Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
File: NQzOG50G3M6IVmWVNkmcFgM5E3A.mft (raw, json)
Hash identifier: Q4CfU7diEok8wJD67dsDjKQVHMB/4nflYaMdLvKIVf0=
Subject key identifier: FC:A4:E0:71:36:00:01:3D:9F:64:B6:61:C9:47:31:C4:E0:EB:8E:71
Authority key identifier: 35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
Certificate issuer: /CN=350cce1b9d06dcce8856659536499c1603391370
Certificate serial: 019D389C311DE930790349E3A1005BD76FBB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 08:00:53 +0000
Manifest this update: Sun 29 Mar 2026 08:00:53 +0000
Manifest next update: Mon 30 Mar 2026 08:00:53 +0000
Files and hashes: 1: 1-6cYk3IV3azNTDxLV9HIv8JiNNU.roa (hash: 68Lmi8ud6HODb6vZV8sdTwSgFGYMvK/4iVqZEyTtA8M=)
2: NQzOG50G3M6IVmWVNkmcFgM5E3A.crl (hash: cGeJdnyVBQkU+icqg4hp5x6x340mkGANYTDsOcmL33Q=)
3: dls_8eGlW5noEKaT1vWyI3L6kis.roa (hash: Pm8+FvhXP2lEJSCgMp+/lPklylAzLJsm9W0xN+5smos=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:31:1d:e9:30:79:03:49:e3:a1:00:5b:d7:6f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350cce1b9d06dcce8856659536499c1603391370
Validity
Not Before: Mar 29 08:00:53 2026 GMT
Not After : Mar 30 08:00:53 2026 GMT
Subject: CN=fca4e0713600013d9f64b661c94731c4e0eb8e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ee:36:60:32:e0:29:81:c2:9a:07:17:a3:ed:
60:78:98:d0:5d:c7:1d:11:9d:4d:95:40:c4:ef:3e:
e4:ac:66:d2:44:7a:54:7f:7f:cd:be:d8:ea:e1:f0:
c8:4d:3a:61:94:26:d0:7c:9d:51:63:fb:85:ce:b6:
42:d1:05:5a:28:18:41:a2:ea:9d:07:0e:cf:14:1a:
87:61:cd:4e:a9:c5:12:db:27:35:f8:dc:64:00:a7:
df:de:2e:c1:00:fa:9c:27:5f:2e:e7:96:80:83:fe:
e8:cf:95:87:8f:7c:c1:b5:7c:c3:f1:96:b3:6d:84:
20:da:6c:1b:7b:22:24:6a:c1:66:5c:7f:20:e9:f6:
5d:c3:9c:06:48:c9:a9:fc:4b:01:13:75:57:85:32:
c5:4b:15:30:22:67:4f:01:63:3c:4b:9b:ce:4b:1e:
52:5f:ee:64:3e:37:7f:70:25:f2:d1:61:09:74:36:
a3:56:6e:76:d4:41:c5:d0:38:1f:d7:69:48:36:d6:
ff:8e:7f:69:f3:04:1b:d2:61:79:d6:ff:16:c6:b8:
4b:a2:b2:ce:32:e5:bb:c7:c6:71:3d:76:7c:92:39:
62:b4:66:be:1d:57:3f:ba:4f:3f:5c:2a:9f:9b:46:
d1:5e:5e:bf:2f:37:fc:37:e8:13:07:4c:91:9a:67:
23:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:A4:E0:71:36:00:01:3D:9F:64:B6:61:C9:47:31:C4:E0:EB:8E:71
X509v3 Authority Key Identifier:
keyid:35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:9b:62:ce:0d:52:f2:0d:e2:65:79:9b:81:31:48:7e:f1:ba:
6e:dd:4e:6d:24:6d:2a:28:a7:4c:99:80:d6:29:5b:dc:38:37:
dc:e9:f9:09:bf:d4:79:d5:40:cc:66:fb:ba:8a:b5:d3:a1:0a:
a0:73:45:35:e0:db:a2:98:ee:75:e8:4c:1e:18:42:cf:07:9f:
1c:bd:f0:d6:68:64:78:03:f4:39:58:5c:67:4a:b5:ea:05:66:
5f:8a:40:63:a1:2f:98:83:1c:fa:10:fe:81:31:c5:24:5a:42:
09:af:ef:9a:dc:3c:da:b3:1c:cc:10:b4:e5:90:86:69:b5:11:
93:2a:37:3c:0b:fa:29:a3:70:fb:f9:fe:7a:40:8b:5b:f3:be:
c9:2d:51:0b:bd:43:f9:97:a8:d6:ef:bd:b5:62:54:3f:d7:f2:
f1:31:52:89:5c:9f:17:25:53:66:ff:f4:01:4a:55:21:bd:d1:
a2:5c:cb:2d:9c:85:e0:df:00:3a:34:f6:b0:e9:2e:e2:ce:4e:
24:4b:91:9e:46:d5:e9:69:2e:48:c4:df:c6:f1:c2:54:42:66:
a5:99:a5:c3:6a:ef:36:5e:d6:04:fc:08:07:3e:a5:a0:ed:b4:
78:24:8b:ba:02:fd:4d:b3:27:d8:6a:7f:80:eb:33:0d:bc:94:
81:a3:a2:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nDEd6TB5A0njoQBb12+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGNjZTFiOWQwNmRjY2U4ODU2NjU5NTM2NDk5YzE2MDMz
OTEzNzAwHhcNMjYwMzI5MDgwMDUzWhcNMjYwMzMwMDgwMDUzWjAzMTEwLwYDVQQD
EyhmY2E0ZTA3MTM2MDAwMTNkOWY2NGI2NjFjOTQ3MzFjNGUwZWI4ZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4e42YDLgKYHCmgcXo+1geJjQXccd
EZ1NlUDE7z7krGbSRHpUf3/Nvtjq4fDITTphlCbQfJ1RY/uFzrZC0QVaKBhBouqd
Bw7PFBqHYc1OqcUS2yc1+NxkAKff3i7BAPqcJ18u55aAg/7oz5WHj3zBtXzD8Zaz
bYQg2mwbeyIkasFmXH8g6fZdw5wGSMmp/EsBE3VXhTLFSxUwImdPAWM8S5vOSx5S
X+5kPjd/cCXy0WEJdDajVm521EHF0Dgf12lINtb/jn9p8wQb0mF51v8WxrhLorLO
MuW7x8ZxPXZ8kjlitGa+HVc/uk8/XCqfm0bRXl6/Lzf8N+gTB0yRmmcjSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPyk4HE2AAE9n2S2YclHMcTg645xMB8GA1UdIwQY
MBaAFDUMzhudBtzOiFZllTZJnBYDORNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQt
NTU0MTVhMGJhNzNiLzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQtNTU0MTVhMGJhNzNi
LzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS5tizg1S
8g3iZXmbgTFIfvG6bt1ObSRtKiinTJmA1ilb3Dg33On5Cb/UedVAzGb7uoq106EK
oHNFNeDbopjudehMHhhCzwefHL3w1mhkeAP0OVhcZ0q16gVmX4pAY6EvmIMc+hD+
gTHFJFpCCa/vmtw82rMczBC05ZCGabURkyo3PAv6KaNw+/n+ekCLW/O+yS1RC71D
+Zeo1u+9tWJUP9fy8TFSiVyfFyVTZv/0AUpVIb3RolzLLZyF4N8AOjT2sOku4s5O
JEuRnkbV6WkuSMTfxvHCVEJmpZmlw2rvNl7WBPwIBz6loO20eCSLugL9TbMn2Gp/
gOszDbyUgaOipA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:21 2026 by rpki-client