Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/NehMBjohgLI_X20xYqdbMJL1wY0.mft
File: NehMBjohgLI_X20xYqdbMJL1wY0.mft (raw, json)
Hash identifier: Bptua168muGgNyhSX/gej4IzDjA6j8AUVJg4anB4d6c=
Subject key identifier: 3B:D8:FB:98:DF:05:70:72:68:DC:0F:D6:68:71:B2:C3:46:7E:FC:6C
Authority key identifier: 35:E8:4C:06:3A:21:80:B2:3F:5F:6D:31:62:A7:5B:30:92:F5:C1:8D
Certificate issuer: /CN=35e84c063a2180b23f5f6d3162a75b3092f5c18d
Certificate serial: 0199FC21A142EFC66C0B3857553AC320551B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NehMBjohgLI_X20xYqdbMJL1wY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/NehMBjohgLI_X20xYqdbMJL1wY0.mft
Manifest number: 16E0
Signing time: Sun 19 Oct 2025 11:01:26 +0000
Manifest this update: Sun 19 Oct 2025 11:01:26 +0000
Manifest next update: Mon 20 Oct 2025 11:01:26 +0000
Files and hashes: 1: NehMBjohgLI_X20xYqdbMJL1wY0.crl (hash: ld1AvyUldE+c8aLSGhgAx2rX9cx7cHrWbGPl/OjV614=)
2: W3mDa3qMM3UMHKwdjXNmQQYwzCo.roa (hash: uhcnNrB9w8L6u9yOsZumoNimMZDsDc9Fp+1S6uVCDDA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/NehMBjohgLI_X20xYqdbMJL1wY0.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/NehMBjohgLI_X20xYqdbMJL1wY0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NehMBjohgLI_X20xYqdbMJL1wY0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:21:a1:42:ef:c6:6c:0b:38:57:55:3a:c3:20:55:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35e84c063a2180b23f5f6d3162a75b3092f5c18d
Validity
Not Before: Oct 19 11:01:26 2025 GMT
Not After : Oct 20 11:01:26 2025 GMT
Subject: CN=3bd8fb98df05707268dc0fd66871b2c3467efc6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a3:b5:9b:9c:7f:36:d3:f1:41:c6:68:50:74:
83:64:98:19:6f:99:9b:c2:bf:ea:12:09:b6:6c:e2:
54:33:2a:30:a7:cb:5e:6d:4a:ea:42:a8:c5:06:bc:
6d:96:40:76:82:32:ac:c6:ba:3e:61:e4:dd:0e:8e:
40:b4:e3:fd:38:05:6e:44:83:25:b5:b5:d2:87:7d:
e7:ee:74:48:4b:31:54:6b:52:9f:d8:ca:05:71:c2:
04:16:31:12:98:45:e5:a1:13:7b:d6:0d:cf:9a:95:
83:a5:77:53:33:63:c6:b4:35:f0:c6:89:02:07:02:
ef:6b:a9:ba:ac:8a:28:5c:65:5a:a2:92:4c:54:10:
97:07:5e:66:68:f7:68:16:b3:e5:c8:03:9b:4b:e3:
be:e7:4f:d3:96:5b:f1:03:d6:90:36:ee:a8:f8:55:
d5:2e:fe:9f:de:67:0e:fa:fb:64:92:d8:13:ee:c3:
32:b3:e2:22:34:56:bb:92:d6:58:15:6b:8d:d6:61:
2d:35:ae:f7:3e:02:d9:99:d5:d4:37:37:76:77:25:
93:93:86:b0:5a:28:87:5b:e2:c3:1f:b1:d5:4e:f0:
43:4e:2f:3b:73:96:8a:93:58:7e:53:dd:98:ea:de:
bd:e9:23:23:9a:b2:a1:f1:3e:2a:b2:57:4c:bb:da:
de:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D8:FB:98:DF:05:70:72:68:DC:0F:D6:68:71:B2:C3:46:7E:FC:6C
X509v3 Authority Key Identifier:
keyid:35:E8:4C:06:3A:21:80:B2:3F:5F:6D:31:62:A7:5B:30:92:F5:C1:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NehMBjohgLI_X20xYqdbMJL1wY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/NehMBjohgLI_X20xYqdbMJL1wY0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/NehMBjohgLI_X20xYqdbMJL1wY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:4f:a8:bb:4d:77:b9:d0:4c:33:66:89:66:97:15:11:ee:68:
c2:7a:63:ba:02:58:f6:72:19:9e:df:21:a9:29:d5:d9:11:40:
f2:ce:a4:d4:81:a1:16:69:b8:85:47:4d:07:d6:f8:29:c0:07:
cb:97:cc:e2:6f:d2:43:e9:a9:31:c7:13:26:e2:01:28:5c:26:
d4:9a:1b:46:6d:ed:da:b0:3b:86:3f:7e:d5:48:f6:52:05:ef:
97:f9:ae:f3:c8:0d:f2:a7:15:4b:72:87:c4:bb:3c:57:5f:26:
bc:c5:59:25:36:d4:98:79:ba:8f:57:14:ca:88:97:0a:fa:6a:
da:5a:b7:a9:32:74:aa:ea:fb:99:17:19:b5:74:2e:f5:fb:aa:
0b:2a:de:7a:ef:7a:82:b7:92:e7:e6:54:af:5d:c0:9d:99:c9:
1f:be:7e:a5:b8:1a:69:85:f0:3d:df:d3:b3:68:5e:4c:47:89:
0f:f9:81:ce:b9:78:0f:b4:d4:4e:a4:5c:e8:f4:ad:56:c5:01:
21:79:99:f1:f4:a2:1f:a0:64:45:f5:44:6f:da:d7:70:f8:d8:
32:76:fb:28:73:8f:a7:6b:c4:16:f0:15:c7:fe:e3:e9:24:de:
7d:e9:76:59:08:74:98:a7:a5:81:8e:2e:59:41:18:1a:17:42:
af:eb:fd:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IaFC78ZsCzhXVTrDIFUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZTg0YzA2M2EyMTgwYjIzZjVmNmQzMTYyYTc1YjMwOTJm
NWMxOGQwHhcNMjUxMDE5MTEwMTI2WhcNMjUxMDIwMTEwMTI2WjAzMTEwLwYDVQQD
EygzYmQ4ZmI5OGRmMDU3MDcyNjhkYzBmZDY2ODcxYjJjMzQ2N2VmYzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKO1m5x/NtPxQcZoUHSDZJgZb5mb
wr/qEgm2bOJUMyowp8tebUrqQqjFBrxtlkB2gjKsxro+YeTdDo5AtOP9OAVuRIMl
tbXSh33n7nRISzFUa1Kf2MoFccIEFjESmEXloRN71g3PmpWDpXdTM2PGtDXwxokC
BwLva6m6rIooXGVaopJMVBCXB15maPdoFrPlyAObS+O+50/TllvxA9aQNu6o+FXV
Lv6f3mcO+vtkktgT7sMys+IiNFa7ktZYFWuN1mEtNa73PgLZmdXUNzd2dyWTk4aw
WiiHW+LDH7HVTvBDTi87c5aKk1h+U92Y6t696SMjmrKh8T4qsldMu9reqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvY+5jfBXByaNwP1mhxssNGfvxsMB8GA1UdIwQY
MBaAFDXoTAY6IYCyP19tMWKnWzCS9cGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmVoTUJqb2hnTElfWDIweFlxZGJNSkwxd1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82Y2E4NTItZWQ0Yi00MWQxLWE3YjYt
ODRhNzFjYzMyZDQ4LzEvTmVoTUJqb2hnTElfWDIweFlxZGJNSkwxd1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82Y2E4NTItZWQ0Yi00MWQxLWE3YjYtODRhNzFjYzMyZDQ4
LzEvTmVoTUJqb2hnTElfWDIweFlxZGJNSkwxd1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWE+ou013
udBMM2aJZpcVEe5ownpjugJY9nIZnt8hqSnV2RFA8s6k1IGhFmm4hUdNB9b4KcAH
y5fM4m/SQ+mpMccTJuIBKFwm1JobRm3t2rA7hj9+1Uj2UgXvl/mu88gN8qcVS3KH
xLs8V18mvMVZJTbUmHm6j1cUyoiXCvpq2lq3qTJ0qur7mRcZtXQu9fuqCyreeu96
greS5+ZUr13AnZnJH75+pbgaaYXwPd/Ts2heTEeJD/mBzrl4D7TUTqRc6PStVsUB
IXmZ8fSiH6BkRfVEb9rXcPjYMnb7KHOPp2vEFvAVx/7j6STefel2WQh0mKelgY4u
WUEYGhdCr+v9vA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:32:05 2025 by rpki-client