Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
File: nSh1M866BkWhSM8QyMJ-qachoJ0.mft (raw, json)
Hash identifier: FanM3YLv9jo3+RDrtFmPkItshCRanHVPx3cEqlYjCrQ=
Subject key identifier: FF:02:2F:B5:FB:3F:ED:F9:01:76:62:DA:5F:F8:E7:F2:62:53:2B:0E
Authority key identifier: 9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
Certificate issuer: /CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Certificate serial: 01987C09C525DA26A5896DE87D386D6C1528
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
Manifest number: 161A
Signing time: Tue 05 Aug 2025 21:01:11 +0000
Manifest this update: Tue 05 Aug 2025 21:01:11 +0000
Manifest next update: Wed 06 Aug 2025 21:01:11 +0000
Files and hashes: 1: MEQtA-51-LVqFHEVZDRMjfjnudY.roa (hash: mP68hXGlyjMnNhpMDZaBlI/pFMVdjYCWoJ7Gpxv9o84=)
2: Re1CMq4a8GRTlVAhciRLdjmNzME.roa (hash: e1LlxuTfucQ1ynw/jUhK7unO/vlcuYPu64TBZ3UmBVk=)
3: nSh1M866BkWhSM8QyMJ-qachoJ0.crl (hash: YCNVqtf5XYLVDqjHEkxokjEvg8vlVy/AlQpdC/yD93M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 21:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7c:09:c5:25:da:26:a5:89:6d:e8:7d:38:6d:6c:15:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Validity
Not Before: Aug 5 21:01:11 2025 GMT
Not After : Aug 6 21:01:11 2025 GMT
Subject: CN=ff022fb5fb3fedf9017662da5ff8e7f262532b0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a5:13:9a:50:ec:5e:bb:77:54:98:61:61:6d:
9e:a3:4d:7e:84:63:03:c2:55:42:89:26:60:bc:6d:
47:1a:39:e7:5b:81:cf:2b:bd:de:33:3e:b6:b5:bf:
39:0b:f5:54:9c:0f:85:c2:1e:fc:bb:21:6e:b1:35:
f3:82:cf:af:ed:a3:b0:59:d2:bf:af:11:a1:5e:61:
49:6c:de:a4:75:a1:29:6d:3f:99:e3:a1:76:14:b4:
6d:4e:8a:64:c0:af:40:c0:15:22:8e:27:d7:8d:af:
8f:75:02:64:96:96:65:c2:90:56:a2:3b:d3:79:11:
61:1f:d8:b4:9a:50:b0:3d:42:fc:56:5b:9d:27:f9:
2f:ad:1a:cb:5b:01:fd:f9:ba:87:ed:a4:21:f4:aa:
ce:96:14:f9:7c:03:c0:dd:20:ef:d7:0a:a1:a0:0f:
e6:61:af:fc:24:78:1a:fd:4b:d5:94:eb:c5:5e:13:
12:50:ee:94:07:3e:0d:9c:4a:2b:98:70:96:78:16:
ec:ab:10:c7:43:3b:4e:66:db:64:55:b7:13:51:37:
75:ce:04:58:4d:39:2d:dd:d9:ce:73:6a:17:7f:3f:
6a:e4:71:44:bf:95:8a:cc:da:bf:15:de:b0:84:61:
ec:16:34:1c:7c:af:1f:02:89:bd:f3:66:6b:99:a9:
b7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:02:2F:B5:FB:3F:ED:F9:01:76:62:DA:5F:F8:E7:F2:62:53:2B:0E
X509v3 Authority Key Identifier:
keyid:9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:1d:15:fe:fd:4b:f3:45:95:6f:79:0f:a6:ab:17:a0:15:23:
bd:c2:e7:53:46:55:7b:54:4a:56:50:d6:78:c3:5c:0a:48:38:
91:77:0f:2b:6c:6c:2c:3d:15:60:1c:81:40:82:14:10:94:1d:
38:fa:46:0c:95:11:56:b5:5e:e6:b6:f4:a0:db:94:7e:ca:93:
14:7d:e5:18:ea:5e:5b:1b:4c:bd:38:07:e3:fe:29:b2:74:27:
ce:61:55:4b:b8:7d:90:ce:d3:97:d9:4a:bd:c4:14:73:fe:6e:
9d:e8:88:bd:38:c7:3e:10:9b:c4:6f:d7:c0:19:55:10:3b:fb:
69:cc:d9:8a:97:e1:aa:d6:10:7b:aa:09:40:98:81:04:f1:36:
4c:1d:22:55:2d:96:a9:ea:2e:19:72:69:ef:6d:99:d2:71:57:
22:1a:7c:34:b8:6d:1f:52:22:cb:5d:0f:a1:a9:27:e3:9d:1f:
e7:7a:e0:aa:0e:ed:63:0a:88:88:93:27:60:59:79:be:47:c3:
ce:fd:56:39:51:aa:50:50:04:2f:6c:f4:4a:af:be:b4:b2:d3:
dd:9a:b6:ce:44:25:cd:0b:08:23:5f:d6:96:24:6b:ce:ad:fc:
61:b3:a8:f4:72:36:3b:d1:42:fe:9a:57:0b:79:c0:6a:0a:75:
bf:db:dc:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh8CcUl2ialiW3ofThtbBUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjg3NTMzY2ViYTA2NDVhMTQ4Y2YxMGM4YzI3ZWE5YTcy
MWEwOWQwHhcNMjUwODA1MjEwMTExWhcNMjUwODA2MjEwMTExWjAzMTEwLwYDVQQD
EyhmZjAyMmZiNWZiM2ZlZGY5MDE3NjYyZGE1ZmY4ZTdmMjYyNTMyYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaUTmlDsXrt3VJhhYW2eo01+hGMD
wlVCiSZgvG1HGjnnW4HPK73eMz62tb85C/VUnA+Fwh78uyFusTXzgs+v7aOwWdK/
rxGhXmFJbN6kdaEpbT+Z46F2FLRtTopkwK9AwBUijifXja+PdQJklpZlwpBWojvT
eRFhH9i0mlCwPUL8VludJ/kvrRrLWwH9+bqH7aQh9KrOlhT5fAPA3SDv1wqhoA/m
Ya/8JHga/UvVlOvFXhMSUO6UBz4NnEormHCWeBbsqxDHQztOZttkVbcTUTd1zgRY
TTkt3dnOc2oXfz9q5HFEv5WKzNq/Fd6whGHsFjQcfK8fAom982Zrmam3mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8CL7X7P+35AXZi2l/45/JiUysOMB8GA1UdIwQY
MBaAFJ0odTPOugZFoUjPEMjCfqmnIaCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEt
MDIxMmIzZWFlOTdjLzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEtMDIxMmIzZWFlOTdj
LzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJB0V/v1L
80WVb3kPpqsXoBUjvcLnU0ZVe1RKVlDWeMNcCkg4kXcPK2xsLD0VYByBQIIUEJQd
OPpGDJURVrVe5rb0oNuUfsqTFH3lGOpeWxtMvTgH4/4psnQnzmFVS7h9kM7Tl9lK
vcQUc/5uneiIvTjHPhCbxG/XwBlVEDv7aczZipfhqtYQe6oJQJiBBPE2TB0iVS2W
qeouGXJp722Z0nFXIhp8NLhtH1Iiy10Poakn450f53rgqg7tYwqIiJMnYFl5vkfD
zv1WOVGqUFAEL2z0Sq++tLLT3Zq2zkQlzQsII1/WliRrzq38YbOo9HI2O9FC/ppX
C3nAagp1v9vcEA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 04:06:41 2025 by rpki-client