Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
File: NhIf0uc0bus8H451uTyE-VhB9EY.mft (raw, json)
Hash identifier: qXtGzgCqFUo7jnbSdmXXYxoaqig0ja/HwmBaR/QsmXQ=
Subject key identifier: 5A:0D:69:6F:FB:AF:91:DA:5B:EB:1B:40:82:51:E1:D6:D9:AB:FD:DC
Authority key identifier: 36:12:1F:D2:E7:34:6E:EB:3C:1F:8E:75:B9:3C:84:F9:58:41:F4:46
Certificate issuer: /CN=36121fd2e7346eeb3c1f8e75b93c84f95841f446
Certificate serial: 019A4E18A2F7F64C42537F1B833E2D87C329
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
Manifest number: 0423
Signing time: Tue 04 Nov 2025 09:00:28 +0000
Manifest this update: Tue 04 Nov 2025 09:00:28 +0000
Manifest next update: Wed 05 Nov 2025 09:00:28 +0000
Files and hashes: 1: NhIf0uc0bus8H451uTyE-VhB9EY.crl (hash: sSH7xAUSDchijT8tn5s00SucpwhqL80g3xsS6jxUwq4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:a2:f7:f6:4c:42:53:7f:1b:83:3e:2d:87:c3:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36121fd2e7346eeb3c1f8e75b93c84f95841f446
Validity
Not Before: Nov 4 09:00:28 2025 GMT
Not After : Nov 5 09:00:28 2025 GMT
Subject: CN=5a0d696ffbaf91da5beb1b408251e1d6d9abfddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:27:ce:c8:ae:c1:f3:86:f7:61:be:c2:c3:ea:
b0:01:e1:86:16:e7:64:e7:e2:96:72:b8:a1:d6:f4:
29:58:a3:dd:69:05:4a:d7:ca:a6:9f:e2:ec:05:1a:
e8:10:74:3e:6e:3b:93:4a:8c:92:7f:a0:da:b3:65:
ef:4f:15:0f:36:2a:2e:15:83:df:76:3c:a1:7a:33:
34:3e:07:6a:68:11:74:ae:13:c7:5b:b9:b7:be:a9:
15:44:1f:28:9b:b4:a5:f8:de:8b:5c:9a:18:b9:b0:
ec:7a:9a:70:67:10:c1:64:56:ee:62:54:2d:18:99:
94:2c:43:35:d4:c1:b5:69:ec:4b:7e:c9:c5:ce:b7:
53:9c:ea:7b:ee:86:3a:26:c4:b8:fc:d8:ad:f9:de:
8e:01:92:c5:c2:f3:f5:07:95:9c:6d:9d:49:e5:56:
d3:ff:71:00:6a:ec:e7:5a:a8:6a:6d:c7:0c:eb:ff:
d6:c9:d1:04:f4:a4:37:88:9a:7c:8f:35:a0:e8:cb:
03:2c:31:fb:2d:78:10:0d:d8:98:33:3e:1d:34:63:
26:73:4d:a8:b4:fb:fd:8a:0e:ab:39:4b:aa:e2:92:
2c:e5:93:19:a1:e7:25:8c:7d:44:c6:da:91:9a:dc:
35:1e:6d:46:e6:5b:92:4d:5b:c7:97:b0:d1:a2:80:
41:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:0D:69:6F:FB:AF:91:DA:5B:EB:1B:40:82:51:E1:D6:D9:AB:FD:DC
X509v3 Authority Key Identifier:
keyid:36:12:1F:D2:E7:34:6E:EB:3C:1F:8E:75:B9:3C:84:F9:58:41:F4:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:98:3e:e7:fd:2c:89:86:ed:b9:d0:3f:c7:7b:1f:08:c4:3f:
01:30:7e:73:68:0d:ae:18:9c:cc:18:62:57:97:cd:11:ba:6a:
c4:23:fc:15:e5:dc:1b:64:16:f9:4d:7a:d8:f1:ee:b7:f4:17:
ce:e0:68:01:19:14:d9:55:5d:6d:d3:ef:32:ac:a6:cf:40:8f:
40:79:a9:9b:f1:25:17:cd:29:f6:e2:de:d4:63:46:53:f1:46:
87:28:20:16:6c:25:aa:f3:14:2d:63:62:e5:53:85:c5:12:9b:
9c:74:47:8b:37:cc:bf:fe:9d:74:6d:2d:d3:14:06:4e:f3:ff:
69:38:9f:bd:d5:61:a4:58:2b:ce:3b:a8:71:a2:53:49:2a:bf:
71:c2:ef:7d:f4:d3:ae:8e:cd:3b:fd:60:eb:83:68:e2:8b:35:
bc:9d:d7:6d:98:94:78:d0:21:ef:b2:0e:cb:3a:c1:3e:2a:21:
09:8a:78:d4:c8:f6:d3:84:c5:22:c8:07:e4:98:89:73:31:07:
07:bf:45:cb:ad:a4:9e:30:df:b2:1c:75:cd:aa:93:c4:fc:35:
ff:27:c5:ed:2f:c6:f8:2c:55:6c:9b:fb:74:92:c9:39:f1:23:
1c:43:e7:7b:39:7f:56:12:7d:6b:45:b5:65:ac:41:43:d6:af:
c3:11:ba:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGKL39kxCU38bgz4th8MpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MTIxZmQyZTczNDZlZWIzYzFmOGU3NWI5M2M4NGY5NTg0
MWY0NDYwHhcNMjUxMTA0MDkwMDI4WhcNMjUxMTA1MDkwMDI4WjAzMTEwLwYDVQQD
Eyg1YTBkNjk2ZmZiYWY5MWRhNWJlYjFiNDA4MjUxZTFkNmQ5YWJmZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSfOyK7B84b3Yb7Cw+qwAeGGFudk
5+KWcrih1vQpWKPdaQVK18qmn+LsBRroEHQ+bjuTSoySf6Das2XvTxUPNiouFYPf
djyhejM0PgdqaBF0rhPHW7m3vqkVRB8om7Sl+N6LXJoYubDseppwZxDBZFbuYlQt
GJmULEM11MG1aexLfsnFzrdTnOp77oY6JsS4/Nit+d6OAZLFwvP1B5WcbZ1J5VbT
/3EAauznWqhqbccM6//WydEE9KQ3iJp8jzWg6MsDLDH7LXgQDdiYMz4dNGMmc02o
tPv9ig6rOUuq4pIs5ZMZoecljH1ExtqRmtw1Hm1G5luSTVvHl7DRooBBMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFoNaW/7r5HaW+sbQIJR4dbZq/3cMB8GA1UdIwQY
MBaAFDYSH9LnNG7rPB+Odbk8hPlYQfRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8yMWQ1NjAtY2IxNS00NmMzLWFmMzQt
YTg5ZTkzN2UyOWQxLzEvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8yMWQ1NjAtY2IxNS00NmMzLWFmMzQtYTg5ZTkzN2UyOWQx
LzEvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIZg+5/0s
iYbtudA/x3sfCMQ/ATB+c2gNrhiczBhiV5fNEbpqxCP8FeXcG2QW+U162PHut/QX
zuBoARkU2VVdbdPvMqymz0CPQHmpm/ElF80p9uLe1GNGU/FGhyggFmwlqvMULWNi
5VOFxRKbnHRHizfMv/6ddG0t0xQGTvP/aTifvdVhpFgrzjuocaJTSSq/ccLvffTT
ro7NO/1g64No4os1vJ3XbZiUeNAh77IOyzrBPiohCYp41Mj204TFIsgH5JiJczEH
B79Fy62knjDfshx1zaqTxPw1/yfF7S/G+CxVbJv7dJLJOfEjHEPnezl/VhJ9a0W1
ZaxBQ9avwxG6kQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:05:09 2025 by rpki-client