: nSh1M866BkWhSM8QyMJ-qachoJ0.crl (hash: +ZVeM2N8klyOWgVgVAzPGiGQBVyJ31U54A1CNcPODh0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:74:43:e3:b7:05:b3:60:a6:7c:db:52:21:28:1e:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Validity
Not Before: Nov 4 06:00:56 2025 GMT
Not After : Nov 5 06:00:56 2025 GMT
Subject: CN=d79fabf9642d4e32b7b18da16a49df6b0335b8c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:de:27:98:10:d2:95:5f:6f:34:94:bc:ca:58:
d0:58:51:21:7b:bb:3d:67:4b:8a:81:33:bc:68:70:
3e:72:66:b9:05:7c:14:88:1a:f7:db:dc:16:9d:bb:
cd:5c:2e:b0:8e:6f:42:fe:29:8f:25:15:b2:d6:e3:
c4:90:2a:be:42:ef:ca:36:f5:d0:d6:05:23:b4:95:
f1:91:e9:95:0d:93:d5:c3:8c:4d:35:e5:1d:73:ad:
27:75:b7:72:a7:d0:50:ed:7f:26:e5:13:ff:96:03:
fa:13:25:8d:ca:ab:25:fd:29:47:f5:ad:bf:af:f6:
cc:19:ac:75:d3:e2:47:37:8c:10:32:f1:9f:f5:81:
6d:88:03:87:30:e5:c8:8c:72:23:9a:60:b9:a6:d1:
0a:ad:7e:1b:32:4d:68:b3:77:cb:96:42:00:83:d3:
1b:5d:8f:61:75:1b:68:d7:8c:5d:2a:0d:34:c4:d6:
8e:c7:ff:8c:e9:5e:19:1b:08:fa:58:61:5e:42:7e:
c5:6d:1b:01:09:b2:46:a0:18:58:cd:e0:03:5a:95:
f8:25:5a:18:7a:57:58:0f:e9:c5:f8:86:01:d8:65:
97:86:30:a6:c3:89:9e:46:05:61:59:78:ae:44:d2:
35:18:24:93:cf:60:62:b5:80:ea:15:45:58:3a:c5:
31:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9F:AB:F9:64:2D:4E:32:B7:B1:8D:A1:6A:49:DF:6B:03:35:B8:C7
X509v3 Authority Key Identifier:
keyid:9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:32:17:7d:47:ce:b5:e5:44:f4:63:78:8a:0a:0c:5d:ad:16:
c8:61:fa:4b:5b:9a:8f:77:69:9f:f1:3a:ea:aa:7b:31:c0:d1:
9f:25:bd:c6:23:08:e4:69:6b:5c:40:ba:c1:b9:c5:dd:56:4d:
ef:ef:2b:08:1e:31:df:92:95:0d:c1:0d:a7:c3:e3:2b:79:1a:
48:57:c3:53:bc:66:2f:3a:c5:63:8a:85:66:6b:88:25:5a:e6:
49:49:f3:d5:5b:e8:3a:f6:ce:33:af:64:73:ed:29:3f:46:07:
1e:0d:6b:b7:8b:7e:17:4d:d8:21:04:0e:7d:71:29:53:08:98:
af:1c:01:8f:b6:77:91:94:02:00:15:3c:ea:fe:43:51:85:5f:
ea:59:a1:23:b6:b5:63:00:ee:ec:e9:d0:c5:8f:37:7e:a4:76:
62:ad:c5:87:3c:e9:61:25:7f:36:7e:de:1e:25:45:a4:31:cb:
d7:69:95:03:be:e8:d5:0f:ee:66:0f:ba:48:9f:55:51:49:fd:
90:2d:c6:f3:db:25:bc:72:92:a4:93:9b:69:6c:19:7c:a8:7b:
03:30:94:a1:2a:5e:b5:12:21:2a:0d:7b:e3:15:7d:95:71:f5:
cc:44:44:63:e6:a8:60:92:4a:36:68:1e:aa:d8:99:e5:39:25:
0d:ac:f4:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdEPjtwWzYKZ821IhKB5dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjg3NTMzY2ViYTA2NDVhMTQ4Y2YxMGM4YzI3ZWE5YTcy
MWEwOWQwHhcNMjUxMTA0MDYwMDU2WhcNMjUxMTA1MDYwMDU2WjAzMTEwLwYDVQQD
EyhkNzlmYWJmOTY0MmQ0ZTMyYjdiMThkYTE2YTQ5ZGY2YjAzMzViOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxt4nmBDSlV9vNJS8yljQWFEhe7s9
Z0uKgTO8aHA+cma5BXwUiBr329wWnbvNXC6wjm9C/imPJRWy1uPEkCq+Qu/KNvXQ
1gUjtJXxkemVDZPVw4xNNeUdc60ndbdyp9BQ7X8m5RP/lgP6EyWNyqsl/SlH9a2/
r/bMGax10+JHN4wQMvGf9YFtiAOHMOXIjHIjmmC5ptEKrX4bMk1os3fLlkIAg9Mb
XY9hdRto14xdKg00xNaOx/+M6V4ZGwj6WGFeQn7FbRsBCbJGoBhYzeADWpX4JVoY
eldYD+nF+IYB2GWXhjCmw4meRgVhWXiuRNI1GCSTz2BitYDqFUVYOsUxoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNefq/lkLU4yt7GNoWpJ32sDNbjHMB8GA1UdIwQY
MBaAFJ0odTPOugZFoUjPEMjCfqmnIaCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEt
MDIxMmIzZWFlOTdjLzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEtMDIxMmIzZWFlOTdj
LzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACDIXfUfO
teVE9GN4igoMXa0WyGH6S1uaj3dpn/E66qp7McDRnyW9xiMI5GlrXEC6wbnF3VZN
7+8rCB4x35KVDcENp8PjK3kaSFfDU7xmLzrFY4qFZmuIJVrmSUnz1VvoOvbOM69k
c+0pP0YHHg1rt4t+F03YIQQOfXEpUwiYrxwBj7Z3kZQCABU86v5DUYVf6lmhI7a1
YwDu7OnQxY83fqR2Yq3FhzzpYSV/Nn7eHiVFpDHL12mVA77o1Q/uZg+6SJ9VUUn9
kC3G89slvHKSpJObaWwZfKh7AzCUoSpetRIhKg174xV9lXH1zEREY+aoYJJKNmge
qtiZ5TklDaz0/Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:09 2025 by rpki-client