Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
File: NADZSQmD598yx88Xyh6tTwX3lkY.mft (raw, json)
Hash identifier: eXNeuzkPcXSQvqZKKhVeYJt24wEqbONySvRjfTlw7q0=
Subject key identifier: 41:90:E5:E1:01:1A:0C:7D:74:41:1A:53:EE:AD:E8:00:E2:5F:89:EF
Authority key identifier: 34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
Certificate issuer: /CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Certificate serial: 0198D5BBD904A9AEEBD62600F495C0654ED0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
Manifest number: 07BC
Signing time: Sat 23 Aug 2025 07:01:54 +0000
Manifest this update: Sat 23 Aug 2025 07:01:54 +0000
Manifest next update: Sun 24 Aug 2025 07:01:54 +0000
Files and hashes: 1: NADZSQmD598yx88Xyh6tTwX3lkY.crl (hash: YWpEtZ6Uk2CIj7uv5M6SmNJwNS+FP3rMDVaXGTRyaJ8=)
2: wGV9gdNmWFtWWUn9dwqAU6O3Xlw.roa (hash: e5ewBGv57i41ziAigHZZOeL98kqI4hYVQ5SbzM8SjnI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:bb:d9:04:a9:ae:eb:d6:26:00:f4:95:c0:65:4e:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Validity
Not Before: Aug 23 07:01:54 2025 GMT
Not After : Aug 24 07:01:54 2025 GMT
Subject: CN=4190e5e1011a0c7d74411a53eeade800e25f89ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:33:9a:09:d0:e3:e3:da:27:16:14:da:18:ed:
79:59:ef:84:df:96:86:2e:84:cd:78:d7:52:fd:1b:
62:35:e5:ca:40:d2:00:99:1f:4f:5e:d1:32:55:35:
6c:f5:ef:67:30:18:ac:cb:a5:cf:60:b8:46:b2:67:
72:09:8c:d5:59:98:38:e8:35:cb:00:4e:6c:9a:3d:
4d:8f:29:67:88:53:3f:ac:2c:13:3f:4b:9d:38:90:
68:46:a3:6d:81:85:dd:9d:30:41:85:43:34:bd:ad:
65:79:17:ff:5d:fc:ae:76:ed:07:6b:67:1f:8c:ac:
8b:52:67:65:97:0a:6e:96:d5:f5:6b:aa:64:bb:4f:
b8:40:c9:e2:c9:74:96:4f:8d:be:39:cd:c8:72:77:
ef:f0:d5:e3:ae:a3:4c:71:85:59:4e:a3:57:5c:06:
cf:13:34:61:bb:a3:c5:60:ef:1b:73:3b:47:6d:2b:
ea:d6:aa:51:12:e9:41:6d:00:21:4b:be:83:f1:55:
88:83:ae:3f:38:9d:4f:47:21:15:c9:c1:a3:dd:39:
a9:ce:dd:d5:24:83:94:47:12:5b:d8:ac:39:b6:84:
62:86:6a:ee:3c:36:ec:aa:99:44:96:ab:9b:a0:00:
1c:ab:31:27:14:25:10:a9:b9:c2:0e:32:97:e2:3f:
12:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:90:E5:E1:01:1A:0C:7D:74:41:1A:53:EE:AD:E8:00:E2:5F:89:EF
X509v3 Authority Key Identifier:
keyid:34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:15:66:e5:ce:82:39:b5:85:85:81:1b:27:3a:f3:15:47:5c:
07:f3:a2:fc:b5:55:d1:76:8b:fb:d4:8e:9b:60:12:31:ff:4c:
79:9c:97:13:52:24:71:ef:5d:e5:0f:96:dd:2f:85:24:1f:79:
0a:28:f3:ab:2d:ae:74:09:e4:84:3e:b9:e8:27:87:18:a5:72:
c6:bd:a3:ed:89:f7:5f:c3:5a:3a:59:4f:1d:d5:65:14:be:81:
de:62:f3:5a:c4:ca:80:e3:7d:c1:ce:ac:99:94:f2:f8:44:02:
41:54:45:c5:c4:d7:6d:33:e5:61:f9:e2:73:19:f0:20:9b:b4:
2b:f1:fa:be:93:07:0b:30:b7:d7:87:99:70:88:b0:2d:73:bd:
9e:61:3b:ca:cd:68:28:1c:b3:7b:ad:ac:40:89:e8:c9:3b:70:
4c:83:04:ab:73:61:3a:1c:f0:3b:f2:8e:1a:2c:2a:7c:30:cc:
ad:15:e3:d8:24:55:69:9a:9b:17:5f:6b:d4:4e:49:be:60:9f:
f1:24:40:ae:82:25:88:15:ee:30:46:c8:78:d3:ea:f0:a8:52:
15:e5:13:f0:42:8e:08:32:8a:b6:f9:8c:68:c3:10:db:d3:09:
07:34:00:14:4a:ab:32:7c:50:a3:75:21:6d:e8:2c:1b:34:d0:
58:ce:dd:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu9kEqa7r1iYA9JXAZU7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDBkOTQ5MDk4M2U3ZGYzMmM3Y2YxN2NhMWVhZDRmMDVm
Nzk2NDYwHhcNMjUwODIzMDcwMTU0WhcNMjUwODI0MDcwMTU0WjAzMTEwLwYDVQQD
Eyg0MTkwZTVlMTAxMWEwYzdkNzQ0MTFhNTNlZWFkZTgwMGUyNWY4OWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzOaCdDj49onFhTaGO15We+E35aG
LoTNeNdS/RtiNeXKQNIAmR9PXtEyVTVs9e9nMBisy6XPYLhGsmdyCYzVWZg46DXL
AE5smj1NjylniFM/rCwTP0udOJBoRqNtgYXdnTBBhUM0va1leRf/Xfyudu0Ha2cf
jKyLUmdllwpultX1a6pku0+4QMniyXSWT42+Oc3Icnfv8NXjrqNMcYVZTqNXXAbP
EzRhu6PFYO8bcztHbSvq1qpREulBbQAhS76D8VWIg64/OJ1PRyEVycGj3Tmpzt3V
JIOURxJb2Kw5toRihmruPDbsqplElquboAAcqzEnFCUQqbnCDjKX4j8SfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGQ5eEBGgx9dEEaU+6t6ADiX4nvMB8GA1UdIwQY
MBaAFDQA2UkJg+ffMsfPF8oerU8F95ZGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYt
ZjQ5NDZmMDNmNTQyLzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYtZjQ5NDZmMDNmNTQy
LzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALRVm5c6C
ObWFhYEbJzrzFUdcB/Oi/LVV0XaL+9SOm2ASMf9MeZyXE1Ikce9d5Q+W3S+FJB95
Cijzqy2udAnkhD656CeHGKVyxr2j7Yn3X8NaOllPHdVlFL6B3mLzWsTKgON9wc6s
mZTy+EQCQVRFxcTXbTPlYfnicxnwIJu0K/H6vpMHCzC314eZcIiwLXO9nmE7ys1o
KByze62sQInoyTtwTIMEq3NhOhzwO/KOGiwqfDDMrRXj2CRVaZqbF19r1E5JvmCf
8SRAroIliBXuMEbIeNPq8KhSFeUT8EKOCDKKtvmMaMMQ29MJBzQAFEqrMnxQo3Uh
begsGzTQWM7dIA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:31:04 2025 by rpki-client