Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
File: nTHCM8vSZtsCYgud65DQjkFpLmc.mft (raw, json)
Hash identifier: EvdGLIFAomURjlUDrtdOPf7nZGygxLrQHUqE/Nonux8=
Subject key identifier: D7:31:5A:26:F0:53:B1:3B:D1:48:39:A5:10:82:51:11:D8:16:A1:2D
Authority key identifier: 9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
Certificate issuer: /CN=9d31c233cbd266db02620b9deb90d08e41692e67
Certificate serial: 019A4EF574C6FAA382476C210AB3D28ED3B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
Manifest number: 0DED
Signing time: Tue 04 Nov 2025 13:01:40 +0000
Manifest this update: Tue 04 Nov 2025 13:01:40 +0000
Manifest next update: Wed 05 Nov 2025 13:01:40 +0000
Files and hashes: 1: _rMAcV1Zh6HxKo_vwEpVhjFVwy8.roa (hash: r1imevw1h8qWVS0OoTwBJnDWSm49xN9+9T+LLaWUqWk=)
2: nTHCM8vSZtsCYgud65DQjkFpLmc.crl (hash: trgYctYcP6QDNrgQTgaBlwE/i6qe+xlFvAw/4cgkW5Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:74:c6:fa:a3:82:47:6c:21:0a:b3:d2:8e:d3:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d31c233cbd266db02620b9deb90d08e41692e67
Validity
Not Before: Nov 4 13:01:40 2025 GMT
Not After : Nov 5 13:01:40 2025 GMT
Subject: CN=d7315a26f053b13bd14839a510825111d816a12d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:d3:c3:eb:97:16:b9:89:c4:e8:d8:c7:f2:f1:
64:42:db:1d:d8:ee:ab:b9:60:07:6c:59:9f:15:70:
a5:2d:85:c8:6b:4a:7a:31:06:e7:81:2c:89:a5:2b:
b9:e4:d0:a7:b9:ad:52:1a:99:63:84:2a:c2:b3:61:
4c:f7:fd:4b:6e:0a:a0:ed:3c:93:2e:13:c3:0a:f7:
98:70:7a:08:7e:0f:e6:1e:a9:ec:b9:50:3f:94:4f:
c1:09:10:58:26:a7:e0:02:84:7f:29:ab:96:22:54:
e1:a1:75:2c:14:6d:03:2b:c7:50:66:82:f6:5d:0f:
53:42:51:57:d0:bf:e1:8f:d5:e0:b2:e8:73:0f:a9:
3b:cd:52:73:d6:37:f0:68:4c:57:f9:56:58:5c:b5:
d4:3b:b0:83:4e:92:d0:ef:24:a5:ce:8e:66:58:58:
06:b8:ea:6f:2d:0a:fa:b8:80:28:51:7b:59:e9:be:
b5:66:b4:30:c0:e0:31:59:69:13:a1:8b:ff:43:e2:
2a:c5:29:6b:38:7b:6e:02:34:4e:a6:e9:01:b9:0b:
a7:c1:50:79:ab:6d:a5:b5:c4:9e:da:8c:88:af:51:
d2:08:fe:8e:e9:4e:55:37:0c:6d:78:59:72:63:8a:
e2:6e:dc:45:b2:5b:26:a8:79:51:b6:04:9b:ac:3d:
e8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:31:5A:26:F0:53:B1:3B:D1:48:39:A5:10:82:51:11:D8:16:A1:2D
X509v3 Authority Key Identifier:
keyid:9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:1d:91:31:50:03:5a:cc:f1:5f:c2:bc:49:05:39:32:e0:5e:
76:ec:46:3e:92:a2:d9:c3:50:de:66:b8:a4:c8:12:ab:3e:68:
c2:84:88:a3:37:3d:b5:8b:a6:d5:63:5d:f5:78:f2:6d:e7:9f:
b6:09:b3:a0:02:cb:af:1d:31:4c:61:95:9d:7b:74:f7:85:ca:
1f:2f:2f:de:0d:7d:12:00:2c:0c:bf:42:16:55:b8:e5:a6:31:
aa:bf:f3:b1:c8:b1:41:db:14:86:39:64:e3:b4:f2:1b:4d:fa:
d5:f1:81:f7:f5:93:85:3c:f7:d5:f2:79:67:58:5d:e4:d2:a9:
46:51:1d:53:95:cf:4e:e7:34:1c:33:65:85:14:56:2d:a1:ef:
cb:49:bc:62:24:81:d8:88:5b:1b:34:fe:70:3d:a0:8f:6b:96:
71:7e:15:91:10:00:dc:1b:a7:7e:36:b6:83:d3:86:02:ca:10:
d1:4c:80:10:2a:6c:2d:cc:46:12:07:d4:d7:62:4e:46:f1:0a:
a4:2b:29:de:0e:59:54:db:15:e3:49:42:62:67:c0:17:dc:43:
8e:fb:82:13:96:2f:44:0a:6f:67:78:7f:98:66:3f:09:2d:b1:
5e:fa:03:9d:fd:94:fa:1e:d5:38:ac:43:45:59:1b:da:56:e7:
d8:96:42:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9XTG+qOCR2whCrPSjtO3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzFjMjMzY2JkMjY2ZGIwMjYyMGI5ZGViOTBkMDhlNDE2
OTJlNjcwHhcNMjUxMTA0MTMwMTQwWhcNMjUxMTA1MTMwMTQwWjAzMTEwLwYDVQQD
EyhkNzMxNWEyNmYwNTNiMTNiZDE0ODM5YTUxMDgyNTExMWQ4MTZhMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9NPD65cWuYnE6NjH8vFkQtsd2O6r
uWAHbFmfFXClLYXIa0p6MQbngSyJpSu55NCnua1SGpljhCrCs2FM9/1Lbgqg7TyT
LhPDCveYcHoIfg/mHqnsuVA/lE/BCRBYJqfgAoR/KauWIlThoXUsFG0DK8dQZoL2
XQ9TQlFX0L/hj9XgsuhzD6k7zVJz1jfwaExX+VZYXLXUO7CDTpLQ7ySlzo5mWFgG
uOpvLQr6uIAoUXtZ6b61ZrQwwOAxWWkToYv/Q+IqxSlrOHtuAjROpukBuQunwVB5
q22ltcSe2oyIr1HSCP6O6U5VNwxteFlyY4ribtxFslsmqHlRtgSbrD3omQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNcxWibwU7E70Ug5pRCCURHYFqEtMB8GA1UdIwQY
MBaAFJ0xwjPL0mbbAmILneuQ0I5BaS5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDct
ZmExNzI1MDM0NDkxLzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDctZmExNzI1MDM0NDkx
LzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArR2RMVAD
WszxX8K8SQU5MuBeduxGPpKi2cNQ3ma4pMgSqz5owoSIozc9tYum1WNd9Xjybeef
tgmzoALLrx0xTGGVnXt094XKHy8v3g19EgAsDL9CFlW45aYxqr/zscixQdsUhjlk
47TyG0361fGB9/WThTz31fJ5Z1hd5NKpRlEdU5XPTuc0HDNlhRRWLaHvy0m8YiSB
2IhbGzT+cD2gj2uWcX4VkRAA3Bunfja2g9OGAsoQ0UyAECpsLcxGEgfU12JORvEK
pCsp3g5ZVNsV40lCYmfAF9xDjvuCE5YvRApvZ3h/mGY/CS2xXvoDnf2U+h7VOKxD
RVkb2lbn2JZC+A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:02:27 2025 by rpki-client