Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
File: NADZSQmD598yx88Xyh6tTwX3lkY.mft (raw, json)
Hash identifier: I6WRYj9DvzYLnO2Uj8QD2CZnMLNnGCZYFa9Qlp4J8p0=
Subject key identifier: 78:B3:D9:4E:ED:9B:0B:13:97:9D:2C:BC:DF:68:36:29:7D:AB:CA:20
Authority key identifier: 34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
Certificate issuer: /CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Certificate serial: 019EB7A16E9EE46B50DAA81B1A9B0406A977
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
Manifest number: 0AC8
Signing time: Thu 11 Jun 2026 17:01:10 +0000
Manifest this update: Thu 11 Jun 2026 17:01:10 +0000
Manifest next update: Fri 12 Jun 2026 17:01:10 +0000
Files and hashes: 1: NADZSQmD598yx88Xyh6tTwX3lkY.crl (hash: IT5pVdz7+stMUAZlhOWT/5InQG5y4ip8U6PioNbmERs=)
2: uaapElHUAVaZCvTQWY96RRO1BmE.roa (hash: YoDD+GqIi7yXJNJvp1uQ/eykR6jqDrzcDx3qks2vpKk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b7:a1:6e:9e:e4:6b:50:da:a8:1b:1a:9b:04:06:a9:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Validity
Not Before: Jun 11 17:01:10 2026 GMT
Not After : Jun 12 17:01:10 2026 GMT
Subject: CN=78b3d94eed9b0b13979d2cbcdf6836297dabca20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:34:61:97:07:0c:23:bb:00:69:7b:36:00:7a:
a0:7a:48:41:69:95:47:88:39:56:c7:73:ab:d8:29:
02:b9:76:ff:04:c7:de:76:0f:5f:0d:b3:dc:cc:1a:
a5:7e:a5:2a:ee:dc:62:12:47:34:b7:a3:94:3f:4f:
13:09:eb:0f:3f:cc:d9:7d:47:47:a4:d4:fb:ad:62:
97:0f:a5:a0:a2:5a:55:f7:f1:6e:32:23:11:06:68:
19:ff:c7:c0:9d:c5:05:96:d9:e0:60:57:2b:56:c7:
fd:5c:d1:12:72:46:12:3b:9e:13:55:3d:55:b9:7f:
6b:4a:59:1d:5f:f0:52:3e:47:21:4d:4f:41:ca:6a:
dc:9f:fd:f1:f8:20:d9:b9:8b:12:42:0c:4e:a5:61:
77:d6:2e:15:78:ce:ad:1e:19:52:d6:e2:78:d1:97:
29:9a:32:87:a2:c5:e7:60:41:5d:e2:26:0a:14:83:
52:c3:64:80:60:8d:05:5d:99:f5:85:3c:8d:47:e6:
55:fe:7b:f2:b1:63:b2:1e:9a:2e:02:ef:c3:f1:41:
1b:4a:4c:83:ea:b5:fc:4e:ef:9a:b5:2d:6a:a5:3f:
47:b5:c5:17:12:f6:a8:6c:6e:30:00:9f:6c:02:47:
bb:72:15:26:2a:ff:44:d9:a1:eb:00:18:af:c9:1e:
17:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:B3:D9:4E:ED:9B:0B:13:97:9D:2C:BC:DF:68:36:29:7D:AB:CA:20
X509v3 Authority Key Identifier:
keyid:34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:79:97:73:be:87:84:40:41:01:69:75:bf:25:a7:69:3a:56:
c4:82:34:40:05:2c:d6:04:cb:4c:ec:5d:8d:e5:ab:59:ef:85:
9d:7c:b6:e9:22:a0:2a:03:fd:66:06:0c:cd:fa:74:d6:ee:65:
39:f9:21:46:23:db:c0:4d:c9:83:03:9d:94:de:98:47:cf:7b:
03:f6:01:14:a0:db:bd:3d:11:7d:7a:fb:e9:50:5c:a9:d2:f4:
c0:3f:0f:8b:be:61:b1:eb:66:57:7d:03:d9:98:4f:30:cc:5f:
16:86:8b:73:ae:0e:8c:bb:79:46:23:5b:39:30:36:08:ff:0f:
aa:af:ba:e7:81:b2:e3:2e:39:0e:2d:83:0e:9b:6f:9e:3c:6d:
6d:23:f9:ee:09:2c:19:af:36:ce:ff:de:07:3e:64:2f:ac:29:
1f:c2:0d:a9:5e:22:7e:ba:2e:f3:ec:34:ba:b6:e2:09:ce:76:
b5:69:db:fd:05:20:4d:96:50:91:38:2d:91:ba:dc:43:45:26:
d5:67:42:a1:99:9f:64:0a:8e:33:2c:d3:c0:db:af:00:3a:ec:
6b:6d:44:2d:00:77:08:c8:45:0d:38:be:fd:24:1a:c1:29:d3:
c0:0c:b8:6d:42:ac:f1:20:8f:8c:a3:34:e6:65:82:a3:85:98:
a9:e5:a5:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ63oW6e5GtQ2qgbGpsEBql3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDBkOTQ5MDk4M2U3ZGYzMmM3Y2YxN2NhMWVhZDRmMDVm
Nzk2NDYwHhcNMjYwNjExMTcwMTEwWhcNMjYwNjEyMTcwMTEwWjAzMTEwLwYDVQQD
Eyg3OGIzZDk0ZWVkOWIwYjEzOTc5ZDJjYmNkZjY4MzYyOTdkYWJjYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjRhlwcMI7sAaXs2AHqgekhBaZVH
iDlWx3Or2CkCuXb/BMfedg9fDbPczBqlfqUq7txiEkc0t6OUP08TCesPP8zZfUdH
pNT7rWKXD6WgolpV9/FuMiMRBmgZ/8fAncUFltngYFcrVsf9XNESckYSO54TVT1V
uX9rSlkdX/BSPkchTU9Bymrcn/3x+CDZuYsSQgxOpWF31i4VeM6tHhlS1uJ40Zcp
mjKHosXnYEFd4iYKFINSw2SAYI0FXZn1hTyNR+ZV/nvysWOyHpouAu/D8UEbSkyD
6rX8Tu+atS1qpT9HtcUXEvaobG4wAJ9sAke7chUmKv9E2aHrABivyR4XIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHiz2U7tmwsTl50svN9oNil9q8ogMB8GA1UdIwQY
MBaAFDQA2UkJg+ffMsfPF8oerU8F95ZGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYt
ZjQ5NDZmMDNmNTQyLzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYtZjQ5NDZmMDNmNTQy
LzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO3mXc76H
hEBBAWl1vyWnaTpWxII0QAUs1gTLTOxdjeWrWe+FnXy26SKgKgP9ZgYMzfp01u5l
OfkhRiPbwE3JgwOdlN6YR897A/YBFKDbvT0RfXr76VBcqdL0wD8Pi75hsetmV30D
2ZhPMMxfFoaLc64OjLt5RiNbOTA2CP8Pqq+654Gy4y45Di2DDptvnjxtbSP57gks
Ga82zv/eBz5kL6wpH8INqV4ifrou8+w0urbiCc52tWnb/QUgTZZQkTgtkbrcQ0Um
1WdCoZmfZAqOMyzTwNuvADrsa21ELQB3CMhFDTi+/SQawSnTwAy4bUKs8SCPjKM0
5mWCo4WYqeWlXg==
-----END CERTIFICATE-----
Generated at Thu Jun 11 22:41:33 2026 by rpki-client