Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.mft
File: nzbQijzYpC9Goslt_XLtjO4nlHc.mft (raw, json)
Hash identifier: QYfa5aBGWAPPFaRtiCFes09D1ZOWSPijszya44u642I=
Subject key identifier: 2E:42:60:1E:D9:0F:1D:02:A1:18:2B:43:37:8E:88:B8:44:D8:C9:35
Authority key identifier: 9F:36:D0:8A:3C:D8:A4:2F:46:A2:C9:6D:FD:72:ED:8C:EE:27:94:77
Certificate issuer: /CN=9f36d08a3cd8a42f46a2c96dfd72ed8cee279477
Certificate serial: 0199FB45EE40C82966C4ED34378C06C7FFA2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzbQijzYpC9Goslt_XLtjO4nlHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.mft
Manifest number: 0CE9
Signing time: Sun 19 Oct 2025 07:01:28 +0000
Manifest this update: Sun 19 Oct 2025 07:01:28 +0000
Manifest next update: Mon 20 Oct 2025 07:01:28 +0000
Files and hashes: 1: nzbQijzYpC9Goslt_XLtjO4nlHc.crl (hash: Dzl3rdUQjioxqq3eE7+UMRZ65XLT8ed3F7KXqGkx3yw=)
2: twzQnUgBAT35ET2oNZWOjjEoBE4.roa (hash: HIWNIMTAhxf1Wnub1ymBGmdU28kJ6snFsV9+PWAEB7E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/nzbQijzYpC9Goslt_XLtjO4nlHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:45:ee:40:c8:29:66:c4:ed:34:37:8c:06:c7:ff:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f36d08a3cd8a42f46a2c96dfd72ed8cee279477
Validity
Not Before: Oct 19 07:01:28 2025 GMT
Not After : Oct 20 07:01:28 2025 GMT
Subject: CN=2e42601ed90f1d02a1182b43378e88b844d8c935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cc:ca:be:f7:a1:52:53:c0:c1:ca:74:15:cf:
07:24:8a:d6:28:ff:7b:d5:10:d6:b9:dd:ed:12:8a:
48:0f:b7:0a:89:d9:67:7d:f3:90:39:c6:b6:3a:7a:
9e:82:40:54:4b:b5:79:c9:98:ce:cb:c7:8f:ee:6c:
17:c4:88:a8:9c:db:f6:f2:93:e3:bc:35:4c:11:7c:
28:3b:39:77:0c:1b:11:0c:f4:21:15:c9:c4:bb:39:
a3:f2:c7:a5:84:89:01:e7:83:4e:8a:36:cf:4e:c3:
11:c2:e5:04:83:fd:ae:5f:62:d9:ef:b1:cb:e4:e3:
d9:5f:3e:16:84:b3:d7:4b:6e:5e:80:e6:b5:cb:54:
6d:b1:7c:c2:38:97:c5:01:ed:b9:88:3f:7f:c8:7d:
66:b7:a0:fe:e3:68:df:85:1d:9b:a2:c8:65:06:ae:
44:02:73:c3:fa:8c:23:28:8d:85:51:d6:52:f7:6d:
92:41:e3:ec:80:0c:02:f8:ac:58:e0:a0:74:de:f5:
54:7b:3d:4b:0d:6c:0d:40:86:63:02:4a:95:35:aa:
f7:4a:89:74:c4:83:de:a5:75:a7:19:f7:d1:50:cb:
34:16:2d:18:23:3a:43:f9:49:1c:a2:84:62:4e:05:
db:3b:3a:4c:08:96:df:b8:ca:1a:dd:f1:a9:aa:37:
37:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:42:60:1E:D9:0F:1D:02:A1:18:2B:43:37:8E:88:B8:44:D8:C9:35
X509v3 Authority Key Identifier:
keyid:9F:36:D0:8A:3C:D8:A4:2F:46:A2:C9:6D:FD:72:ED:8C:EE:27:94:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzbQijzYpC9Goslt_XLtjO4nlHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:10:44:b7:26:f8:08:69:f5:7d:cf:a8:8b:c1:c1:9e:f6:26:
7a:86:2b:5d:92:0a:18:4e:d1:9f:4d:9a:da:78:d6:f1:dd:45:
99:87:0b:09:21:e1:87:21:1a:4a:2d:d3:19:79:1e:4b:50:a3:
dc:a8:d6:77:7c:e8:ba:b0:47:e9:0a:a1:8c:6c:dd:22:bf:4b:
b5:fc:6a:29:8e:fe:fb:01:42:2d:55:84:9d:63:4a:5f:bc:d4:
58:87:7b:52:6d:3c:44:de:5d:e5:1a:96:c0:1e:7c:36:1b:dd:
ab:51:2a:a8:27:c4:90:dd:9f:65:17:10:d6:27:81:42:97:93:
71:3a:1d:ce:50:90:92:14:9c:f7:b9:7f:ea:b1:46:ea:dd:8b:
ce:eb:87:7e:72:83:d7:09:13:c9:a0:81:72:97:7f:07:3c:68:
2f:08:b3:c6:46:e1:74:d7:61:cc:5b:3c:43:54:d9:30:01:f5:
05:ab:f0:c3:d9:cc:c8:f5:43:ec:f8:6a:2c:a2:87:13:18:cf:
1a:39:e6:ed:37:4e:ac:1f:65:d8:43:97:fe:b9:07:ed:b5:2a:
ef:91:e1:5c:2e:db:de:78:e2:09:cb:6c:61:c2:2d:51:ea:07:
44:80:e5:2c:5a:50:60:07:fa:45:90:ff:5d:e0:19:4a:14:d4:
7e:d1:a6:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7Re5AyClmxO00N4wGx/+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzZkMDhhM2NkOGE0MmY0NmEyYzk2ZGZkNzJlZDhjZWUy
Nzk0NzcwHhcNMjUxMDE5MDcwMTI4WhcNMjUxMDIwMDcwMTI4WjAzMTEwLwYDVQQD
EygyZTQyNjAxZWQ5MGYxZDAyYTExODJiNDMzNzhlODhiODQ0ZDhjOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvszKvvehUlPAwcp0Fc8HJIrWKP97
1RDWud3tEopID7cKidlnffOQOca2OnqegkBUS7V5yZjOy8eP7mwXxIionNv28pPj
vDVMEXwoOzl3DBsRDPQhFcnEuzmj8selhIkB54NOijbPTsMRwuUEg/2uX2LZ77HL
5OPZXz4WhLPXS25egOa1y1RtsXzCOJfFAe25iD9/yH1mt6D+42jfhR2boshlBq5E
AnPD+owjKI2FUdZS922SQePsgAwC+KxY4KB03vVUez1LDWwNQIZjAkqVNar3Sol0
xIPepXWnGffRUMs0Fi0YIzpD+UkcooRiTgXbOzpMCJbfuMoa3fGpqjc3UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC5CYB7ZDx0CoRgrQzeOiLhE2Mk1MB8GA1UdIwQY
MBaAFJ820Io82KQvRqLJbf1y7YzuJ5R3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpiUWlqellwQzlHb3NsdF9YTHRqTzRubEhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yZmJiYTctZWEwZS00MDg5LTk3Mjct
YzMzMzcyYzlkNTA3LzEvbnpiUWlqellwQzlHb3NsdF9YTHRqTzRubEhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yZmJiYTctZWEwZS00MDg5LTk3MjctYzMzMzcyYzlkNTA3
LzEvbnpiUWlqellwQzlHb3NsdF9YTHRqTzRubEhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEhBEtyb4
CGn1fc+oi8HBnvYmeoYrXZIKGE7Rn02a2njW8d1FmYcLCSHhhyEaSi3TGXkeS1Cj
3KjWd3zourBH6QqhjGzdIr9LtfxqKY7++wFCLVWEnWNKX7zUWId7Um08RN5d5RqW
wB58Nhvdq1EqqCfEkN2fZRcQ1ieBQpeTcTodzlCQkhSc97l/6rFG6t2LzuuHfnKD
1wkTyaCBcpd/BzxoLwizxkbhdNdhzFs8Q1TZMAH1Bavww9nMyPVD7PhqLKKHExjP
Gjnm7TdOrB9l2EOX/rkH7bUq75HhXC7b3njiCctsYcItUeoHRIDlLFpQYAf6RZD/
XeAZShTUftGmCA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:40:29 2025 by rpki-client