Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft
File: nxFouFcXoUZmABtbL2yQgBmX3gY.mft (raw, json)
Hash identifier: pEk2F0w6kVU67zMm3umqJpSfXC3FGOROc1SAqeFxltY=
Subject key identifier: 72:BB:18:E7:A9:1D:82:BE:85:EA:BA:03:BD:3C:02:3B:52:87:E6:B5
Authority key identifier: 9F:11:68:B8:57:17:A1:46:66:00:1B:5B:2F:6C:90:80:19:97:DE:06
Certificate issuer: /CN=9f1168b85717a14666001b5b2f6c90801997de06
Certificate serial: 0198D7A968D71BDA1579AB4A3FF325EB5D11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft
Manifest number: 03FC
Signing time: Sat 23 Aug 2025 16:01:00 +0000
Manifest this update: Sat 23 Aug 2025 16:01:00 +0000
Manifest next update: Sun 24 Aug 2025 16:01:00 +0000
Files and hashes: 1: nxFouFcXoUZmABtbL2yQgBmX3gY.crl (hash: gWM24k4Rsrd4Xlxx3Ei5nvt/NlYzzXVIakTtVcTvcqk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft
rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d7:a9:68:d7:1b:da:15:79:ab:4a:3f:f3:25:eb:5d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f1168b85717a14666001b5b2f6c90801997de06
Validity
Not Before: Aug 23 16:01:00 2025 GMT
Not After : Aug 24 16:01:00 2025 GMT
Subject: CN=72bb18e7a91d82be85eaba03bd3c023b5287e6b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:da:16:36:64:dc:9f:12:3a:ba:a1:13:72:fa:
44:16:b9:13:b5:19:ac:41:ae:11:b7:ea:98:84:63:
0d:d7:88:dd:58:9c:b7:40:ec:06:5d:40:46:71:68:
59:f1:43:61:11:4a:67:99:5b:62:5f:e5:24:ed:ca:
c9:3b:fe:81:f6:50:29:6a:a5:bb:96:2d:7d:72:25:
a9:83:9d:2c:66:ee:4f:67:d1:49:8a:79:72:28:f6:
0e:30:a1:97:a3:8d:26:04:ee:57:f5:e7:32:2f:9b:
64:7e:90:b8:59:21:3d:85:7d:b6:f6:9e:c7:72:df:
d9:8a:4f:a1:bf:48:4f:7b:71:42:48:97:a3:1f:d3:
c6:e9:c8:af:c4:35:ca:91:5f:1f:ec:66:e1:5b:f7:
fa:01:e6:38:0f:a8:7f:8e:9c:ad:ea:94:36:ad:ac:
eb:dc:81:d2:94:59:40:29:9d:bc:55:2d:4c:d6:e1:
6a:ad:75:cc:92:8c:51:f2:ca:82:aa:6f:ff:43:a4:
a5:99:ad:58:0b:71:ff:93:e6:51:f3:09:0b:28:71:
c6:e7:82:80:e0:4d:d7:06:07:8b:0d:13:55:96:c7:
34:8c:fe:ca:9a:c9:63:ff:d5:98:99:21:ed:9b:b6:
7a:33:09:0a:ed:4a:0a:57:81:36:45:bb:ce:e5:04:
8c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:BB:18:E7:A9:1D:82:BE:85:EA:BA:03:BD:3C:02:3B:52:87:E6:B5
X509v3 Authority Key Identifier:
keyid:9F:11:68:B8:57:17:A1:46:66:00:1B:5B:2F:6C:90:80:19:97:DE:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:18:bc:b6:02:46:cd:1d:2e:b2:5f:a3:0d:fa:b7:d9:bc:bd:
a8:07:7d:82:5d:51:c2:e1:1c:c6:91:2e:35:1d:5d:7c:04:16:
61:57:8e:84:84:d7:42:e0:50:21:b4:c9:5f:89:25:6b:5d:1c:
38:50:5a:0a:fe:1e:d2:45:fd:db:04:ce:17:c9:fc:cc:82:b7:
ec:ba:9f:87:3b:df:33:7b:0b:b8:be:80:53:2c:b8:85:12:59:
ae:cc:6a:13:71:96:e3:ba:40:a4:13:ce:4d:de:2a:ac:1b:8c:
17:e8:b2:cb:f7:ce:62:8c:16:1d:9d:fa:24:9a:d7:3a:54:b7:
a6:0d:0c:d9:0d:7a:6d:e7:d6:44:9f:48:c7:00:21:bf:86:8b:
a1:24:43:1e:4a:81:1e:36:f2:36:f9:86:fa:8e:ab:35:bd:95:
cc:91:31:d7:d9:2f:93:7c:91:95:21:4d:7c:f3:56:10:89:e3:
7a:ea:1a:c2:09:7b:00:8c:72:7a:d7:0d:84:46:0a:16:21:95:
32:5c:d6:71:6c:7a:dc:32:bd:fc:ef:79:fa:88:0b:bc:43:11:
12:ee:94:f2:42:5f:c1:78:5b:d6:36:61:10:97:ea:1d:38:ad:
ca:2c:fb:4d:19:b5:97:b6:ee:ba:31:2c:0d:7b:39:fe:91:3e:
18:33:44:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqWjXG9oVeatKP/Ml610RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMTE2OGI4NTcxN2ExNDY2NjAwMWI1YjJmNmM5MDgwMTk5
N2RlMDYwHhcNMjUwODIzMTYwMTAwWhcNMjUwODI0MTYwMTAwWjAzMTEwLwYDVQQD
Eyg3MmJiMThlN2E5MWQ4MmJlODVlYWJhMDNiZDNjMDIzYjUyODdlNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdoWNmTcnxI6uqETcvpEFrkTtRms
Qa4Rt+qYhGMN14jdWJy3QOwGXUBGcWhZ8UNhEUpnmVtiX+Uk7crJO/6B9lApaqW7
li19ciWpg50sZu5PZ9FJinlyKPYOMKGXo40mBO5X9ecyL5tkfpC4WSE9hX229p7H
ct/Zik+hv0hPe3FCSJejH9PG6civxDXKkV8f7GbhW/f6AeY4D6h/jpyt6pQ2razr
3IHSlFlAKZ28VS1M1uFqrXXMkoxR8sqCqm//Q6Slma1YC3H/k+ZR8wkLKHHG54KA
4E3XBgeLDRNVlsc0jP7Kmslj/9WYmSHtm7Z6MwkK7UoKV4E2RbvO5QSMfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHK7GOepHYK+heq6A708AjtSh+a1MB8GA1UdIwQY
MBaAFJ8RaLhXF6FGZgAbWy9skIAZl94GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84ZjY1OGMtM2ZhYy00OThkLWI5NWUt
ZjQyMTliZWRkYjM3LzEvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84ZjY1OGMtM2ZhYy00OThkLWI5NWUtZjQyMTliZWRkYjM3
LzEvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaxi8tgJG
zR0usl+jDfq32by9qAd9gl1RwuEcxpEuNR1dfAQWYVeOhITXQuBQIbTJX4kla10c
OFBaCv4e0kX92wTOF8n8zIK37LqfhzvfM3sLuL6AUyy4hRJZrsxqE3GW47pApBPO
Td4qrBuMF+iyy/fOYowWHZ36JJrXOlS3pg0M2Q16befWRJ9IxwAhv4aLoSRDHkqB
HjbyNvmG+o6rNb2VzJEx19kvk3yRlSFNfPNWEInjeuoawgl7AIxyetcNhEYKFiGV
MlzWcWx63DK9/O95+ogLvEMREu6U8kJfwXhb1jZhEJfqHTityiz7TRm1l7buujEs
DXs5/pE+GDNEcw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:21:57 2025 by rpki-client