Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
File: NkITiw7v_lajLMuqWNb_5u3D8p4.mft (raw, json)
Hash identifier: H+6hnY685Rb6AYkOjJFggI4BN4jWpH1lT+P6I6EwCAA=
Subject key identifier: 96:66:34:4A:71:E9:0B:EB:88:2C:11:B1:A9:60:5A:13:5D:50:6E:0E
Authority key identifier: 36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E
Certificate issuer: /CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
Certificate serial: 01987D8B082E9D852584289DB5D7C3212FB6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
Manifest number: 0520
Signing time: Wed 06 Aug 2025 04:02:00 +0000
Manifest this update: Wed 06 Aug 2025 04:02:00 +0000
Manifest next update: Thu 07 Aug 2025 04:02:00 +0000
Files and hashes: 1: NkITiw7v_lajLMuqWNb_5u3D8p4.crl (hash: gw7AhiAcayhqBMnDocLoRQyBoPrLDwtP8T2tzqWGJBM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 04:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7d:8b:08:2e:9d:85:25:84:28:9d:b5:d7:c3:21:2f:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
Validity
Not Before: Aug 6 04:02:00 2025 GMT
Not After : Aug 7 04:02:00 2025 GMT
Subject: CN=9666344a71e90beb882c11b1a9605a135d506e0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:de:ea:fc:8b:da:90:cc:72:e2:67:d4:e7:7a:
e1:33:02:54:ed:3d:2d:8c:a3:0d:ed:10:5c:8f:18:
4b:ff:c7:01:d8:c9:66:dd:1a:a9:16:92:25:c8:19:
37:8d:3e:c2:bb:4a:e1:d3:43:df:ac:7a:c2:7e:a0:
e0:c6:dc:3c:03:65:da:7c:7c:a6:36:45:4a:4f:c4:
fe:ed:a9:9e:c5:de:b5:ae:18:90:be:10:62:79:29:
35:f5:f2:6a:1b:d2:68:dd:a4:2d:ae:2c:8b:54:6b:
af:ca:1b:cd:7d:f4:5f:8b:5f:9b:cc:3b:89:ad:1d:
1f:10:0a:3a:7b:b4:a1:62:5a:51:31:59:93:73:9f:
1d:ba:74:f2:d2:f9:12:e2:12:78:fb:bf:be:4f:11:
cd:a6:49:f9:29:c5:2e:11:19:e8:13:52:da:0c:b5:
58:6e:d2:d6:48:21:c0:80:f9:0f:6f:ca:62:99:c9:
6e:db:e9:d7:d0:cf:29:98:30:9a:9f:d1:6a:b9:66:
05:53:cd:a6:8a:71:71:34:15:07:61:45:a1:88:20:
26:58:31:e4:ae:f7:ab:7b:b6:c3:fa:01:c4:d9:2e:
4a:37:0c:6d:69:c7:a3:2c:13:99:af:ee:1c:da:5a:
f4:d5:56:66:f5:b0:b4:c5:a7:f6:b0:21:7f:b3:45:
af:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:66:34:4A:71:E9:0B:EB:88:2C:11:B1:A9:60:5A:13:5D:50:6E:0E
X509v3 Authority Key Identifier:
keyid:36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:eb:68:77:9e:9a:4a:11:b5:0b:e0:05:08:40:ce:af:84:f9:
1e:9d:ed:4c:e2:da:ff:52:c3:f9:dd:07:b9:1c:b8:1c:9c:e7:
7d:58:d9:7e:a0:db:c2:65:52:3f:f7:49:dc:ba:41:3f:07:94:
97:d8:43:31:75:69:1e:c4:d2:76:75:5b:72:65:4a:a4:d9:d4:
ca:c2:a0:7d:e8:9d:6a:1b:dd:44:33:31:0b:c5:4f:d5:37:09:
bc:a5:be:5f:e9:2c:a1:4a:6f:cd:05:5a:20:a3:93:80:12:9e:
bc:04:03:48:15:75:34:ca:e9:38:fd:1e:1c:d3:96:8c:09:0a:
d9:88:ca:ae:d5:db:fc:31:ee:3f:10:eb:79:b1:ab:8d:bb:3d:
98:d3:c9:21:a9:c0:0a:db:3e:b0:2f:4e:ab:56:0b:a9:62:6b:
bb:74:66:0f:d4:9e:01:a9:8c:67:11:ed:03:0d:8f:0f:2c:bb:
64:ea:7d:6f:dd:a5:ce:86:91:b6:86:08:f8:5a:b9:ea:0c:7b:
21:63:42:60:b3:c1:da:9d:ab:0a:ef:74:0e:74:74:1a:66:18:
1c:cc:13:48:0c:9e:f9:c9:23:82:16:17:19:d9:1a:63:83:dc:
1c:7b:6b:94:51:43:44:05:21:bb:df:79:ff:7c:fb:a4:52:e2:
87:9a:a3:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9iwgunYUlhCidtdfDIS+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDIxMzhiMGVlZmZlNTZhMzJjY2JhYTU4ZDZmZmU2ZWRj
M2YyOWUwHhcNMjUwODA2MDQwMjAwWhcNMjUwODA3MDQwMjAwWjAzMTEwLwYDVQQD
Eyg5NjY2MzQ0YTcxZTkwYmViODgyYzExYjFhOTYwNWExMzVkNTA2ZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod7q/IvakMxy4mfU53rhMwJU7T0t
jKMN7RBcjxhL/8cB2Mlm3RqpFpIlyBk3jT7Cu0rh00PfrHrCfqDgxtw8A2XafHym
NkVKT8T+7amexd61rhiQvhBieSk19fJqG9Jo3aQtriyLVGuvyhvNffRfi1+bzDuJ
rR0fEAo6e7ShYlpRMVmTc58dunTy0vkS4hJ4+7++TxHNpkn5KcUuERnoE1LaDLVY
btLWSCHAgPkPb8pimclu2+nX0M8pmDCan9FquWYFU82minFxNBUHYUWhiCAmWDHk
rvere7bD+gHE2S5KNwxtacejLBOZr+4c2lr01VZm9bC0xaf2sCF/s0WvcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZmNEpx6QvriCwRsalgWhNdUG4OMB8GA1UdIwQY
MBaAFDZCE4sO7/5WoyzLqljW/+btw/KeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgt
ZTA3Zjk1OTM1NmExLzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgtZTA3Zjk1OTM1NmEx
LzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc+tod56a
ShG1C+AFCEDOr4T5Hp3tTOLa/1LD+d0HuRy4HJznfVjZfqDbwmVSP/dJ3LpBPweU
l9hDMXVpHsTSdnVbcmVKpNnUysKgfeidahvdRDMxC8VP1TcJvKW+X+ksoUpvzQVa
IKOTgBKevAQDSBV1NMrpOP0eHNOWjAkK2YjKrtXb/DHuPxDrebGrjbs9mNPJIanA
Cts+sC9Oq1YLqWJru3RmD9SeAamMZxHtAw2PDyy7ZOp9b92lzoaRtoYI+Fq56gx7
IWNCYLPB2p2rCu90DnR0GmYYHMwTSAye+ckjghYXGdkaY4PcHHtrlFFDRAUhu995
/3z7pFLih5qjAQ==
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:06:15 2025 by rpki-client