Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
File: nGfqNKARpHc4cVg-w5VOeR2MAo0.mft (raw, json)
Hash identifier: YvvzRclb+8DbDviAITObrVHCTyJnjqZL2vZR5BGCSC0=
Subject key identifier: 17:19:3D:82:11:13:6E:95:5F:3A:44:3F:7D:C4:C7:55:79:30:C5:86
Authority key identifier: 9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D
Certificate issuer: /CN=9c67ea34a011a4773871583ec3954e791d8c028d
Certificate serial: 019D382DEBA068019FF0356660B65995E60D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
Manifest number: 0F74
Signing time: Sun 29 Mar 2026 06:00:26 +0000
Manifest this update: Sun 29 Mar 2026 06:00:26 +0000
Manifest next update: Mon 30 Mar 2026 06:00:26 +0000
Files and hashes: 1: 8QeOnl1jSGn4_0NxM6NuGpN-0Jo.roa (hash: J4omMw3D0N9tMXhiPZ3E3pOd7uQCU3TjcYrnPrhAQ04=)
2: nGfqNKARpHc4cVg-w5VOeR2MAo0.crl (hash: 1xEjDmfQJSlCuH4KVD+w0hZDhLOmT7Gd4yrSgntkIi4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:eb:a0:68:01:9f:f0:35:66:60:b6:59:95:e6:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c67ea34a011a4773871583ec3954e791d8c028d
Validity
Not Before: Mar 29 06:00:26 2026 GMT
Not After : Mar 30 06:00:26 2026 GMT
Subject: CN=17193d8211136e955f3a443f7dc4c7557930c586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ea:0b:30:91:22:1d:e9:d1:ad:b0:1c:6c:c7:
66:b6:4e:00:e3:ad:5e:bf:d6:36:a7:0e:03:6a:38:
c0:c8:2a:36:12:f1:86:b8:35:e4:4f:62:2a:d0:54:
09:26:29:2a:72:af:a6:df:df:02:1e:71:f4:ea:67:
00:5a:b0:9e:a8:29:c7:ca:b6:cf:99:d8:06:37:a6:
70:ca:b6:88:da:16:64:66:72:3a:16:e8:94:b2:00:
31:5f:83:d9:8d:e8:db:03:4c:6a:a7:22:a4:8e:a4:
73:ae:f6:38:d4:96:fb:aa:60:62:68:63:37:fc:7c:
1c:54:03:d6:9f:aa:93:48:fb:3c:57:e2:05:68:6e:
0b:ca:43:7f:36:46:52:56:ba:e7:9a:92:46:01:53:
a6:5d:54:49:e2:ac:98:4f:f8:a1:e9:ca:b8:8d:a6:
02:eb:2c:d0:f9:45:4d:c6:0b:40:b2:a8:1d:56:49:
c1:77:6a:39:d0:77:ed:c8:ec:74:59:f1:6e:74:c9:
02:8c:45:01:c4:0d:ee:74:90:03:81:7a:0b:62:ee:
ba:77:9a:e7:5c:6a:87:82:8c:59:33:59:11:5b:6c:
48:13:3f:73:5f:e9:7c:f3:bb:ea:48:67:b8:4c:56:
45:61:ba:1b:69:60:64:41:6b:1a:48:31:72:6d:ba:
cd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:19:3D:82:11:13:6E:95:5F:3A:44:3F:7D:C4:C7:55:79:30:C5:86
X509v3 Authority Key Identifier:
keyid:9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:26:58:5a:d4:df:ea:40:a9:44:8e:fd:fe:22:9d:9c:78:64:
ca:19:ae:bd:d5:5b:12:45:ca:1e:f9:b6:a0:f2:28:c1:c4:e8:
89:63:85:ca:c1:fe:de:14:86:7f:fb:33:7d:85:56:4e:f6:dd:
05:f0:b9:df:c5:d4:9f:1e:e5:86:69:1a:53:6b:44:c7:1b:40:
a0:1f:10:f2:2c:7b:38:63:fc:10:93:95:03:14:9d:51:81:85:
6e:cc:e3:a1:9a:24:ab:f4:47:2d:3b:96:fb:ac:05:5a:2c:45:
41:a9:95:ff:fe:f2:f4:40:08:7a:7d:7c:77:bf:95:28:ac:19:
9b:ef:cb:a1:88:81:e8:48:75:34:69:c1:b8:ff:7b:c8:f3:05:
f1:f7:5a:17:98:96:14:84:4d:8b:0c:22:64:80:95:f5:44:74:
d7:8d:17:44:b0:7e:77:3f:f1:38:8c:56:8b:48:be:89:7f:20:
5e:17:bc:62:c2:a5:de:9b:ae:61:d8:a6:96:f6:3a:7f:5f:c3:
73:1e:d0:b9:98:a1:dd:d2:27:cd:86:8a:0a:db:bc:87:bd:7d:
d5:cb:1a:30:74:cd:ab:12:77:fa:5b:51:87:bb:e0:5d:15:b3:
01:21:7c:7d:f0:74:ff:49:7b:cf:8a:c1:0a:65:8b:3d:38:39:
39:a0:5a:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LeugaAGf8DVmYLZZleYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNjdlYTM0YTAxMWE0NzczODcxNTgzZWMzOTU0ZTc5MWQ4
YzAyOGQwHhcNMjYwMzI5MDYwMDI2WhcNMjYwMzMwMDYwMDI2WjAzMTEwLwYDVQQD
EygxNzE5M2Q4MjExMTM2ZTk1NWYzYTQ0M2Y3ZGM0Yzc1NTc5MzBjNTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+oLMJEiHenRrbAcbMdmtk4A461e
v9Y2pw4DajjAyCo2EvGGuDXkT2Iq0FQJJikqcq+m398CHnH06mcAWrCeqCnHyrbP
mdgGN6ZwyraI2hZkZnI6FuiUsgAxX4PZjejbA0xqpyKkjqRzrvY41Jb7qmBiaGM3
/HwcVAPWn6qTSPs8V+IFaG4LykN/NkZSVrrnmpJGAVOmXVRJ4qyYT/ih6cq4jaYC
6yzQ+UVNxgtAsqgdVknBd2o50HftyOx0WfFudMkCjEUBxA3udJADgXoLYu66d5rn
XGqHgoxZM1kRW2xIEz9zX+l887vqSGe4TFZFYbobaWBkQWsaSDFybbrNcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBcZPYIRE26VXzpEP33Ex1V5MMWGMB8GA1UdIwQY
MBaAFJxn6jSgEaR3OHFYPsOVTnkdjAKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgt
ODJjNjdjNjllOTIzLzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgtODJjNjdjNjllOTIz
LzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiyZYWtTf
6kCpRI79/iKdnHhkyhmuvdVbEkXKHvm2oPIowcToiWOFysH+3hSGf/szfYVWTvbd
BfC538XUnx7lhmkaU2tExxtAoB8Q8ix7OGP8EJOVAxSdUYGFbszjoZokq/RHLTuW
+6wFWixFQamV//7y9EAIen18d7+VKKwZm+/LoYiB6Eh1NGnBuP97yPMF8fdaF5iW
FIRNiwwiZICV9UR0140XRLB+dz/xOIxWi0i+iX8gXhe8YsKl3puuYdimlvY6f1/D
cx7QuZih3dInzYaKCtu8h7191csaMHTNqxJ3+ltRh7vgXRWzASF8ffB0/0l7z4rB
CmWLPTg5OaBa8g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:25:43 2026 by rpki-client