Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
File: NADZSQmD598yx88Xyh6tTwX3lkY.mft (raw, json)
Hash identifier: dTiPiADDiT/81C7Lol/UZ2Tv4nmcDc5n7POukeTTZ8g=
Subject key identifier: D8:5D:3D:44:3F:32:2B:C5:5C:D4:DC:B7:37:08:29:A6:CB:FC:FC:FA
Authority key identifier: 34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
Certificate issuer: /CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Certificate serial: 019A01110DF71D38211146A75BA9D02315C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
Manifest number: 0857
Signing time: Mon 20 Oct 2025 10:01:26 +0000
Manifest this update: Mon 20 Oct 2025 10:01:26 +0000
Manifest next update: Tue 21 Oct 2025 10:01:26 +0000
Files and hashes: 1: NADZSQmD598yx88Xyh6tTwX3lkY.crl (hash: z/Nnt77aaNNy7y69k9XYHI9D5iLtzEIcyI8F0N5qi/U=)
2: wGV9gdNmWFtWWUn9dwqAU6O3Xlw.roa (hash: e5ewBGv57i41ziAigHZZOeL98kqI4hYVQ5SbzM8SjnI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:11:0d:f7:1d:38:21:11:46:a7:5b:a9:d0:23:15:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Validity
Not Before: Oct 20 10:01:26 2025 GMT
Not After : Oct 21 10:01:26 2025 GMT
Subject: CN=d85d3d443f322bc55cd4dcb7370829a6cbfcfcfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c5:8b:f6:cd:f3:33:f6:cc:3c:35:fd:e3:b8:
00:1d:73:c9:dc:68:0c:9f:81:09:82:e2:d2:be:e2:
59:72:d2:61:cd:2e:27:c6:c1:14:53:41:11:a3:5c:
69:d3:76:3d:8d:c5:04:a6:db:0d:e8:7f:43:7a:d7:
43:f5:64:b6:e2:6e:81:d3:d5:5f:86:c8:64:55:20:
89:8c:58:1f:0a:3e:2f:6d:ee:85:35:37:29:03:c5:
52:6e:ee:6c:61:51:70:4a:cf:c6:be:f4:d0:f7:49:
12:1d:c4:81:9a:69:89:e8:5f:25:d4:d5:2a:5b:d2:
85:30:84:f6:ed:9e:d4:ec:0a:08:37:e5:8c:cb:59:
9e:ef:af:51:e7:93:fe:05:2f:6c:e3:8f:b2:9b:3e:
c3:ba:46:f5:0a:5c:45:44:fe:41:77:71:c3:ee:4e:
47:f5:c3:2b:59:a5:b3:ed:7e:23:6f:cf:29:5c:f8:
0a:36:52:37:99:bc:de:9d:46:36:39:80:cc:48:7d:
e9:57:ec:74:51:29:22:f4:cb:c8:15:ac:e2:22:69:
ac:e0:69:01:72:9f:81:e2:e3:58:21:11:d4:bb:e0:
d5:9b:af:b2:4f:7f:23:90:94:e9:72:a6:9b:e5:e2:
df:9e:18:31:c4:40:e4:4f:a8:a7:ed:1c:c4:fb:97:
62:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:5D:3D:44:3F:32:2B:C5:5C:D4:DC:B7:37:08:29:A6:CB:FC:FC:FA
X509v3 Authority Key Identifier:
keyid:34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:84:09:96:72:2e:2a:9e:0b:56:fd:9f:63:21:b6:a1:b3:80:
1c:75:c1:b2:0d:c6:eb:b4:82:af:89:f3:ba:93:9a:64:b4:92:
58:8f:e8:ed:5b:a6:a3:da:d3:a6:ed:f4:2c:f8:3a:dc:61:c8:
4d:ac:c9:ac:69:1f:68:f3:2f:f7:d5:f1:91:41:01:b8:43:2a:
30:8e:4d:3d:3a:76:b6:b1:0d:b1:28:22:2b:ff:bd:44:36:51:
aa:6e:6a:2e:d1:cb:72:c3:71:ba:52:f8:39:4a:4d:6c:4c:d7:
09:cf:c7:7b:64:50:0a:89:05:74:49:fb:0b:2f:4f:f8:d9:58:
89:2a:22:ea:d4:23:4c:66:c8:fc:3d:f7:6f:49:03:92:7d:76:
50:d7:5e:3d:f4:6a:1e:16:1c:0a:93:bd:8f:09:02:13:2a:a0:
ba:f7:24:4f:91:9b:80:5c:74:c1:88:96:ee:09:c0:98:23:75:
68:31:25:39:f4:48:fb:cf:b1:8b:aa:4e:c1:8c:6f:67:fe:7b:
8d:2b:e4:27:41:aa:f9:95:e1:15:b7:40:89:9b:81:aa:d8:d0:
59:91:f9:06:31:7a:cc:92:b8:83:50:43:0d:75:cb:34:8b:41:
18:91:ca:f1:97:72:73:5a:cb:8c:82:a4:0e:c2:7f:9e:8a:18:
38:b0:90:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBEQ33HTghEUanW6nQIxXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDBkOTQ5MDk4M2U3ZGYzMmM3Y2YxN2NhMWVhZDRmMDVm
Nzk2NDYwHhcNMjUxMDIwMTAwMTI2WhcNMjUxMDIxMTAwMTI2WjAzMTEwLwYDVQQD
EyhkODVkM2Q0NDNmMzIyYmM1NWNkNGRjYjczNzA4MjlhNmNiZmNmY2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8WL9s3zM/bMPDX947gAHXPJ3GgM
n4EJguLSvuJZctJhzS4nxsEUU0ERo1xp03Y9jcUEptsN6H9DetdD9WS24m6B09Vf
hshkVSCJjFgfCj4vbe6FNTcpA8VSbu5sYVFwSs/GvvTQ90kSHcSBmmmJ6F8l1NUq
W9KFMIT27Z7U7AoIN+WMy1me769R55P+BS9s44+ymz7Dukb1ClxFRP5Bd3HD7k5H
9cMrWaWz7X4jb88pXPgKNlI3mbzenUY2OYDMSH3pV+x0USki9MvIFaziImms4GkB
cp+B4uNYIRHUu+DVm6+yT38jkJTpcqab5eLfnhgxxEDkT6in7RzE+5diqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhdPUQ/MivFXNTctzcIKabL/Pz6MB8GA1UdIwQY
MBaAFDQA2UkJg+ffMsfPF8oerU8F95ZGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYt
ZjQ5NDZmMDNmNTQyLzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYtZjQ5NDZmMDNmNTQy
LzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeIQJlnIu
Kp4LVv2fYyG2obOAHHXBsg3G67SCr4nzupOaZLSSWI/o7Vumo9rTpu30LPg63GHI
TazJrGkfaPMv99XxkUEBuEMqMI5NPTp2trENsSgiK/+9RDZRqm5qLtHLcsNxulL4
OUpNbEzXCc/He2RQCokFdEn7Cy9P+NlYiSoi6tQjTGbI/D33b0kDkn12UNdePfRq
HhYcCpO9jwkCEyqguvckT5GbgFx0wYiW7gnAmCN1aDElOfRI+8+xi6pOwYxvZ/57
jSvkJ0Gq+ZXhFbdAiZuBqtjQWZH5BjF6zJK4g1BDDXXLNItBGJHK8Zdyc1rLjIKk
DsJ/nooYOLCQCg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:45:47 2025 by rpki-client