Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.mft
File: nFVnZyAcUPayqVXbah5uAR36XUQ.mft (raw, json)
Hash identifier: YUxtEzPOBfrFM+d1ROJATd8PVBRLFIgPSPNY25LtqAw=
Subject key identifier: 97:31:36:22:6F:F4:71:39:88:3A:B5:37:7D:23:EC:D4:C1:E1:FA:9D
Authority key identifier: 9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44
Certificate issuer: /CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
Certificate serial: 019D378972555EEDEE1B5A4DD829C45350D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.mft
Manifest number: 0DB7
Signing time: Sun 29 Mar 2026 03:00:47 +0000
Manifest this update: Sun 29 Mar 2026 03:00:47 +0000
Manifest next update: Mon 30 Mar 2026 03:00:47 +0000
Files and hashes: 1: AaDplZOBjFP44WCq4B011KFt3wk.roa (hash: cc1qcanaelqIhqY1IjMuQU7pXZ3q+cEr4hq8dhQwh3g=)
2: nFVnZyAcUPayqVXbah5uAR36XUQ.crl (hash: 25O0M0d8KjMgRCOo/XWAP49KsotUT21J4JUev15kEkk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:72:55:5e:ed:ee:1b:5a:4d:d8:29:c4:53:50:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
Validity
Not Before: Mar 29 03:00:47 2026 GMT
Not After : Mar 30 03:00:47 2026 GMT
Subject: CN=973136226ff47139883ab5377d23ecd4c1e1fa9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a5:88:64:2f:f9:28:14:60:ff:4f:ef:6a:00:
e6:5f:d5:d2:b6:c7:40:e3:f6:69:d0:d6:19:82:7b:
ed:85:4f:b8:8c:08:62:db:8e:e0:96:b0:90:e4:e9:
a9:2c:5e:90:30:3e:d2:df:2e:90:0d:90:4e:58:d2:
8a:f9:35:53:29:07:c2:3d:b3:dd:0d:cd:34:bb:ea:
25:f6:75:66:79:7b:62:f0:f0:6d:b2:5f:1f:be:19:
21:ec:10:11:5f:1d:07:c7:d1:88:1c:db:a5:d7:5f:
a8:75:57:b7:dd:b3:91:3d:ad:0b:4f:47:44:cd:e3:
04:ed:a7:88:37:c9:2f:1a:d2:c7:a6:98:7a:9d:19:
18:3b:8c:2d:a5:3e:ff:74:3b:56:9d:60:45:61:cb:
c8:9b:93:fc:3b:1c:c7:fa:a6:c7:da:b2:da:8d:e1:
27:53:82:ab:97:ca:06:2c:e9:05:b9:3a:5c:6d:c4:
2a:57:64:3e:9e:b2:70:26:fc:31:48:be:e3:15:5a:
ae:75:8b:dd:fe:87:bc:36:6c:16:6d:de:6d:cf:7c:
44:45:6f:84:3b:aa:57:fd:0a:08:2f:b9:69:ee:67:
44:a6:55:05:2d:c2:a1:a5:36:df:83:10:f8:b0:7a:
5c:94:ff:33:ac:99:fa:3c:72:8f:56:ea:0b:c3:fa:
7c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:31:36:22:6F:F4:71:39:88:3A:B5:37:7D:23:EC:D4:C1:E1:FA:9D
X509v3 Authority Key Identifier:
keyid:9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:27:7d:17:f5:e6:a1:c5:a4:af:19:0b:92:33:94:a4:51:2b:
ab:31:3f:88:7c:b7:4a:a1:b3:52:08:68:f8:d6:21:9a:29:27:
bb:a4:13:56:86:f7:54:96:79:7e:38:b2:26:bb:ea:9c:2b:6d:
b2:bd:f2:29:7d:d4:0b:ec:ad:47:7a:25:20:4a:2e:14:7d:1b:
c6:1d:d7:46:6e:83:81:1e:43:d4:b1:82:b3:f9:9f:75:11:92:
c9:de:16:64:4d:e0:e0:ac:90:34:fc:4c:ab:56:93:7d:d8:b8:
d9:8f:04:3d:b3:06:75:dc:00:b0:35:e5:f6:c4:dc:bf:99:90:
f2:a4:79:eb:42:88:9d:79:78:bf:98:54:7a:f3:67:32:eb:4b:
b6:29:52:98:5a:3d:ed:77:8d:0f:4d:69:51:02:d8:1d:15:ce:
c8:53:8c:39:7c:2b:8f:6a:aa:05:f6:7b:ae:23:bd:5d:65:97:
5d:c2:07:23:9b:d1:c5:b0:60:f4:c5:c2:fd:23:f7:4d:b0:89:
8e:52:2b:c8:c4:cd:5a:b7:7b:a6:80:d6:fd:2e:41:f2:72:dc:
8d:8c:a8:e5:42:f8:3f:1a:8e:fe:e6:bc:25:7f:37:b7:48:d7:
d4:83:1b:ee:ba:58:90:19:c4:5b:bd:da:8e:70:83:3c:4c:d8:
6b:e9:3b:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iXJVXu3uG1pN2CnEU1DYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTU2NzY3MjAxYzUwZjZiMmE5NTVkYjZhMWU2ZTAxMWRm
YTVkNDQwHhcNMjYwMzI5MDMwMDQ3WhcNMjYwMzMwMDMwMDQ3WjAzMTEwLwYDVQQD
Eyg5NzMxMzYyMjZmZjQ3MTM5ODgzYWI1Mzc3ZDIzZWNkNGMxZTFmYTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aWIZC/5KBRg/0/vagDmX9XStsdA
4/Zp0NYZgnvthU+4jAhi247glrCQ5OmpLF6QMD7S3y6QDZBOWNKK+TVTKQfCPbPd
Dc00u+ol9nVmeXti8PBtsl8fvhkh7BARXx0Hx9GIHNul11+odVe33bORPa0LT0dE
zeME7aeIN8kvGtLHpph6nRkYO4wtpT7/dDtWnWBFYcvIm5P8OxzH+qbH2rLajeEn
U4Krl8oGLOkFuTpcbcQqV2Q+nrJwJvwxSL7jFVqudYvd/oe8NmwWbd5tz3xERW+E
O6pX/QoIL7lp7mdEplUFLcKhpTbfgxD4sHpclP8zrJn6PHKPVuoLw/p8OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJcxNiJv9HE5iDq1N30j7NTB4fqdMB8GA1UdIwQY
MBaAFJxVZ2cgHFD2sqlV22oebgEd+l1EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgt
NDk2YmE4MjQ5MmNlLzEvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgtNDk2YmE4MjQ5MmNl
LzEvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMid9F/Xm
ocWkrxkLkjOUpFErqzE/iHy3SqGzUgho+NYhmiknu6QTVob3VJZ5fjiyJrvqnCtt
sr3yKX3UC+ytR3olIEouFH0bxh3XRm6DgR5D1LGCs/mfdRGSyd4WZE3g4KyQNPxM
q1aTfdi42Y8EPbMGddwAsDXl9sTcv5mQ8qR560KInXl4v5hUevNnMutLtilSmFo9
7XeND01pUQLYHRXOyFOMOXwrj2qqBfZ7riO9XWWXXcIHI5vRxbBg9MXC/SP3TbCJ
jlIryMTNWrd7poDW/S5B8nLcjYyo5UL4PxqO/ua8JX83t0jX1IMb7rpYkBnEW73a
jnCDPEzYa+k7sA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:45:35 2026 by rpki-client