Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
File: nTHCM8vSZtsCYgud65DQjkFpLmc.mft (raw, json)
Hash identifier: 4P1fbh1mIc7o/6hFVH1c037ielyM410xfZqjlPa0RKE=
Subject key identifier: 7E:6A:BB:24:18:C5:FE:FE:3B:B0:00:AD:D8:CE:B4:39:2C:9E:45:01
Authority key identifier: 9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
Certificate issuer: /CN=9d31c233cbd266db02620b9deb90d08e41692e67
Certificate serial: 0199FDDA67B2307EFFEF1E8EC8BE767358BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
Manifest number: 0DC3
Signing time: Sun 19 Oct 2025 19:02:52 +0000
Manifest this update: Sun 19 Oct 2025 19:02:52 +0000
Manifest next update: Mon 20 Oct 2025 19:02:52 +0000
Files and hashes: 1: _rMAcV1Zh6HxKo_vwEpVhjFVwy8.roa (hash: r1imevw1h8qWVS0OoTwBJnDWSm49xN9+9T+LLaWUqWk=)
2: nTHCM8vSZtsCYgud65DQjkFpLmc.crl (hash: 1uhAvY9/B9jRebAKYHy137JwhfmcmacH0Q5wkRZySfw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:da:67:b2:30:7e:ff:ef:1e:8e:c8:be:76:73:58:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d31c233cbd266db02620b9deb90d08e41692e67
Validity
Not Before: Oct 19 19:02:52 2025 GMT
Not After : Oct 20 19:02:52 2025 GMT
Subject: CN=7e6abb2418c5fefe3bb000add8ceb4392c9e4501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:49:22:ec:ae:54:fd:c0:ac:be:9d:9f:04:bd:
be:49:ab:ce:00:59:8d:a4:34:d1:0d:cc:c8:d6:fc:
79:52:a0:87:14:f6:6b:79:04:8d:fe:5e:b3:0f:8a:
27:03:f0:04:8f:2c:0f:10:27:1b:c6:0d:4c:9a:9b:
4c:26:9a:d8:b8:1c:14:4a:13:18:56:0b:a8:6e:d8:
1f:3c:94:ce:a7:b4:50:a9:eb:75:d1:a2:0c:c3:9e:
cf:6d:26:8c:32:24:63:01:d1:4c:31:f1:3d:a0:03:
d1:54:6b:ed:fe:d3:1f:8f:c8:5c:d1:42:b4:ee:e7:
5f:77:79:20:49:d6:83:24:20:a3:a9:2b:50:a5:7e:
f9:9d:6a:7f:63:f4:d4:86:06:f5:f5:cd:44:50:63:
bb:1f:fb:0d:86:8d:bd:24:62:0b:b3:3c:f7:9f:25:
08:92:71:4b:06:1e:10:e3:5e:67:78:e1:21:4f:aa:
ad:24:b8:05:76:6f:9b:82:c3:ac:92:03:13:87:b3:
b2:1c:54:dc:ff:1d:fb:07:fb:90:e8:e7:0c:37:b6:
62:31:40:66:61:3d:22:e9:53:21:19:da:a7:a6:dc:
28:08:43:b1:4b:4b:1c:49:0b:36:10:de:30:bb:b4:
61:3a:0e:d0:e2:95:05:08:18:bf:b1:d4:e4:26:fc:
76:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:6A:BB:24:18:C5:FE:FE:3B:B0:00:AD:D8:CE:B4:39:2C:9E:45:01
X509v3 Authority Key Identifier:
keyid:9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
db:19:18:d1:a6:ca:61:c7:aa:be:46:1a:03:b5:98:be:b8:ef:
bf:a2:a5:34:66:12:7f:02:60:1f:51:43:ac:7e:b6:ef:df:bf:
0a:53:92:cc:1e:a2:68:b6:ab:e0:e5:3e:6e:9a:b2:ac:f6:76:
3d:46:70:46:f4:cc:7a:b4:f6:60:47:c4:a8:ea:78:b3:60:51:
b1:09:e1:32:24:19:2e:cc:6d:80:e1:60:b9:55:18:89:dc:be:
3e:fa:05:40:c8:2b:07:29:08:8c:10:21:a0:50:44:0f:bc:1d:
c7:d9:b3:83:a2:7e:a2:d5:e3:07:8b:aa:41:6c:8c:0c:5b:19:
1a:74:b7:1c:0d:76:0e:be:ce:10:0f:bd:a0:82:45:b8:36:44:
2f:9e:32:88:6c:67:57:31:1b:65:41:54:63:fd:56:95:54:92:
29:f2:d9:d9:ec:20:08:4d:17:d0:fc:a9:6d:1b:fa:fd:98:6d:
d0:9f:f3:b9:25:34:d7:e3:5c:3f:61:92:18:e5:70:0a:03:2f:
f9:57:8b:ca:27:66:e9:60:27:e5:2b:05:fa:fb:23:a6:09:b9:
7b:88:8e:7f:20:51:f4:b2:c4:1e:18:a3:a5:55:39:e2:55:49:
5f:b5:35:85:9f:22:9f:45:30:c1:c6:91:cb:2e:31:5c:16:83:
27:50:a1:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92meyMH7/7x6OyL52c1i7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzFjMjMzY2JkMjY2ZGIwMjYyMGI5ZGViOTBkMDhlNDE2
OTJlNjcwHhcNMjUxMDE5MTkwMjUyWhcNMjUxMDIwMTkwMjUyWjAzMTEwLwYDVQQD
Eyg3ZTZhYmIyNDE4YzVmZWZlM2JiMDAwYWRkOGNlYjQzOTJjOWU0NTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0ki7K5U/cCsvp2fBL2+SavOAFmN
pDTRDczI1vx5UqCHFPZreQSN/l6zD4onA/AEjywPECcbxg1MmptMJprYuBwUShMY
VguobtgfPJTOp7RQqet10aIMw57PbSaMMiRjAdFMMfE9oAPRVGvt/tMfj8hc0UK0
7udfd3kgSdaDJCCjqStQpX75nWp/Y/TUhgb19c1EUGO7H/sNho29JGILszz3nyUI
knFLBh4Q415neOEhT6qtJLgFdm+bgsOskgMTh7OyHFTc/x37B/uQ6OcMN7ZiMUBm
YT0i6VMhGdqnptwoCEOxS0scSQs2EN4wu7RhOg7Q4pUFCBi/sdTkJvx2rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH5quyQYxf7+O7AArdjOtDksnkUBMB8GA1UdIwQY
MBaAFJ0xwjPL0mbbAmILneuQ0I5BaS5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDct
ZmExNzI1MDM0NDkxLzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDctZmExNzI1MDM0NDkx
LzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2xkY0abK
YceqvkYaA7WYvrjvv6KlNGYSfwJgH1FDrH6279+/ClOSzB6iaLar4OU+bpqyrPZ2
PUZwRvTMerT2YEfEqOp4s2BRsQnhMiQZLsxtgOFguVUYidy+PvoFQMgrBykIjBAh
oFBED7wdx9mzg6J+otXjB4uqQWyMDFsZGnS3HA12Dr7OEA+9oIJFuDZEL54yiGxn
VzEbZUFUY/1WlVSSKfLZ2ewgCE0X0PypbRv6/Zht0J/zuSU01+NcP2GSGOVwCgMv
+VeLyidm6WAn5SsF+vsjpgm5e4iOfyBR9LLEHhijpVU54lVJX7U1hZ8in0UwwcaR
yy4xXBaDJ1ChFw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:00:44 2025 by rpki-client