Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.mft
File: nurBz77ElK6UV8hm5jYYZcTzAEg.mft (raw, json)
Hash identifier: 5d+8xZNmssJ9gJo1yFyLJE87Mp0N6Um/T38Qp2f5Geg=
Subject key identifier: 61:39:4C:86:F0:44:0D:98:BB:E9:B3:49:12:EA:90:F8:62:3F:68:B6
Authority key identifier: 9E:EA:C1:CF:BE:C4:94:AE:94:57:C8:66:E6:36:18:65:C4:F3:00:48
Certificate issuer: /CN=9eeac1cfbec494ae9457c866e6361865c4f30048
Certificate serial: 019D37F6EE9E58B7516329BF369B6D94814A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nurBz77ElK6UV8hm5jYYZcTzAEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.mft
Manifest number: 0E8B
Signing time: Sun 29 Mar 2026 05:00:22 +0000
Manifest this update: Sun 29 Mar 2026 05:00:22 +0000
Manifest next update: Mon 30 Mar 2026 05:00:22 +0000
Files and hashes: 1: 8QjpINWPHZDJ5rBXOU-f7xhIEjw.roa (hash: 4srsR9VRePR9yB/iD/hHMwN8fvofDELlgIaatI76q6Y=)
2: nurBz77ElK6UV8hm5jYYZcTzAEg.crl (hash: YkS5F7kC+u+duJZVLoaznMTasvMOu4iv0yjmXyDznQU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nurBz77ElK6UV8hm5jYYZcTzAEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f6:ee:9e:58:b7:51:63:29:bf:36:9b:6d:94:81:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eeac1cfbec494ae9457c866e6361865c4f30048
Validity
Not Before: Mar 29 05:00:22 2026 GMT
Not After : Mar 30 05:00:22 2026 GMT
Subject: CN=61394c86f0440d98bbe9b34912ea90f8623f68b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:20:27:89:76:a6:1f:1a:7f:a9:34:39:df:c8:
8e:81:10:4f:2d:97:37:6a:b4:8d:08:eb:3e:6e:91:
ce:d1:cf:c2:57:ac:86:5b:f9:2f:ce:1b:83:88:61:
a5:8f:a6:53:73:ee:eb:4a:db:a7:b4:ae:7e:fb:bb:
99:11:f9:c6:89:61:86:33:8a:52:b3:40:c2:05:1d:
ba:e9:13:f0:6a:df:46:81:19:5b:18:f0:a5:ad:81:
ca:df:21:03:67:ec:de:c2:d0:77:20:f3:0e:9f:3b:
b8:f7:fc:02:96:bb:95:aa:3e:84:94:08:ed:1b:2a:
1c:76:fb:2b:8b:32:50:a9:e6:7e:56:15:f2:c3:27:
bc:6b:92:75:3a:e2:d8:da:41:a9:0a:9e:ec:2b:20:
11:ae:7f:8e:b4:31:5e:59:e4:5c:9e:ce:e4:9d:9a:
01:e9:f8:88:93:4f:3c:5a:2e:45:d5:3d:5c:08:74:
d1:d9:b8:29:b2:22:91:26:ba:f9:c0:26:8a:6d:94:
bc:91:49:12:1b:82:e8:fc:36:4a:81:31:0a:86:97:
37:84:05:d1:ef:c3:c7:80:ac:5a:be:04:6b:eb:b5:
30:b6:ae:7c:83:7e:ce:af:7c:da:77:42:e6:90:c9:
25:1b:c6:a6:f2:8b:c1:4f:65:bf:df:1e:20:20:b8:
b4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:39:4C:86:F0:44:0D:98:BB:E9:B3:49:12:EA:90:F8:62:3F:68:B6
X509v3 Authority Key Identifier:
keyid:9E:EA:C1:CF:BE:C4:94:AE:94:57:C8:66:E6:36:18:65:C4:F3:00:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nurBz77ElK6UV8hm5jYYZcTzAEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:ee:fa:50:f8:1a:1c:c2:f8:88:7f:9a:a1:14:7b:cf:b4:36:
1d:88:84:38:b0:4b:27:57:3d:99:d3:03:0a:8f:3b:0e:b6:3e:
39:fb:75:d1:f9:da:f7:53:4d:02:70:ee:b2:89:25:b1:12:e7:
98:41:17:4d:45:31:8b:21:26:f3:eb:b5:a3:a0:03:74:19:4c:
69:29:69:c6:07:19:7b:79:46:82:5d:97:23:30:de:82:64:dc:
a6:e9:2b:8c:1e:ec:08:e6:6b:c7:2a:dc:8f:d1:a5:cf:f6:dd:
25:0e:f9:d9:d2:a1:6a:69:aa:bc:e9:28:ca:4f:44:8d:99:03:
32:9f:93:69:e1:f6:0b:82:a5:07:31:6d:9d:38:a9:ad:cb:35:
6a:10:74:8f:08:fd:cf:85:b0:8e:25:96:73:1b:56:f7:3f:42:
bb:35:9c:22:ff:af:29:be:7d:17:6e:3f:50:76:ee:58:51:77:
5f:b2:d1:a6:08:fb:d1:77:7b:7f:96:71:95:f8:31:e5:b2:07:
01:2e:33:b6:b4:d3:c9:f4:52:5e:01:94:df:6f:1d:e4:be:db:
2a:c6:6f:a1:14:5a:d7:61:94:a3:5f:c1:a0:93:14:dc:a2:b3:
96:61:97:51:0d:30:8f:4b:b1:e1:57:e8:90:0f:67:8b:67:14:
f1:44:33:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039u6eWLdRYym/NpttlIFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZWFjMWNmYmVjNDk0YWU5NDU3Yzg2NmU2MzYxODY1YzRm
MzAwNDgwHhcNMjYwMzI5MDUwMDIyWhcNMjYwMzMwMDUwMDIyWjAzMTEwLwYDVQQD
Eyg2MTM5NGM4NmYwNDQwZDk4YmJlOWIzNDkxMmVhOTBmODYyM2Y2OGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSAniXamHxp/qTQ538iOgRBPLZc3
arSNCOs+bpHO0c/CV6yGW/kvzhuDiGGlj6ZTc+7rStuntK5++7uZEfnGiWGGM4pS
s0DCBR266RPwat9GgRlbGPClrYHK3yEDZ+zewtB3IPMOnzu49/wClruVqj6ElAjt
GyocdvsrizJQqeZ+VhXywye8a5J1OuLY2kGpCp7sKyARrn+OtDFeWeRcns7knZoB
6fiIk088Wi5F1T1cCHTR2bgpsiKRJrr5wCaKbZS8kUkSG4Lo/DZKgTEKhpc3hAXR
78PHgKxavgRr67Uwtq58g37Or3zad0LmkMklG8am8ovBT2W/3x4gILi0swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGE5TIbwRA2Yu+mzSRLqkPhiP2i2MB8GA1UdIwQY
MBaAFJ7qwc++xJSulFfIZuY2GGXE8wBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnVyQno3N0VsSzZVVjhobTVqWVlaY1R6QUVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80N2U2MDktYjZiNy00NDNiLThhMDQt
ZTI4NWNkOGNhZDEyLzEvbnVyQno3N0VsSzZVVjhobTVqWVlaY1R6QUVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80N2U2MDktYjZiNy00NDNiLThhMDQtZTI4NWNkOGNhZDEy
LzEvbnVyQno3N0VsSzZVVjhobTVqWVlaY1R6QUVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPO76UPga
HML4iH+aoRR7z7Q2HYiEOLBLJ1c9mdMDCo87DrY+Oft10fna91NNAnDusoklsRLn
mEEXTUUxiyEm8+u1o6ADdBlMaSlpxgcZe3lGgl2XIzDegmTcpukrjB7sCOZrxyrc
j9Glz/bdJQ752dKhammqvOkoyk9EjZkDMp+TaeH2C4KlBzFtnTiprcs1ahB0jwj9
z4WwjiWWcxtW9z9CuzWcIv+vKb59F24/UHbuWFF3X7LRpgj70Xd7f5Zxlfgx5bIH
AS4ztrTTyfRSXgGU328d5L7bKsZvoRRa12GUo1/BoJMU3KKzlmGXUQ0wj0ux4Vfo
kA9ni2cU8UQzKg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:38 2026 by rpki-client