Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft
File: nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft (raw, json)
Hash identifier: gl9Aok0ztm14ws+UvQgDUL1Y7TOMbsErcdnzk8TlOwc=
Subject key identifier: A0:40:52:1C:92:46:56:4A:8C:2C:DF:6D:5F:E4:97:A6:77:31:6A:F3
Authority key identifier: 9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
Certificate issuer: /CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Certificate serial: 0199FC216E0D871CC153CC0367EC2B8CD84D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft
Manifest number: 16E5
Signing time: Sun 19 Oct 2025 11:01:13 +0000
Manifest this update: Sun 19 Oct 2025 11:01:13 +0000
Manifest next update: Mon 20 Oct 2025 11:01:13 +0000
Files and hashes: 1: 9v5VLNQmHUC6c_AtiguXiv9VBlw.roa (hash: iNy4HwSBG8Jz28fsrZBO8bxra5HKthytWN8pQ51S61o=)
2: nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl (hash: QatxRJcwGGVsXEddJUex4PlzwSSwBDucN++184mXxM8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft
rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:21:6e:0d:87:1c:c1:53:cc:03:67:ec:2b:8c:d8:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Validity
Not Before: Oct 19 11:01:13 2025 GMT
Not After : Oct 20 11:01:13 2025 GMT
Subject: CN=a040521c9246564a8c2cdf6d5fe497a677316af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5d:b1:a2:15:9b:06:98:b8:c4:d9:16:20:59:
5c:40:e4:e8:73:a5:de:76:96:7a:f4:f2:b1:a4:dc:
e7:f4:7b:98:7e:69:91:1b:85:38:f6:a0:37:97:ac:
52:7a:9e:2a:e1:6c:19:0d:db:f2:c3:f2:62:60:ca:
0b:34:99:a7:7d:ab:f7:e0:f4:cc:75:36:e4:7a:89:
c1:e4:6b:a9:a7:ce:58:33:2f:74:bd:18:c8:be:20:
08:d7:90:a8:68:85:49:9d:52:96:11:54:b1:e1:4e:
a2:bd:29:a7:e3:86:da:8a:b8:67:e6:da:30:64:46:
32:b7:3f:08:e0:df:82:47:06:00:53:97:84:37:b4:
bc:8b:34:53:8f:84:e2:7c:e5:e4:c5:7a:de:25:29:
b8:e4:9e:79:1c:61:03:f8:0b:4d:da:b0:a2:79:dc:
3e:67:22:25:9d:8a:9f:09:96:a0:58:32:2a:85:10:
b6:fa:a7:3e:c8:9f:0c:67:3f:a4:0c:58:d2:f1:d2:
28:27:51:97:08:6f:ec:c0:68:ad:e7:53:32:1f:86:
14:52:7d:b9:45:80:37:a2:da:f5:19:54:97:dc:4c:
24:dc:78:8c:e6:9d:c1:1b:d7:73:3a:df:0f:7b:34:
83:4e:81:85:11:10:08:b8:79:06:4b:90:94:ad:6c:
c2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:40:52:1C:92:46:56:4A:8C:2C:DF:6D:5F:E4:97:A6:77:31:6A:F3
X509v3 Authority Key Identifier:
keyid:9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:a2:02:10:64:fc:6e:80:13:fc:4c:81:2f:aa:4a:53:77:be:
e3:75:14:70:26:3b:5a:7b:b8:5d:66:c1:9b:af:a4:20:e1:ed:
c9:76:4d:d3:99:ac:d7:ec:f9:f7:77:19:cb:b0:c1:ca:39:70:
11:23:c5:bb:72:76:c9:12:b5:97:81:8c:ed:16:35:f3:be:74:
fd:03:94:de:fa:77:64:53:cf:49:79:88:e8:9a:4c:f0:76:66:
13:fa:e3:dd:03:1b:43:ac:37:2d:c1:08:32:3b:f6:29:a6:ed:
e2:e9:cb:98:f7:17:ca:10:13:d1:b3:d5:70:1b:70:ff:7a:fb:
13:80:5e:b3:4d:66:fd:1d:6f:9e:24:e4:1d:b7:9d:b9:6b:cd:
5d:fb:cf:65:70:9c:1a:29:22:93:13:39:40:a7:73:5d:4e:d5:
36:d4:bd:5b:ea:c8:67:d5:23:71:bb:dc:09:82:54:84:1c:a3:
1f:9a:78:ae:8a:09:f1:03:2c:f3:03:e3:26:25:b9:ca:23:fc:
e6:78:4b:18:03:bb:a9:e4:12:17:b3:64:1d:cb:4d:5e:4c:b8:
a8:28:e2:83:75:37:d1:c5:77:8c:a6:43:9e:17:87:87:d0:da:
e7:73:60:0a:03:75:32:c8:f7:a3:7c:c7:28:ee:6d:ac:0c:5c:
a6:03:98:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IW4NhxzBU8wDZ+wrjNhNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTA1ZjJlNjdhMWU2MDRiM2Y5NjNjZTRjMzY3ZDE5NThi
ZDRiNzgwHhcNMjUxMDE5MTEwMTEzWhcNMjUxMDIwMTEwMTEzWjAzMTEwLwYDVQQD
EyhhMDQwNTIxYzkyNDY1NjRhOGMyY2RmNmQ1ZmU0OTdhNjc3MzE2YWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs12xohWbBpi4xNkWIFlcQOToc6Xe
dpZ69PKxpNzn9HuYfmmRG4U49qA3l6xSep4q4WwZDdvyw/JiYMoLNJmnfav34PTM
dTbkeonB5Gupp85YMy90vRjIviAI15CoaIVJnVKWEVSx4U6ivSmn44bairhn5tow
ZEYytz8I4N+CRwYAU5eEN7S8izRTj4TifOXkxXreJSm45J55HGED+AtN2rCiedw+
ZyIlnYqfCZagWDIqhRC2+qc+yJ8MZz+kDFjS8dIoJ1GXCG/swGit51MyH4YUUn25
RYA3otr1GVSX3Ewk3HiM5p3BG9dzOt8PezSDToGFERAIuHkGS5CUrWzCEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKBAUhySRlZKjCzfbV/kl6Z3MWrzMB8GA1UdIwQY
MBaAFJ5QXy5noeYEs/ljzkw2fRlYvUt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAt
MDg1NDI0NTRkMTZiLzEvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAtMDg1NDI0NTRkMTZi
LzEvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUKICEGT8
boAT/EyBL6pKU3e+43UUcCY7Wnu4XWbBm6+kIOHtyXZN05ms1+z593cZy7DByjlw
ESPFu3J2yRK1l4GM7RY18750/QOU3vp3ZFPPSXmI6JpM8HZmE/rj3QMbQ6w3LcEI
Mjv2Kabt4unLmPcXyhAT0bPVcBtw/3r7E4Bes01m/R1vniTkHbeduWvNXfvPZXCc
GikikxM5QKdzXU7VNtS9W+rIZ9UjcbvcCYJUhByjH5p4rooJ8QMs8wPjJiW5yiP8
5nhLGAO7qeQSF7NkHctNXky4qCjig3U30cV3jKZDnheHh9Da53NgCgN1Msj3o3zH
KO5trAxcpgOYoQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:39:45 2025 by rpki-client