Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File: nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier: 3CqNKdPoFnJxn0xYvoYSNVMV64U+rQgeu1RGDoJRNWE=
Subject key identifier: 77:2D:DC:AC:76:FC:F7:49:C1:6A:64:B3:B4:34:22:11:28:37:89:0E
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer: /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial: 0199FC58851C5C575DC199599FF3E0F503DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number: 16DF
Signing time: Sun 19 Oct 2025 12:01:23 +0000
Manifest this update: Sun 19 Oct 2025 12:01:23 +0000
Manifest next update: Mon 20 Oct 2025 12:01:23 +0000
Files and hashes: 1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: SGeXUiqSzhbIIl48+cOmJp6Ix7PpS6NVnqiS4b2tiLA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:85:1c:5c:57:5d:c1:99:59:9f:f3:e0:f5:03:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Validity
Not Before: Oct 19 12:01:23 2025 GMT
Not After : Oct 20 12:01:23 2025 GMT
Subject: CN=772ddcac76fcf749c16a64b3b43422112837890e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:01:39:1f:51:8e:f1:9a:a3:73:d2:2c:18:09:
82:70:1d:f2:6d:5d:07:78:98:1b:8e:08:e5:71:51:
fc:b1:8a:a5:34:a7:e9:49:5f:81:6f:0c:f3:52:3e:
f9:9f:32:9a:93:74:6a:4a:46:51:ac:50:77:89:58:
dd:80:41:eb:29:a1:3a:47:7c:57:24:29:4d:31:3c:
ad:bf:94:a7:90:80:3c:78:53:73:6b:91:b2:ad:f9:
cf:7f:45:f9:6b:33:20:ce:0d:73:59:57:4b:ba:7d:
92:4f:5e:21:93:6d:00:cb:4a:36:f1:5a:62:68:21:
bc:f8:53:36:8b:ed:e5:85:de:a1:97:ae:0b:e9:ef:
3f:a8:4e:ac:35:de:2d:04:a3:b8:b7:a3:93:05:b2:
1a:f0:b8:fa:cf:be:b9:cc:3f:76:a3:c0:52:92:88:
ea:4e:e0:bb:e6:71:c3:5d:7a:47:ea:a3:59:cc:10:
4e:cb:a8:4f:64:cb:f9:b1:c8:6f:e6:98:4c:bf:c8:
65:0a:17:55:de:3f:37:38:b2:ab:c7:4e:58:db:d0:
d5:34:64:fd:c3:a2:a0:88:58:18:c3:9f:f7:df:a9:
a9:db:fb:b3:8e:70:36:ec:3e:95:92:37:6d:48:77:
67:c5:14:a5:11:89:67:6e:7c:cb:36:10:ef:f5:cb:
dd:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:2D:DC:AC:76:FC:F7:49:C1:6A:64:B3:B4:34:22:11:28:37:89:0E
X509v3 Authority Key Identifier:
keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:e7:7f:8a:3e:25:d5:53:1e:8f:66:24:4a:83:7c:9d:27:e3:
2f:d5:9f:da:dd:a8:59:a0:04:0c:16:ad:87:c0:1e:78:a6:23:
74:18:e0:fa:31:0d:90:6d:5b:7c:f4:36:17:7e:8d:6f:1d:e3:
bd:89:b3:5c:78:cd:b4:d4:ec:96:ae:e6:88:fe:52:46:11:fe:
f0:29:6d:37:cb:5f:61:7b:10:f3:6e:8c:9e:fd:c1:10:38:a6:
f4:47:fa:2f:93:01:1f:a7:82:8f:78:b5:24:b7:06:d1:f9:15:
c3:51:0a:7c:04:23:32:fd:65:e0:2c:51:0f:8a:69:f3:95:ef:
3b:b3:f5:9c:42:a3:e8:fa:5f:2f:9c:29:c5:72:f3:88:60:26:
ed:1b:5b:e5:bc:69:35:de:67:26:03:9d:2a:d5:92:a2:78:c8:
35:a4:7f:57:92:76:98:d0:58:b6:08:94:96:6f:1b:51:bd:6a:
ae:89:a3:86:f3:23:ae:22:6f:03:8c:60:f8:8c:ad:51:5d:b6:
18:39:a4:d2:b5:80:63:27:b6:d9:db:81:d9:f7:61:1c:a6:9b:
0e:ea:5d:37:ab:7b:dd:11:f3:13:32:7a:db:43:21:7a:19:48:
58:45:5a:67:7d:3e:37:a1:c6:37:fd:f0:07:bb:ef:d3:72:fd:
93:ef:e4:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WIUcXFddwZlZn/Pg9QPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjUxMDE5MTIwMTIzWhcNMjUxMDIwMTIwMTIzWjAzMTEwLwYDVQQD
Eyg3NzJkZGNhYzc2ZmNmNzQ5YzE2YTY0YjNiNDM0MjIxMTI4Mzc4OTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQE5H1GO8Zqjc9IsGAmCcB3ybV0H
eJgbjgjlcVH8sYqlNKfpSV+BbwzzUj75nzKak3RqSkZRrFB3iVjdgEHrKaE6R3xX
JClNMTytv5SnkIA8eFNza5GyrfnPf0X5azMgzg1zWVdLun2ST14hk20Ay0o28Vpi
aCG8+FM2i+3lhd6hl64L6e8/qE6sNd4tBKO4t6OTBbIa8Lj6z765zD92o8BSkojq
TuC75nHDXXpH6qNZzBBOy6hPZMv5schv5phMv8hlChdV3j83OLKrx05Y29DVNGT9
w6KgiFgYw5/336mp2/uzjnA27D6VkjdtSHdnxRSlEYlnbnzLNhDv9cvdgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHct3Kx2/PdJwWpks7Q0IhEoN4kOMB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASOd/ij4l
1VMej2YkSoN8nSfjL9Wf2t2oWaAEDBath8AeeKYjdBjg+jENkG1bfPQ2F36Nbx3j
vYmzXHjNtNTslq7miP5SRhH+8CltN8tfYXsQ826Mnv3BEDim9Ef6L5MBH6eCj3i1
JLcG0fkVw1EKfAQjMv1l4CxRD4pp85XvO7P1nEKj6PpfL5wpxXLziGAm7Rtb5bxp
Nd5nJgOdKtWSonjINaR/V5J2mNBYtgiUlm8bUb1qromjhvMjriJvA4xg+IytUV22
GDmk0rWAYye22duB2fdhHKabDupdN6t73RHzEzJ620MhehlIWEVaZ30+N6HGN/3w
B7vv03L9k+/kPQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:29:21 2025 by rpki-client