Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
File: NQzOG50G3M6IVmWVNkmcFgM5E3A.mft (raw, json)
Hash identifier: hcr1JQD+nBzqbzOqOEyG3/5IXUgT/x8Zgeecbhz6wEY=
Subject key identifier: 25:78:01:34:01:9C:B7:04:CA:31:07:9B:3B:4D:A8:8B:56:55:48:A5
Authority key identifier: 35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
Certificate issuer: /CN=350cce1b9d06dcce8856659536499c1603391370
Certificate serial: 019EB6FBC8FE2963026D5E098B75D915B915
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
Manifest number: 1957
Signing time: Thu 11 Jun 2026 14:00:14 +0000
Manifest this update: Thu 11 Jun 2026 14:00:14 +0000
Manifest next update: Fri 12 Jun 2026 14:00:14 +0000
Files and hashes: 1: 1-6cYk3IV3azNTDxLV9HIv8JiNNU.roa (hash: 68Lmi8ud6HODb6vZV8sdTwSgFGYMvK/4iVqZEyTtA8M=)
2: NQzOG50G3M6IVmWVNkmcFgM5E3A.crl (hash: YuenW3cH9yrm6oStYu8DG8Zqsk04DpKpMqTtvNRU9Hc=)
3: dls_8eGlW5noEKaT1vWyI3L6kis.roa (hash: Pm8+FvhXP2lEJSCgMp+/lPklylAzLJsm9W0xN+5smos=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b6:fb:c8:fe:29:63:02:6d:5e:09:8b:75:d9:15:b9:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350cce1b9d06dcce8856659536499c1603391370
Validity
Not Before: Jun 11 14:00:14 2026 GMT
Not After : Jun 12 14:00:14 2026 GMT
Subject: CN=25780134019cb704ca31079b3b4da88b565548a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:df:95:97:48:16:7e:37:94:e9:47:68:c2:cc:
26:6b:16:f6:08:ed:08:ef:97:57:47:51:00:42:5f:
fd:94:44:49:03:97:e5:ec:41:e3:73:6d:7a:86:49:
1d:c1:d1:12:87:63:5c:80:50:18:d6:1f:d5:60:91:
ad:84:0b:eb:b0:49:87:81:a0:fd:b4:5b:35:9f:7b:
55:1d:d8:c2:21:45:d9:4a:94:09:70:fe:50:f0:32:
47:8a:17:1c:73:07:c7:7a:4f:71:df:f8:4a:61:b3:
8d:fc:d4:9f:70:46:7c:e9:f7:3d:3d:09:01:c2:ff:
5c:6e:15:05:34:5a:16:15:13:a1:5e:14:d5:20:fe:
7c:2a:64:fe:50:cc:b9:81:65:db:c1:88:58:a3:39:
ae:5c:cf:3c:a4:58:48:e5:4b:1b:8f:91:0d:37:1c:
bf:8d:6f:9f:0c:a4:83:dd:03:ca:92:a6:41:e2:38:
f5:e0:c4:56:90:90:b4:c9:27:3c:55:38:03:7d:6e:
8f:6a:f4:10:5e:0a:49:f1:8e:d7:4b:5f:95:41:9b:
6c:69:a8:e7:bc:1e:be:5a:81:22:67:79:ed:e9:72:
d1:78:96:a0:43:2e:96:57:fb:c1:ce:77:61:1c:90:
ea:1b:45:09:9c:0e:a3:db:c1:42:ae:93:52:ed:25:
7e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:78:01:34:01:9C:B7:04:CA:31:07:9B:3B:4D:A8:8B:56:55:48:A5
X509v3 Authority Key Identifier:
keyid:35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:ec:58:96:f3:18:ef:3a:3e:44:72:3c:6e:6d:ad:f1:1b:9b:
67:e0:15:87:7f:fa:bd:9c:5d:f6:ee:30:c1:1c:10:21:45:3b:
ca:f9:e5:f7:a2:aa:bb:00:c9:36:c9:51:06:b7:61:98:20:d3:
7d:9f:bb:8c:b7:f6:26:5c:87:a3:41:9c:b2:ad:51:55:cc:25:
b7:0c:62:f6:0a:74:ae:cb:8b:b0:e7:30:cb:56:0d:5e:38:6d:
cb:5f:57:f7:52:2d:53:b3:c8:00:7e:ba:f2:ba:2f:4c:80:57:
14:fb:09:6e:cb:a1:2c:f5:a1:e0:6e:ca:e7:49:be:a0:1c:ff:
dd:a5:00:d4:ba:c8:c8:90:46:87:f0:6f:bc:b4:dd:4f:29:77:
c1:37:ff:92:c4:de:2a:7b:d9:5a:b0:33:59:26:a5:93:d0:84:
cd:14:88:f2:b4:7e:3a:d4:12:97:50:b1:6d:2b:b4:da:72:9a:
ab:27:1b:06:c4:61:db:05:44:16:92:24:e7:4a:17:9a:e3:62:
6f:e1:e1:a0:4b:39:24:7a:ac:fc:22:f1:04:77:00:36:31:43:
7b:95:01:e1:df:ef:81:c7:49:5b:9a:6b:4d:f6:30:86:b6:6b:
d7:b4:06:69:76:13:89:e3:72:d2:b0:b6:6b:73:d3:49:20:0f:
f8:79:81:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ62+8j+KWMCbV4Ji3XZFbkVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGNjZTFiOWQwNmRjY2U4ODU2NjU5NTM2NDk5YzE2MDMz
OTEzNzAwHhcNMjYwNjExMTQwMDE0WhcNMjYwNjEyMTQwMDE0WjAzMTEwLwYDVQQD
EygyNTc4MDEzNDAxOWNiNzA0Y2EzMTA3OWIzYjRkYTg4YjU2NTU0OGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod+Vl0gWfjeU6Udowswmaxb2CO0I
75dXR1EAQl/9lERJA5fl7EHjc216hkkdwdESh2NcgFAY1h/VYJGthAvrsEmHgaD9
tFs1n3tVHdjCIUXZSpQJcP5Q8DJHihcccwfHek9x3/hKYbON/NSfcEZ86fc9PQkB
wv9cbhUFNFoWFROhXhTVIP58KmT+UMy5gWXbwYhYozmuXM88pFhI5Usbj5ENNxy/
jW+fDKSD3QPKkqZB4jj14MRWkJC0ySc8VTgDfW6PavQQXgpJ8Y7XS1+VQZtsaajn
vB6+WoEiZ3nt6XLReJagQy6WV/vBzndhHJDqG0UJnA6j28FCrpNS7SV+AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCV4ATQBnLcEyjEHmztNqItWVUilMB8GA1UdIwQY
MBaAFDUMzhudBtzOiFZllTZJnBYDORNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQt
NTU0MTVhMGJhNzNiLzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQtNTU0MTVhMGJhNzNi
LzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcuxYlvMY
7zo+RHI8bm2t8RubZ+AVh3/6vZxd9u4wwRwQIUU7yvnl96KquwDJNslRBrdhmCDT
fZ+7jLf2JlyHo0Gcsq1RVcwltwxi9gp0rsuLsOcwy1YNXjhty19X91ItU7PIAH66
8rovTIBXFPsJbsuhLPWh4G7K50m+oBz/3aUA1LrIyJBGh/BvvLTdTyl3wTf/ksTe
KnvZWrAzWSalk9CEzRSI8rR+OtQSl1CxbSu02nKaqycbBsRh2wVEFpIk50oXmuNi
b+HhoEs5JHqs/CLxBHcANjFDe5UB4d/vgcdJW5prTfYwhrZr17QGaXYTieNy0rC2
a3PTSSAP+HmBHg==
-----END CERTIFICATE-----
Generated at Thu Jun 11 22:42:12 2026 by rpki-client