Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/5ee153-21a9-41e9-a599-6c442324ca3c/1/nTW9eP7OI2XlsT9SOIfS2NakU_k.mft
File: nTW9eP7OI2XlsT9SOIfS2NakU_k.mft (raw, json)
Hash identifier: stXpqmxwmRZsXt/Wl1IshObGW8ERUOhKXqpeQrbKR1k=
Subject key identifier: F0:DF:7D:C7:07:77:82:73:79:69:FF:E0:EA:16:8C:EE:0E:DC:EF:11
Authority key identifier: 9D:35:BD:78:FE:CE:23:65:E5:B1:3F:52:38:87:D2:D8:D6:A4:53:F9
Certificate issuer: /CN=9d35bd78fece2365e5b13f523887d2d8d6a453f9
Certificate serial: 019D37F77022B1077E78F163472738D0C9D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTW9eP7OI2XlsT9SOIfS2NakU_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/5ee153-21a9-41e9-a599-6c442324ca3c/1/nTW9eP7OI2XlsT9SOIfS2NakU_k.mft
Manifest number: 02B1
Signing time: Sun 29 Mar 2026 05:00:56 +0000
Manifest this update: Sun 29 Mar 2026 05:00:56 +0000
Manifest next update: Mon 30 Mar 2026 05:00:56 +0000
Files and hashes: 1: nTW9eP7OI2XlsT9SOIfS2NakU_k.crl (hash: cM5qoGRgV0hTYHBMmXz+Y4C13Y7WnQgprnybESvezlM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/5ee153-21a9-41e9-a599-6c442324ca3c/1/nTW9eP7OI2XlsT9SOIfS2NakU_k.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/5ee153-21a9-41e9-a599-6c442324ca3c/1/nTW9eP7OI2XlsT9SOIfS2NakU_k.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTW9eP7OI2XlsT9SOIfS2NakU_k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:70:22:b1:07:7e:78:f1:63:47:27:38:d0:c9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d35bd78fece2365e5b13f523887d2d8d6a453f9
Validity
Not Before: Mar 29 05:00:56 2026 GMT
Not After : Mar 30 05:00:56 2026 GMT
Subject: CN=f0df7dc7077782737969ffe0ea168cee0edcef11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:9e:3b:73:2d:18:dc:94:95:6d:f5:b7:63:3b:
c8:5c:88:e8:d9:67:43:06:ec:c1:6d:d7:ba:ef:e3:
01:1f:21:bf:60:dc:9a:42:66:65:2b:75:c2:d1:9a:
6b:08:ce:03:a8:b6:ea:bb:be:1d:85:c9:b7:de:fc:
1e:a8:9e:65:cc:46:63:63:20:a3:4a:19:fd:c0:3a:
a0:e5:d5:36:bd:63:55:aa:e7:7e:e6:0b:ca:35:da:
69:bc:f7:ed:34:15:b9:7e:83:33:ff:17:ba:ae:cf:
9a:5d:b3:74:89:2c:95:67:90:83:77:e6:b4:9f:2e:
c7:fe:38:24:19:4c:5c:3c:4a:3b:32:bf:d4:71:2e:
19:d5:07:3d:01:f2:91:e7:db:6c:ce:ce:54:f1:4f:
3b:d2:89:b7:da:35:bf:00:46:ad:63:91:a8:4a:90:
ad:c9:b7:48:77:28:12:34:4e:cf:af:78:23:2d:b4:
e8:de:af:03:53:d0:19:f3:f6:76:2b:d8:1e:2b:57:
80:c2:03:f9:e7:88:ec:ea:1a:e6:db:68:c4:33:bf:
dc:71:0c:db:41:2b:28:50:ae:b4:0b:b3:70:6b:c3:
31:3c:e9:0f:7d:13:c5:e9:39:b0:31:f4:73:f8:7f:
47:e1:a5:91:4d:d3:fc:b1:90:6a:96:cb:fe:d3:e6:
57:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:DF:7D:C7:07:77:82:73:79:69:FF:E0:EA:16:8C:EE:0E:DC:EF:11
X509v3 Authority Key Identifier:
keyid:9D:35:BD:78:FE:CE:23:65:E5:B1:3F:52:38:87:D2:D8:D6:A4:53:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTW9eP7OI2XlsT9SOIfS2NakU_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5ee153-21a9-41e9-a599-6c442324ca3c/1/nTW9eP7OI2XlsT9SOIfS2NakU_k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5ee153-21a9-41e9-a599-6c442324ca3c/1/nTW9eP7OI2XlsT9SOIfS2NakU_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:34:4a:e0:8d:23:59:4c:66:83:f0:5b:55:b0:42:c9:bd:dc:
40:a6:fa:bf:93:71:ce:ac:4a:ec:a6:5f:23:b6:0d:8f:90:0d:
bf:5a:f1:76:e1:3a:a6:98:a7:1f:f1:50:ac:ef:1f:be:15:cf:
6a:b4:68:d5:4d:ba:53:9f:ce:13:10:f3:62:4d:34:53:8e:b3:
54:b9:b1:ae:a1:6a:6e:98:cb:8c:62:dc:1a:13:9b:06:0f:69:
23:f2:0b:3c:d8:82:51:dc:c5:0c:27:c7:a0:69:68:90:2c:13:
c4:7d:3c:1d:61:bb:5a:1d:32:cd:b8:bc:b4:87:ff:14:62:03:
7d:9e:ff:f0:9e:45:5e:32:d2:b9:26:4c:ef:c7:64:86:e7:b3:
c1:cd:01:4e:b6:8c:b2:be:05:2e:88:a6:c2:a1:22:d2:bf:39:
62:8b:5f:c5:fe:09:39:f6:2f:fb:89:78:ef:b5:44:c5:c0:33:
8d:9e:aa:a1:69:80:5c:db:cc:0b:ea:8c:c6:c3:f2:09:14:0f:
34:a0:f3:2b:96:2f:9a:6d:a7:12:87:47:65:3a:10:45:34:2c:
60:dc:1c:d4:1e:41:12:0f:63:6a:4c:93:9c:c5:dd:9f:b7:4f:
50:02:49:bd:a7:53:a8:c2:a1:d0:44:00:36:36:07:b1:d7:25:
1d:ea:61:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0393AisQd+ePFjRyc40MnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzViZDc4ZmVjZTIzNjVlNWIxM2Y1MjM4ODdkMmQ4ZDZh
NDUzZjkwHhcNMjYwMzI5MDUwMDU2WhcNMjYwMzMwMDUwMDU2WjAzMTEwLwYDVQQD
EyhmMGRmN2RjNzA3Nzc4MjczNzk2OWZmZTBlYTE2OGNlZTBlZGNlZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Z47cy0Y3JSVbfW3YzvIXIjo2WdD
BuzBbde67+MBHyG/YNyaQmZlK3XC0ZprCM4DqLbqu74dhcm33vweqJ5lzEZjYyCj
Shn9wDqg5dU2vWNVqud+5gvKNdppvPftNBW5foMz/xe6rs+aXbN0iSyVZ5CDd+a0
ny7H/jgkGUxcPEo7Mr/UcS4Z1Qc9AfKR59tszs5U8U870om32jW/AEatY5GoSpCt
ybdIdygSNE7Pr3gjLbTo3q8DU9AZ8/Z2K9geK1eAwgP554js6hrm22jEM7/ccQzb
QSsoUK60C7Nwa8MxPOkPfRPF6TmwMfRz+H9H4aWRTdP8sZBqlsv+0+ZXqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDffccHd4JzeWn/4OoWjO4O3O8RMB8GA1UdIwQY
MBaAFJ01vXj+ziNl5bE/UjiH0tjWpFP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRXOWVQN09JMlhsc1Q5U09JZlMyTmFrVV9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS81ZWUxNTMtMjFhOS00MWU5LWE1OTkt
NmM0NDIzMjRjYTNjLzEvblRXOWVQN09JMlhsc1Q5U09JZlMyTmFrVV9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS81ZWUxNTMtMjFhOS00MWU5LWE1OTktNmM0NDIzMjRjYTNj
LzEvblRXOWVQN09JMlhsc1Q5U09JZlMyTmFrVV9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdjRK4I0j
WUxmg/BbVbBCyb3cQKb6v5NxzqxK7KZfI7YNj5ANv1rxduE6ppinH/FQrO8fvhXP
arRo1U26U5/OExDzYk00U46zVLmxrqFqbpjLjGLcGhObBg9pI/ILPNiCUdzFDCfH
oGlokCwTxH08HWG7Wh0yzbi8tIf/FGIDfZ7/8J5FXjLSuSZM78dkhuezwc0BTraM
sr4FLoimwqEi0r85Yotfxf4JOfYv+4l477VExcAzjZ6qoWmAXNvMC+qMxsPyCRQP
NKDzK5Yvmm2nEodHZToQRTQsYNwc1B5BEg9jakyTnMXdn7dPUAJJvadTqMKh0EQA
NjYHsdclHeph9g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:56:48 2026 by rpki-client