Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
File: NkITiw7v_lajLMuqWNb_5u3D8p4.mft (raw, json)
Hash identifier: BMDoBoQZbohf4f4e5nsPVHrLzZGRmkWoIY4b1M1DdoA=
Subject key identifier: 2A:BB:11:2E:42:F0:10:F9:9A:74:5B:4E:6D:DF:0A:5E:F2:3B:C4:A2
Authority key identifier: 36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E
Certificate issuer: /CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
Certificate serial: 019A50E3A9AF5C6B8282C039671DA1B95937
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
Manifest number: 0612
Signing time: Tue 04 Nov 2025 22:01:28 +0000
Manifest this update: Tue 04 Nov 2025 22:01:28 +0000
Manifest next update: Wed 05 Nov 2025 22:01:28 +0000
Files and hashes: 1: NkITiw7v_lajLMuqWNb_5u3D8p4.crl (hash: KisK8Ng0zy+H14lSTEXhlC/WAHvbqNVAnwakuw7xUms=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:e3:a9:af:5c:6b:82:82:c0:39:67:1d:a1:b9:59:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
Validity
Not Before: Nov 4 22:01:28 2025 GMT
Not After : Nov 5 22:01:28 2025 GMT
Subject: CN=2abb112e42f010f99a745b4e6ddf0a5ef23bc4a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:da:04:58:71:aa:03:b3:f3:84:e4:e8:0c:b8:
4e:d1:1b:f8:a0:9e:58:82:cf:57:ca:6c:0d:33:55:
ab:e9:4f:3d:ed:a3:63:64:6d:d5:6b:e9:ff:37:f6:
ea:d1:87:ac:35:53:e2:f3:e0:11:c2:30:af:2e:ca:
2d:cc:54:2d:fe:e9:fa:33:ee:6a:ca:f7:c4:bd:35:
f4:77:41:1d:cc:62:03:f8:2d:c1:7c:71:c8:c9:7d:
9f:04:27:8f:25:d2:ce:2a:eb:b7:36:1c:dd:f2:a4:
30:c5:32:b4:53:55:00:a2:b1:99:d6:4f:07:85:7c:
39:f4:68:29:82:25:83:31:53:10:a0:f8:e0:a0:35:
e9:c2:f5:d2:c5:57:f1:d3:85:f8:c9:48:ef:9f:1f:
9d:c2:1b:31:f7:9f:75:e9:22:cd:56:7f:e3:2e:91:
3e:69:60:a8:ca:ab:6d:b1:46:9a:9b:10:52:4d:db:
c2:34:1a:d7:e9:88:d1:2f:44:64:14:d3:31:82:24:
29:20:74:16:05:d2:1c:a6:63:52:83:61:3f:e1:2a:
e8:7b:eb:75:6d:67:77:b8:6c:43:f8:a3:06:44:ae:
2d:4a:e3:d4:3c:09:01:8a:c1:5b:67:c7:3b:51:ea:
dd:da:9b:1e:0f:75:21:65:0f:d2:d8:65:69:b2:74:
98:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BB:11:2E:42:F0:10:F9:9A:74:5B:4E:6D:DF:0A:5E:F2:3B:C4:A2
X509v3 Authority Key Identifier:
keyid:36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:44:f5:f9:76:9d:e8:a8:0b:f0:22:71:b6:4c:cd:0c:be:35:
9b:b2:25:53:57:33:f6:70:02:ab:12:c2:a0:57:2e:73:39:54:
2e:58:9b:26:64:c7:50:e9:d1:74:55:0d:46:07:a0:36:38:bf:
ad:03:77:ea:4f:f6:dc:ee:98:67:76:6e:4c:aa:8a:72:e7:49:
15:4e:88:b0:ff:34:da:f4:ad:18:d1:04:29:e8:59:95:0a:3c:
7a:bb:17:10:1e:60:84:6d:33:47:ff:23:05:d3:4a:44:46:00:
32:57:45:83:0c:e9:c0:56:ab:de:5f:4f:f5:b4:37:84:29:93:
ee:4d:83:8a:e9:9e:89:a8:0d:d0:25:c0:f4:5d:3f:93:24:83:
3e:9e:96:9e:ea:ef:73:27:15:04:e4:48:17:40:76:77:4d:8c:
c4:33:f5:f3:df:5b:68:4b:53:c5:6f:97:af:d7:df:e9:bb:f5:
73:56:75:43:23:d0:b9:52:32:fc:f7:9f:42:88:a3:b5:4c:86:
5c:bf:8c:11:e6:3f:55:68:3e:de:99:04:11:0b:53:32:0c:64:
f7:19:20:a0:7f:fe:d9:c1:9d:6e:da:af:61:6a:ed:ed:81:a2:
1a:79:2f:49:97:7f:d8:46:c4:d1:08:d0:dd:f9:57:c5:b1:d9:
93:15:68:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ46mvXGuCgsA5Zx2huVk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDIxMzhiMGVlZmZlNTZhMzJjY2JhYTU4ZDZmZmU2ZWRj
M2YyOWUwHhcNMjUxMTA0MjIwMTI4WhcNMjUxMTA1MjIwMTI4WjAzMTEwLwYDVQQD
EygyYWJiMTEyZTQyZjAxMGY5OWE3NDViNGU2ZGRmMGE1ZWYyM2JjNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNoEWHGqA7PzhOToDLhO0Rv4oJ5Y
gs9XymwNM1Wr6U897aNjZG3Va+n/N/bq0YesNVPi8+ARwjCvLsotzFQt/un6M+5q
yvfEvTX0d0EdzGID+C3BfHHIyX2fBCePJdLOKuu3Nhzd8qQwxTK0U1UAorGZ1k8H
hXw59GgpgiWDMVMQoPjgoDXpwvXSxVfx04X4yUjvnx+dwhsx95916SLNVn/jLpE+
aWCoyqttsUaamxBSTdvCNBrX6YjRL0RkFNMxgiQpIHQWBdIcpmNSg2E/4Sroe+t1
bWd3uGxD+KMGRK4tSuPUPAkBisFbZ8c7Uerd2pseD3UhZQ/S2GVpsnSYYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCq7ES5C8BD5mnRbTm3fCl7yO8SiMB8GA1UdIwQY
MBaAFDZCE4sO7/5WoyzLqljW/+btw/KeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgt
ZTA3Zjk1OTM1NmExLzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgtZTA3Zjk1OTM1NmEx
LzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGUT1+Xad
6KgL8CJxtkzNDL41m7IlU1cz9nACqxLCoFcuczlULlibJmTHUOnRdFUNRgegNji/
rQN36k/23O6YZ3ZuTKqKcudJFU6IsP802vStGNEEKehZlQo8ersXEB5ghG0zR/8j
BdNKREYAMldFgwzpwFar3l9P9bQ3hCmT7k2DiumeiagN0CXA9F0/kySDPp6Wnurv
cycVBORIF0B2d02MxDP1899baEtTxW+Xr9ff6bv1c1Z1QyPQuVIy/PefQoijtUyG
XL+MEeY/VWg+3pkEEQtTMgxk9xkgoH/+2cGdbtqvYWrt7YGiGnkvSZd/2EbE0QjQ
3flXxbHZkxVoQg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:43:49 2025 by rpki-client