Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft
File: NkYULOMpCrZ4bT0w8mteQf1oTd4.mft (raw, json)
Hash identifier: 1s91rGcEeiS7+H8drUYJrxZWF8v2KnMqBdOmhZGNMX8=
Subject key identifier: 43:9B:49:20:4D:E9:E2:18:10:D7:64:BF:40:AC:B2:BC:ED:FD:98:CD
Authority key identifier: 36:46:14:2C:E3:29:0A:B6:78:6D:3D:30:F2:6B:5E:41:FD:68:4D:DE
Certificate issuer: /CN=3646142ce3290ab6786d3d30f26b5e41fd684dde
Certificate serial: 019A51BEAD415DEDBB4190DA8ADBE25A247C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft
Manifest number: 0AEC
Signing time: Wed 05 Nov 2025 02:00:41 +0000
Manifest this update: Wed 05 Nov 2025 02:00:41 +0000
Manifest next update: Thu 06 Nov 2025 02:00:41 +0000
Files and hashes: 1: NkYULOMpCrZ4bT0w8mteQf1oTd4.crl (hash: kNB+onNwbyEyXgHnBfAYDQvwN+8hfSUkJKYaeXMVXks=)
2: _1qhZEmD1ZR0wevnSQ5eeTD9plU.roa (hash: ZVkFLKtKLY5Jyd68UAmKFP29SRBsL9mEyi4TVzPBvdA=)
3: yrfnq6Apo3g6hYK2SXicNIxd3BQ.roa (hash: mz8tGW+kk5vYLIpkvgBjBz5ynzM4w4t5pl379UMfAPc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 02:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:be:ad:41:5d:ed:bb:41:90:da:8a:db:e2:5a:24:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3646142ce3290ab6786d3d30f26b5e41fd684dde
Validity
Not Before: Nov 5 02:00:41 2025 GMT
Not After : Nov 6 02:00:41 2025 GMT
Subject: CN=439b49204de9e21810d764bf40acb2bcedfd98cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:60:5f:f4:c4:9c:d6:b6:45:45:08:e0:56:cc:
03:11:b7:bf:f5:20:9f:d6:f1:c2:0f:35:13:6a:8c:
f7:8d:05:6c:78:a3:5b:50:94:49:cf:1c:f8:be:89:
f0:e9:2c:76:ff:77:28:68:ae:e2:9f:63:82:a3:84:
42:8d:df:3b:d1:06:9a:98:2e:e2:99:69:ef:6c:19:
76:ed:d9:dc:24:1c:11:08:1b:66:e5:cf:58:32:a0:
b4:9c:2c:43:61:2d:82:66:b4:c7:a2:d7:d1:f4:73:
1a:19:4a:4b:7d:ee:8a:eb:ef:7f:45:9c:c5:83:19:
97:1a:fb:03:f1:e0:e5:7c:20:d1:42:3e:6e:8a:76:
74:44:6f:3a:59:45:c4:3f:1d:08:6c:43:b3:ee:cf:
7c:ec:3a:e6:d3:36:45:b9:7d:bd:6f:77:70:f4:01:
0c:2e:89:86:cd:f5:f1:b7:13:36:6c:13:b8:d3:d8:
b5:04:b6:5e:a7:5a:9d:9b:85:0d:37:ce:f8:fd:a1:
76:14:52:6c:52:61:3e:32:68:2e:4b:33:ad:b3:6a:
9f:8f:09:bd:11:0f:72:b3:1b:05:af:4e:47:e4:6e:
da:b0:94:55:75:9a:c8:44:ae:d0:04:54:10:dc:46:
52:ab:9a:02:be:88:62:69:0b:2f:6b:0d:41:71:21:
96:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:9B:49:20:4D:E9:E2:18:10:D7:64:BF:40:AC:B2:BC:ED:FD:98:CD
X509v3 Authority Key Identifier:
keyid:36:46:14:2C:E3:29:0A:B6:78:6D:3D:30:F2:6B:5E:41:FD:68:4D:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:aa:83:6a:40:a3:7b:00:91:37:22:34:42:85:0b:10:90:85:
9c:bf:7c:fa:77:99:4c:7f:38:05:36:8d:20:c3:66:95:fc:1c:
87:c7:3c:2a:d3:95:0e:5f:79:fd:59:e8:a2:7d:d0:9f:d3:43:
56:0a:a2:03:fc:d8:ea:0d:af:3d:e4:79:64:1d:6b:3d:f4:11:
40:7f:ce:22:2c:5f:62:34:02:3f:8b:ca:fc:f8:b4:29:b5:a0:
62:65:6d:cb:e8:ff:d3:dc:1f:9d:c2:9e:ac:57:02:ae:3b:98:
58:2f:dc:b5:10:b3:bd:b1:5b:a0:40:d0:73:08:0b:f9:72:d5:
e6:aa:0b:50:1a:54:7b:fe:c9:72:fb:42:7c:d9:4d:f1:da:b7:
6a:9f:97:dd:52:41:7a:03:a0:d1:cf:80:91:62:d8:b4:1d:86:
e7:31:74:2d:8c:2c:d3:0a:82:dd:51:4b:f0:ef:30:2c:24:0b:
a8:bb:c3:36:be:e4:eb:d0:98:5d:a1:19:91:b4:e8:d8:bc:d5:
0a:35:b9:3d:14:59:c1:8c:ea:84:0d:ae:46:9d:fe:ad:3c:5e:
fa:b1:4d:50:3c:ef:c9:25:7c:82:57:1a:5a:a6:60:9d:1c:01:
f8:39:21:26:14:a1:7a:25:ad:ed:dd:30:df:de:93:47:6f:ad:
c4:a5:34:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRvq1BXe27QZDaitviWiR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDYxNDJjZTMyOTBhYjY3ODZkM2QzMGYyNmI1ZTQxZmQ2
ODRkZGUwHhcNMjUxMTA1MDIwMDQxWhcNMjUxMTA2MDIwMDQxWjAzMTEwLwYDVQQD
Eyg0MzliNDkyMDRkZTllMjE4MTBkNzY0YmY0MGFjYjJiY2VkZmQ5OGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2Bf9MSc1rZFRQjgVswDEbe/9SCf
1vHCDzUTaoz3jQVseKNbUJRJzxz4vonw6Sx2/3coaK7in2OCo4RCjd870QaamC7i
mWnvbBl27dncJBwRCBtm5c9YMqC0nCxDYS2CZrTHotfR9HMaGUpLfe6K6+9/RZzF
gxmXGvsD8eDlfCDRQj5uinZ0RG86WUXEPx0IbEOz7s987Drm0zZFuX29b3dw9AEM
LomGzfXxtxM2bBO409i1BLZep1qdm4UNN874/aF2FFJsUmE+MmguSzOts2qfjwm9
EQ9ysxsFr05H5G7asJRVdZrIRK7QBFQQ3EZSq5oCvohiaQsvaw1BcSGW9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEObSSBN6eIYENdkv0Cssrzt/ZjNMB8GA1UdIwQY
MBaAFDZGFCzjKQq2eG09MPJrXkH9aE3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9jZDgyMDYtNzY0ZS00YTMxLWFjZTct
ZDMwODU0MmExZDg2LzEvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9jZDgyMDYtNzY0ZS00YTMxLWFjZTctZDMwODU0MmExZDg2
LzEvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI6qDakCj
ewCRNyI0QoULEJCFnL98+neZTH84BTaNIMNmlfwch8c8KtOVDl95/Vnoon3Qn9ND
VgqiA/zY6g2vPeR5ZB1rPfQRQH/OIixfYjQCP4vK/Pi0KbWgYmVty+j/09wfncKe
rFcCrjuYWC/ctRCzvbFboEDQcwgL+XLV5qoLUBpUe/7JcvtCfNlN8dq3ap+X3VJB
egOg0c+AkWLYtB2G5zF0LYws0wqC3VFL8O8wLCQLqLvDNr7k69CYXaEZkbTo2LzV
CjW5PRRZwYzqhA2uRp3+rTxe+rFNUDzvySV8glcaWqZgnRwB+DkhJhSheiWt7d0w
396TR2+txKU0hA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:43:21 2025 by rpki-client