Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft
File: nTXgMBWeVx-qvTebUsHZoa77FEQ.mft (raw, json)
Hash identifier: UsrDs6OC2tA1PIDYIYDv6tNpjaO7+fNUbCwMkaN01vk=
Subject key identifier: B3:A4:FD:FF:45:35:29:A5:EF:1A:54:B5:C1:88:31:4C:A2:87:C4:0F
Authority key identifier: 9D:35:E0:30:15:9E:57:1F:AA:BD:37:9B:52:C1:D9:A1:AE:FB:14:44
Certificate issuer: /CN=9d35e030159e571faabd379b52c1d9a1aefb1444
Certificate serial: 0197C501280D5F428AC525E93E64E7419CCE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTXgMBWeVx-qvTebUsHZoa77FEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft
Manifest number: 45
Signing time: Tue 01 Jul 2025 08:01:16 +0000
Manifest this update: Tue 01 Jul 2025 08:01:16 +0000
Manifest next update: Wed 02 Jul 2025 08:01:16 +0000
Files and hashes: 1: nTXgMBWeVx-qvTebUsHZoa77FEQ.crl (hash: CbpWGw2cD5329T/dJd93IuUiX3Hjt9006jgFedT/YLc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTXgMBWeVx-qvTebUsHZoa77FEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c5:01:28:0d:5f:42:8a:c5:25:e9:3e:64:e7:41:9c:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d35e030159e571faabd379b52c1d9a1aefb1444
Validity
Not Before: Jul 1 08:01:16 2025 GMT
Not After : Jul 2 08:01:16 2025 GMT
Subject: CN=b3a4fdff453529a5ef1a54b5c188314ca287c40f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c7:a2:39:7f:8b:7e:a6:45:39:e9:da:39:fd:
93:f1:ec:e5:a3:b2:bc:7c:45:04:8c:16:0c:87:2e:
58:4c:73:0b:c9:f5:9f:1f:cf:5a:08:b9:aa:96:3f:
9e:b4:63:a4:48:2b:bd:ef:34:c9:51:94:b3:9d:b2:
73:68:ac:af:8b:f6:06:04:7d:01:0a:6b:e8:fd:b5:
94:c3:83:02:0b:69:14:bc:af:36:4c:92:84:bc:b9:
b7:73:22:b2:1a:4c:30:5a:6d:c2:b0:56:8b:f7:9e:
6e:4f:d5:65:89:c9:81:9d:8d:cf:60:d6:8e:27:07:
74:88:08:73:4b:84:b9:fc:af:a7:16:d9:04:d3:bd:
4a:35:c7:25:a3:8e:e6:db:80:49:fa:7f:92:56:98:
d6:59:e8:65:41:40:5e:2d:ae:88:d5:e0:2f:40:58:
29:ec:d5:25:a0:dd:8f:e6:04:79:56:30:3d:d1:30:
ad:c0:7b:05:72:e5:c0:2e:61:ca:c0:a6:69:f9:d4:
7e:64:7a:8a:f7:d9:2a:c9:1b:69:2b:7f:59:f6:c6:
ca:58:a7:f7:66:d4:f4:1a:83:62:be:7b:65:f2:40:
26:03:0f:a2:af:50:8a:fa:fc:6d:30:93:38:ef:21:
6e:be:8d:79:29:04:17:8c:99:85:77:87:35:2e:04:
99:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A4:FD:FF:45:35:29:A5:EF:1A:54:B5:C1:88:31:4C:A2:87:C4:0F
X509v3 Authority Key Identifier:
keyid:9D:35:E0:30:15:9E:57:1F:AA:BD:37:9B:52:C1:D9:A1:AE:FB:14:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTXgMBWeVx-qvTebUsHZoa77FEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:60:48:8b:df:b4:30:91:74:7a:4a:b9:19:3e:93:a6:b9:ff:
0c:f6:da:54:f5:20:ef:7f:8d:b0:4e:dc:8f:1e:d3:3a:d1:8e:
64:57:7b:00:1e:38:fc:31:86:58:c2:3b:1a:da:b2:48:d5:30:
3f:0e:a0:34:bd:df:e6:82:c1:29:d2:63:04:16:b9:b3:1f:57:
8d:9a:ee:81:ea:e6:cb:99:bb:c6:28:0a:30:76:96:b9:e5:ad:
fd:60:a2:39:35:10:15:c5:49:34:f1:9d:88:97:cf:ea:c9:e5:
da:c5:12:f9:cd:dd:fc:85:4f:e6:59:0e:b2:50:ad:24:e1:be:
29:8e:87:2c:5e:f7:9a:bf:a9:66:e7:ab:f0:aa:75:6a:6b:d7:
05:07:33:03:2f:16:34:0b:fe:de:6b:76:a9:34:d4:4a:27:ba:
20:c3:96:b5:4a:87:4f:5c:1e:1b:6c:c1:b0:34:b2:f5:7f:f6:
d3:a4:c1:01:b6:19:75:fb:62:7a:12:57:88:f2:10:82:21:37:
4e:09:0b:05:6e:31:5d:9b:38:86:05:c9:d1:55:c8:02:e4:6c:
79:f6:7a:65:74:d7:82:1f:ae:cb:db:15:a1:0d:c3:29:70:17:
56:31:5a:40:c2:db:ee:bc:db:05:8b:4d:d4:3b:6e:68:1f:71:
ba:07:24:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfFASgNX0KKxSXpPmTnQZzOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzVlMDMwMTU5ZTU3MWZhYWJkMzc5YjUyYzFkOWExYWVm
YjE0NDQwHhcNMjUwNzAxMDgwMTE2WhcNMjUwNzAyMDgwMTE2WjAzMTEwLwYDVQQD
EyhiM2E0ZmRmZjQ1MzUyOWE1ZWYxYTU0YjVjMTg4MzE0Y2EyODdjNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38eiOX+LfqZFOenaOf2T8ezlo7K8
fEUEjBYMhy5YTHMLyfWfH89aCLmqlj+etGOkSCu97zTJUZSznbJzaKyvi/YGBH0B
Cmvo/bWUw4MCC2kUvK82TJKEvLm3cyKyGkwwWm3CsFaL955uT9VlicmBnY3PYNaO
Jwd0iAhzS4S5/K+nFtkE071KNcclo47m24BJ+n+SVpjWWehlQUBeLa6I1eAvQFgp
7NUloN2P5gR5VjA90TCtwHsFcuXALmHKwKZp+dR+ZHqK99kqyRtpK39Z9sbKWKf3
ZtT0GoNivntl8kAmAw+ir1CK+vxtMJM47yFuvo15KQQXjJmFd4c1LgSZcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOk/f9FNSml7xpUtcGIMUyih8QPMB8GA1UdIwQY
MBaAFJ014DAVnlcfqr03m1LB2aGu+xREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRYZ01CV2VWeC1xdlRlYlVzSFpvYTc3RkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDczMjMtOWU4NC00Zjg3LWI1Zjkt
Mjg2YTgyOGRkN2Q1LzEvblRYZ01CV2VWeC1xdlRlYlVzSFpvYTc3RkVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDczMjMtOWU4NC00Zjg3LWI1ZjktMjg2YTgyOGRkN2Q1
LzEvblRYZ01CV2VWeC1xdlRlYlVzSFpvYTc3RkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANGBIi9+0
MJF0ekq5GT6Tprn/DPbaVPUg73+NsE7cjx7TOtGOZFd7AB44/DGGWMI7GtqySNUw
Pw6gNL3f5oLBKdJjBBa5sx9XjZrugermy5m7xigKMHaWueWt/WCiOTUQFcVJNPGd
iJfP6snl2sUS+c3d/IVP5lkOslCtJOG+KY6HLF73mr+pZuer8Kp1amvXBQczAy8W
NAv+3mt2qTTUSie6IMOWtUqHT1weG2zBsDSy9X/206TBAbYZdftiehJXiPIQgiE3
TgkLBW4xXZs4hgXJ0VXIAuRsefZ6ZXTXgh+uy9sVoQ3DKXAXVjFaQMLb7rzbBYtN
1DtuaB9xugckmQ==
-----END CERTIFICATE-----
Generated at Tue Jul 1 16:47:08 2025 by rpki-client