Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
File: nwAKfifXFIcphPrjeIda9lvkBWw.mft (raw, json)
Hash identifier: i/TSxp0ZfespnvLYVQeN1yHzN/VpY2YltCdsyWF7dUg=
Subject key identifier: 21:F9:FC:F3:C4:A4:E9:DB:E5:99:68:03:3D:A5:EA:61:1F:39:22:D4
Authority key identifier: 9F:00:0A:7E:27:D7:14:87:29:84:FA:E3:78:87:5A:F6:5B:E4:05:6C
Certificate issuer: /CN=9f000a7e27d714872984fae378875af65be4056c
Certificate serial: 019A03DA0474A452323C08B0A3B3FAB66762
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
Manifest number: 013A
Signing time: Mon 20 Oct 2025 23:00:10 +0000
Manifest this update: Mon 20 Oct 2025 23:00:10 +0000
Manifest next update: Tue 21 Oct 2025 23:00:10 +0000
Files and hashes: 1: nwAKfifXFIcphPrjeIda9lvkBWw.crl (hash: P+eFsiXprxSFYuGRETvjZWNXbPe/Z0DX0+VGEh8I4kE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:03:da:04:74:a4:52:32:3c:08:b0:a3:b3:fa:b6:67:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f000a7e27d714872984fae378875af65be4056c
Validity
Not Before: Oct 20 23:00:10 2025 GMT
Not After : Oct 21 23:00:10 2025 GMT
Subject: CN=21f9fcf3c4a4e9dbe59968033da5ea611f3922d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:88:8b:5d:08:98:24:a4:dc:19:54:6f:3a:2a:
2b:ae:3e:69:d5:b2:51:39:d5:95:00:9b:98:4d:65:
b5:5c:52:e8:7c:78:0c:86:4f:cd:4c:8b:2f:3c:0e:
18:53:2d:6a:f4:76:29:11:80:01:ac:88:ad:42:b1:
31:69:58:b5:ba:98:b0:f1:d6:41:c4:f3:0d:22:9c:
a4:da:38:26:67:9b:fd:c4:a3:0f:f3:13:b7:c8:d1:
00:db:25:97:d7:63:fa:64:e0:2a:89:2c:26:ae:56:
e0:15:c6:50:28:d1:e4:43:e7:09:fa:cc:d2:f2:0c:
ce:88:9f:ac:8d:bf:b5:9d:0b:e3:be:df:9b:a3:23:
aa:68:4d:2a:5e:ee:c9:92:9e:15:71:53:7b:38:6b:
d7:49:56:87:57:7c:2e:e1:c7:14:56:9e:8b:69:42:
52:9b:4f:90:e1:87:f2:03:77:f8:0e:ca:93:83:5b:
82:1b:8a:27:fc:42:3c:59:b5:0b:eb:d5:31:74:e6:
35:15:08:8d:c2:57:e3:3e:d1:c3:7a:09:60:19:49:
14:48:5f:8b:69:2d:a2:c9:39:22:ce:e2:b3:04:3a:
44:b3:67:b7:eb:fa:3a:d2:72:90:ed:d1:1b:a3:7c:
d6:a3:43:fc:fe:e6:5e:62:e5:cc:df:0a:cf:b6:29:
7d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F9:FC:F3:C4:A4:E9:DB:E5:99:68:03:3D:A5:EA:61:1F:39:22:D4
X509v3 Authority Key Identifier:
keyid:9F:00:0A:7E:27:D7:14:87:29:84:FA:E3:78:87:5A:F6:5B:E4:05:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:d9:cb:d2:c8:e9:e2:6f:75:f8:82:f3:7e:95:2e:d8:f4:5a:
11:f2:a8:92:9d:fe:71:07:f7:e5:34:47:06:68:d0:35:be:7f:
31:49:c5:15:ba:d2:8a:18:45:ad:ef:d6:61:e4:97:cb:c3:d9:
82:97:1c:b9:ca:0d:9b:c1:09:47:23:16:a3:a3:fe:51:fb:5d:
a3:74:17:24:f3:81:53:27:d8:fa:47:85:88:a8:24:e9:8d:81:
d0:8b:16:b7:cf:9f:b6:d3:2a:3d:70:a0:e6:08:65:cd:ed:10:
cd:db:c5:f5:39:c3:70:96:54:64:a4:6f:03:ab:1b:33:27:55:
5d:60:b6:52:f2:27:de:8b:d6:c9:a4:e7:7d:f0:a8:c5:21:18:
09:20:5c:ac:2a:de:be:e9:ee:9c:14:ff:2b:e0:2a:90:54:a8:
85:28:4d:47:02:17:fb:bb:46:39:8e:3a:89:8c:c5:ba:e3:bc:
b0:c4:23:48:29:40:c2:c5:11:07:35:61:7c:09:38:a4:bc:76:
ea:5c:d2:98:90:70:69:69:ae:56:ab:f3:a1:b5:20:6e:36:95:
16:c9:cb:aa:89:46:67:71:b7:dc:a3:15:b1:5f:ef:40:48:fd:
18:d3:81:49:e7:1b:61:dd:b9:26:23:8f:35:d7:fd:f1:8f:19:
c6:e4:6e:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoD2gR0pFIyPAiwo7P6tmdiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDAwYTdlMjdkNzE0ODcyOTg0ZmFlMzc4ODc1YWY2NWJl
NDA1NmMwHhcNMjUxMDIwMjMwMDEwWhcNMjUxMDIxMjMwMDEwWjAzMTEwLwYDVQQD
EygyMWY5ZmNmM2M0YTRlOWRiZTU5OTY4MDMzZGE1ZWE2MTFmMzkyMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioiLXQiYJKTcGVRvOiorrj5p1bJR
OdWVAJuYTWW1XFLofHgMhk/NTIsvPA4YUy1q9HYpEYABrIitQrExaVi1upiw8dZB
xPMNIpyk2jgmZ5v9xKMP8xO3yNEA2yWX12P6ZOAqiSwmrlbgFcZQKNHkQ+cJ+szS
8gzOiJ+sjb+1nQvjvt+boyOqaE0qXu7Jkp4VcVN7OGvXSVaHV3wu4ccUVp6LaUJS
m0+Q4YfyA3f4DsqTg1uCG4on/EI8WbUL69UxdOY1FQiNwlfjPtHDeglgGUkUSF+L
aS2iyTkizuKzBDpEs2e36/o60nKQ7dEbo3zWo0P8/uZeYuXM3wrPtil9FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCH5/PPEpOnb5ZloAz2l6mEfOSLUMB8GA1UdIwQY
MBaAFJ8ACn4n1xSHKYT643iHWvZb5AVsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82YjJhNTgtYmVjYy00OWJjLThkODQt
YTAzODkyZmMzNDBiLzEvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82YjJhNTgtYmVjYy00OWJjLThkODQtYTAzODkyZmMzNDBi
LzEvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASNnL0sjp
4m91+ILzfpUu2PRaEfKokp3+cQf35TRHBmjQNb5/MUnFFbrSihhFre/WYeSXy8PZ
gpccucoNm8EJRyMWo6P+Uftdo3QXJPOBUyfY+keFiKgk6Y2B0IsWt8+fttMqPXCg
5ghlze0QzdvF9TnDcJZUZKRvA6sbMydVXWC2UvIn3ovWyaTnffCoxSEYCSBcrCre
vununBT/K+AqkFSohShNRwIX+7tGOY46iYzFuuO8sMQjSClAwsURBzVhfAk4pLx2
6lzSmJBwaWmuVqvzobUgbjaVFsnLqolGZ3G33KMVsV/vQEj9GNOBSecbYd25JiOP
Ndf98Y8ZxuRufQ==
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:11:35 2025 by rpki-client