Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
File: NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json)
Hash identifier: qbiXWtbqHJK6vWRKgJrWo2PswDHJ65rVwPWzWYl2Ih4=
Subject key identifier: F8:F6:2C:95:30:89:1A:BE:06:61:FF:C5:4D:CC:2F:18:F5:26:6F:04
Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E
Certificate issuer: /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
Certificate serial: 019D37896AABBE5FE7C2AA3ADED7E4EF835B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
Manifest number: 0967
Signing time: Sun 29 Mar 2026 03:00:45 +0000
Manifest this update: Sun 29 Mar 2026 03:00:45 +0000
Manifest next update: Mon 30 Mar 2026 03:00:45 +0000
Files and hashes: 1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: OlrbraVuQIQCZM/yHW8Ig6J/djteoKOl9IXmn5PRZbY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:6a:ab:be:5f:e7:c2:aa:3a:de:d7:e4:ef:83:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
Validity
Not Before: Mar 29 03:00:45 2026 GMT
Not After : Mar 30 03:00:45 2026 GMT
Subject: CN=f8f62c9530891abe0661ffc54dcc2f18f5266f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:50:63:0c:a4:54:5b:6d:9b:69:71:ae:4c:fa:
50:f7:c8:67:35:a1:33:aa:a9:83:ed:4a:8f:3a:98:
f2:c3:b5:2f:3b:0f:b6:a6:28:01:ff:4e:7e:f8:5b:
8b:b2:e3:37:36:ef:13:38:a9:9c:c6:f7:a1:23:37:
4c:bb:c4:2c:91:96:d3:58:a2:fd:27:fe:90:b3:8c:
78:6a:40:95:8f:b7:58:e0:a5:55:26:bf:6e:df:10:
70:73:e0:59:07:ec:81:6b:b7:58:95:4e:6c:f1:2b:
66:d3:8b:23:82:e9:53:df:7b:70:d6:05:64:74:47:
67:b2:f2:bf:04:46:d3:5d:44:e3:75:7e:43:8f:6e:
b3:fa:e8:0a:b1:62:39:fc:7b:1f:1d:3d:b8:02:3e:
ff:64:68:f5:83:cb:12:e8:a0:e0:0a:89:20:51:94:
4b:91:69:7c:92:0f:9a:96:be:59:22:11:c6:29:56:
e5:61:90:93:d5:8a:31:55:ea:91:da:87:16:ec:cd:
91:95:c1:34:37:be:f4:86:17:ad:38:d6:b1:2f:13:
89:1e:ce:89:7f:55:e8:89:51:98:9b:40:94:28:e1:
d7:c8:b5:df:0a:00:f6:fc:1e:c8:86:05:d7:3e:d6:
b2:75:13:ed:46:03:de:fa:6b:fb:4a:74:00:61:d2:
83:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F6:2C:95:30:89:1A:BE:06:61:FF:C5:4D:CC:2F:18:F5:26:6F:04
X509v3 Authority Key Identifier:
keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:31:45:ac:4d:a6:06:1a:9a:98:0b:8a:11:17:de:97:1a:6c:
a7:b3:22:e1:1c:ce:53:21:fb:c7:39:c0:dc:a2:ab:e3:36:1d:
ca:e4:79:5c:a6:fa:62:be:6c:33:50:35:19:7e:ef:d5:28:cd:
2b:32:8e:53:47:9e:54:80:42:a2:92:36:2f:ce:14:7a:97:f7:
b0:a9:c4:37:ab:f2:c1:5a:0b:4b:2f:65:0e:cf:cd:6e:18:ee:
e7:7b:92:4d:7b:46:3b:62:1c:37:8c:b2:15:12:54:b8:6b:72:
44:94:d9:83:24:fd:36:fc:63:e2:49:e6:61:22:1e:22:a0:a8:
02:f5:48:56:a8:54:2a:92:94:8e:04:8f:48:1c:da:62:d3:45:
f2:7d:ca:37:d1:a6:2e:91:de:a5:27:ad:9e:92:45:92:c8:ec:
f0:1f:c5:73:fc:f6:ee:95:85:b2:b7:6b:38:f0:f5:71:89:40:
69:68:4d:57:0c:2e:f1:91:a3:71:53:db:cb:0e:cf:ba:cd:e3:
7c:02:b4:3a:e5:28:04:6e:4d:29:7f:a2:30:d5:05:0b:4d:01:
f6:5c:63:a4:9f:ec:3e:cd:44:e4:a6:fd:a2:8a:3a:b1:de:f2:
b5:f9:52:f9:7d:f0:f7:4c:04:1d:70:d6:ec:fd:fb:66:57:87:
c5:80:71:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iWqrvl/nwqo63tfk74NbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm
NDg2OWUwHhcNMjYwMzI5MDMwMDQ1WhcNMjYwMzMwMDMwMDQ1WjAzMTEwLwYDVQQD
EyhmOGY2MmM5NTMwODkxYWJlMDY2MWZmYzU0ZGNjMmYxOGY1MjY2ZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VBjDKRUW22baXGuTPpQ98hnNaEz
qqmD7UqPOpjyw7UvOw+2pigB/05++FuLsuM3Nu8TOKmcxvehIzdMu8QskZbTWKL9
J/6Qs4x4akCVj7dY4KVVJr9u3xBwc+BZB+yBa7dYlU5s8Stm04sjgulT33tw1gVk
dEdnsvK/BEbTXUTjdX5Dj26z+ugKsWI5/HsfHT24Aj7/ZGj1g8sS6KDgCokgUZRL
kWl8kg+alr5ZIhHGKVblYZCT1YoxVeqR2ocW7M2RlcE0N770hhetONaxLxOJHs6J
f1XoiVGYm0CUKOHXyLXfCgD2/B7IhgXXPtaydRPtRgPe+mv7SnQAYdKD7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPj2LJUwiRq+BmH/xU3MLxj1Jm8EMB8GA1UdIwQY
MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt
ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh
LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiTFFrE2m
BhqamAuKERfelxpsp7Mi4RzOUyH7xznA3KKr4zYdyuR5XKb6Yr5sM1A1GX7v1SjN
KzKOU0eeVIBCopI2L84Uepf3sKnEN6vywVoLSy9lDs/Nbhju53uSTXtGO2IcN4yy
FRJUuGtyRJTZgyT9Nvxj4knmYSIeIqCoAvVIVqhUKpKUjgSPSBzaYtNF8n3KN9Gm
LpHepSetnpJFksjs8B/Fc/z27pWFsrdrOPD1cYlAaWhNVwwu8ZGjcVPbyw7Pus3j
fAK0OuUoBG5NKX+iMNUFC00B9lxjpJ/sPs1E5Kb9ooo6sd7ytflS+X3w90wEHXDW
7P37ZleHxYBxvA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:52:07 2026 by rpki-client