Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
File: NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json)
Hash identifier: JW2PlqaWvPYxbA2w/qrE8mee8TFYl7EW9aS/Vg+wB2Y=
Subject key identifier: CF:DE:A3:D2:F5:09:6F:D1:9F:9C:F3:C6:97:3F:40:C1:5A:4A:03:AD
Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E
Certificate issuer: /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
Certificate serial: 0198D5839C33F9A2B98F9D409D795F5D1BC9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
Manifest number: 0722
Signing time: Sat 23 Aug 2025 06:00:28 +0000
Manifest this update: Sat 23 Aug 2025 06:00:28 +0000
Manifest next update: Sun 24 Aug 2025 06:00:28 +0000
Files and hashes: 1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: gC0JO7WwxARyoxkWlyVLDsYtMIBX3/qFuL+NYdvbHJk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:83:9c:33:f9:a2:b9:8f:9d:40:9d:79:5f:5d:1b:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
Validity
Not Before: Aug 23 06:00:28 2025 GMT
Not After : Aug 24 06:00:28 2025 GMT
Subject: CN=cfdea3d2f5096fd19f9cf3c6973f40c15a4a03ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:65:ff:54:44:70:10:86:aa:ad:83:f5:86:56:
0f:d5:db:89:19:64:1e:77:d4:e3:d7:bc:6b:0e:bf:
a2:35:7c:d6:10:b2:d6:7c:22:b2:8e:82:a8:57:23:
44:af:8c:86:07:40:f7:74:92:f0:ff:c1:d1:35:b1:
65:c7:12:d2:3c:16:e3:b6:ff:c6:f0:05:d9:6c:8e:
56:bc:b0:83:67:df:7a:b7:aa:9a:51:7d:96:36:57:
b3:54:d2:17:19:55:ea:a4:71:b5:9d:d9:d4:a5:ef:
04:73:44:96:80:b9:03:8b:68:3c:a8:55:4b:ab:a6:
29:a6:eb:64:94:8d:dc:8c:11:71:8e:e3:68:d9:64:
81:a7:4c:51:a2:e6:d3:e3:74:29:31:2b:f9:24:2b:
d6:55:94:c0:f5:1d:25:c3:7b:1c:3d:d4:35:c2:35:
17:d7:38:93:ec:42:38:fb:9a:8d:73:10:99:d1:ba:
a4:dc:e7:13:2a:12:5f:d1:33:ab:ed:ed:e6:6b:32:
b0:e2:43:e2:ad:25:aa:75:e5:98:39:f4:96:be:04:
04:9d:47:a4:f4:09:80:e0:c3:eb:07:94:16:5a:b3:
fc:ea:18:b9:b0:fa:41:2b:a0:6c:1a:75:3c:c6:33:
70:35:9b:3a:1f:5f:05:a5:f7:17:8a:be:1e:64:4c:
83:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:DE:A3:D2:F5:09:6F:D1:9F:9C:F3:C6:97:3F:40:C1:5A:4A:03:AD
X509v3 Authority Key Identifier:
keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:d9:ac:ce:05:0d:70:7b:75:3d:b6:92:cb:f4:a9:f2:fd:51:
ce:55:ad:4c:07:7f:ad:bc:71:57:42:27:74:f3:6d:90:b3:4e:
08:31:53:5e:49:3b:e2:52:8e:33:27:dc:65:04:56:12:56:c5:
a8:a6:55:a2:7d:d7:b5:72:d0:7c:6c:60:0c:a9:ef:10:0d:f1:
c8:9f:54:a4:ee:e2:78:d6:f6:ae:0f:67:05:db:84:11:30:3f:
f7:a4:21:ca:29:a1:70:e6:83:c6:68:41:3a:72:dc:96:83:12:
6d:ad:d1:8e:71:b8:f7:44:28:4d:96:d4:22:18:a6:38:03:2d:
c6:e4:14:08:d5:3f:28:58:b3:3f:f9:1f:56:3f:c6:9f:00:68:
27:e3:bb:bb:a9:36:e0:ca:1b:b4:7e:a4:12:f2:d9:2d:9a:d6:
46:9c:b0:ca:4f:1f:dd:68:2c:62:f8:28:d1:f0:51:aa:f2:9f:
75:d7:b2:b4:c0:c8:9f:42:14:33:c5:bc:85:31:1b:2e:65:c2:
6a:b2:be:a6:3f:32:ab:d1:42:18:fd:7d:dc:6d:49:5a:46:20:
ce:03:26:23:e8:d9:e1:09:b0:c2:b4:ba:cd:3e:4f:9b:c1:13:
fb:31:ee:d6:d2:dd:48:15:22:9e:a5:a3:f5:e4:c3:06:b3:69:
d9:3e:9e:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg5wz+aK5j51AnXlfXRvJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm
NDg2OWUwHhcNMjUwODIzMDYwMDI4WhcNMjUwODI0MDYwMDI4WjAzMTEwLwYDVQQD
EyhjZmRlYTNkMmY1MDk2ZmQxOWY5Y2YzYzY5NzNmNDBjMTVhNGEwM2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2X/VERwEIaqrYP1hlYP1duJGWQe
d9Tj17xrDr+iNXzWELLWfCKyjoKoVyNEr4yGB0D3dJLw/8HRNbFlxxLSPBbjtv/G
8AXZbI5WvLCDZ996t6qaUX2WNlezVNIXGVXqpHG1ndnUpe8Ec0SWgLkDi2g8qFVL
q6YpputklI3cjBFxjuNo2WSBp0xRoubT43QpMSv5JCvWVZTA9R0lw3scPdQ1wjUX
1ziT7EI4+5qNcxCZ0bqk3OcTKhJf0TOr7e3mazKw4kPirSWqdeWYOfSWvgQEnUek
9AmA4MPrB5QWWrP86hi5sPpBK6BsGnU8xjNwNZs6H18FpfcXir4eZEyD3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM/eo9L1CW/Rn5zzxpc/QMFaSgOtMB8GA1UdIwQY
MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt
ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh
LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfNmszgUN
cHt1PbaSy/Sp8v1RzlWtTAd/rbxxV0IndPNtkLNOCDFTXkk74lKOMyfcZQRWElbF
qKZVon3XtXLQfGxgDKnvEA3xyJ9UpO7ieNb2rg9nBduEETA/96QhyimhcOaDxmhB
OnLcloMSba3RjnG490QoTZbUIhimOAMtxuQUCNU/KFizP/kfVj/GnwBoJ+O7u6k2
4MobtH6kEvLZLZrWRpywyk8f3WgsYvgo0fBRqvKfddeytMDIn0IUM8W8hTEbLmXC
arK+pj8yq9FCGP193G1JWkYgzgMmI+jZ4QmwwrS6zT5Pm8ET+zHu1tLdSBUinqWj
9eTDBrNp2T6eWQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:41:32 2025 by rpki-client