Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.mft
File: NawwjJT1exHO4bqE7xJ4RHxnhes.mft (raw, json)
Hash identifier: uUkDaSmmgcJzA5lTG00+ysfq0l7nLXSqF+uOL4eXPeA=
Subject key identifier: 07:29:2E:4B:8E:72:46:74:BB:4A:98:36:5B:AC:CC:ED:2B:73:15:F4
Authority key identifier: 35:AC:30:8C:94:F5:7B:11:CE:E1:BA:84:EF:12:78:44:7C:67:85:EB
Certificate issuer: /CN=35ac308c94f57b11cee1ba84ef1278447c6785eb
Certificate serial: 0199FC8F8055E181283531FC494B8F320BF3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NawwjJT1exHO4bqE7xJ4RHxnhes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.mft
Manifest number: 16E4
Signing time: Sun 19 Oct 2025 13:01:26 +0000
Manifest this update: Sun 19 Oct 2025 13:01:26 +0000
Manifest next update: Mon 20 Oct 2025 13:01:26 +0000
Files and hashes: 1: NawwjJT1exHO4bqE7xJ4RHxnhes.crl (hash: ZlWqYOQ3sT40SEZuxehWSd+qLFcB6BFjDtBwbV0nkoQ=)
2: ge72rIVKenfFe0v5asZR_PaxIp4.roa (hash: o9engqettqOIJ9n8PYQ/SXW11G8NZE3fZOewqKwRqSE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.mft
rsync://rpki.ripe.net/repository/DEFAULT/NawwjJT1exHO4bqE7xJ4RHxnhes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:80:55:e1:81:28:35:31:fc:49:4b:8f:32:0b:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35ac308c94f57b11cee1ba84ef1278447c6785eb
Validity
Not Before: Oct 19 13:01:26 2025 GMT
Not After : Oct 20 13:01:26 2025 GMT
Subject: CN=07292e4b8e724674bb4a98365baccced2b7315f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:94:0d:72:79:92:c6:7f:3e:de:24:f0:91:a2:
e9:89:5d:cb:fd:fc:19:dc:d7:db:6e:71:d7:86:b7:
3c:a6:4e:e5:f8:f3:6e:00:c8:53:5a:53:ee:4b:94:
7a:fd:5b:0b:dc:bd:1b:c9:7d:f9:20:9f:3d:07:02:
cd:14:7b:a9:cc:b3:81:25:16:18:14:50:d7:2b:dd:
bd:ed:cf:bb:36:6a:35:32:44:f9:b0:0d:da:d1:ca:
dc:7e:c8:4b:cb:ea:df:8a:23:26:93:01:cb:1f:e7:
33:ba:fa:53:e5:51:50:fc:ac:f6:fd:75:bf:df:d6:
5e:84:95:14:fd:ec:cd:64:e7:aa:3d:e6:c1:9f:bd:
9a:88:4c:7a:45:fc:05:c6:9c:29:b6:f0:01:cf:a3:
19:9a:db:ea:f4:4d:9f:ea:9b:c4:61:8c:4d:ef:65:
48:4e:95:66:dc:30:90:15:92:91:e0:df:3e:cf:71:
9e:2e:8c:9e:99:fd:71:72:c7:02:9e:a2:a2:cb:7e:
99:08:25:02:1d:15:f9:90:17:ca:57:e0:43:09:84:
a9:f3:15:ef:a0:68:95:94:63:7e:1b:52:ca:ea:8c:
32:c5:04:5f:fe:ab:3e:d2:08:9c:6d:e1:af:cd:1b:
19:97:8b:4e:bb:af:5e:e0:ce:1a:1e:bf:33:3e:e6:
cc:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:29:2E:4B:8E:72:46:74:BB:4A:98:36:5B:AC:CC:ED:2B:73:15:F4
X509v3 Authority Key Identifier:
keyid:35:AC:30:8C:94:F5:7B:11:CE:E1:BA:84:EF:12:78:44:7C:67:85:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NawwjJT1exHO4bqE7xJ4RHxnhes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:cc:be:10:cd:f1:54:60:7e:89:50:8a:68:62:9f:92:5a:35:
3f:df:95:e8:99:29:e0:e8:a2:2a:60:4a:07:a6:82:c7:14:ae:
fe:2a:77:f8:92:45:96:b7:4f:d6:a9:70:9e:bb:47:18:78:09:
e7:d6:c5:a8:02:43:3d:d6:42:d2:66:cb:7e:f5:a5:7c:f7:8b:
d8:04:48:37:c2:9e:43:34:cb:58:e4:0d:02:63:9f:14:7a:2c:
f4:2b:84:27:83:2a:70:cf:a6:1a:ca:6d:95:70:c8:91:e3:e5:
2f:46:83:9c:d7:44:a2:64:b3:6a:9e:25:c6:0d:d1:6b:81:c4:
f7:87:7e:11:82:1e:4a:7e:fa:71:ef:0b:51:ed:d3:5d:0b:93:
e4:0e:5e:f6:e2:c4:5e:ea:b0:f9:03:9f:f7:76:90:dd:81:0d:
a8:29:f7:39:8b:61:a0:d1:61:56:5c:e0:60:d6:91:27:9b:67:
e8:2f:6f:a8:af:58:9d:4e:1a:dd:29:e3:44:ab:7f:72:80:ba:
25:a0:24:86:d2:62:e2:2e:29:f7:f3:a5:6f:bc:90:c0:18:c2:
59:b8:82:83:f0:0b:ba:2a:ea:3b:8d:0b:81:dc:b5:be:67:a1:
89:da:c3:01:ca:7a:40:3a:8b:6e:fc:73:cf:6f:41:41:ac:d4:
2d:10:83:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j4BV4YEoNTH8SUuPMgvzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1YWMzMDhjOTRmNTdiMTFjZWUxYmE4NGVmMTI3ODQ0N2M2
Nzg1ZWIwHhcNMjUxMDE5MTMwMTI2WhcNMjUxMDIwMTMwMTI2WjAzMTEwLwYDVQQD
EygwNzI5MmU0YjhlNzI0Njc0YmI0YTk4MzY1YmFjY2NlZDJiNzMxNWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJQNcnmSxn8+3iTwkaLpiV3L/fwZ
3NfbbnHXhrc8pk7l+PNuAMhTWlPuS5R6/VsL3L0byX35IJ89BwLNFHupzLOBJRYY
FFDXK9297c+7Nmo1MkT5sA3a0crcfshLy+rfiiMmkwHLH+czuvpT5VFQ/Kz2/XW/
39ZehJUU/ezNZOeqPebBn72aiEx6RfwFxpwptvABz6MZmtvq9E2f6pvEYYxN72VI
TpVm3DCQFZKR4N8+z3GeLoyemf1xcscCnqKiy36ZCCUCHRX5kBfKV+BDCYSp8xXv
oGiVlGN+G1LK6owyxQRf/qs+0gicbeGvzRsZl4tOu69e4M4aHr8zPubMRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAcpLkuOckZ0u0qYNluszO0rcxX0MB8GA1UdIwQY
MBaAFDWsMIyU9XsRzuG6hO8SeER8Z4XrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmF3d2pKVDFleEhPNGJxRTd4SjRSSHhuaGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8yYjMyMTgtNTQyYy00ZDk1LWFjMDct
NjBkMzU1NTRjZTY0LzEvTmF3d2pKVDFleEhPNGJxRTd4SjRSSHhuaGVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8yYjMyMTgtNTQyYy00ZDk1LWFjMDctNjBkMzU1NTRjZTY0
LzEvTmF3d2pKVDFleEhPNGJxRTd4SjRSSHhuaGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdsy+EM3x
VGB+iVCKaGKfklo1P9+V6Jkp4OiiKmBKB6aCxxSu/ip3+JJFlrdP1qlwnrtHGHgJ
59bFqAJDPdZC0mbLfvWlfPeL2ARIN8KeQzTLWOQNAmOfFHos9CuEJ4MqcM+mGspt
lXDIkePlL0aDnNdEomSzap4lxg3Ra4HE94d+EYIeSn76ce8LUe3TXQuT5A5e9uLE
Xuqw+QOf93aQ3YENqCn3OYthoNFhVlzgYNaRJ5tn6C9vqK9YnU4a3SnjRKt/coC6
JaAkhtJi4i4p9/Olb7yQwBjCWbiCg/ALuirqO40Lgdy1vmehidrDAcp6QDqLbvxz
z29BQazULRCD/Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:58:57 2025 by rpki-client