Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
File: NADZSQmD598yx88Xyh6tTwX3lkY.mft (raw, json)
Hash identifier: k5miWqEdEH3Rn1BOSHzoO2kRE/O/msPD5OtB7J7Zy6I=
Subject key identifier: C7:21:DB:B5:04:69:14:7C:B6:17:8A:77:EC:57:68:98:77:BB:D7:AC
Authority key identifier: 34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
Certificate issuer: /CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Certificate serial: 019CE4477F1A2C0ECC702F7468188A2709CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
Manifest number: 09D6
Signing time: Thu 12 Mar 2026 23:00:16 +0000
Manifest this update: Thu 12 Mar 2026 23:00:16 +0000
Manifest next update: Fri 13 Mar 2026 23:00:16 +0000
Files and hashes: 1: NADZSQmD598yx88Xyh6tTwX3lkY.crl (hash: OIYWBM3tpGxammHjk/r/aNw5pl71K0wIB+e0Sc5ZsvY=)
2: uaapElHUAVaZCvTQWY96RRO1BmE.roa (hash: YoDD+GqIi7yXJNJvp1uQ/eykR6jqDrzcDx3qks2vpKk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 23:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e4:47:7f:1a:2c:0e:cc:70:2f:74:68:18:8a:27:09:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Validity
Not Before: Mar 12 23:00:16 2026 GMT
Not After : Mar 13 23:00:16 2026 GMT
Subject: CN=c721dbb50469147cb6178a77ec57689877bbd7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fc:58:f1:8a:4c:15:8c:6a:4e:42:ff:59:67:
77:9e:5d:e0:af:35:16:36:35:aa:cc:a9:41:e7:29:
83:79:b9:42:cb:0e:b3:00:1a:71:7f:2b:7c:18:34:
2a:18:da:ae:90:4b:c6:04:5e:97:f5:78:38:78:63:
70:df:1a:de:d4:08:68:78:da:fc:76:dd:02:e8:88:
b9:54:10:09:4f:be:6c:bc:0a:97:20:93:24:f5:0f:
11:ab:1b:e9:57:fa:a0:0a:9d:9b:5a:17:52:76:1d:
7c:b3:95:b9:1d:8b:d8:8e:e0:39:57:c0:28:84:1f:
8b:4a:12:cc:a0:b2:bd:ba:f2:61:0a:4c:34:d9:dc:
4d:4e:e9:98:39:ae:d0:58:6e:30:ac:9d:74:92:c4:
e1:99:a7:00:ba:0b:1c:d1:e0:18:f9:f8:27:a1:76:
f0:7d:f5:b2:e5:8d:61:99:c9:64:73:c9:d2:81:80:
57:e9:a3:97:83:55:04:27:ed:d1:fc:03:8f:e8:13:
b3:5e:0b:36:e2:67:8f:39:97:3e:0f:5e:82:77:70:
f3:51:ac:af:2b:49:65:40:f5:78:0a:ac:b5:c7:6d:
6c:44:f9:61:7f:bb:d8:97:bf:8c:94:29:e8:b1:61:
71:31:68:03:f6:51:d5:44:0c:ea:05:12:ba:a2:24:
9c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:21:DB:B5:04:69:14:7C:B6:17:8A:77:EC:57:68:98:77:BB:D7:AC
X509v3 Authority Key Identifier:
keyid:34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:91:ab:4a:c8:3a:b5:ef:78:63:6a:c7:4b:4a:ab:27:ba:d0:
1b:a1:76:09:a4:12:ec:01:25:be:f1:e1:74:55:a9:8c:30:78:
fb:ee:d8:26:a5:29:ae:1b:4c:f8:33:b1:f2:3e:e7:0a:b5:30:
b2:fa:66:bb:91:64:90:91:4c:b0:eb:13:8f:1f:c3:e8:66:5d:
1a:60:d7:f0:7a:0c:01:10:41:60:0a:fb:a6:fa:96:e6:15:9c:
04:06:50:30:82:da:04:63:7f:5d:49:10:7f:06:2e:37:6b:b9:
43:50:5c:83:c0:d1:02:4d:6e:37:50:15:89:bd:1f:fc:c9:0e:
84:1a:92:18:d8:3d:1b:a3:55:5f:95:d2:46:d8:b0:fa:12:42:
84:52:20:8e:34:ff:8c:cb:57:69:8a:72:d0:49:e5:4c:25:3b:
cc:e1:3e:72:46:cc:b3:c2:ab:e8:6a:67:8c:78:c1:18:96:3e:
71:fd:b6:11:7c:26:9d:6c:cc:ba:af:fb:74:ca:45:85:0d:bc:
fd:d1:d7:10:f2:dc:68:02:7a:5d:44:22:3a:9b:90:6a:17:8a:
c9:8f:18:5d:64:c5:3b:e5:7d:13:ca:8c:3c:8e:7a:b4:8d:ad:
5c:75:86:d8:0c:80:be:e7:b5:d6:8e:aa:32:7c:e7:eb:63:2a:
6d:47:f1:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzkR38aLA7McC90aBiKJwnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDBkOTQ5MDk4M2U3ZGYzMmM3Y2YxN2NhMWVhZDRmMDVm
Nzk2NDYwHhcNMjYwMzEyMjMwMDE2WhcNMjYwMzEzMjMwMDE2WjAzMTEwLwYDVQQD
EyhjNzIxZGJiNTA0NjkxNDdjYjYxNzhhNzdlYzU3Njg5ODc3YmJkN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvxY8YpMFYxqTkL/WWd3nl3grzUW
NjWqzKlB5ymDeblCyw6zABpxfyt8GDQqGNqukEvGBF6X9Xg4eGNw3xre1AhoeNr8
dt0C6Ii5VBAJT75svAqXIJMk9Q8RqxvpV/qgCp2bWhdSdh18s5W5HYvYjuA5V8Ao
hB+LShLMoLK9uvJhCkw02dxNTumYOa7QWG4wrJ10ksThmacAugsc0eAY+fgnoXbw
ffWy5Y1hmclkc8nSgYBX6aOXg1UEJ+3R/AOP6BOzXgs24mePOZc+D16Cd3DzUayv
K0llQPV4Cqy1x21sRPlhf7vYl7+MlCnosWFxMWgD9lHVRAzqBRK6oiScOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMch27UEaRR8theKd+xXaJh3u9esMB8GA1UdIwQY
MBaAFDQA2UkJg+ffMsfPF8oerU8F95ZGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYt
ZjQ5NDZmMDNmNTQyLzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYtZjQ5NDZmMDNmNTQy
LzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV5GrSsg6
te94Y2rHS0qrJ7rQG6F2CaQS7AElvvHhdFWpjDB4++7YJqUprhtM+DOx8j7nCrUw
svpmu5FkkJFMsOsTjx/D6GZdGmDX8HoMARBBYAr7pvqW5hWcBAZQMILaBGN/XUkQ
fwYuN2u5Q1Bcg8DRAk1uN1AVib0f/MkOhBqSGNg9G6NVX5XSRtiw+hJChFIgjjT/
jMtXaYpy0EnlTCU7zOE+ckbMs8Kr6GpnjHjBGJY+cf22EXwmnWzMuq/7dMpFhQ28
/dHXEPLcaAJ6XUQiOpuQaheKyY8YXWTFO+V9E8qMPI56tI2tXHWG2AyAvue11o6q
Mnzn62MqbUfxDA==
-----END CERTIFICATE-----
Generated at Fri Mar 13 08:51:28 2026 by rpki-client