Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/56b4c1-8015-4189-a3e5-5ad3026d8f28/1/Nqm4K9WaymNA9t9U_o0zYAt-keQ.mft
File: Nqm4K9WaymNA9t9U_o0zYAt-keQ.mft (raw, json)
Hash identifier: rAQ67Kr0Uu2l3redaepuWNY+BGcsjnMgzv7DQEvE2hc=
Subject key identifier: B8:C9:01:34:E5:02:A3:E4:01:F2:9C:AE:FB:01:F4:76:C0:D2:06:FA
Authority key identifier: 36:A9:B8:2B:D5:9A:CA:63:40:F6:DF:54:FE:8D:33:60:0B:7E:91:E4
Certificate issuer: /CN=36a9b82bd59aca6340f6df54fe8d33600b7e91e4
Certificate serial: 0199FB7CE8C2D88F582C62AFCAE4CD67DCCB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nqm4K9WaymNA9t9U_o0zYAt-keQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/56b4c1-8015-4189-a3e5-5ad3026d8f28/1/Nqm4K9WaymNA9t9U_o0zYAt-keQ.mft
Manifest number: 23
Signing time: Sun 19 Oct 2025 08:01:31 +0000
Manifest this update: Sun 19 Oct 2025 08:01:31 +0000
Manifest next update: Mon 20 Oct 2025 08:01:31 +0000
Files and hashes: 1: DxHLsEk_6xZVBiid3aLcVly3Zq4.roa (hash: DiLLe6hCVSWTw88tnRxeJMXZk0+HFNc9y2NuhmTwKKU=)
2: Nqm4K9WaymNA9t9U_o0zYAt-keQ.crl (hash: FWgdR9J+s9o42GJ9vBEe7rYnYfn6OWP9xi9+qHQoF/Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/56b4c1-8015-4189-a3e5-5ad3026d8f28/1/Nqm4K9WaymNA9t9U_o0zYAt-keQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/56b4c1-8015-4189-a3e5-5ad3026d8f28/1/Nqm4K9WaymNA9t9U_o0zYAt-keQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nqm4K9WaymNA9t9U_o0zYAt-keQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:7c:e8:c2:d8:8f:58:2c:62:af:ca:e4:cd:67:dc:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36a9b82bd59aca6340f6df54fe8d33600b7e91e4
Validity
Not Before: Oct 19 08:01:31 2025 GMT
Not After : Oct 20 08:01:31 2025 GMT
Subject: CN=b8c90134e502a3e401f29caefb01f476c0d206fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:66:21:7f:f2:d9:90:f9:b1:a2:19:42:31:f0:
d9:00:5b:17:0e:1b:64:ab:d4:80:ba:2c:77:75:80:
49:3a:1b:04:6d:ea:f3:e3:50:39:3b:fa:7d:16:9c:
db:67:fd:5a:d5:92:5b:56:97:90:0d:0c:3f:5c:f9:
d1:a5:f0:fd:ba:a0:84:b2:b2:39:28:6e:5e:69:2d:
31:12:c3:66:30:fd:61:17:45:2f:2c:a8:ed:f0:8b:
fd:5b:57:cd:8b:28:b1:eb:62:4a:6f:a6:81:31:b4:
f6:ad:12:ed:90:e4:74:85:b3:1c:cf:22:2f:19:de:
df:35:5a:3b:7f:0b:35:e9:82:98:db:1b:4a:23:ed:
22:5c:a1:ff:ea:55:a7:4e:a6:45:6a:8e:c7:6d:ea:
1e:37:f9:d7:7c:3b:08:71:e5:40:7c:f1:ba:b3:2a:
c8:4f:57:5e:77:6b:84:7b:c6:ac:10:1f:14:0c:3e:
cb:ae:76:c2:3a:9d:87:d4:b8:33:32:16:af:66:fd:
09:b4:f6:53:de:f3:33:ba:ce:b3:94:21:78:78:7f:
62:f6:5d:c4:e3:51:e8:c9:a1:60:75:6d:04:59:3b:
35:1a:e4:81:56:93:5f:02:ef:05:53:7d:cc:1d:ff:
07:30:ba:b1:57:f2:55:3b:c0:dd:a3:79:63:2a:c7:
e4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C9:01:34:E5:02:A3:E4:01:F2:9C:AE:FB:01:F4:76:C0:D2:06:FA
X509v3 Authority Key Identifier:
keyid:36:A9:B8:2B:D5:9A:CA:63:40:F6:DF:54:FE:8D:33:60:0B:7E:91:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nqm4K9WaymNA9t9U_o0zYAt-keQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/56b4c1-8015-4189-a3e5-5ad3026d8f28/1/Nqm4K9WaymNA9t9U_o0zYAt-keQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/56b4c1-8015-4189-a3e5-5ad3026d8f28/1/Nqm4K9WaymNA9t9U_o0zYAt-keQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:d4:df:e6:b2:17:a8:32:d4:aa:d3:ee:77:62:10:42:44:f3:
1c:9a:fe:c5:7b:eb:7a:c8:4b:ab:e8:d1:a1:8d:18:c6:4c:6f:
d4:b0:ca:3b:ca:e0:4a:4a:09:91:c5:6c:fe:97:55:d5:dc:e9:
b8:d6:df:b7:eb:3d:f8:42:ca:5c:6d:e5:09:f4:1e:93:71:d7:
46:b1:09:e4:cf:28:4c:98:d3:3c:63:d6:e7:fa:26:dd:7e:44:
7a:40:db:79:2a:e3:cb:bc:cc:73:ab:37:5f:51:66:0d:c1:ed:
10:a5:87:d5:6e:57:5a:ea:58:98:9c:14:23:12:16:dd:74:c6:
0f:81:d0:4f:e4:84:dc:6c:c4:c4:3d:95:a4:67:c8:e7:e9:ec:
73:db:3f:28:e1:df:23:d8:2f:d4:ff:75:3e:d4:35:2d:a9:0b:
0d:b8:0d:42:b6:78:9c:7b:0f:eb:f7:e6:b3:ab:90:f0:16:79:
cb:41:49:42:ec:cc:5c:97:93:1b:31:ee:a3:e3:8b:20:ed:38:
cd:d0:40:92:19:07:e3:7b:93:a0:df:a0:43:66:4d:aa:48:04:
c9:38:e4:70:7e:d9:c6:7b:c9:73:d6:60:fd:bd:b6:83:d8:05:
95:7b:6a:1e:95:1b:ba:77:18:52:37:3e:9f:ad:db:88:a1:a5:
c7:03:67:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fOjC2I9YLGKvyuTNZ9zLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YTliODJiZDU5YWNhNjM0MGY2ZGY1NGZlOGQzMzYwMGI3
ZTkxZTQwHhcNMjUxMDE5MDgwMTMxWhcNMjUxMDIwMDgwMTMxWjAzMTEwLwYDVQQD
EyhiOGM5MDEzNGU1MDJhM2U0MDFmMjljYWVmYjAxZjQ3NmMwZDIwNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWYhf/LZkPmxohlCMfDZAFsXDhtk
q9SAuix3dYBJOhsEberz41A5O/p9FpzbZ/1a1ZJbVpeQDQw/XPnRpfD9uqCEsrI5
KG5eaS0xEsNmMP1hF0UvLKjt8Iv9W1fNiyix62JKb6aBMbT2rRLtkOR0hbMczyIv
Gd7fNVo7fws16YKY2xtKI+0iXKH/6lWnTqZFao7HbeoeN/nXfDsIceVAfPG6syrI
T1ded2uEe8asEB8UDD7LrnbCOp2H1LgzMhavZv0JtPZT3vMzus6zlCF4eH9i9l3E
41HoyaFgdW0EWTs1GuSBVpNfAu8FU33MHf8HMLqxV/JVO8Ddo3ljKsfkhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjJATTlAqPkAfKcrvsB9HbA0gb6MB8GA1UdIwQY
MBaAFDapuCvVmspjQPbfVP6NM2ALfpHkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnFtNEs5V2F5bU5BOXQ5VV9vMHpZQXQta2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC81NmI0YzEtODAxNS00MTg5LWEzZTUt
NWFkMzAyNmQ4ZjI4LzEvTnFtNEs5V2F5bU5BOXQ5VV9vMHpZQXQta2VRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC81NmI0YzEtODAxNS00MTg5LWEzZTUtNWFkMzAyNmQ4ZjI4
LzEvTnFtNEs5V2F5bU5BOXQ5VV9vMHpZQXQta2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArdTf5rIX
qDLUqtPud2IQQkTzHJr+xXvreshLq+jRoY0Yxkxv1LDKO8rgSkoJkcVs/pdV1dzp
uNbft+s9+ELKXG3lCfQek3HXRrEJ5M8oTJjTPGPW5/om3X5EekDbeSrjy7zMc6s3
X1FmDcHtEKWH1W5XWupYmJwUIxIW3XTGD4HQT+SE3GzExD2VpGfI5+nsc9s/KOHf
I9gv1P91PtQ1LakLDbgNQrZ4nHsP6/fms6uQ8BZ5y0FJQuzMXJeTGzHuo+OLIO04
zdBAkhkH43uToN+gQ2ZNqkgEyTjkcH7ZxnvJc9Zg/b22g9gFlXtqHpUbuncYUjc+
n63biKGlxwNneg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:04:41 2025 by rpki-client