Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft
File: NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft (raw, json)
Hash identifier: rMBBiiF+0hoJEirGmp2XtQSYjiJUd4JlchVwcyFhuT0=
Subject key identifier: B7:E3:3E:AC:9F:89:01:5C:C3:0B:97:4A:CB:3F:DA:21:0A:B9:7C:E0
Authority key identifier: 35:F1:A5:73:91:51:53:DE:82:89:0E:AE:13:03:06:7F:A6:8B:28:77
Certificate issuer: /CN=35f1a573915153de82890eae1303067fa68b2877
Certificate serial: 019D390A0F618411B34D1E827F49D024E656
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft
Manifest number: 1392
Signing time: Sun 29 Mar 2026 10:00:53 +0000
Manifest this update: Sun 29 Mar 2026 10:00:53 +0000
Manifest next update: Mon 30 Mar 2026 10:00:53 +0000
Files and hashes: 1: D3wlgMGE5QwdxwsJ-l6YOVrMLsM.roa (hash: 8VoNb/7A+xDcEz+hMFU7CsCAQw+ePCtKqSmXmX3INLs=)
2: NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl (hash: 5PtvaWuqHHexbam0dJs0buPAnbqmI4JrzBBFCqd1Dzc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:0f:61:84:11:b3:4d:1e:82:7f:49:d0:24:e6:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35f1a573915153de82890eae1303067fa68b2877
Validity
Not Before: Mar 29 10:00:53 2026 GMT
Not After : Mar 30 10:00:53 2026 GMT
Subject: CN=b7e33eac9f89015cc30b974acb3fda210ab97ce0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e1:a2:ef:57:32:5e:d9:31:66:0b:12:17:24:
7a:dd:b4:1d:5d:54:47:51:84:dd:be:b0:23:de:06:
07:de:73:e2:de:b2:ef:9b:32:c5:8d:f1:cf:ee:61:
77:ab:63:c1:c2:ab:b1:c4:9c:de:46:9d:11:1b:fd:
1a:22:f3:e9:e4:70:67:10:91:53:b9:ec:71:fd:7b:
66:44:b6:7b:6c:29:c8:b9:aa:5f:5a:03:a4:22:c3:
d5:40:9c:bc:2e:26:9f:d4:a6:ef:4e:5d:0f:18:47:
3c:c2:26:d5:72:03:75:e5:14:39:85:2c:50:d2:8e:
9b:24:a0:eb:f0:5c:fa:35:60:5c:82:b4:7e:8a:9a:
7e:65:f7:0f:35:81:aa:7a:92:06:15:0d:23:3c:e6:
8c:2a:4a:f7:ed:d8:5a:ee:b5:14:19:3a:01:cf:a0:
5b:e7:37:48:3c:be:6e:5c:8a:42:5e:2e:6e:33:1b:
be:a4:98:13:9b:97:09:a8:72:03:93:9e:62:0f:94:
38:c6:b9:8f:10:d5:dc:14:5e:06:a9:8e:9d:5e:34:
b7:35:81:35:c8:04:ea:0d:cc:91:b3:21:a6:f4:d7:
77:25:db:1a:96:86:61:21:a8:da:f0:03:db:06:32:
68:85:59:26:9f:c6:30:01:33:18:57:38:0e:e1:d9:
75:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:E3:3E:AC:9F:89:01:5C:C3:0B:97:4A:CB:3F:DA:21:0A:B9:7C:E0
X509v3 Authority Key Identifier:
keyid:35:F1:A5:73:91:51:53:DE:82:89:0E:AE:13:03:06:7F:A6:8B:28:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:5d:3a:89:cf:4f:8a:73:2a:fe:a9:c0:e5:e7:ed:16:2e:a3:
bf:5a:97:2c:9d:ae:6a:ba:9e:d4:80:1c:4b:2a:e9:97:e3:fb:
e7:2b:36:9a:33:6a:00:26:94:57:ef:d6:33:ca:4f:f8:46:1f:
a2:10:92:7b:43:18:7c:e2:0d:02:2b:a7:d6:d9:d5:c2:07:f3:
52:f4:93:70:0c:7e:26:fd:51:26:33:d2:16:5d:4a:01:bc:14:
e2:0d:fd:a8:69:3c:27:60:54:87:f0:84:2a:63:52:90:ef:94:
d1:7f:30:3d:91:bc:35:48:10:13:1d:50:0b:9b:93:a6:2e:fa:
f0:bb:45:90:6e:57:c9:b1:1d:54:79:b4:22:a0:f4:b5:7f:8b:
60:39:05:d5:cf:f7:85:cc:b0:05:1c:19:a4:41:95:c6:24:22:
19:d1:e1:de:48:da:e3:9a:10:a3:05:5d:ce:b6:a5:d8:95:1a:
9f:b1:6a:6f:6c:7f:38:e9:95:dc:2e:12:dd:51:f6:86:ee:d7:
a1:c8:68:e7:11:d4:cf:0f:8d:6b:59:21:ec:f9:c7:9d:ab:eb:
06:7a:a6:bf:d4:1f:1f:ea:3f:1c:0e:c0:ed:dd:39:dc:18:fb:
34:1c:64:b7:8c:e8:d8:ea:5b:4e:15:45:1f:5d:8d:5f:7e:c6:
2d:3a:52:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cg9hhBGzTR6Cf0nQJOZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjFhNTczOTE1MTUzZGU4Mjg5MGVhZTEzMDMwNjdmYTY4
YjI4NzcwHhcNMjYwMzI5MTAwMDUzWhcNMjYwMzMwMTAwMDUzWjAzMTEwLwYDVQQD
EyhiN2UzM2VhYzlmODkwMTVjYzMwYjk3NGFjYjNmZGEyMTBhYjk3Y2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveGi71cyXtkxZgsSFyR63bQdXVRH
UYTdvrAj3gYH3nPi3rLvmzLFjfHP7mF3q2PBwquxxJzeRp0RG/0aIvPp5HBnEJFT
uexx/XtmRLZ7bCnIuapfWgOkIsPVQJy8Liaf1KbvTl0PGEc8wibVcgN15RQ5hSxQ
0o6bJKDr8Fz6NWBcgrR+ipp+ZfcPNYGqepIGFQ0jPOaMKkr37dha7rUUGToBz6Bb
5zdIPL5uXIpCXi5uMxu+pJgTm5cJqHIDk55iD5Q4xrmPENXcFF4GqY6dXjS3NYE1
yATqDcyRsyGm9Nd3JdsaloZhIaja8APbBjJohVkmn8YwATMYVzgO4dl1CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfjPqyfiQFcwwuXSss/2iEKuXzgMB8GA1UdIwQY
MBaAFDXxpXORUVPegokOrhMDBn+miyh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kYThiNmItMTlmYS00OTc2LWJhYTAt
MzI5MjExMDI5YTFhLzEvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kYThiNmItMTlmYS00OTc2LWJhYTAtMzI5MjExMDI5YTFh
LzEvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQl06ic9P
inMq/qnA5eftFi6jv1qXLJ2uarqe1IAcSyrpl+P75ys2mjNqACaUV+/WM8pP+EYf
ohCSe0MYfOINAiun1tnVwgfzUvSTcAx+Jv1RJjPSFl1KAbwU4g39qGk8J2BUh/CE
KmNSkO+U0X8wPZG8NUgQEx1QC5uTpi768LtFkG5XybEdVHm0IqD0tX+LYDkF1c/3
hcywBRwZpEGVxiQiGdHh3kja45oQowVdzral2JUan7Fqb2x/OOmV3C4S3VH2hu7X
ocho5xHUzw+Na1kh7PnHnavrBnqmv9QfH+o/HA7A7d053Bj7NBxkt4zo2OpbThVF
H12NX37GLTpSAw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:36:21 2026 by rpki-client