Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
File: NgHDzOanHKshpLut8KuE3ePyurI.mft (raw, json)
Hash identifier: fzbPl8xnblLtPjgUPLbk/kHfbn1gncWy5r5k3Vm+1KA=
Subject key identifier: 73:F6:BC:20:6C:BB:49:38:DA:F5:39:00:48:B2:4D:D9:96:E2:77:BA
Authority key identifier: 36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
Certificate issuer: /CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Certificate serial: 019A4EF536234126BAFFEBCE52E373AD6EF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
Manifest number: 1710
Signing time: Tue 04 Nov 2025 13:01:24 +0000
Manifest this update: Tue 04 Nov 2025 13:01:24 +0000
Manifest next update: Wed 05 Nov 2025 13:01:24 +0000
Files and hashes: 1: Mk7YYF4o9LB74wKwKgBbcKzvyH8.roa (hash: OCqXIpcMD6jOp7DHnSx2liWfa4cjdFDkG92oQWOUUNo=)
2: NgHDzOanHKshpLut8KuE3ePyurI.crl (hash: JOosGt7d17lIHnlF6X+FGTYNhb1kltFNgio2L1ErX9g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 13:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:36:23:41:26:ba:ff:eb:ce:52:e3:73:ad:6e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Validity
Not Before: Nov 4 13:01:24 2025 GMT
Not After : Nov 5 13:01:24 2025 GMT
Subject: CN=73f6bc206cbb4938daf5390048b24dd996e277ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1c:93:0d:84:d9:f0:fd:7e:fb:14:7e:54:0e:
96:5f:33:36:1a:8f:6f:63:3f:7b:2e:d9:e4:7e:7f:
48:fc:19:0b:ec:31:f2:7e:f6:c4:be:b6:ce:e5:40:
a1:08:4e:4a:c8:13:c1:68:e4:43:85:74:82:35:9a:
62:8e:e6:16:1f:8e:96:97:e4:61:0d:14:ff:ca:f2:
d1:0b:3e:d2:64:07:a3:95:ee:78:48:4b:e9:9c:2c:
78:83:f6:52:6a:4e:a9:18:af:75:68:5b:f9:b6:e3:
ea:64:2a:33:3f:34:42:12:4b:91:e9:71:3d:a5:90:
ed:db:b9:e9:4f:40:ee:44:4f:6a:8f:91:b5:d9:89:
bc:ad:f0:72:ad:d0:48:7f:9b:f8:0d:f5:70:b3:06:
5b:ac:f8:1f:ea:10:c3:c2:47:62:c5:40:9c:c4:ad:
fb:61:24:fd:13:b7:22:83:0f:bc:9b:54:51:d8:3d:
30:a4:ad:ec:f2:53:0e:5f:c6:3f:8b:e3:84:c7:fc:
e4:79:b1:2c:5d:52:a4:30:63:1e:ef:f0:a0:9e:dc:
9d:a1:0a:97:50:ff:f2:f8:6c:46:33:fc:fb:7d:75:
e2:20:b0:c5:aa:f5:01:74:03:7f:14:5e:d3:b3:05:
db:c5:dd:99:21:87:a6:c5:08:50:62:2b:7c:cc:b8:
d6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F6:BC:20:6C:BB:49:38:DA:F5:39:00:48:B2:4D:D9:96:E2:77:BA
X509v3 Authority Key Identifier:
keyid:36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:95:f2:52:13:29:e8:3d:58:93:84:9d:a9:4f:aa:7a:de:f5:
e3:78:b2:f4:f6:85:b5:7e:60:fc:75:eb:6a:67:75:ca:62:66:
0c:aa:ea:7e:93:eb:2d:6d:f0:42:a3:28:b6:0d:8f:78:4c:96:
d2:c3:a6:52:5c:d9:fd:b6:cf:3d:13:3a:e0:7e:76:6a:e3:be:
cd:01:52:15:9c:ae:b4:0b:e6:ba:ef:3f:a1:db:bf:3b:3d:e1:
de:df:f1:c6:8a:05:36:bd:ee:ff:86:3f:01:b8:29:54:dc:4e:
2a:94:e5:08:3d:b0:19:de:bd:61:4d:cd:6a:ce:6b:af:27:10:
c5:bd:34:1b:1a:70:4e:af:62:9a:c0:45:69:2a:f5:6b:78:05:
e0:36:82:0e:1c:7b:ed:49:da:97:78:92:bf:cd:95:85:1a:47:
b9:83:a4:8d:50:54:80:67:29:35:e6:af:dc:a3:d4:a3:ad:ee:
fe:13:37:96:9f:cf:66:b3:27:fd:b2:b0:50:c1:13:7c:4e:17:
92:84:76:1d:c3:2d:eb:f3:ee:7a:33:65:81:75:b5:8e:3b:43:
f1:0f:25:23:b1:1a:fd:d4:d0:7f:3d:a5:62:06:bd:56:4f:b6:
76:2e:e7:1d:72:e9:cc:3f:e3:27:f2:b7:0a:30:f2:75:69:0e:
ff:a9:96:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9TYjQSa6/+vOUuNzrW7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MDFjM2NjZTZhNzFjYWIyMWE0YmJhZGYwYWI4NGRkZTNm
MmJhYjIwHhcNMjUxMTA0MTMwMTI0WhcNMjUxMTA1MTMwMTI0WjAzMTEwLwYDVQQD
Eyg3M2Y2YmMyMDZjYmI0OTM4ZGFmNTM5MDA0OGIyNGRkOTk2ZTI3N2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRyTDYTZ8P1++xR+VA6WXzM2Go9v
Yz97Ltnkfn9I/BkL7DHyfvbEvrbO5UChCE5KyBPBaORDhXSCNZpijuYWH46Wl+Rh
DRT/yvLRCz7SZAejle54SEvpnCx4g/ZSak6pGK91aFv5tuPqZCozPzRCEkuR6XE9
pZDt27npT0DuRE9qj5G12Ym8rfByrdBIf5v4DfVwswZbrPgf6hDDwkdixUCcxK37
YST9E7cigw+8m1RR2D0wpK3s8lMOX8Y/i+OEx/zkebEsXVKkMGMe7/CgntydoQqX
UP/y+GxGM/z7fXXiILDFqvUBdAN/FF7TswXbxd2ZIYemxQhQYit8zLjWYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHP2vCBsu0k42vU5AEiyTdmW4ne6MB8GA1UdIwQY
MBaAFDYBw8zmpxyrIaS7rfCrhN3j8rqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUt
ODAxZWYzOGRlYTljLzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUtODAxZWYzOGRlYTlj
LzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACpXyUhMp
6D1Yk4SdqU+qet7143iy9PaFtX5g/HXramd1ymJmDKrqfpPrLW3wQqMotg2PeEyW
0sOmUlzZ/bbPPRM64H52auO+zQFSFZyutAvmuu8/odu/Oz3h3t/xxooFNr3u/4Y/
AbgpVNxOKpTlCD2wGd69YU3Nas5rrycQxb00GxpwTq9imsBFaSr1a3gF4DaCDhx7
7Unal3iSv82VhRpHuYOkjVBUgGcpNeav3KPUo63u/hM3lp/PZrMn/bKwUMETfE4X
koR2HcMt6/PuejNlgXW1jjtD8Q8lI7Ea/dTQfz2lYga9Vk+2di7nHXLpzD/jJ/K3
CjDydWkO/6mW4w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:33:21 2025 by rpki-client