Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File: nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier: r15nD+3HOePiIUfpOnlhI1sdUYxJdJcR1L2Zh6lrTHE=
Subject key identifier: 97:63:96:D9:04:3D:61:64:B4:B0:4E:F8:2E:BD:FC:2C:79:F2:DD:84
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer: /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial: 019D38D34444B9B3604F02F6496FCE2914FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number: 188C
Signing time: Sun 29 Mar 2026 09:01:02 +0000
Manifest this update: Sun 29 Mar 2026 09:01:02 +0000
Manifest next update: Mon 30 Mar 2026 09:01:02 +0000
Files and hashes: 1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: rL0XLWXsp8ADq6ZK6pEa5R5Hg0TnSsRPKZd9+pJwEu4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:44:44:b9:b3:60:4f:02:f6:49:6f:ce:29:14:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Validity
Not Before: Mar 29 09:01:02 2026 GMT
Not After : Mar 30 09:01:02 2026 GMT
Subject: CN=976396d9043d6164b4b04ef82ebdfc2c79f2dd84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:43:b7:f9:8c:b6:f3:36:91:f6:cf:06:4f:10:
63:62:76:3c:41:a3:8a:24:c5:02:06:19:d0:c5:55:
18:27:ec:88:6d:fe:3d:b7:4c:88:ec:62:d6:3c:cf:
04:df:1b:61:68:b1:b6:b3:8e:e5:de:5a:a6:cb:70:
f3:40:6a:b3:68:67:c3:45:82:fd:b9:07:1e:3c:26:
d4:2e:3e:93:fe:30:1c:f2:d7:f0:80:e0:e5:7b:bd:
5c:7b:bd:78:c7:40:13:19:d6:0c:a8:4a:9a:cb:8c:
be:05:7a:8b:c3:cf:5f:15:f4:26:c0:38:12:4b:20:
75:7f:28:86:9d:79:e5:b6:7c:ab:a4:ca:9a:cc:ad:
94:1d:70:10:db:40:f6:e8:ac:60:bb:90:a6:16:49:
6b:42:82:6f:ff:61:38:70:db:86:31:ee:3f:8f:11:
5b:7a:ad:ed:72:db:e7:73:4e:e7:b2:e7:d9:39:aa:
e4:1e:57:4d:1c:31:53:28:5d:b7:65:c1:03:36:29:
af:e2:1d:4c:63:f0:17:e9:8b:2a:98:09:f5:be:55:
ae:4a:fc:b6:26:4a:b5:19:40:ca:55:02:c2:96:a0:
ff:1e:43:60:16:bf:e2:02:d4:28:60:4d:2f:a1:d6:
d3:82:9c:28:32:e0:2b:5d:8e:f6:58:3e:de:af:71:
e9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:63:96:D9:04:3D:61:64:B4:B0:4E:F8:2E:BD:FC:2C:79:F2:DD:84
X509v3 Authority Key Identifier:
keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:e6:f8:6f:6c:62:a9:e3:6d:05:01:ba:39:69:58:1b:56:8e:
fa:4a:ff:00:80:4f:cd:d9:2b:74:67:da:d5:48:d5:d3:83:4b:
ab:32:b4:ce:b6:27:81:bf:7d:b9:75:18:65:92:2e:05:2b:33:
ee:89:76:1a:7d:93:ab:fb:9b:94:64:5f:6c:c0:22:d6:16:26:
45:f0:d8:32:af:fa:ed:b5:a3:a8:6f:8c:60:d6:87:f3:d3:2d:
3b:7d:0c:64:2b:0f:2c:9f:d1:e8:f3:45:38:21:6d:10:09:2f:
0f:85:76:5a:41:96:2b:3d:f2:1a:39:d2:e8:42:e6:d4:e2:17:
6d:99:58:03:39:a0:c5:c5:3b:1e:c8:56:99:3f:0d:6e:e1:8a:
17:5d:80:c6:4d:22:6c:86:90:bb:10:6a:b5:50:db:3a:f9:e8:
de:65:d6:4b:5c:f0:dd:4d:db:c6:18:18:89:7e:af:6d:be:01:
98:e1:54:f2:56:1d:9e:3c:f9:fc:1a:3b:22:e2:89:c4:91:b8:
d0:7e:f0:15:2f:4a:c1:d2:22:fd:b0:2e:f6:45:25:a6:c9:fb:
88:cb:d1:da:df:14:99:b1:af:e3:d4:8d:16:8e:c1:72:58:f8:
2b:f1:da:bd:89:9c:de:29:28:ed:3e:4a:9d:32:63:cf:0e:52:
2e:73:6b:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0400REubNgTwL2SW/OKRT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjYwMzI5MDkwMTAyWhcNMjYwMzMwMDkwMTAyWjAzMTEwLwYDVQQD
Eyg5NzYzOTZkOTA0M2Q2MTY0YjRiMDRlZjgyZWJkZmMyYzc5ZjJkZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkO3+Yy28zaR9s8GTxBjYnY8QaOK
JMUCBhnQxVUYJ+yIbf49t0yI7GLWPM8E3xthaLG2s47l3lqmy3DzQGqzaGfDRYL9
uQcePCbULj6T/jAc8tfwgODle71ce714x0ATGdYMqEqay4y+BXqLw89fFfQmwDgS
SyB1fyiGnXnltnyrpMqazK2UHXAQ20D26Kxgu5CmFklrQoJv/2E4cNuGMe4/jxFb
eq3tctvnc07nsufZOarkHldNHDFTKF23ZcEDNimv4h1MY/AX6YsqmAn1vlWuSvy2
Jkq1GUDKVQLClqD/HkNgFr/iAtQoYE0vodbTgpwoMuArXY72WD7er3Hp1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdjltkEPWFktLBO+C69/Cx58t2EMB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQub4b2xi
qeNtBQG6OWlYG1aO+kr/AIBPzdkrdGfa1UjV04NLqzK0zrYngb99uXUYZZIuBSsz
7ol2Gn2Tq/ublGRfbMAi1hYmRfDYMq/67bWjqG+MYNaH89MtO30MZCsPLJ/R6PNF
OCFtEAkvD4V2WkGWKz3yGjnS6ELm1OIXbZlYAzmgxcU7HshWmT8NbuGKF12Axk0i
bIaQuxBqtVDbOvno3mXWS1zw3U3bxhgYiX6vbb4BmOFU8lYdnjz5/Bo7IuKJxJG4
0H7wFS9KwdIi/bAu9kUlpsn7iMvR2t8UmbGv49SNFo7Bclj4K/HavYmc3iko7T5K
nTJjzw5SLnNr5w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:37:54 2026 by rpki-client