Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File: nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier: TEOLGxuysrrzYtSdhHZqTeFfhASiCu1Pbau9VMkilNE=
Subject key identifier: 8A:80:8F:21:26:5A:96:6D:15:FB:DA:AC:4B:52:8F:5D:CF:85:28:68
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer: /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial: 0198D4E03E60CB044FE8B53698C11378A117
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number: 1646
Signing time: Sat 23 Aug 2025 03:02:02 +0000
Manifest this update: Sat 23 Aug 2025 03:02:02 +0000
Manifest next update: Sun 24 Aug 2025 03:02:02 +0000
Files and hashes: 1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: cLmxMEtk4V+ID/U7sbfHSsEpRGYxZ+Paq9PA5H5Usqk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 03:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:e0:3e:60:cb:04:4f:e8:b5:36:98:c1:13:78:a1:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Validity
Not Before: Aug 23 03:02:02 2025 GMT
Not After : Aug 24 03:02:02 2025 GMT
Subject: CN=8a808f21265a966d15fbdaac4b528f5dcf852868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ee:95:89:63:c9:89:f7:a6:45:63:ca:3d:62:
ba:d2:c4:ba:c2:e2:ef:5b:e3:38:6c:c6:d2:5d:73:
cc:cd:d9:fb:3e:4e:b0:e1:bd:cf:db:5a:75:22:d6:
0d:70:67:af:ca:98:e6:c1:06:63:5d:99:3e:75:c6:
fd:95:80:53:81:21:ea:a4:43:19:66:95:1b:79:9e:
1f:72:6e:64:88:85:4e:1b:fe:97:54:23:13:1c:fb:
9f:6c:35:94:1d:8c:0c:33:99:23:b7:4b:a8:4e:28:
3f:a7:1e:83:35:0b:4f:29:a5:b2:80:24:d6:3e:96:
da:18:c0:47:e6:7d:e9:70:e2:f4:9d:3b:29:95:2d:
26:7f:35:4e:06:53:2f:ab:8a:cc:92:6b:59:69:5b:
9a:b1:4b:20:e9:62:f7:ea:88:f0:ac:76:64:b4:42:
00:60:05:cb:6b:e3:ba:e4:15:22:12:41:b7:c9:a5:
80:de:d7:39:cb:43:15:60:9f:bf:07:73:2e:43:c4:
df:76:1f:a3:ac:62:47:e2:99:55:45:41:d1:d0:d4:
3b:9c:a1:4d:63:98:73:be:09:8a:76:b1:b7:64:44:
ed:5a:d4:6c:1d:94:c0:58:7c:aa:bf:31:4f:b0:c5:
fe:fb:15:b1:ce:4c:8b:d0:4f:b0:51:b6:a3:5e:a5:
04:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:80:8F:21:26:5A:96:6D:15:FB:DA:AC:4B:52:8F:5D:CF:85:28:68
X509v3 Authority Key Identifier:
keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:8e:54:c8:d3:eb:d1:63:b1:09:98:46:5e:ef:83:67:59:64:
48:d1:28:dc:f3:fe:f5:0b:07:6a:40:4d:e8:c2:7b:f6:02:35:
b1:b6:4b:88:63:dc:1c:5e:33:d0:89:e3:50:8c:97:e7:09:2f:
a5:81:25:d0:b2:6f:79:d6:1f:92:75:03:e4:88:45:7a:ec:50:
3e:0a:c4:c6:d0:e4:99:06:bb:8b:db:a4:ad:03:f9:17:e3:d6:
e3:da:21:f6:87:e3:4a:26:cf:a9:b9:46:0b:91:c1:4f:c5:8d:
3e:3c:ed:54:50:9f:df:91:6c:3d:42:2d:49:db:d0:1e:c6:83:
25:9a:bc:fc:d0:b6:87:47:ae:55:9b:20:ad:8e:96:f7:ad:f0:
96:aa:2d:7e:fc:72:43:7d:b4:7e:5f:53:81:d7:18:51:84:c0:
08:ae:46:49:65:52:38:72:4c:16:5a:a6:4f:3f:87:54:c5:29:
66:fe:7b:51:b0:a8:78:cf:09:8f:90:e1:a3:f6:b3:cf:eb:1a:
1c:32:34:aa:52:54:e8:48:db:1c:9d:e2:8c:6d:b8:67:36:b0:
c8:5e:8f:f7:79:11:95:c6:e1:b0:8c:45:17:57:90:83:23:48:
70:f4:64:28:88:69:60:f8:c0:ef:24:06:71:84:c5:5a:46:08:
06:84:d8:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4D5gywRP6LU2mMETeKEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjUwODIzMDMwMjAyWhcNMjUwODI0MDMwMjAyWjAzMTEwLwYDVQQD
Eyg4YTgwOGYyMTI2NWE5NjZkMTVmYmRhYWM0YjUyOGY1ZGNmODUyODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAou6ViWPJifemRWPKPWK60sS6wuLv
W+M4bMbSXXPMzdn7Pk6w4b3P21p1ItYNcGevypjmwQZjXZk+dcb9lYBTgSHqpEMZ
ZpUbeZ4fcm5kiIVOG/6XVCMTHPufbDWUHYwMM5kjt0uoTig/px6DNQtPKaWygCTW
PpbaGMBH5n3pcOL0nTsplS0mfzVOBlMvq4rMkmtZaVuasUsg6WL36ojwrHZktEIA
YAXLa+O65BUiEkG3yaWA3tc5y0MVYJ+/B3MuQ8Tfdh+jrGJH4plVRUHR0NQ7nKFN
Y5hzvgmKdrG3ZETtWtRsHZTAWHyqvzFPsMX++xWxzkyL0E+wUbajXqUEdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqAjyEmWpZtFfvarEtSj13PhShoMB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeY5UyNPr
0WOxCZhGXu+DZ1lkSNEo3PP+9QsHakBN6MJ79gI1sbZLiGPcHF4z0InjUIyX5wkv
pYEl0LJvedYfknUD5IhFeuxQPgrExtDkmQa7i9ukrQP5F+PW49oh9ofjSibPqblG
C5HBT8WNPjztVFCf35FsPUItSdvQHsaDJZq8/NC2h0euVZsgrY6W963wlqotfvxy
Q320fl9TgdcYUYTACK5GSWVSOHJMFlqmTz+HVMUpZv57UbCoeM8Jj5Dho/azz+sa
HDI0qlJU6EjbHJ3ijG24ZzawyF6P93kRlcbhsIxFF1eQgyNIcPRkKIhpYPjA7yQG
cYTFWkYIBoTYbQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:30:44 2025 by rpki-client