Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft
File: NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft (raw, json)
Hash identifier: Bgr3JPUnSRzY6oj5liENVTkblbjKUDvlx3pF9dcIZl0=
Subject key identifier: DB:9C:BE:7B:EC:42:60:A3:95:A2:DE:D2:E6:F2:CA:F2:2C:C9:45:F7
Authority key identifier: 35:16:52:B8:38:FF:2D:96:72:AC:8C:A6:6B:A6:60:DD:4E:45:D6:99
Certificate issuer: /CN=351652b838ff2d9672ac8ca66ba660dd4e45d699
Certificate serial: 019D39778A4192612576F23FB0DB8B561C76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft
Manifest number: 0D74
Signing time: Sun 29 Mar 2026 12:00:28 +0000
Manifest this update: Sun 29 Mar 2026 12:00:28 +0000
Manifest next update: Mon 30 Mar 2026 12:00:28 +0000
Files and hashes: 1: 1p2ABoTmHppjIUEVK5pg2mIhNow.roa (hash: ECPu2qb2eGXD+sxXXw8nzOOHG8hI1ILJZKOoScd4Ul8=)
2: NRZSuDj_LZZyrIyma6Zg3U5F1pk.crl (hash: BDl7xg7Bu1ckJzDx0FuFMAxPFsrCQR88N8E96kftG5U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:8a:41:92:61:25:76:f2:3f:b0:db:8b:56:1c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351652b838ff2d9672ac8ca66ba660dd4e45d699
Validity
Not Before: Mar 29 12:00:28 2026 GMT
Not After : Mar 30 12:00:28 2026 GMT
Subject: CN=db9cbe7bec4260a395a2ded2e6f2caf22cc945f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:20:50:36:43:e3:0b:dd:86:d1:a5:1e:84:78:
2d:79:e1:cb:4d:39:63:86:f1:0e:23:bb:b0:ef:59:
8d:55:8b:57:6f:7a:02:eb:1e:9c:08:b3:b4:ff:74:
c6:74:e0:6b:8e:e0:9d:89:e4:16:9d:37:3c:cb:b1:
eb:69:10:af:0e:5c:44:dd:d9:a2:da:d9:4a:02:2c:
ee:0e:b2:4a:86:52:44:72:38:10:ba:c6:a4:63:be:
cc:56:8d:70:12:27:f9:33:ad:d7:8b:4f:41:2e:64:
8b:67:bc:ae:74:58:30:79:4a:b8:44:0a:e7:1e:1f:
e9:4d:dd:34:e6:41:87:16:f5:dc:a6:f2:1a:6a:e1:
58:65:df:2b:32:0e:0b:2f:a3:7c:e3:5a:9a:74:f6:
b7:55:d4:8c:6d:f4:b2:3f:5c:99:df:cc:2e:75:aa:
b5:10:0c:9d:e8:d5:42:6b:e0:bd:c1:c3:4b:e0:59:
a6:03:6e:86:08:0e:2c:a8:9f:51:05:68:26:74:55:
eb:27:4d:d8:f6:4a:4e:5b:d0:8e:fe:f5:ec:2d:94:
a4:04:8e:18:2e:16:3f:57:23:fd:7b:05:b3:73:56:
05:25:23:ea:54:93:34:d1:71:ed:af:a3:fa:65:a4:
b5:cb:d5:3f:50:14:b6:93:bf:df:5a:e6:da:a9:ea:
5a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:9C:BE:7B:EC:42:60:A3:95:A2:DE:D2:E6:F2:CA:F2:2C:C9:45:F7
X509v3 Authority Key Identifier:
keyid:35:16:52:B8:38:FF:2D:96:72:AC:8C:A6:6B:A6:60:DD:4E:45:D6:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:29:34:0f:fd:8f:b8:2d:6b:f6:e5:fd:43:45:31:45:90:e3:
bd:7e:83:80:25:d6:b5:74:7d:3a:c4:5d:de:97:a3:9d:72:d5:
04:71:70:8a:ec:d8:d7:50:d7:5f:f2:3b:f8:2e:66:50:95:0a:
ff:1e:7b:a7:8a:d6:56:35:80:93:9b:8b:f6:f0:0a:95:0d:62:
38:f4:ca:0c:ed:58:ba:0a:e8:2b:7e:99:31:a2:60:9d:81:92:
d6:26:69:a1:d1:8e:a8:67:22:5b:0c:26:db:f6:51:49:91:21:
f0:17:ba:6c:06:69:fb:5e:21:e1:e9:d3:11:6a:2f:17:32:22:
8f:1a:1e:c7:11:95:15:44:45:26:e6:fa:49:7c:71:fd:11:9d:
e8:64:b6:e0:bf:f3:59:f4:6d:3f:29:32:c3:0f:82:e4:1e:c6:
b2:84:78:fa:e9:65:d8:1f:46:59:8c:04:13:c6:38:50:b8:70:
1b:13:e9:07:de:ed:f4:39:22:04:3d:52:aa:c9:8d:1e:bf:3a:
07:3f:cf:86:7f:09:a9:fb:0e:be:e6:47:ed:fa:69:d8:51:d3:
52:24:59:69:1a:20:5b:0e:a8:5c:78:8d:69:38:12:89:34:ea:
84:ed:8f:92:ef:5c:7f:51:83:d5:d0:63:f7:9c:eb:e6:d6:76:
75:6f:1b:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d4pBkmEldvI/sNuLVhx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTY1MmI4MzhmZjJkOTY3MmFjOGNhNjZiYTY2MGRkNGU0
NWQ2OTkwHhcNMjYwMzI5MTIwMDI4WhcNMjYwMzMwMTIwMDI4WjAzMTEwLwYDVQQD
EyhkYjljYmU3YmVjNDI2MGEzOTVhMmRlZDJlNmYyY2FmMjJjYzk0NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSBQNkPjC92G0aUehHgteeHLTTlj
hvEOI7uw71mNVYtXb3oC6x6cCLO0/3TGdOBrjuCdieQWnTc8y7HraRCvDlxE3dmi
2tlKAizuDrJKhlJEcjgQusakY77MVo1wEif5M63Xi09BLmSLZ7yudFgweUq4RArn
Hh/pTd005kGHFvXcpvIaauFYZd8rMg4LL6N841qadPa3VdSMbfSyP1yZ38wudaq1
EAyd6NVCa+C9wcNL4FmmA26GCA4sqJ9RBWgmdFXrJ03Y9kpOW9CO/vXsLZSkBI4Y
LhY/VyP9ewWzc1YFJSPqVJM00XHtr6P6ZaS1y9U/UBS2k7/fWubaqepaRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNucvnvsQmCjlaLe0ubyyvIsyUX3MB8GA1UdIwQY
MBaAFDUWUrg4/y2WcqyMpmumYN1ORdaZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85Y2U2MGItY2JjNC00MGQ5LTk4YWQt
MWNkNTA2MDcwYmI1LzEvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi85Y2U2MGItY2JjNC00MGQ5LTk4YWQtMWNkNTA2MDcwYmI1
LzEvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABCk0D/2P
uC1r9uX9Q0UxRZDjvX6DgCXWtXR9OsRd3pejnXLVBHFwiuzY11DXX/I7+C5mUJUK
/x57p4rWVjWAk5uL9vAKlQ1iOPTKDO1YugroK36ZMaJgnYGS1iZpodGOqGciWwwm
2/ZRSZEh8Be6bAZp+14h4enTEWovFzIijxoexxGVFURFJub6SXxx/RGd6GS24L/z
WfRtPykyww+C5B7GsoR4+ull2B9GWYwEE8Y4ULhwGxPpB97t9DkiBD1SqsmNHr86
Bz/Phn8JqfsOvuZH7fpp2FHTUiRZaRogWw6oXHiNaTgSiTTqhO2Pku9cf1GD1dBj
95zr5tZ2dW8bWA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:35:57 2026 by rpki-client