Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
File: NAahLsxTolGnXOe6yqyeQa7otMo.mft (raw, json)
Hash identifier: OOkj2EIxu+Xj1ypaQJCXkVCOdW8R/9JaRKnptxVcuBc=
Subject key identifier: B1:AB:1C:D4:98:78:CE:AB:AA:F8:F3:50:9B:48:ED:0D:A0:ED:AC:AB
Authority key identifier: 34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
Certificate issuer: /CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Certificate serial: 0198D4E011775207A5252868D392381BBAF0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
Manifest number: 1648
Signing time: Sat 23 Aug 2025 03:01:50 +0000
Manifest this update: Sat 23 Aug 2025 03:01:50 +0000
Manifest next update: Sun 24 Aug 2025 03:01:50 +0000
Files and hashes: 1: 9N71vXZ6iYuqWW-If0CgsO_Wjpg.roa (hash: plP8bbCihgTmT1C8mtLaGAuAfGPMZ93aIA1Z/LkRd90=)
2: NAahLsxTolGnXOe6yqyeQa7otMo.crl (hash: bOO9cKbByCLAAKOOthjzLk4J+cCUtAD7ZXvbe/u3abY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 03:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:e0:11:77:52:07:a5:25:28:68:d3:92:38:1b:ba:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Validity
Not Before: Aug 23 03:01:50 2025 GMT
Not After : Aug 24 03:01:50 2025 GMT
Subject: CN=b1ab1cd49878ceabaaf8f3509b48ed0da0edacab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:34:fc:40:82:16:c5:88:e2:c8:ca:26:c6:2e:
a7:bb:43:3d:c9:16:1f:2c:5f:83:3b:58:11:23:d4:
3b:5f:b1:cb:ee:85:ee:ca:e4:0b:8b:78:96:a1:52:
d0:fc:02:62:f4:0c:d6:f0:b5:be:2c:97:2d:66:2d:
bc:3f:e7:ee:28:96:2a:a8:bb:48:8c:0b:32:4a:fd:
1f:ab:1f:c3:2b:8e:6d:8b:cf:85:96:3f:68:87:8a:
6a:18:06:d6:39:bd:82:b0:05:db:5b:88:fd:ce:82:
58:ec:29:87:ae:c9:0d:ac:84:cc:b4:01:96:7c:79:
e2:07:8e:30:7d:a5:11:79:49:c6:7f:c1:55:18:2c:
2a:6c:05:9c:17:b5:94:48:ca:89:52:7d:94:35:65:
e5:34:eb:7e:21:db:73:6a:ab:43:97:ae:45:44:49:
a2:7c:05:0d:6a:f4:1b:4e:a3:a1:82:32:ea:f0:dc:
b9:ee:c1:0a:c5:bf:75:a8:d6:71:87:50:f5:18:bd:
45:0f:f1:f4:33:86:ae:bf:1d:84:01:a9:c1:a0:30:
13:b8:99:af:f3:f8:e6:e4:08:0e:c6:c4:8a:ff:40:
3e:9f:14:45:eb:8f:21:37:94:c4:a7:10:04:79:d5:
6f:99:b1:3c:29:ed:60:1c:f4:c6:f8:6d:b8:28:7e:
77:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:AB:1C:D4:98:78:CE:AB:AA:F8:F3:50:9B:48:ED:0D:A0:ED:AC:AB
X509v3 Authority Key Identifier:
keyid:34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:02:d6:fe:c5:bf:5e:53:2b:b1:49:07:f5:26:16:2d:00:7b:
a2:e4:f1:70:0a:24:fc:a1:9d:39:b3:bf:92:0a:38:29:e3:8b:
d8:47:1b:88:14:97:76:bd:f7:42:b9:61:7e:91:df:24:d2:32:
c3:42:b0:dd:56:13:51:09:e0:ad:c7:6b:17:fd:0c:75:f9:ca:
2f:16:f9:1d:f1:f3:87:ba:db:a5:54:17:d7:8e:bf:21:a1:df:
b3:ca:c1:21:ff:c3:ad:5c:0c:94:54:0b:07:e7:8b:45:64:98:
18:86:f2:62:3b:c3:d7:38:76:f5:f5:be:0a:84:37:77:67:85:
00:bd:18:9d:56:ed:d6:bf:41:b2:5f:ed:12:cb:c4:37:54:6b:
aa:90:d8:45:b0:11:bf:fc:05:4f:9c:08:db:17:55:78:cd:86:
fb:35:0c:7b:1b:5d:99:5a:a3:3a:0f:ac:c7:0e:9a:78:cc:26:
3a:e6:e5:df:b3:33:3c:b6:bc:7d:9d:0e:9c:a6:b8:d8:4a:ef:
3e:08:28:23:90:a2:ef:74:09:0d:46:6c:53:05:eb:e1:a4:e0:
df:96:08:ef:a9:00:6e:47:db:59:c5:b8:4b:c1:cb:e8:a6:ac:
53:35:55:47:ef:2b:5c:42:a4:a7:17:1a:6a:a4:4a:d7:80:ff:
d9:d2:dc:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4BF3UgelJSho05I4G7rwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDZhMTJlY2M1M2EyNTFhNzVjZTdiYWNhYWM5ZTQxYWVl
OGI0Y2EwHhcNMjUwODIzMDMwMTUwWhcNMjUwODI0MDMwMTUwWjAzMTEwLwYDVQQD
EyhiMWFiMWNkNDk4NzhjZWFiYWFmOGYzNTA5YjQ4ZWQwZGEwZWRhY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DT8QIIWxYjiyMomxi6nu0M9yRYf
LF+DO1gRI9Q7X7HL7oXuyuQLi3iWoVLQ/AJi9AzW8LW+LJctZi28P+fuKJYqqLtI
jAsySv0fqx/DK45ti8+Flj9oh4pqGAbWOb2CsAXbW4j9zoJY7CmHrskNrITMtAGW
fHniB44wfaUReUnGf8FVGCwqbAWcF7WUSMqJUn2UNWXlNOt+IdtzaqtDl65FREmi
fAUNavQbTqOhgjLq8Ny57sEKxb91qNZxh1D1GL1FD/H0M4auvx2EAanBoDATuJmv
8/jm5AgOxsSK/0A+nxRF648hN5TEpxAEedVvmbE8Ke1gHPTG+G24KH53XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLGrHNSYeM6rqvjzUJtI7Q2g7ayrMB8GA1UdIwQY
MBaAFDQGoS7MU6JRp1znusqsnkGu6LTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUt
YTc3OWJhYWE3NTk5LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUtYTc3OWJhYWE3NTk5
LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiQLW/sW/
XlMrsUkH9SYWLQB7ouTxcAok/KGdObO/kgo4KeOL2EcbiBSXdr33QrlhfpHfJNIy
w0Kw3VYTUQngrcdrF/0MdfnKLxb5HfHzh7rbpVQX146/IaHfs8rBIf/DrVwMlFQL
B+eLRWSYGIbyYjvD1zh29fW+CoQ3d2eFAL0YnVbt1r9Bsl/tEsvEN1RrqpDYRbAR
v/wFT5wI2xdVeM2G+zUMextdmVqjOg+sxw6aeMwmOubl37MzPLa8fZ0OnKa42Erv
PggoI5Ci73QJDUZsUwXr4aTg35YI76kAbkfbWcW4S8HL6KasUzVVR+8rXEKkpxca
aqRK14D/2dLcUg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:26:54 2025 by rpki-client