Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
File: Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json)
Hash identifier: UfvH2zcO7G3KVvu7y0TsWgisDzjh02+p/KyA65DqV9g=
Subject key identifier: F2:11:D2:A0:5F:80:A2:99:3A:87:37:8A:B4:F0:33:BD:80:A8:AE:F4
Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
Certificate issuer: /CN=362af487954c9b96a6e75c258d0437a38449ba90
Certificate serial: 01989524D95F2C3F459AA33EAD6E6D895FFE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
Manifest number: 14D4
Signing time: Sun 10 Aug 2025 18:01:16 +0000
Manifest this update: Sun 10 Aug 2025 18:01:16 +0000
Manifest next update: Mon 11 Aug 2025 18:01:16 +0000
Files and hashes: 1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: do7rKwmTZmZR4EFNnY1Ar/tXGtfALWnTrzdUITZhcj4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 18:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:95:24:d9:5f:2c:3f:45:9a:a3:3e:ad:6e:6d:89:5f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90
Validity
Not Before: Aug 10 18:01:16 2025 GMT
Not After : Aug 11 18:01:16 2025 GMT
Subject: CN=f211d2a05f80a2993a87378ab4f033bd80a8aef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c0:89:74:b0:8d:93:87:11:b3:c5:1e:36:39:
c3:7e:a3:81:d6:2b:3b:86:33:f8:a2:f7:cb:7e:e5:
7c:81:a2:c1:b0:bf:59:91:95:60:b3:70:7c:1f:78:
42:94:36:79:a8:bc:ba:c9:70:e9:fe:0d:39:f3:fc:
69:5d:92:38:c4:2d:91:cd:14:af:5e:f6:37:f2:3c:
b5:fa:f6:31:6e:01:fa:0a:e8:05:be:b7:4f:f3:30:
46:4f:9e:f5:38:2f:00:d5:83:d5:8b:32:b7:2d:43:
52:fb:e7:b2:88:25:be:64:f9:6f:ac:5c:2a:54:59:
ed:5e:8d:af:ef:b5:15:c7:12:e6:01:6a:70:4d:b7:
63:19:19:04:35:86:eb:ff:fd:94:78:bd:9b:44:4c:
37:89:61:d3:f5:36:ca:84:7d:91:84:80:4f:66:73:
d0:7b:92:9c:ac:ef:68:bc:fe:f2:69:7f:87:24:eb:
51:a5:1b:f9:47:ca:6b:6a:05:e9:7e:ab:d2:75:6e:
5d:16:1b:2a:a1:6b:75:37:64:bb:13:c4:c6:10:5c:
77:04:48:45:fc:c6:4c:46:a3:6d:07:0f:02:c2:47:
df:f7:30:c2:d6:3e:25:3e:ac:d7:ab:ec:e4:a3:71:
81:e6:cd:41:a4:5d:39:f2:7c:84:bf:7f:f0:16:9c:
49:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:11:D2:A0:5F:80:A2:99:3A:87:37:8A:B4:F0:33:BD:80:A8:AE:F4
X509v3 Authority Key Identifier:
keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:61:87:0c:19:c7:a4:15:c8:bb:3c:60:1d:dc:5e:63:d2:85:
ed:0e:ad:c0:2b:3a:11:10:fd:a8:11:45:e8:26:d7:69:a7:d0:
04:d2:51:25:2c:f8:48:66:b9:da:66:ca:81:3f:fa:df:53:dd:
ae:54:67:73:88:a6:47:93:d4:d1:2e:24:5b:7f:09:ea:9b:eb:
35:75:68:f9:4f:ae:58:9f:5b:82:20:44:bf:3a:4a:7e:04:e3:
06:26:2a:8f:f4:ce:bb:84:1c:ad:03:f6:4f:f7:e1:26:34:34:
41:7f:98:d0:76:8c:79:07:1f:b7:e7:fe:7e:c3:bb:a8:c5:9d:
d6:64:76:de:2e:b2:a9:3a:99:ef:11:68:eb:24:20:d8:3e:4f:
5a:24:fd:f4:43:5f:34:75:9c:16:1f:ea:af:7c:d3:85:ff:96:
8c:12:c2:01:f8:91:41:94:20:c3:9e:57:a0:ec:4d:dd:80:22:
84:fa:f7:fd:1e:12:88:c7:cc:4d:89:4a:50:98:26:a2:1f:9c:
4d:35:45:d8:46:3f:ac:25:d8:c6:cb:a6:e2:af:e6:14:02:f9:
2c:2c:e4:24:e6:31:38:8e:f2:d1:8a:f2:1a:f2:15:99:79:7d:
60:77:4c:d5:4d:c3:fb:f9:1a:5a:ee:a4:1f:2f:89:2f:9f:be:
90:47:6c:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiVJNlfLD9FmqM+rW5tiV/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0
OWJhOTAwHhcNMjUwODEwMTgwMTE2WhcNMjUwODExMTgwMTE2WjAzMTEwLwYDVQQD
EyhmMjExZDJhMDVmODBhMjk5M2E4NzM3OGFiNGYwMzNiZDgwYThhZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMCJdLCNk4cRs8UeNjnDfqOB1is7
hjP4ovfLfuV8gaLBsL9ZkZVgs3B8H3hClDZ5qLy6yXDp/g058/xpXZI4xC2RzRSv
XvY38jy1+vYxbgH6CugFvrdP8zBGT571OC8A1YPVizK3LUNS++eyiCW+ZPlvrFwq
VFntXo2v77UVxxLmAWpwTbdjGRkENYbr//2UeL2bREw3iWHT9TbKhH2RhIBPZnPQ
e5KcrO9ovP7yaX+HJOtRpRv5R8pragXpfqvSdW5dFhsqoWt1N2S7E8TGEFx3BEhF
/MZMRqNtBw8Cwkff9zDC1j4lPqzXq+zko3GB5s1BpF058nyEv3/wFpxJswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIR0qBfgKKZOoc3irTwM72AqK70MB8GA1UdIwQY
MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt
NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2
LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATmGHDBnH
pBXIuzxgHdxeY9KF7Q6twCs6ERD9qBFF6CbXaafQBNJRJSz4SGa52mbKgT/631Pd
rlRnc4imR5PU0S4kW38J6pvrNXVo+U+uWJ9bgiBEvzpKfgTjBiYqj/TOu4QcrQP2
T/fhJjQ0QX+Y0HaMeQcft+f+fsO7qMWd1mR23i6yqTqZ7xFo6yQg2D5PWiT99ENf
NHWcFh/qr3zThf+WjBLCAfiRQZQgw55XoOxN3YAihPr3/R4SiMfMTYlKUJgmoh+c
TTVF2EY/rCXYxsum4q/mFAL5LCzkJOYxOI7y0YryGvIVmXl9YHdM1U3D+/kaWu6k
Hy+JL5++kEdsWQ==
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:09:05 2025 by rpki-client