
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/NufP3RKRk-IZw3ASHKFiUOQptYs.mft
File: NufP3RKRk-IZw3ASHKFiUOQptYs.mft (raw, json)
Hash identifier: RDaj4FjdpFkJe8edq3YMX5JaYM7W6/LqL+QmtWENXSE=
Subject key identifier: BB:E6:28:90:8E:2B:E4:F8:38:5E:A5:52:5A:75:64:82:44:5E:D8:A2
Authority key identifier: 36:E7:CF:DD:12:91:93:E2:19:C3:70:12:1C:A1:62:50:E4:29:B5:8B
Certificate issuer: /CN=36e7cfdd129193e219c370121ca16250e429b58b
Certificate serial: 0199FC5900054B4724A834D20503B95D299E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NufP3RKRk-IZw3ASHKFiUOQptYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/NufP3RKRk-IZw3ASHKFiUOQptYs.mft
Manifest number: 10D3
Signing time: Sun 19 Oct 2025 12:01:55 +0000
Manifest this update: Sun 19 Oct 2025 12:01:55 +0000
Manifest next update: Mon 20 Oct 2025 12:01:55 +0000
Files and hashes: 1: NufP3RKRk-IZw3ASHKFiUOQptYs.crl (hash: ptZ4nlMTp4Blgo77rpRYPh0WT9Wq2vQXFLjomxume+w=)
2: TQTaN9R3PROnWSlPAnOimZ3OkV0.roa (hash: 6MvOdY9qe95Xeb6bYl6JjgUIxMzjpmO+qyLURJWgUDA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/NufP3RKRk-IZw3ASHKFiUOQptYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/NufP3RKRk-IZw3ASHKFiUOQptYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/NufP3RKRk-IZw3ASHKFiUOQptYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:59:00:05:4b:47:24:a8:34:d2:05:03:b9:5d:29:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36e7cfdd129193e219c370121ca16250e429b58b
Validity
Not Before: Oct 19 12:01:55 2025 GMT
Not After : Oct 20 12:01:55 2025 GMT
Subject: CN=bbe628908e2be4f8385ea5525a756482445ed8a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cd:fb:83:9a:92:b5:24:65:b5:86:15:ec:85:
af:cc:ea:48:66:12:7b:b3:c5:05:de:f7:48:a8:9a:
83:f6:dc:5a:43:0f:46:ed:f5:94:23:7f:31:fe:52:
c4:a8:de:d2:bb:82:a4:bc:29:af:02:64:0d:4f:e2:
ee:d3:42:87:22:07:6b:71:8e:d3:ce:48:93:bd:e5:
ad:c1:0e:6c:3d:86:5c:fd:02:67:03:3e:a8:e6:77:
fb:91:5e:6b:95:ff:6c:c9:b8:fe:76:e0:d9:c9:1f:
f3:18:69:a8:da:cf:ec:72:bc:a6:37:cb:00:a3:6d:
8c:e1:d1:c4:d3:7f:1d:a7:47:9c:77:3d:e0:f7:a9:
ee:ea:dd:9e:1c:f5:37:a6:f9:3c:ce:ca:5b:d4:30:
8a:c3:46:44:00:b4:1d:b1:44:75:71:67:53:fa:b0:
29:32:5c:ee:3b:66:ad:4d:e5:7c:7d:88:66:f7:73:
fe:33:6a:a5:e6:c6:be:a2:8f:1c:1f:03:a8:5a:0b:
50:fd:35:23:18:5d:bf:66:ee:7d:ce:46:d3:ea:83:
f0:1a:f0:5a:81:73:6f:19:14:4d:a3:61:71:12:46:
e5:06:c0:b2:f7:4e:d0:c3:68:5b:b4:c2:a9:5f:0d:
54:df:bc:4c:41:56:f7:39:f5:cb:99:df:4e:09:57:
04:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E6:28:90:8E:2B:E4:F8:38:5E:A5:52:5A:75:64:82:44:5E:D8:A2
X509v3 Authority Key Identifier:
keyid:36:E7:CF:DD:12:91:93:E2:19:C3:70:12:1C:A1:62:50:E4:29:B5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NufP3RKRk-IZw3ASHKFiUOQptYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/NufP3RKRk-IZw3ASHKFiUOQptYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/NufP3RKRk-IZw3ASHKFiUOQptYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:47:e1:56:7e:3b:b6:3a:08:af:0b:35:13:63:01:6a:81:bf:
28:fb:b5:00:c6:05:b7:42:5c:a1:6e:75:67:c3:02:83:3f:d8:
3b:60:9b:f5:04:42:87:24:14:2d:46:f9:90:88:69:65:da:73:
55:17:b3:11:0a:08:42:14:3a:a9:d7:e1:d8:0b:3f:06:10:ab:
b8:e2:7f:40:48:2e:35:2f:50:63:94:74:d6:bc:6b:bc:94:0b:
0f:9e:06:50:4d:db:b2:6e:e8:83:fc:91:53:84:28:d7:cb:d2:
cf:ce:60:36:2c:1e:da:0c:f0:29:3e:d1:c1:5a:7e:77:b6:07:
86:a3:30:14:a5:78:08:0b:5f:bd:19:1d:3f:3c:93:f3:c5:8e:
c6:a4:91:5c:18:9b:5d:6d:ac:c7:f9:0e:c2:8e:e1:84:93:a6:
e4:fa:1b:1a:15:7c:a4:0b:5e:34:15:41:dd:a4:e2:4a:3c:b0:
03:83:d2:da:3a:c0:c0:be:4e:4e:ff:a1:e6:11:57:4c:77:4d:
88:52:e5:e3:6c:78:60:2e:a0:a3:bb:7b:0f:0f:8b:2f:30:05:
bf:da:2e:a0:f5:a0:9a:0e:05:4b:bb:60:32:66:e5:0d:6a:ba:
07:b9:90:79:7d:bf:ce:29:1d:18:62:a8:b1:06:ee:81:bc:c9:
69:b0:9a:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WQAFS0ckqDTSBQO5XSmeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZTdjZmRkMTI5MTkzZTIxOWMzNzAxMjFjYTE2MjUwZTQy
OWI1OGIwHhcNMjUxMDE5MTIwMTU1WhcNMjUxMDIwMTIwMTU1WjAzMTEwLwYDVQQD
EyhiYmU2Mjg5MDhlMmJlNGY4Mzg1ZWE1NTI1YTc1NjQ4MjQ0NWVkOGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAls37g5qStSRltYYV7IWvzOpIZhJ7
s8UF3vdIqJqD9txaQw9G7fWUI38x/lLEqN7Su4KkvCmvAmQNT+Lu00KHIgdrcY7T
zkiTveWtwQ5sPYZc/QJnAz6o5nf7kV5rlf9sybj+duDZyR/zGGmo2s/scrymN8sA
o22M4dHE038dp0ecdz3g96nu6t2eHPU3pvk8zspb1DCKw0ZEALQdsUR1cWdT+rAp
MlzuO2atTeV8fYhm93P+M2ql5sa+oo8cHwOoWgtQ/TUjGF2/Zu59zkbT6oPwGvBa
gXNvGRRNo2FxEkblBsCy907Qw2hbtMKpXw1U37xMQVb3OfXLmd9OCVcETQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvmKJCOK+T4OF6lUlp1ZIJEXtiiMB8GA1UdIwQY
MBaAFDbnz90SkZPiGcNwEhyhYlDkKbWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVmUDNSS1JrLUladzNBU0hLRmlVT1FwdFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zNTU1ZTAtOTQ0My00ZTYzLWE4OWIt
ZGQxN2JmZDY3Y2QzLzEvTnVmUDNSS1JrLUladzNBU0hLRmlVT1FwdFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zNTU1ZTAtOTQ0My00ZTYzLWE4OWItZGQxN2JmZDY3Y2Qz
LzEvTnVmUDNSS1JrLUladzNBU0hLRmlVT1FwdFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPUfhVn47
tjoIrws1E2MBaoG/KPu1AMYFt0JcoW51Z8MCgz/YO2Cb9QRChyQULUb5kIhpZdpz
VRezEQoIQhQ6qdfh2As/BhCruOJ/QEguNS9QY5R01rxrvJQLD54GUE3bsm7og/yR
U4Qo18vSz85gNiwe2gzwKT7RwVp+d7YHhqMwFKV4CAtfvRkdPzyT88WOxqSRXBib
XW2sx/kOwo7hhJOm5PobGhV8pAteNBVB3aTiSjywA4PS2jrAwL5OTv+h5hFXTHdN
iFLl42x4YC6go7t7Dw+LLzAFv9ouoPWgmg4FS7tgMmblDWq6B7mQeX2/zikdGGKo
sQbugbzJabCaWw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:28 2025 by rpki-client