Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/022af5-862c-428e-bee8-28a4681c37d6/1/Nia55ERl8L1xPAoeBQED05EdzWc.mft
File: Nia55ERl8L1xPAoeBQED05EdzWc.mft (raw, json)
Hash identifier: zgg/5s62IsIjq0P4+UEh2muypdDAtNh+l+94JMw1Z+Y=
Subject key identifier: 46:72:E9:22:38:E4:4C:80:EC:43:E6:F8:ED:41:0E:A1:3E:B6:E8:92
Authority key identifier: 36:26:B9:E4:44:65:F0:BD:71:3C:0A:1E:05:01:03:D3:91:1D:CD:67
Certificate issuer: /CN=3626b9e44465f0bd713c0a1e050103d3911dcd67
Certificate serial: 0199FBEB1F42018FE5388ABFAF2E4A9BBD7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nia55ERl8L1xPAoeBQED05EdzWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/022af5-862c-428e-bee8-28a4681c37d6/1/Nia55ERl8L1xPAoeBQED05EdzWc.mft
Manifest number: 0CC7
Signing time: Sun 19 Oct 2025 10:01:54 +0000
Manifest this update: Sun 19 Oct 2025 10:01:54 +0000
Manifest next update: Mon 20 Oct 2025 10:01:54 +0000
Files and hashes: 1: Nia55ERl8L1xPAoeBQED05EdzWc.crl (hash: dMNHZKznUvj6tsbqVzlL1hEJWuoflQQqalSdRbMG2qM=)
2: ijM-M3pW5i9OPaVJ9z7pdR0nkfo.roa (hash: BaCHQlpNW/709AUvEnmAV++DQu/RFZCpGAAySqc5kGo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/022af5-862c-428e-bee8-28a4681c37d6/1/Nia55ERl8L1xPAoeBQED05EdzWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/022af5-862c-428e-bee8-28a4681c37d6/1/Nia55ERl8L1xPAoeBQED05EdzWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nia55ERl8L1xPAoeBQED05EdzWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:1f:42:01:8f:e5:38:8a:bf:af:2e:4a:9b:bd:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3626b9e44465f0bd713c0a1e050103d3911dcd67
Validity
Not Before: Oct 19 10:01:54 2025 GMT
Not After : Oct 20 10:01:54 2025 GMT
Subject: CN=4672e92238e44c80ec43e6f8ed410ea13eb6e892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5b:87:49:bb:1a:2f:87:24:3b:88:42:53:d3:
a9:42:d2:4c:fa:f8:9d:4c:51:85:a9:e3:cd:5d:43:
ce:d0:44:e1:a8:2b:84:5d:fc:0d:bb:52:68:32:aa:
34:48:89:40:f7:a8:bd:d7:3b:08:c9:af:2d:6e:c9:
60:8f:c6:b8:eb:d1:a7:0e:0e:6e:c3:64:e7:45:91:
af:8e:0b:0a:6e:9d:d5:f6:69:c7:16:8f:e1:2d:83:
0d:28:f8:f7:0a:d1:a3:88:3e:d9:28:a9:62:57:9c:
24:a6:eb:78:09:01:56:98:22:30:82:5f:ef:3a:2d:
b1:7a:d8:39:99:0f:f4:a1:d7:97:81:c1:2d:d9:5c:
d7:15:9b:60:16:13:ee:42:fb:fe:bc:09:89:e6:00:
0b:bb:99:a5:b9:fe:f1:48:88:31:29:57:71:0e:e4:
43:69:08:1e:ef:b6:44:95:83:35:fd:75:63:4e:ac:
be:5f:c4:48:53:65:6e:1a:4b:6b:8d:88:5b:2b:e8:
27:b8:a5:a6:49:be:7f:e5:a1:b9:c5:fb:0e:58:4c:
99:0a:16:07:3a:51:be:e1:9f:98:8f:97:1b:cf:3b:
c3:cc:ec:c5:9a:20:86:72:73:ff:a9:70:b7:6f:84:
4f:17:7e:37:ce:c2:38:3b:d6:3f:ab:cc:c1:2f:75:
79:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:72:E9:22:38:E4:4C:80:EC:43:E6:F8:ED:41:0E:A1:3E:B6:E8:92
X509v3 Authority Key Identifier:
keyid:36:26:B9:E4:44:65:F0:BD:71:3C:0A:1E:05:01:03:D3:91:1D:CD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nia55ERl8L1xPAoeBQED05EdzWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/022af5-862c-428e-bee8-28a4681c37d6/1/Nia55ERl8L1xPAoeBQED05EdzWc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/022af5-862c-428e-bee8-28a4681c37d6/1/Nia55ERl8L1xPAoeBQED05EdzWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:c5:c5:be:04:bb:20:c2:68:3f:0b:a4:05:99:b0:d6:af:56:
05:59:bd:f3:03:3c:cc:c4:f5:ca:41:61:18:c7:41:d7:20:77:
f1:3c:20:5b:46:46:d5:b3:41:47:b7:32:cf:18:96:46:2e:77:
31:83:21:c8:68:2b:08:51:f9:dc:03:90:75:55:28:b2:55:d5:
cc:56:b3:48:f2:4b:6c:e2:55:a2:62:c1:44:90:46:6c:9e:a0:
f5:d1:81:a4:a3:14:db:c4:c8:b5:3d:04:ee:44:41:dd:75:26:
79:8d:59:ca:65:de:6d:76:de:a1:3a:5c:18:a3:09:af:f8:33:
f7:74:a9:38:aa:29:d3:b9:e7:1b:11:27:dc:76:28:57:cb:54:
74:b8:7e:2d:a1:9a:ce:18:8d:45:04:bf:44:6c:b2:f8:30:e6:
7f:b4:db:b7:7d:aa:7f:53:3f:78:11:5e:4d:d5:47:76:bc:a4:
31:f7:29:95:74:07:5e:27:02:83:3d:ab:a6:54:8b:fd:c4:2f:
31:1c:9c:e5:d7:7c:d0:97:e4:9e:04:33:3c:37:1a:59:8b:73:
0e:79:50:67:0e:3d:58:b1:93:0a:c8:63:82:83:ee:c9:16:bc:
05:a1:46:84:ba:82:f7:c6:00:b9:2b:9a:5a:c7:b9:7f:0d:44:
79:bb:a6:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76x9CAY/lOIq/ry5Km718MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjZiOWU0NDQ2NWYwYmQ3MTNjMGExZTA1MDEwM2QzOTEx
ZGNkNjcwHhcNMjUxMDE5MTAwMTU0WhcNMjUxMDIwMTAwMTU0WjAzMTEwLwYDVQQD
Eyg0NjcyZTkyMjM4ZTQ0YzgwZWM0M2U2ZjhlZDQxMGVhMTNlYjZlODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VuHSbsaL4ckO4hCU9OpQtJM+vid
TFGFqePNXUPO0EThqCuEXfwNu1JoMqo0SIlA96i91zsIya8tbslgj8a469GnDg5u
w2TnRZGvjgsKbp3V9mnHFo/hLYMNKPj3CtGjiD7ZKKliV5wkput4CQFWmCIwgl/v
Oi2xetg5mQ/0odeXgcEt2VzXFZtgFhPuQvv+vAmJ5gALu5mluf7xSIgxKVdxDuRD
aQge77ZElYM1/XVjTqy+X8RIU2VuGktrjYhbK+gnuKWmSb5/5aG5xfsOWEyZChYH
OlG+4Z+Yj5cbzzvDzOzFmiCGcnP/qXC3b4RPF343zsI4O9Y/q8zBL3V5UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEZy6SI45EyA7EPm+O1BDqE+tuiSMB8GA1UdIwQY
MBaAFDYmueREZfC9cTwKHgUBA9ORHc1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlhNTVFUmw4TDF4UEFvZUJRRUQwNUVkeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8wMjJhZjUtODYyYy00MjhlLWJlZTgt
MjhhNDY4MWMzN2Q2LzEvTmlhNTVFUmw4TDF4UEFvZUJRRUQwNUVkeldjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8wMjJhZjUtODYyYy00MjhlLWJlZTgtMjhhNDY4MWMzN2Q2
LzEvTmlhNTVFUmw4TDF4UEFvZUJRRUQwNUVkeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAacXFvgS7
IMJoPwukBZmw1q9WBVm98wM8zMT1ykFhGMdB1yB38TwgW0ZG1bNBR7cyzxiWRi53
MYMhyGgrCFH53AOQdVUoslXVzFazSPJLbOJVomLBRJBGbJ6g9dGBpKMU28TItT0E
7kRB3XUmeY1ZymXebXbeoTpcGKMJr/gz93SpOKop07nnGxEn3HYoV8tUdLh+LaGa
zhiNRQS/RGyy+DDmf7Tbt32qf1M/eBFeTdVHdrykMfcplXQHXicCgz2rplSL/cQv
MRyc5dd80JfkngQzPDcaWYtzDnlQZw49WLGTCshjgoPuyRa8BaFGhLqC98YAuSua
Wse5fw1EebumEw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:12:23 2025 by rpki-client