Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/nLt3urQ4qT002dXAqOC57zKuXaA.mft
File: nLt3urQ4qT002dXAqOC57zKuXaA.mft (raw, json)
Hash identifier: 8BjTGcq/ZXe7zv7SGJsNRX+g+bC+lhwQFxHCVKyu1/0=
Subject key identifier: 23:49:EB:24:75:A5:19:26:A1:E2:AF:CA:AF:9E:6A:56:48:4D:51:23
Authority key identifier: 9C:BB:77:BA:B4:38:A9:3D:34:D9:D5:C0:A8:E0:B9:EF:32:AE:5D:A0
Certificate issuer: /CN=9cbb77bab438a93d34d9d5c0a8e0b9ef32ae5da0
Certificate serial: 019D390A3A64EBB3B920402C7497CF2E8338
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLt3urQ4qT002dXAqOC57zKuXaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/nLt3urQ4qT002dXAqOC57zKuXaA.mft
Manifest number: 0A16
Signing time: Sun 29 Mar 2026 10:01:04 +0000
Manifest this update: Sun 29 Mar 2026 10:01:04 +0000
Manifest next update: Mon 30 Mar 2026 10:01:04 +0000
Files and hashes: 1: nLt3urQ4qT002dXAqOC57zKuXaA.crl (hash: MAQvwg0KfACUqCUob08M04l82cHbPSlSG08fXCrkUYc=)
2: q45NW9ILWXRj7KEDEoB0elTRYN0.roa (hash: nnMWIhcjMTz5ErkFaNjKVileFt+Q5rGZenkw7duVHz8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/nLt3urQ4qT002dXAqOC57zKuXaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/nLt3urQ4qT002dXAqOC57zKuXaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nLt3urQ4qT002dXAqOC57zKuXaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:3a:64:eb:b3:b9:20:40:2c:74:97:cf:2e:83:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cbb77bab438a93d34d9d5c0a8e0b9ef32ae5da0
Validity
Not Before: Mar 29 10:01:04 2026 GMT
Not After : Mar 30 10:01:04 2026 GMT
Subject: CN=2349eb2475a51926a1e2afcaaf9e6a56484d5123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:da:e6:bb:88:ce:0c:28:2f:a1:56:f8:67:4f:
12:a5:aa:38:90:ab:8d:ed:78:5d:29:4a:3e:7c:3c:
d7:33:5b:f7:44:84:02:8c:31:a0:13:ba:28:e7:a0:
fd:2c:b7:18:9b:28:9b:19:8e:99:85:9e:b4:f2:dd:
18:24:d2:eb:23:2f:3f:92:ce:fa:be:2e:5f:9d:22:
a7:ea:e1:9b:de:c8:fe:e0:61:2e:0f:47:d9:85:a9:
a8:dc:58:08:5d:b3:ac:d3:34:1d:d3:84:e3:1a:f5:
c7:b0:dc:6c:4c:cc:60:0a:a1:2a:ea:4a:b1:08:ee:
96:cd:4b:8f:f4:fa:f4:c9:42:97:cf:67:c4:e0:da:
92:a3:40:24:5b:af:0e:8b:ce:69:33:08:5b:42:99:
9d:40:cf:68:48:3a:3a:9f:4a:c7:2e:2c:ed:58:11:
94:04:08:35:78:f6:f4:f4:d3:f5:39:78:42:d7:94:
6e:d4:c4:c6:66:af:b6:ef:a0:97:c9:7a:dd:6e:fb:
57:90:4f:63:1e:d9:fd:13:4f:1d:fd:0c:c8:01:1c:
31:db:fd:d8:b8:9a:04:fd:3d:5f:ed:59:72:c7:76:
66:55:db:4f:70:ad:84:da:3b:be:49:da:09:ad:79:
1b:a3:b3:d2:22:0d:e5:0f:ec:dd:f6:39:cb:bb:08:
55:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:49:EB:24:75:A5:19:26:A1:E2:AF:CA:AF:9E:6A:56:48:4D:51:23
X509v3 Authority Key Identifier:
keyid:9C:BB:77:BA:B4:38:A9:3D:34:D9:D5:C0:A8:E0:B9:EF:32:AE:5D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLt3urQ4qT002dXAqOC57zKuXaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/nLt3urQ4qT002dXAqOC57zKuXaA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/nLt3urQ4qT002dXAqOC57zKuXaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:f1:47:fe:88:40:28:90:a4:3f:c4:72:c4:89:15:6c:6b:c8:
dc:8e:b5:64:dd:af:82:61:6b:fb:27:4a:e4:6a:d3:e8:20:82:
2b:02:a9:35:e2:3b:71:41:13:2b:fb:13:a9:40:3b:56:6c:9e:
3f:0b:81:e3:e0:ed:b3:a4:9e:f4:f1:2c:be:c1:b4:17:f5:bd:
32:8c:07:9f:7d:95:e2:7e:8d:46:29:98:94:87:8e:09:21:12:
39:71:b4:12:7e:08:a2:58:22:5f:7f:81:96:da:6d:44:14:b3:
b6:e7:00:b2:d4:af:64:6a:d4:66:ce:d5:ac:26:63:15:6b:ef:
e2:59:98:cb:8d:96:36:aa:12:be:c9:2e:06:4a:99:75:8c:4e:
3c:1d:4d:c5:59:a9:24:19:47:17:9b:01:a5:07:2d:12:9d:01:
40:6e:0e:18:8d:c7:04:0f:7f:e7:0e:df:cb:01:aa:61:af:c1:
99:ad:a7:bd:2c:e0:47:90:8d:b7:27:1b:53:85:0c:32:49:63:
fd:f4:93:21:30:d4:24:3c:9a:84:ef:7c:01:b5:bf:98:71:68:
0a:f9:3a:52:52:52:d3:6a:e5:74:c1:ff:d1:ac:79:37:7b:b8:
4c:ca:33:57:d2:d8:3f:fb:c1:2d:98:15:0a:ea:1a:7d:8d:f4:
61:09:5a:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cjpk67O5IEAsdJfPLoM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYmI3N2JhYjQzOGE5M2QzNGQ5ZDVjMGE4ZTBiOWVmMzJh
ZTVkYTAwHhcNMjYwMzI5MTAwMTA0WhcNMjYwMzMwMTAwMTA0WjAzMTEwLwYDVQQD
EygyMzQ5ZWIyNDc1YTUxOTI2YTFlMmFmY2FhZjllNmE1NjQ4NGQ1MTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1trmu4jODCgvoVb4Z08Spao4kKuN
7XhdKUo+fDzXM1v3RIQCjDGgE7oo56D9LLcYmyibGY6ZhZ608t0YJNLrIy8/ks76
vi5fnSKn6uGb3sj+4GEuD0fZhamo3FgIXbOs0zQd04TjGvXHsNxsTMxgCqEq6kqx
CO6WzUuP9Pr0yUKXz2fE4NqSo0AkW68Oi85pMwhbQpmdQM9oSDo6n0rHLiztWBGU
BAg1ePb09NP1OXhC15Ru1MTGZq+276CXyXrdbvtXkE9jHtn9E08d/QzIARwx2/3Y
uJoE/T1f7Vlyx3ZmVdtPcK2E2ju+SdoJrXkbo7PSIg3lD+zd9jnLuwhVOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNJ6yR1pRkmoeKvyq+ealZITVEjMB8GA1UdIwQY
MBaAFJy7d7q0OKk9NNnVwKjgue8yrl2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkx0M3VyUTRxVDAwMmRYQXFPQzU3ekt1WGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8yMjkxODItNGJkYy00MjM0LWE5ODkt
OTBkNThjNjAzMjU2LzEvbkx0M3VyUTRxVDAwMmRYQXFPQzU3ekt1WGFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8yMjkxODItNGJkYy00MjM0LWE5ODktOTBkNThjNjAzMjU2
LzEvbkx0M3VyUTRxVDAwMmRYQXFPQzU3ekt1WGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKPFH/ohA
KJCkP8RyxIkVbGvI3I61ZN2vgmFr+ydK5GrT6CCCKwKpNeI7cUETK/sTqUA7Vmye
PwuB4+Dts6Se9PEsvsG0F/W9MowHn32V4n6NRimYlIeOCSESOXG0En4IolgiX3+B
ltptRBSztucAstSvZGrUZs7VrCZjFWvv4lmYy42WNqoSvskuBkqZdYxOPB1NxVmp
JBlHF5sBpQctEp0BQG4OGI3HBA9/5w7fywGqYa/Bma2nvSzgR5CNtycbU4UMMklj
/fSTITDUJDyahO98AbW/mHFoCvk6UlJS02rldMH/0ax5N3u4TMozV9LYP/vBLZgV
CuoafY30YQlaFA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:56:14 2026 by rpki-client