Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
File: NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft (raw, json)
Hash identifier: ko1lrhRJd1atc3uGyOzfiZ43UfmLatZ0YuCD2EwGD5M=
Subject key identifier: 06:AB:06:99:45:8C:17:AD:2A:5C:DE:84:03:A1:73:6B:5F:5D:26:24
Authority key identifier: 35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
Certificate issuer: /CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Certificate serial: 019D37F73B9E69430922F700D39B4381D40F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 05:00:42 +0000
Manifest this update: Sun 29 Mar 2026 05:00:42 +0000
Manifest next update: Mon 30 Mar 2026 05:00:42 +0000
Files and hashes: 1: FEFxaV6JKNIg7q55qcKCrfCq-z4.roa (hash: b7JfyrsOhBHQzoGqHArOuD+GUoiR1U1SMxRpiIKCIn8=)
2: NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl (hash: ENZ2hFn53ZNycOlxz8d6H/FVu3wuEiizbqzrSjsSGsk=)
3: baFyB991hO6zmvEFA-bUR-SSeO0.roa (hash: HCQWZRB071vWE048uQIisBvoukGqn9JR/elQALPMrxE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:3b:9e:69:43:09:22:f7:00:d3:9b:43:81:d4:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Validity
Not Before: Mar 29 05:00:42 2026 GMT
Not After : Mar 30 05:00:42 2026 GMT
Subject: CN=06ab0699458c17ad2a5cde8403a1736b5f5d2624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:05:41:31:82:e8:e6:08:24:a3:f4:16:e3:30:
71:71:fa:08:22:c3:81:ff:a3:e6:2e:01:ba:da:81:
2d:9a:a7:4b:16:a5:17:e1:b9:a5:df:fc:8a:bb:a5:
3b:07:dc:79:3f:7c:e6:82:9c:f3:47:88:35:9f:f6:
14:5d:eb:28:3a:56:7f:2d:a8:d8:13:1a:f1:a5:86:
f1:1f:00:2a:7b:56:2d:f4:f7:70:3c:40:c9:09:e1:
14:32:a4:d3:88:38:13:d8:6c:6b:8a:56:79:e9:5f:
10:4c:22:b8:ae:26:b4:09:68:10:53:87:a3:9f:09:
1c:1c:d1:d7:ef:32:15:f8:1e:8e:8e:2d:95:93:b3:
4a:8f:65:ff:7b:5d:13:b1:4a:5c:d3:79:cf:50:0a:
d4:3a:ae:1e:36:60:cb:7a:66:21:f5:d9:2e:e6:b4:
99:a2:93:20:db:07:86:04:b1:db:f5:a8:46:25:68:
50:8c:4c:7e:d4:5a:e2:6d:74:45:01:16:de:57:b8:
c3:6e:75:c0:a2:ca:06:80:86:55:12:9e:b3:aa:3b:
d2:ab:52:b1:22:63:14:de:9e:73:3e:cd:d8:dd:1f:
18:cf:9f:ca:4c:84:70:3c:10:60:4a:ef:ab:6c:77:
7d:5f:6c:23:5d:84:56:26:46:79:cc:a0:a7:c5:43:
8d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:AB:06:99:45:8C:17:AD:2A:5C:DE:84:03:A1:73:6B:5F:5D:26:24
X509v3 Authority Key Identifier:
keyid:35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:ea:e2:98:94:cb:21:9b:44:0c:c8:c2:de:39:4b:7c:51:eb:
cc:46:53:8b:06:25:b9:e2:d9:ce:47:78:ba:9b:08:e8:a4:62:
b6:1f:f3:19:ae:4c:d4:83:46:93:98:ea:5b:62:12:4b:8c:15:
67:d1:6d:9d:16:00:f8:27:f3:de:88:ca:37:1f:86:26:96:c7:
ee:1b:59:59:e8:59:6f:f6:0e:b5:8a:0c:07:14:e8:78:3f:cb:
61:3f:fc:03:df:d3:2e:1e:ee:86:b7:d8:dd:22:dc:f0:78:22:
16:8c:ef:3f:6d:18:7f:7e:11:df:8a:61:2b:b3:9d:ac:93:8f:
14:bc:df:cc:a7:b8:00:8a:b5:ae:f7:45:20:69:34:2d:1b:12:
8e:46:3b:7e:1d:20:44:fa:54:03:4d:7c:ee:c7:41:b1:e3:a9:
0c:40:3c:f3:e9:91:a6:36:73:4f:60:62:7c:a3:1b:21:30:b8:
23:43:59:31:57:b8:07:41:84:0c:af:95:8a:45:5d:d4:7c:18:
53:66:8d:87:3d:b9:f1:46:ff:b0:36:4a:84:85:9b:79:ce:73:
cb:00:6f:64:4f:31:3d:fb:76:ab:be:3e:e3:8c:bd:22:9d:4f:
c6:cf:66:ef:b6:ac:93:97:5e:e8:7b:02:cf:e0:1e:f3:8a:16:
6f:c3:62:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039zueaUMJIvcA05tDgdQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1M2UzZjI4ZTY0N2U5MmFjOGE3MTBjMzA1YzJlMjFiNjIz
ZWRjMWMwHhcNMjYwMzI5MDUwMDQyWhcNMjYwMzMwMDUwMDQyWjAzMTEwLwYDVQQD
EygwNmFiMDY5OTQ1OGMxN2FkMmE1Y2RlODQwM2ExNzM2YjVmNWQyNjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAVBMYLo5ggko/QW4zBxcfoIIsOB
/6PmLgG62oEtmqdLFqUX4bml3/yKu6U7B9x5P3zmgpzzR4g1n/YUXesoOlZ/LajY
ExrxpYbxHwAqe1Yt9PdwPEDJCeEUMqTTiDgT2GxrilZ56V8QTCK4ria0CWgQU4ej
nwkcHNHX7zIV+B6Oji2Vk7NKj2X/e10TsUpc03nPUArUOq4eNmDLemYh9dku5rSZ
opMg2weGBLHb9ahGJWhQjEx+1FribXRFARbeV7jDbnXAosoGgIZVEp6zqjvSq1Kx
ImMU3p5zPs3Y3R8Yz5/KTIRwPBBgSu+rbHd9X2wjXYRWJkZ5zKCnxUONlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAarBplFjBetKlzehAOhc2tfXSYkMB8GA1UdIwQY
MBaAFDU+PyjmR+kqyKcQwwXC4htiPtwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83Njc5MzMtNGE3My00YjJmLWFjODQt
ZGFjYTI2ZGU2ZjdiLzEvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83Njc5MzMtNGE3My00YjJmLWFjODQtZGFjYTI2ZGU2Zjdi
LzEvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMOrimJTL
IZtEDMjC3jlLfFHrzEZTiwYlueLZzkd4upsI6KRith/zGa5M1INGk5jqW2ISS4wV
Z9FtnRYA+Cfz3ojKNx+GJpbH7htZWehZb/YOtYoMBxToeD/LYT/8A9/TLh7uhrfY
3SLc8HgiFozvP20Yf34R34phK7OdrJOPFLzfzKe4AIq1rvdFIGk0LRsSjkY7fh0g
RPpUA0187sdBseOpDEA88+mRpjZzT2BifKMbITC4I0NZMVe4B0GEDK+VikVd1HwY
U2aNhz258Ub/sDZKhIWbec5zywBvZE8xPft2q74+44y9Ip1Pxs9m77ask5de6HsC
z+Ae84oWb8NiGA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:35:16 2026 by rpki-client