Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
File: NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json)
Hash identifier: pBAVwYe1gDZt1yAGNxNCm8L6mZg2sivfbX8q0w5L4FE=
Subject key identifier: 88:C8:3F:A5:F4:28:82:5E:A2:2D:A2:B7:E8:81:8B:49:2A:05:E6:0B
Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
Certificate issuer: /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Certificate serial: 0198D47331468A9336AC6634BD414B632240
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
Manifest number: 0E57
Signing time: Sat 23 Aug 2025 01:02:55 +0000
Manifest this update: Sat 23 Aug 2025 01:02:55 +0000
Manifest next update: Sun 24 Aug 2025 01:02:55 +0000
Files and hashes: 1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: tgQoKaDM3avWlKeeP66e5p4x3ZGxixFMTy7JuDjZG48=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 01:02:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:73:31:46:8a:93:36:ac:66:34:bd:41:4b:63:22:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Validity
Not Before: Aug 23 01:02:55 2025 GMT
Not After : Aug 24 01:02:55 2025 GMT
Subject: CN=88c83fa5f428825ea22da2b7e8818b492a05e60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5e:be:94:b8:6b:0d:55:5f:d4:85:f3:bf:62:
21:87:3a:15:95:25:47:6a:a4:6b:25:82:52:17:c0:
54:23:5d:80:f7:02:51:64:e4:51:a2:6b:6e:4e:fd:
2c:07:5f:24:b0:64:49:83:66:0c:36:e6:b4:87:73:
fb:be:59:bc:59:c1:2a:26:06:b8:f7:2c:a8:83:1c:
f0:a0:b2:70:b3:a1:03:c6:ae:08:f7:34:82:75:0e:
3f:8e:51:58:33:8c:8c:ab:16:b9:13:d4:43:97:9f:
b4:f3:b6:98:83:25:44:de:43:e3:4c:4a:87:3f:0f:
5e:f5:1d:98:a4:31:bd:75:92:3f:f8:91:37:d5:b1:
12:80:e7:4e:63:db:95:88:c3:95:75:e9:26:43:d9:
57:4f:9b:69:a9:07:f1:60:4f:fb:88:3e:58:82:73:
7b:37:a8:4d:93:71:8d:fd:70:e3:58:20:88:7b:9e:
12:3f:e4:25:6a:00:89:65:1b:ea:4c:06:e6:ec:95:
7f:f6:85:e2:0a:60:33:00:5b:c2:82:76:fb:2a:09:
99:5c:81:bd:b2:69:11:16:c4:9b:cb:12:47:16:84:
f8:4a:00:f3:ba:9d:ef:b8:be:72:c0:a1:7c:20:8a:
88:f2:05:67:04:e2:12:84:09:ee:19:ab:c2:bc:62:
1a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C8:3F:A5:F4:28:82:5E:A2:2D:A2:B7:E8:81:8B:49:2A:05:E6:0B
X509v3 Authority Key Identifier:
keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:4f:65:4d:13:66:90:0e:e0:54:35:1a:b1:31:4d:bd:2f:85:
d8:e2:46:e6:d5:8e:1e:99:34:8c:60:10:8a:e4:09:67:2d:42:
f0:70:5e:e4:97:ba:18:ed:bc:03:3e:44:14:63:93:21:2c:36:
7e:f3:ff:a2:bc:c3:d3:e9:9c:00:8e:02:ca:72:b1:6d:01:d3:
ef:f0:f5:98:c7:9a:d8:62:9d:d0:b2:99:de:74:63:e5:75:f8:
39:d2:7a:a7:a5:ee:02:01:be:fd:5c:4f:53:70:09:0d:77:7f:
f8:e6:5b:51:c7:76:7c:9c:aa:6f:b6:2d:ce:8d:f0:62:f9:68:
50:e6:17:a5:c7:56:c6:3b:86:9f:f9:2c:88:df:d9:c5:84:43:
4d:c1:3c:b5:50:cd:2e:0c:01:d7:9a:ef:73:06:19:3a:95:0e:
f4:2c:b5:38:ef:5e:ff:cf:35:af:e9:40:73:7f:91:73:bf:1e:
8e:5d:25:c2:40:5f:9e:95:37:a2:2e:a3:41:34:45:dd:4f:cc:
c9:08:06:87:1a:3a:f4:40:58:16:59:12:d0:ad:21:be:bb:06:
fd:d7:5e:19:f2:f1:92:26:61:4a:d8:49:2d:0e:f2:35:e7:0f:
09:05:77:79:04:1c:6f:96:2c:40:10:16:c9:e2:da:3d:b2:c6:
b2:1f:a9:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUczFGipM2rGY0vUFLYyJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl
NTY0NmIwHhcNMjUwODIzMDEwMjU1WhcNMjUwODI0MDEwMjU1WjAzMTEwLwYDVQQD
Eyg4OGM4M2ZhNWY0Mjg4MjVlYTIyZGEyYjdlODgxOGI0OTJhMDVlNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4F6+lLhrDVVf1IXzv2IhhzoVlSVH
aqRrJYJSF8BUI12A9wJRZORRomtuTv0sB18ksGRJg2YMNua0h3P7vlm8WcEqJga4
9yyogxzwoLJws6EDxq4I9zSCdQ4/jlFYM4yMqxa5E9RDl5+087aYgyVE3kPjTEqH
Pw9e9R2YpDG9dZI/+JE31bESgOdOY9uViMOVdekmQ9lXT5tpqQfxYE/7iD5YgnN7
N6hNk3GN/XDjWCCIe54SP+QlagCJZRvqTAbm7JV/9oXiCmAzAFvCgnb7KgmZXIG9
smkRFsSbyxJHFoT4SgDzup3vuL5ywKF8IIqI8gVnBOIShAnuGavCvGIaNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjIP6X0KIJeoi2it+iBi0kqBeYLMB8GA1UdIwQY
MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt
NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi
LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAek9lTRNm
kA7gVDUasTFNvS+F2OJG5tWOHpk0jGAQiuQJZy1C8HBe5Je6GO28Az5EFGOTISw2
fvP/orzD0+mcAI4CynKxbQHT7/D1mMea2GKd0LKZ3nRj5XX4OdJ6p6XuAgG+/VxP
U3AJDXd/+OZbUcd2fJyqb7Ytzo3wYvloUOYXpcdWxjuGn/ksiN/ZxYRDTcE8tVDN
LgwB15rvcwYZOpUO9Cy1OO9e/881r+lAc3+Rc78ejl0lwkBfnpU3oi6jQTRF3U/M
yQgGhxo69EBYFlkS0K0hvrsG/ddeGfLxkiZhSthJLQ7yNecPCQV3eQQcb5YsQBAW
yeLaPbLGsh+pdw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:39:44 2025 by rpki-client