Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.mft
File: NQF3JFfg-Ce56SCwDNEUgkpfpiE.mft (raw, json)
Hash identifier: dmX2Ou4fqgEGsdqkqxM9HI7eL3oZfLtRdby/yyJIJ2k=
Subject key identifier: 4C:1A:7A:57:8B:99:F9:EB:23:B1:BE:EA:CF:04:5B:ED:74:72:B3:E0
Authority key identifier: 35:01:77:24:57:E0:F8:27:B9:E9:20:B0:0C:D1:14:82:4A:5F:A6:21
Certificate issuer: /CN=3501772457e0f827b9e920b00cd114824a5fa621
Certificate serial: 019D39414DDFCA4757534386AEB614F26D7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQF3JFfg-Ce56SCwDNEUgkpfpiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 11:01:14 +0000
Manifest this update: Sun 29 Mar 2026 11:01:14 +0000
Manifest next update: Mon 30 Mar 2026 11:01:14 +0000
Files and hashes: 1: CDtNseOhTSyvHnBtVtY8_yl_mqo.roa (hash: QVByv0+71qydMndfr8rOHWUwhEqYjIZJsdGpilbLsSU=)
2: NQF3JFfg-Ce56SCwDNEUgkpfpiE.crl (hash: 2DJEJUEm53tuVEw7aRmOUBu5ESMglZmD0epvvMcMgXs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQF3JFfg-Ce56SCwDNEUgkpfpiE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:4d:df:ca:47:57:53:43:86:ae:b6:14:f2:6d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3501772457e0f827b9e920b00cd114824a5fa621
Validity
Not Before: Mar 29 11:01:14 2026 GMT
Not After : Mar 30 11:01:14 2026 GMT
Subject: CN=4c1a7a578b99f9eb23b1beeacf045bed7472b3e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:91:cf:cc:f2:b2:eb:6b:93:38:b8:12:02:eb:
4e:89:b7:1a:29:8d:32:f4:95:9d:97:f1:cd:9b:e0:
db:f6:0b:7b:01:2b:a3:9b:b0:e8:3e:6f:0a:db:f2:
74:f7:d4:47:2e:99:79:fa:f4:67:49:0a:05:56:c8:
e9:de:00:de:2d:0e:f0:3a:13:fb:66:fe:1f:df:83:
12:a3:50:8c:bb:85:77:14:ce:3b:80:51:e2:e0:57:
9f:ad:e3:e1:a1:e8:8e:4f:2a:82:73:81:a3:ce:c6:
ec:76:72:1d:81:af:98:24:37:8d:66:d7:1d:33:49:
83:fa:c3:92:6f:04:33:65:10:6d:a0:49:0c:80:cb:
49:da:ce:c4:db:cc:ea:96:af:d3:93:75:70:52:5e:
e4:f4:46:53:06:8c:88:5c:af:e5:fc:10:bb:28:d3:
dc:47:ea:d7:76:20:55:80:dc:32:a4:66:57:06:16:
e1:5e:5d:54:c8:53:88:42:32:26:5c:9b:48:51:45:
28:6b:e9:da:88:41:13:c7:f8:8d:84:43:69:80:77:
c2:be:54:28:4e:3b:21:f6:9d:94:d8:d2:3c:45:b2:
bf:a9:0a:71:cd:07:40:15:c1:eb:58:24:f2:eb:4b:
63:c1:4b:8f:cb:fb:d0:94:0c:0c:71:3a:23:fa:b6:
4f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:1A:7A:57:8B:99:F9:EB:23:B1:BE:EA:CF:04:5B:ED:74:72:B3:E0
X509v3 Authority Key Identifier:
keyid:35:01:77:24:57:E0:F8:27:B9:E9:20:B0:0C:D1:14:82:4A:5F:A6:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQF3JFfg-Ce56SCwDNEUgkpfpiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:02:8f:33:2c:50:bb:27:f6:30:54:17:6e:7d:a7:d7:60:2f:
01:76:a6:9d:62:e3:e3:10:8a:72:5e:02:a2:bc:3f:aa:75:58:
fd:29:ba:6d:5d:eb:37:3f:07:41:32:1d:33:b3:05:49:c2:58:
8a:a0:c9:27:63:33:4b:32:9d:a1:64:ce:d2:26:01:cf:49:b7:
a0:5a:2f:b0:43:19:4c:26:ef:6e:1d:6b:ae:be:67:fe:bb:cd:
85:ff:e2:69:23:05:f6:5e:06:6d:e9:2b:01:57:fc:da:31:4a:
d1:26:4e:84:e4:ec:69:dc:02:20:98:09:b6:d3:ec:d1:31:80:
02:9d:db:66:cf:81:08:da:2e:0d:36:72:2b:d4:46:df:cd:78:
8d:6e:a4:2e:36:e2:84:ae:79:95:d1:b7:30:45:ad:db:1d:a2:
c4:6b:e4:09:31:ea:41:28:08:6b:aa:09:29:b2:72:e2:d8:29:
41:b0:69:f4:f1:ca:0d:b2:c9:0f:04:b9:cb:04:07:b4:fc:8d:
39:fa:de:4e:99:8d:57:21:1e:b3:ab:3e:18:ec:a6:b1:a1:95:
a4:aa:4d:41:b0:4f:e3:bd:a8:ca:1c:4e:a5:02:0f:2d:79:01:
0d:2c:fd:d2:ab:84:82:0c:3c:e1:cc:62:ef:5d:85:de:15:86:
b4:36:95:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QU3fykdXU0OGrrYU8m18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MDE3NzI0NTdlMGY4MjdiOWU5MjBiMDBjZDExNDgyNGE1
ZmE2MjEwHhcNMjYwMzI5MTEwMTE0WhcNMjYwMzMwMTEwMTE0WjAzMTEwLwYDVQQD
Eyg0YzFhN2E1NzhiOTlmOWViMjNiMWJlZWFjZjA0NWJlZDc0NzJiM2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpHPzPKy62uTOLgSAutOibcaKY0y
9JWdl/HNm+Db9gt7ASujm7DoPm8K2/J099RHLpl5+vRnSQoFVsjp3gDeLQ7wOhP7
Zv4f34MSo1CMu4V3FM47gFHi4FefrePhoeiOTyqCc4GjzsbsdnIdga+YJDeNZtcd
M0mD+sOSbwQzZRBtoEkMgMtJ2s7E28zqlq/Tk3VwUl7k9EZTBoyIXK/l/BC7KNPc
R+rXdiBVgNwypGZXBhbhXl1UyFOIQjImXJtIUUUoa+naiEETx/iNhENpgHfCvlQo
Tjsh9p2U2NI8RbK/qQpxzQdAFcHrWCTy60tjwUuPy/vQlAwMcToj+rZP9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwaeleLmfnrI7G+6s8EW+10crPgMB8GA1UdIwQY
MBaAFDUBdyRX4PgnuekgsAzRFIJKX6YhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlFGM0pGZmctQ2U1NlNDd0RORVVna3BmcGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi85MDM5MzEtMTY5OC00MWI3LWFmMzQt
OWRkODI3MzVkYTNkLzEvTlFGM0pGZmctQ2U1NlNDd0RORVVna3BmcGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi85MDM5MzEtMTY5OC00MWI3LWFmMzQtOWRkODI3MzVkYTNk
LzEvTlFGM0pGZmctQ2U1NlNDd0RORVVna3BmcGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiQKPMyxQ
uyf2MFQXbn2n12AvAXamnWLj4xCKcl4Corw/qnVY/Sm6bV3rNz8HQTIdM7MFScJY
iqDJJ2MzSzKdoWTO0iYBz0m3oFovsEMZTCbvbh1rrr5n/rvNhf/iaSMF9l4Gbekr
AVf82jFK0SZOhOTsadwCIJgJttPs0TGAAp3bZs+BCNouDTZyK9RG3814jW6kLjbi
hK55ldG3MEWt2x2ixGvkCTHqQSgIa6oJKbJy4tgpQbBp9PHKDbLJDwS5ywQHtPyN
OfreTpmNVyEes6s+GOymsaGVpKpNQbBP472oyhxOpQIPLXkBDSz90quEggw84cxi
712F3hWGtDaVmQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:22:18 2026 by rpki-client