Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft
File: NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft (raw, json)
Hash identifier: fpKmZp18WezFJ6yCSqDBdtLdWyDz1A6boCQa6DYO/Yc=
Subject key identifier: 7D:80:B5:13:45:02:B2:0B:89:2C:97:EF:8F:68:0E:13:1A:83:EF:BD
Authority key identifier: 35:14:FF:67:F3:B8:D4:F6:F6:BD:A2:3E:CB:BC:7B:0F:09:FE:60:80
Certificate issuer: /CN=3514ff67f3b8d4f6f6bda23ecbbc7b0f09fe6080
Certificate serial: 0198D6611A610FD7FB017A33F6E149DB381C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft
Manifest number: 0FAF
Signing time: Sat 23 Aug 2025 10:02:24 +0000
Manifest this update: Sat 23 Aug 2025 10:02:24 +0000
Manifest next update: Sun 24 Aug 2025 10:02:24 +0000
Files and hashes: 1: NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.crl (hash: /DGkKYCcBQiCOHhfsPAp5tyKnMM/xqHrQUHMXOuz3oc=)
2: j7uIJiPhcZxIrIipfuK1rqo935Y.roa (hash: 7J2YXXzcaOGsarNoeRvp5q8jGItI0Hy8Dxn5tPP/JpQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:61:1a:61:0f:d7:fb:01:7a:33:f6:e1:49:db:38:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3514ff67f3b8d4f6f6bda23ecbbc7b0f09fe6080
Validity
Not Before: Aug 23 10:02:24 2025 GMT
Not After : Aug 24 10:02:24 2025 GMT
Subject: CN=7d80b5134502b20b892c97ef8f680e131a83efbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:66:11:5c:9f:f1:bd:be:3f:f9:66:69:f0:25:
3d:3f:d7:00:d7:0f:3e:d7:bc:69:ca:a7:1f:72:fd:
e6:0d:3e:e3:d0:75:1f:48:11:21:cc:62:e6:4a:ae:
09:c3:46:c4:97:e5:24:ea:d4:70:80:bf:91:fb:07:
5f:0f:b1:12:8a:a9:a6:00:a0:44:63:c2:bc:8e:e2:
b6:e4:38:9c:fc:fa:e9:99:d6:c0:4e:f7:b6:90:b6:
2f:a8:51:ea:13:fb:3a:05:b3:0d:07:2e:f5:f9:65:
15:75:07:f8:f5:0e:3f:9b:78:f3:45:e1:a8:4e:3f:
d9:65:5f:e5:d7:ea:fe:3e:5f:d5:cb:20:f3:92:da:
ee:9a:6e:14:5e:13:21:cb:0a:67:d3:fa:9e:60:70:
18:7b:5e:11:31:3a:bf:c9:9a:cb:e4:62:26:70:fa:
51:5a:31:32:e4:64:0c:57:91:ae:e2:a5:31:4d:5c:
58:26:6b:d5:56:a4:df:c5:c2:92:81:89:80:08:a9:
be:1e:d3:4c:47:0a:2b:ea:e3:72:74:2f:2f:aa:8c:
70:90:d1:ea:f5:1e:37:57:c4:0f:bd:76:45:bb:bd:
9f:95:9d:7a:22:fc:39:67:79:71:71:4a:50:b3:4a:
e1:f4:32:e8:70:0a:26:ee:b9:f8:ee:ba:76:68:7c:
1c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:80:B5:13:45:02:B2:0B:89:2C:97:EF:8F:68:0E:13:1A:83:EF:BD
X509v3 Authority Key Identifier:
keyid:35:14:FF:67:F3:B8:D4:F6:F6:BD:A2:3E:CB:BC:7B:0F:09:FE:60:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:07:f9:76:dd:b2:92:9e:36:33:2e:fe:93:0b:ae:c1:1f:e2:
a5:d6:e9:46:73:7c:12:81:a3:f6:5b:b8:34:95:77:f0:1a:b4:
32:22:ca:c8:ab:61:77:29:f6:c1:bd:c9:4f:11:b1:ec:cf:37:
88:d5:6d:72:22:0d:69:a3:3a:a0:b6:db:e1:a8:64:fb:86:8b:
0d:cc:7f:62:61:1b:26:aa:b7:2e:ff:b7:fa:4f:9b:c6:bd:36:
47:a5:3b:bf:58:67:b9:c5:22:00:53:09:6d:09:bb:4e:2d:fc:
55:bd:d8:1b:5c:48:89:07:61:bf:22:17:99:92:1b:7a:71:93:
b2:04:3c:f8:45:99:2f:c2:26:c0:2b:3e:a3:bf:06:0e:c4:8e:
7e:4f:23:bf:a0:88:62:5e:5b:db:45:dd:f6:3e:75:b5:6b:4a:
7b:64:3d:7d:ad:9c:12:ba:ab:27:e1:fe:b8:67:44:38:2f:bf:
20:d6:35:14:5d:17:35:f8:4c:5b:ef:31:98:4b:ad:26:58:1a:
bd:96:d4:92:ae:b8:fe:b4:42:7d:83:c6:8b:10:87:47:3b:56:
a4:11:3c:6f:0d:06:1f:41:65:2c:2b:b2:9b:8c:50:d6:f6:8a:
c1:43:22:98:a1:4e:5f:d5:3d:dc:96:54:55:9e:a0:d8:9a:bd:
bc:8c:88:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYRphD9f7AXoz9uFJ2zgcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTRmZjY3ZjNiOGQ0ZjZmNmJkYTIzZWNiYmM3YjBmMDlm
ZTYwODAwHhcNMjUwODIzMTAwMjI0WhcNMjUwODI0MTAwMjI0WjAzMTEwLwYDVQQD
Eyg3ZDgwYjUxMzQ1MDJiMjBiODkyYzk3ZWY4ZjY4MGUxMzFhODNlZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWYRXJ/xvb4/+WZp8CU9P9cA1w8+
17xpyqcfcv3mDT7j0HUfSBEhzGLmSq4Jw0bEl+Uk6tRwgL+R+wdfD7ESiqmmAKBE
Y8K8juK25Dic/PrpmdbATve2kLYvqFHqE/s6BbMNBy71+WUVdQf49Q4/m3jzReGo
Tj/ZZV/l1+r+Pl/VyyDzktrumm4UXhMhywpn0/qeYHAYe14RMTq/yZrL5GImcPpR
WjEy5GQMV5Gu4qUxTVxYJmvVVqTfxcKSgYmACKm+HtNMRwor6uNydC8vqoxwkNHq
9R43V8QPvXZFu72flZ16Ivw5Z3lxcUpQs0rh9DLocAom7rn47rp2aHwcswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH2AtRNFArILiSyX749oDhMag++9MB8GA1UdIwQY
MBaAFDUU/2fzuNT29r2iPsu8ew8J/mCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJUX1pfTzQxUGIydmFJLXk3eDdEd24tWUlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hODE1YjMtYzQ4Yy00ZmY5LTk4OWQt
ODg1NGM5MmQ0N2IxLzEvTlJUX1pfTzQxUGIydmFJLXk3eDdEd24tWUlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hODE1YjMtYzQ4Yy00ZmY5LTk4OWQtODg1NGM5MmQ0N2Ix
LzEvTlJUX1pfTzQxUGIydmFJLXk3eDdEd24tWUlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAggf5dt2y
kp42My7+kwuuwR/ipdbpRnN8EoGj9lu4NJV38Bq0MiLKyKthdyn2wb3JTxGx7M83
iNVtciINaaM6oLbb4ahk+4aLDcx/YmEbJqq3Lv+3+k+bxr02R6U7v1hnucUiAFMJ
bQm7Ti38Vb3YG1xIiQdhvyIXmZIbenGTsgQ8+EWZL8ImwCs+o78GDsSOfk8jv6CI
Yl5b20Xd9j51tWtKe2Q9fa2cErqrJ+H+uGdEOC+/INY1FF0XNfhMW+8xmEutJlga
vZbUkq64/rRCfYPGixCHRztWpBE8bw0GH0FlLCuym4xQ1vaKwUMimKFOX9U93JZU
VZ6g2Jq9vIyIVQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:10:43 2025 by rpki-client