Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
File: NAahLsxTolGnXOe6yqyeQa7otMo.mft (raw, json)
Hash identifier: guaTpwz2+y8v1IsRpwG513nng9A9j+JOnknuEpTHJdM=
Subject key identifier: 7F:32:6F:56:F1:6F:C7:63:61:10:C6:F4:82:6F:B2:04:10:7A:1E:98
Authority key identifier: 34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
Certificate issuer: /CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Certificate serial: 019A00359E73F3A5C0D6044EBA5946EF4F0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
Manifest number: 16E3
Signing time: Mon 20 Oct 2025 06:01:45 +0000
Manifest this update: Mon 20 Oct 2025 06:01:45 +0000
Manifest next update: Tue 21 Oct 2025 06:01:45 +0000
Files and hashes: 1: 9N71vXZ6iYuqWW-If0CgsO_Wjpg.roa (hash: plP8bbCihgTmT1C8mtLaGAuAfGPMZ93aIA1Z/LkRd90=)
2: NAahLsxTolGnXOe6yqyeQa7otMo.crl (hash: vVqJNehnG8US4PnEhL6lxpQXERBh+Hqbgejj7ltZw34=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 06:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:35:9e:73:f3:a5:c0:d6:04:4e:ba:59:46:ef:4f:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Validity
Not Before: Oct 20 06:01:45 2025 GMT
Not After : Oct 21 06:01:45 2025 GMT
Subject: CN=7f326f56f16fc7636110c6f4826fb204107a1e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c3:e9:2c:dc:de:a2:e5:66:4d:a2:21:91:09:
9f:d8:4c:15:54:ef:4c:b3:2d:24:7d:f9:52:f8:a8:
fb:ef:30:bf:c0:d8:c2:3b:e3:b3:ab:86:22:62:71:
b2:4b:0c:00:0d:49:2b:a4:4c:fd:dd:a3:ba:9a:be:
91:a0:ef:08:92:6f:1b:63:ab:f5:79:20:2e:ee:3a:
cc:52:98:49:c6:30:59:59:50:b6:58:8e:c9:8a:bb:
94:f7:f6:b2:06:1e:5c:37:18:36:9e:74:ec:01:7b:
0c:29:2c:48:b0:9a:24:6d:4f:13:30:f1:a1:b7:d3:
64:99:68:d2:4c:04:90:8b:c7:3f:76:db:fe:ed:fd:
a3:61:8c:3b:aa:95:f6:e7:76:0c:e9:0b:7a:e0:7b:
20:8d:fe:64:77:9d:92:43:43:44:da:54:0f:e7:ee:
ae:f2:43:4a:4e:ab:66:15:48:6a:60:d8:8f:a2:ac:
7a:5d:50:b0:a3:1a:29:c8:fa:09:df:95:7e:87:b1:
60:a3:83:3a:ae:08:69:05:a2:68:a1:7a:50:5c:c7:
20:de:d0:88:0f:53:fd:97:99:da:ed:fc:d2:41:f5:
e0:bf:f1:4b:65:e8:fe:1d:48:e5:4c:ad:3b:ab:09:
a3:bb:08:72:e3:1e:1f:58:2f:8d:b0:4a:b3:f6:4c:
32:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:32:6F:56:F1:6F:C7:63:61:10:C6:F4:82:6F:B2:04:10:7A:1E:98
X509v3 Authority Key Identifier:
keyid:34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:5f:87:40:c4:af:8e:fe:a1:27:4b:15:a6:b9:40:c2:5e:fa:
d0:ee:52:8a:bd:c5:ec:93:be:f5:03:26:5e:5f:cc:66:c9:fa:
28:eb:db:f1:ec:e1:6d:98:b7:c7:d1:ed:fd:76:fc:fb:0d:4b:
8e:74:3a:cc:86:14:20:b5:07:04:9d:c6:f7:cc:c7:cc:c5:d9:
d1:72:b4:71:70:fb:9c:a6:5b:8f:b3:db:49:bd:ed:87:af:dd:
ae:ad:f8:55:18:2a:e3:66:ce:68:a1:39:79:3e:5c:50:7e:6a:
30:a3:f9:1e:26:4b:56:9a:b2:3c:c5:1a:ee:ce:7a:ae:46:67:
3d:04:13:24:08:10:36:42:59:eb:c1:70:59:a0:c6:d0:47:2e:
cc:00:4a:08:ab:96:b0:2a:6c:d2:ff:ad:10:61:73:74:9b:00:
c2:70:bb:31:ef:65:1b:b5:08:3c:e8:59:0c:73:9e:b6:ca:a1:
4e:b9:ef:2d:a3:cd:ed:67:a9:cf:35:2f:21:74:19:b3:7c:80:
fd:22:5e:04:0e:c6:ee:89:30:c7:f2:4d:8e:38:2e:15:b2:0d:
f1:df:45:76:1f:70:44:8b:50:0c:73:6d:ae:fd:03:04:5a:31:
c4:2f:84:8d:9f:66:df:01:1c:4c:ea:bf:9a:d9:4f:c7:8e:37:
80:31:9c:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANZ5z86XA1gROullG708KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDZhMTJlY2M1M2EyNTFhNzVjZTdiYWNhYWM5ZTQxYWVl
OGI0Y2EwHhcNMjUxMDIwMDYwMTQ1WhcNMjUxMDIxMDYwMTQ1WjAzMTEwLwYDVQQD
Eyg3ZjMyNmY1NmYxNmZjNzYzNjExMGM2ZjQ4MjZmYjIwNDEwN2ExZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58PpLNzeouVmTaIhkQmf2EwVVO9M
sy0kfflS+Kj77zC/wNjCO+Ozq4YiYnGySwwADUkrpEz93aO6mr6RoO8Ikm8bY6v1
eSAu7jrMUphJxjBZWVC2WI7JiruU9/ayBh5cNxg2nnTsAXsMKSxIsJokbU8TMPGh
t9NkmWjSTASQi8c/dtv+7f2jYYw7qpX253YM6Qt64Hsgjf5kd52SQ0NE2lQP5+6u
8kNKTqtmFUhqYNiPoqx6XVCwoxopyPoJ35V+h7Fgo4M6rghpBaJooXpQXMcg3tCI
D1P9l5na7fzSQfXgv/FLZej+HUjlTK07qwmjuwhy4x4fWC+NsEqz9kwyrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8yb1bxb8djYRDG9IJvsgQQeh6YMB8GA1UdIwQY
MBaAFDQGoS7MU6JRp1znusqsnkGu6LTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUt
YTc3OWJhYWE3NTk5LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUtYTc3OWJhYWE3NTk5
LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMl+HQMSv
jv6hJ0sVprlAwl760O5Sir3F7JO+9QMmXl/MZsn6KOvb8ezhbZi3x9Ht/Xb8+w1L
jnQ6zIYUILUHBJ3G98zHzMXZ0XK0cXD7nKZbj7PbSb3th6/drq34VRgq42bOaKE5
eT5cUH5qMKP5HiZLVpqyPMUa7s56rkZnPQQTJAgQNkJZ68FwWaDG0EcuzABKCKuW
sCps0v+tEGFzdJsAwnC7Me9lG7UIPOhZDHOetsqhTrnvLaPN7WepzzUvIXQZs3yA
/SJeBA7G7okwx/JNjjguFbIN8d9Fdh9wRItQDHNtrv0DBFoxxC+EjZ9m3wEcTOq/
mtlPx443gDGcow==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:41:35 2025 by rpki-client