Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
File: nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft (raw, json)
Hash identifier: 1MIol0muTNPEuM3WJHwI8BF0XOqkDlH8bcr5Zdmd2RQ=
Subject key identifier: 2F:A6:8C:5D:26:50:1B:BF:5C:1B:C3:79:33:1B:1F:39:0C:C1:18:64
Authority key identifier: 9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
Certificate issuer: /CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Certificate serial: 0199FC584FFCC006F798288E7EE92B211312
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
Manifest number: 16E4
Signing time: Sun 19 Oct 2025 12:01:10 +0000
Manifest this update: Sun 19 Oct 2025 12:01:10 +0000
Manifest next update: Mon 20 Oct 2025 12:01:10 +0000
Files and hashes: 1: CPqSq0ytAxDio98lkjeb_dYwRZ4.roa (hash: DBQ2P8ThG/7CNm8RF8WiO7psAqOGJ9hYf3OIiBNBEtw=)
2: nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl (hash: CYc8Hdddpcr54erLl3PMsycudfM5N05VqDoMwP+SDss=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:4f:fc:c0:06:f7:98:28:8e:7e:e9:2b:21:13:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Validity
Not Before: Oct 19 12:01:10 2025 GMT
Not After : Oct 20 12:01:10 2025 GMT
Subject: CN=2fa68c5d26501bbf5c1bc379331b1f390cc11864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2c:97:5f:50:cc:29:e0:b1:f6:ed:73:8f:69:
7a:95:c3:f8:03:59:70:89:4f:c3:24:84:e0:ba:80:
0c:c8:77:50:e9:ab:f4:3b:20:b0:04:04:dd:bc:d1:
9e:d3:aa:16:90:60:c8:d3:a7:0f:96:92:60:70:5b:
81:89:43:87:12:10:38:bb:ba:4f:63:d8:f1:53:13:
5f:07:ca:b0:56:fe:e3:9b:6c:53:d2:c9:ef:3c:63:
2d:09:c1:76:a5:32:4f:ea:44:ea:b9:79:4d:ad:64:
c2:0b:1a:7c:7c:f4:57:aa:1d:90:0d:47:8a:7c:f4:
66:58:d1:a1:b8:57:31:c0:6a:68:43:0c:e3:7d:ff:
c0:26:49:45:cf:d4:aa:82:38:0f:6e:de:47:08:3f:
2d:7b:32:16:9e:d6:e2:89:0a:47:06:2f:cb:5b:10:
48:12:87:89:48:c7:52:4e:45:af:31:6a:4d:73:62:
2a:f5:ec:e0:44:7e:2c:f5:02:a8:df:ce:ec:13:6e:
fb:0f:a9:38:df:17:46:fb:49:83:9f:84:b2:68:93:
47:de:3c:54:2f:90:a3:5b:d2:8c:3d:2d:7d:f1:ec:
d7:8a:2d:7a:fd:95:51:c8:49:3c:d2:16:96:a8:54:
b9:64:7c:77:4d:14:90:1d:c5:98:51:42:41:3c:68:
18:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A6:8C:5D:26:50:1B:BF:5C:1B:C3:79:33:1B:1F:39:0C:C1:18:64
X509v3 Authority Key Identifier:
keyid:9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:82:f4:aa:eb:86:49:bc:d6:14:90:b4:1f:2b:9e:79:8d:a9:
4a:31:0a:46:b3:39:ce:a4:e0:c1:e1:0a:ae:e9:27:32:4e:35:
ed:33:b5:61:46:53:88:ea:fd:17:fa:36:5b:a8:25:46:08:d3:
5d:cf:d2:ef:9d:9b:55:eb:b7:31:a2:6e:75:12:b3:5b:b5:b4:
3c:f0:b2:52:cf:8a:cd:c7:12:b4:05:bc:cd:01:65:48:4f:c1:
c4:d9:cb:c0:8d:ea:b3:c9:f7:49:bc:09:63:29:31:73:3c:d0:
a9:c7:35:33:22:8e:f9:a6:48:1d:b8:83:18:53:df:2f:b6:ac:
90:44:9e:0e:cb:5d:07:3d:68:4e:91:7d:d8:54:0b:4d:eb:af:
77:d4:2b:72:5e:df:e1:3b:cb:bc:86:1d:6a:e8:a9:1b:57:de:
3c:a9:f4:03:19:29:39:6c:e3:ef:e1:66:1b:00:77:89:ae:19:
80:03:93:e0:62:ff:b2:29:91:d7:bd:b6:e5:c5:80:2e:61:1d:
40:f1:c1:e4:0d:f6:7b:cf:60:06:bc:db:a1:22:77:e8:3f:b3:
62:ef:fd:66:61:5e:d6:5c:fe:75:0f:50:75:86:13:30:57:86:
42:c7:67:c3:85:2f:da:d0:f3:13:3f:b4:12:aa:72:92:cd:dc:
bd:90:33:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WE/8wAb3mCiOfukrIRMSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjM5YzA4ZWFkOTRiYjA0ZmMzZTZiNGE2NWU2ZTFjN2Rj
ZjM4ZjQwHhcNMjUxMDE5MTIwMTEwWhcNMjUxMDIwMTIwMTEwWjAzMTEwLwYDVQQD
EygyZmE2OGM1ZDI2NTAxYmJmNWMxYmMzNzkzMzFiMWYzOTBjYzExODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiyXX1DMKeCx9u1zj2l6lcP4A1lw
iU/DJITguoAMyHdQ6av0OyCwBATdvNGe06oWkGDI06cPlpJgcFuBiUOHEhA4u7pP
Y9jxUxNfB8qwVv7jm2xT0snvPGMtCcF2pTJP6kTquXlNrWTCCxp8fPRXqh2QDUeK
fPRmWNGhuFcxwGpoQwzjff/AJklFz9SqgjgPbt5HCD8tezIWntbiiQpHBi/LWxBI
EoeJSMdSTkWvMWpNc2Iq9ezgRH4s9QKo387sE277D6k43xdG+0mDn4SyaJNH3jxU
L5CjW9KMPS198ezXii16/ZVRyEk80haWqFS5ZHx3TRSQHcWYUUJBPGgYiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+mjF0mUBu/XBvDeTMbHzkMwRhkMB8GA1UdIwQY
MBaAFJ0jnAjq2UuwT8PmtKZebhx9zzj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAt
ZGJiMjkzMWEwZjY0LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAtZGJiMjkzMWEwZjY0
LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARoL0quuG
SbzWFJC0HyueeY2pSjEKRrM5zqTgweEKruknMk417TO1YUZTiOr9F/o2W6glRgjT
Xc/S752bVeu3MaJudRKzW7W0PPCyUs+KzccStAW8zQFlSE/BxNnLwI3qs8n3SbwJ
YykxczzQqcc1MyKO+aZIHbiDGFPfL7askESeDstdBz1oTpF92FQLTeuvd9Qrcl7f
4TvLvIYdauipG1fePKn0AxkpOWzj7+FmGwB3ia4ZgAOT4GL/simR17225cWALmEd
QPHB5A32e89gBrzboSJ36D+zYu/9ZmFe1lz+dQ9QdYYTMFeGQsdnw4Uv2tDzEz+0
Eqpyks3cvZAziA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:07:05 2025 by rpki-client