Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
File: NgHDzOanHKshpLut8KuE3ePyurI.mft (raw, json)
Hash identifier: DOPzREV34K0Y3hUhDadXv/nfM02DJvTCUamZrXjYe/U=
Subject key identifier: C9:1C:11:08:30:2E:4A:97:75:B9:A7:D2:80:60:12:CF:9E:5F:78:07
Authority key identifier: 36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
Certificate issuer: /CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Certificate serial: 0198D4737ECED578B25856CD11FF2B47C3DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
Manifest number: 164C
Signing time: Sat 23 Aug 2025 01:03:15 +0000
Manifest this update: Sat 23 Aug 2025 01:03:15 +0000
Manifest next update: Sun 24 Aug 2025 01:03:15 +0000
Files and hashes: 1: Mk7YYF4o9LB74wKwKgBbcKzvyH8.roa (hash: OCqXIpcMD6jOp7DHnSx2liWfa4cjdFDkG92oQWOUUNo=)
2: NgHDzOanHKshpLut8KuE3ePyurI.crl (hash: nBj4fXENYw3iKUwr4bJ4J59yu4hEyrYyxvSuEU5IVt4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:73:7e:ce:d5:78:b2:58:56:cd:11:ff:2b:47:c3:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Validity
Not Before: Aug 23 01:03:15 2025 GMT
Not After : Aug 24 01:03:15 2025 GMT
Subject: CN=c91c1108302e4a9775b9a7d2806012cf9e5f7807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:06:fb:c4:1f:27:fb:7b:cf:65:33:a4:5a:24:
61:b2:67:33:51:ad:4a:32:e9:8f:c3:de:25:f3:62:
bd:ba:ee:c6:33:6a:62:7e:19:65:78:7d:93:cf:bf:
e3:af:08:c8:67:1a:cf:80:10:06:8a:d8:32:63:18:
71:10:76:82:f3:6a:28:45:cd:00:d2:ac:d3:ca:03:
7a:c6:f7:57:d7:e1:41:22:41:1e:bd:89:26:b4:d8:
67:fb:8c:7c:28:a5:9a:5f:60:fe:3a:11:8f:1c:88:
f9:34:05:ff:19:37:8c:03:c0:6b:d7:d5:6a:8b:e4:
be:6c:a3:5c:57:ed:a8:45:f6:86:d1:9f:75:8a:45:
78:00:ba:f5:b4:c6:b6:a8:6d:01:5a:e9:48:af:f5:
3c:ac:ef:5b:db:6e:4c:95:82:fe:78:91:70:a5:b0:
79:36:45:ca:f1:d2:ab:f3:76:ed:ec:97:c8:35:8d:
c8:be:89:7f:90:13:96:38:16:8b:38:11:fb:cb:f0:
38:88:2d:45:b4:5b:69:a1:72:92:d1:a5:35:5a:e4:
dc:8d:4d:3e:74:97:d4:2d:66:64:38:4a:96:b4:6c:
e6:62:78:eb:5e:25:00:3a:e2:3b:a4:32:81:90:e5:
b1:d4:bd:3b:1f:70:db:8f:79:1b:62:bb:f3:38:38:
f7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:1C:11:08:30:2E:4A:97:75:B9:A7:D2:80:60:12:CF:9E:5F:78:07
X509v3 Authority Key Identifier:
keyid:36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:1f:74:93:7e:f8:04:95:74:a6:ef:c9:73:7a:bd:14:bb:49:
73:f6:e6:57:5d:5c:9e:db:b5:6e:97:78:35:90:76:80:21:ce:
02:e3:df:43:39:db:24:bb:4a:f4:51:43:05:27:cc:d8:88:74:
4a:83:75:aa:8f:94:ed:0f:83:8d:96:3d:21:f4:04:ed:18:43:
e4:3d:15:88:12:8b:4a:8f:4f:e9:3c:bd:41:a6:88:ac:0f:14:
8f:f6:92:d7:4e:1a:81:8f:82:ec:f1:e9:5e:fd:8a:2b:7c:d2:
62:55:2a:d4:11:06:b6:0c:a3:39:9d:9c:77:e2:ea:b5:7b:78:
57:e6:b4:88:1c:ca:c8:7d:98:71:06:29:fc:15:04:37:d8:3c:
ee:11:95:55:fa:9b:bf:7d:de:40:b7:1e:91:d9:21:13:44:1d:
52:d1:cc:2e:4c:15:81:ab:e2:b0:0f:e7:54:51:0e:e9:54:c1:
7a:5d:ef:8d:86:28:04:70:f2:b8:27:3e:7a:db:72:d1:b4:1a:
2a:93:15:cb:28:45:18:83:04:8f:ba:d8:7e:15:e5:32:5f:ae:
a8:1b:c5:76:91:fa:e3:1a:f4:61:bf:3e:a1:a2:75:f0:6f:e9:
4e:e0:9a:1d:21:97:db:77:15:95:25:c0:ba:6e:b1:e3:a1:fb:
bf:49:41:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc37O1XiyWFbNEf8rR8PfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MDFjM2NjZTZhNzFjYWIyMWE0YmJhZGYwYWI4NGRkZTNm
MmJhYjIwHhcNMjUwODIzMDEwMzE1WhcNMjUwODI0MDEwMzE1WjAzMTEwLwYDVQQD
EyhjOTFjMTEwODMwMmU0YTk3NzViOWE3ZDI4MDYwMTJjZjllNWY3ODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6gb7xB8n+3vPZTOkWiRhsmczUa1K
MumPw94l82K9uu7GM2pifhlleH2Tz7/jrwjIZxrPgBAGitgyYxhxEHaC82ooRc0A
0qzTygN6xvdX1+FBIkEevYkmtNhn+4x8KKWaX2D+OhGPHIj5NAX/GTeMA8Br19Vq
i+S+bKNcV+2oRfaG0Z91ikV4ALr1tMa2qG0BWulIr/U8rO9b225MlYL+eJFwpbB5
NkXK8dKr83bt7JfINY3Ivol/kBOWOBaLOBH7y/A4iC1FtFtpoXKS0aU1WuTcjU0+
dJfULWZkOEqWtGzmYnjrXiUAOuI7pDKBkOWx1L07H3Dbj3kbYrvzODj3mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkcEQgwLkqXdbmn0oBgEs+eX3gHMB8GA1UdIwQY
MBaAFDYBw8zmpxyrIaS7rfCrhN3j8rqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUt
ODAxZWYzOGRlYTljLzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUtODAxZWYzOGRlYTlj
LzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfx90k374
BJV0pu/Jc3q9FLtJc/bmV11cntu1bpd4NZB2gCHOAuPfQznbJLtK9FFDBSfM2Ih0
SoN1qo+U7Q+DjZY9IfQE7RhD5D0ViBKLSo9P6Ty9QaaIrA8Uj/aS104agY+C7PHp
Xv2KK3zSYlUq1BEGtgyjOZ2cd+LqtXt4V+a0iBzKyH2YcQYp/BUEN9g87hGVVfqb
v33eQLcekdkhE0QdUtHMLkwVgavisA/nVFEO6VTBel3vjYYoBHDyuCc+etty0bQa
KpMVyyhFGIMEj7rYfhXlMl+uqBvFdpH64xr0Yb8+oaJ18G/pTuCaHSGX23cVlSXA
um6x46H7v0lBfg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:07:32 2025 by rpki-client