Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
File: nlaYDUienFO8gp8-jWPTg_ONDeM.mft (raw, json)
Hash identifier: Ok6cc+UO5eW0wywm/PjaWVrRrWUSoIHxpLmQkEz11cc=
Subject key identifier: 8E:56:3E:9B:50:D3:9E:0E:46:A3:93:50:F5:03:CA:AE:35:40:BE:5E
Authority key identifier: 9E:56:98:0D:48:9E:9C:53:BC:82:9F:3E:8D:63:D3:83:F3:8D:0D:E3
Certificate issuer: /CN=9e56980d489e9c53bc829f3e8d63d383f38d0de3
Certificate serial: 019D38D2EAAE04A417070B576DB139B51AB3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
Manifest number: 17EC
Signing time: Sun 29 Mar 2026 09:00:39 +0000
Manifest this update: Sun 29 Mar 2026 09:00:39 +0000
Manifest next update: Mon 30 Mar 2026 09:00:39 +0000
Files and hashes: 1: Ty0AHGlJ9RoCTN7szHoodFNrVgY.roa (hash: CDSZ7X9fhOdv3vxjKS4CoPN0JEb8cRxrZ3+xOxMLrhk=)
2: nlaYDUienFO8gp8-jWPTg_ONDeM.crl (hash: H09aLe+K4UTEavtSpSMNQbDAYP1h4eEfDL9ySvgd7s4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 09:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:ea:ae:04:a4:17:07:0b:57:6d:b1:39:b5:1a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e56980d489e9c53bc829f3e8d63d383f38d0de3
Validity
Not Before: Mar 29 09:00:39 2026 GMT
Not After : Mar 30 09:00:39 2026 GMT
Subject: CN=8e563e9b50d39e0e46a39350f503caae3540be5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6a:1e:c4:c8:d7:10:d8:f3:32:9a:bf:6e:4b:
31:b9:21:1a:83:3c:3e:44:e4:bc:60:ec:d5:38:3f:
99:f6:45:95:04:08:4a:77:d6:bc:04:de:1c:b4:5a:
ea:c7:a4:1b:28:2c:e4:d9:b5:81:c5:ba:7f:65:88:
76:74:a4:aa:75:59:ea:ff:a0:6b:71:8a:2a:b4:2b:
76:0d:02:8a:c7:90:b4:5b:d4:4a:58:f8:9e:47:97:
d5:f4:57:31:5a:42:c9:ac:4f:72:cc:6d:8d:4c:41:
1d:c6:a7:50:ae:8c:02:81:fa:76:52:10:46:64:34:
77:a7:25:50:fa:1a:98:bf:b4:dc:48:20:86:ec:a9:
4a:cf:96:e1:73:b1:7a:e1:98:4e:67:30:c2:be:15:
71:96:56:cf:74:6e:03:6b:39:64:7b:fc:51:f0:31:
01:58:fc:cb:24:db:84:be:25:79:cc:0e:04:cf:e3:
26:2c:36:6a:b4:a9:6d:ba:db:30:f1:fd:71:0e:f1:
b9:09:cc:38:c2:ef:34:0a:cc:39:f5:fb:91:1a:f1:
b7:86:93:9c:80:ae:fb:4a:bf:b4:59:bc:c2:04:0e:
7e:b8:73:84:3c:55:91:d5:08:7d:20:8d:81:72:45:
2c:e5:01:87:19:26:e0:91:94:13:1c:e7:44:5c:a8:
56:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:56:3E:9B:50:D3:9E:0E:46:A3:93:50:F5:03:CA:AE:35:40:BE:5E
X509v3 Authority Key Identifier:
keyid:9E:56:98:0D:48:9E:9C:53:BC:82:9F:3E:8D:63:D3:83:F3:8D:0D:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:26:b7:97:71:7a:71:6c:a0:1c:16:3e:55:01:20:11:f8:37:
9a:50:02:e8:d4:17:e8:4f:83:de:14:44:77:9a:a9:5e:60:64:
9b:4c:5a:c6:b2:c4:80:b6:8f:e1:c9:54:cb:55:20:a5:9b:b0:
fb:90:10:d5:f3:78:f4:0a:41:40:30:a3:01:92:1f:88:76:b3:
d3:91:48:b5:b2:19:9b:bd:e9:af:f2:e7:1b:12:7e:60:bc:9d:
25:d3:cb:ee:d9:6d:0d:2a:3b:1e:be:c1:2e:b5:53:6a:c4:23:
63:4c:3a:56:1c:64:05:12:6c:23:35:39:72:16:04:b5:b2:21:
be:a2:69:d0:0e:f3:7f:54:34:f6:02:a1:b0:5d:ea:52:38:07:
6b:1a:22:43:94:d3:fa:d4:26:7b:c4:56:43:5a:01:ef:b6:f8:
34:64:5f:37:50:ef:fd:14:63:48:e9:e6:a1:a6:aa:6b:5d:e6:
a4:75:2c:77:c0:f9:e0:24:f3:73:64:87:c0:d4:bc:c0:01:e8:
89:ce:13:5c:3d:3d:6f:c0:1b:49:c2:8c:80:b6:fb:58:ee:32:
8b:db:80:dc:f5:65:fd:dd:f1:a2:4f:b8:52:96:5b:be:50:38:
51:2f:1b:41:6d:55:e5:03:89:20:2b:c2:59:c6:f4:b7:93:c2:
50:86:66:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040uquBKQXBwtXbbE5tRqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTY5ODBkNDg5ZTljNTNiYzgyOWYzZThkNjNkMzgzZjM4
ZDBkZTMwHhcNMjYwMzI5MDkwMDM5WhcNMjYwMzMwMDkwMDM5WjAzMTEwLwYDVQQD
Eyg4ZTU2M2U5YjUwZDM5ZTBlNDZhMzkzNTBmNTAzY2FhZTM1NDBiZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2oexMjXENjzMpq/bksxuSEagzw+
ROS8YOzVOD+Z9kWVBAhKd9a8BN4ctFrqx6QbKCzk2bWBxbp/ZYh2dKSqdVnq/6Br
cYoqtCt2DQKKx5C0W9RKWPieR5fV9FcxWkLJrE9yzG2NTEEdxqdQrowCgfp2UhBG
ZDR3pyVQ+hqYv7TcSCCG7KlKz5bhc7F64ZhOZzDCvhVxllbPdG4Dazlke/xR8DEB
WPzLJNuEviV5zA4Ez+MmLDZqtKltutsw8f1xDvG5Ccw4wu80Csw59fuRGvG3hpOc
gK77Sr+0WbzCBA5+uHOEPFWR1Qh9II2BckUs5QGHGSbgkZQTHOdEXKhW4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5WPptQ054ORqOTUPUDyq41QL5eMB8GA1UdIwQY
MBaAFJ5WmA1InpxTvIKfPo1j04PzjQ3jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMzAzNjAtMDMyOS00Y2YxLWEzN2Yt
ZGI3NDk4ZGFkZTBjLzEvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hMzAzNjAtMDMyOS00Y2YxLWEzN2YtZGI3NDk4ZGFkZTBj
LzEvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIia3l3F6
cWygHBY+VQEgEfg3mlAC6NQX6E+D3hREd5qpXmBkm0xaxrLEgLaP4clUy1UgpZuw
+5AQ1fN49ApBQDCjAZIfiHaz05FItbIZm73pr/LnGxJ+YLydJdPL7tltDSo7Hr7B
LrVTasQjY0w6VhxkBRJsIzU5chYEtbIhvqJp0A7zf1Q09gKhsF3qUjgHaxoiQ5TT
+tQme8RWQ1oB77b4NGRfN1Dv/RRjSOnmoaaqa13mpHUsd8D54CTzc2SHwNS8wAHo
ic4TXD09b8AbScKMgLb7WO4yi9uA3PVl/d3xok+4UpZbvlA4US8bQW1V5QOJICvC
Wcb0t5PCUIZmjw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:03:02 2026 by rpki-client