Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
File: NVyaW8uDQBCKQchiduHLlKYefak.mft (raw, json)
Hash identifier: JSrZks6cIVq0NqAngHn05jGBplj6b4zQEutpgLgGbug=
Subject key identifier: 7C:EE:E6:9B:DD:C8:61:66:48:7C:46:A4:F9:2D:5A:CC:5A:88:AF:B6
Authority key identifier: 35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
Certificate issuer: /CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Certificate serial: 019D3789A04AF494AA4C02C05BBAC4176911
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
Manifest number: 1128
Signing time: Sun 29 Mar 2026 03:00:59 +0000
Manifest this update: Sun 29 Mar 2026 03:00:59 +0000
Manifest next update: Mon 30 Mar 2026 03:00:59 +0000
Files and hashes: 1: NVyaW8uDQBCKQchiduHLlKYefak.crl (hash: RicbzYPLn/J3kB/F6N4a+uIZ8l30S9oK4kIEsyreolk=)
2: wvN6kWBv9-WIzYsvm-bSWdFrGOY.roa (hash: CKPOzucBQdx5H4UpPqvBTwUGJcxs2W6ttGR5J1M+c5s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:a0:4a:f4:94:aa:4c:02:c0:5b:ba:c4:17:69:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Validity
Not Before: Mar 29 03:00:59 2026 GMT
Not After : Mar 30 03:00:59 2026 GMT
Subject: CN=7ceee69bddc86166487c46a4f92d5acc5a88afb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:39:2c:0f:58:b5:4a:44:82:07:fc:4f:85:5f:
61:c5:2c:9d:68:8c:19:a3:a0:e0:1a:6f:38:7c:b8:
12:c0:dd:b7:5b:c7:69:7c:97:3d:e2:3f:02:56:98:
be:38:bf:f4:d2:0d:0a:de:d2:6a:bd:8e:b3:2d:20:
06:1f:e0:9a:c5:f5:c4:fa:cc:26:85:63:b7:db:1c:
27:00:c9:bd:db:0c:7b:86:3f:37:9a:3a:b8:2f:f9:
2c:44:af:64:df:dc:b6:fe:62:1a:f4:4e:2f:a8:42:
96:45:99:bc:e8:e3:d3:ad:a7:a9:7c:85:c0:be:9a:
95:1d:65:8b:fd:6c:1b:2a:3b:a1:99:b9:c9:ed:fb:
45:a1:7d:87:76:7e:6b:09:91:83:a4:eb:af:2b:f6:
b7:6e:51:fa:79:42:d3:ba:ae:a1:b5:aa:5d:d8:c3:
36:d4:22:79:98:64:a9:4a:f4:90:e1:a2:a6:2e:41:
6a:bc:ac:fb:0d:67:46:0d:f9:db:4c:0b:4b:31:c0:
8f:e4:5f:10:9d:27:08:7f:3f:5a:78:38:e7:1b:0e:
7a:a8:57:08:dd:30:51:9e:32:b4:b4:a5:5c:6d:59:
0d:d4:a1:cb:f9:80:22:80:d8:07:1b:a0:5a:f9:a8:
e2:52:10:13:c7:02:0e:be:df:62:61:e5:ef:2a:86:
29:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:EE:E6:9B:DD:C8:61:66:48:7C:46:A4:F9:2D:5A:CC:5A:88:AF:B6
X509v3 Authority Key Identifier:
keyid:35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:ae:3e:8c:53:3b:32:95:81:c7:c5:48:56:55:10:8a:d4:cf:
4a:1a:5f:bf:cc:01:98:01:0c:34:93:b6:d6:1b:6f:94:8e:87:
04:31:ae:04:f0:98:a1:09:3d:0e:12:68:5c:5f:f9:01:91:d3:
08:36:df:d1:82:e7:fd:f9:67:e5:d8:88:80:8a:55:71:d7:6c:
ef:f0:d3:7b:9a:24:80:07:e7:87:da:5b:ae:14:31:b5:68:e2:
9b:0a:d2:2c:70:18:13:87:41:9a:64:bb:99:8a:28:08:4d:4a:
ac:c6:66:21:2a:3d:8a:c3:19:78:e7:42:8a:18:4c:f0:6a:c8:
27:fe:75:a7:5c:41:34:4c:a2:a5:d4:cf:f3:40:82:0e:78:e0:
d4:c7:30:11:df:95:27:b5:d8:cc:f9:02:64:25:4d:c7:06:2c:
3c:e0:60:8d:bb:fa:5a:9b:b2:b8:a3:b5:df:56:88:d6:0b:67:
63:84:3f:26:35:ae:bb:70:c3:ee:b6:df:bc:8b:54:5f:f3:6c:
ee:df:ca:dd:1a:ea:6d:4d:36:da:f5:04:f6:ff:0a:cd:fb:94:
29:98:12:3e:5e:11:aa:c6:7d:70:04:41:b9:81:32:9d:a1:13:
df:95:2b:b0:e6:df:3f:b9:92:1a:e3:65:6a:7a:58:67:a4:f2:
81:15:5b:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iaBK9JSqTALAW7rEF2kRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NWM5YTViY2I4MzQwMTA4YTQxYzg2Mjc2ZTFjYjk0YTYx
ZTdkYTkwHhcNMjYwMzI5MDMwMDU5WhcNMjYwMzMwMDMwMDU5WjAzMTEwLwYDVQQD
Eyg3Y2VlZTY5YmRkYzg2MTY2NDg3YzQ2YTRmOTJkNWFjYzVhODhhZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTksD1i1SkSCB/xPhV9hxSydaIwZ
o6DgGm84fLgSwN23W8dpfJc94j8CVpi+OL/00g0K3tJqvY6zLSAGH+CaxfXE+swm
hWO32xwnAMm92wx7hj83mjq4L/ksRK9k39y2/mIa9E4vqEKWRZm86OPTraepfIXA
vpqVHWWL/WwbKjuhmbnJ7ftFoX2Hdn5rCZGDpOuvK/a3blH6eULTuq6htapd2MM2
1CJ5mGSpSvSQ4aKmLkFqvKz7DWdGDfnbTAtLMcCP5F8QnScIfz9aeDjnGw56qFcI
3TBRnjK0tKVcbVkN1KHL+YAigNgHG6Ba+ajiUhATxwIOvt9iYeXvKoYpnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHzu5pvdyGFmSHxGpPktWsxaiK+2MB8GA1UdIwQY
MBaAFDVcmlvLg0AQikHIYnbhy5SmHn2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTct
MzBkNjRmZjcwYjkwLzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTctMzBkNjRmZjcwYjkw
LzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh64+jFM7
MpWBx8VIVlUQitTPShpfv8wBmAEMNJO21htvlI6HBDGuBPCYoQk9DhJoXF/5AZHT
CDbf0YLn/fln5diIgIpVcdds7/DTe5okgAfnh9pbrhQxtWjimwrSLHAYE4dBmmS7
mYooCE1KrMZmISo9isMZeOdCihhM8GrIJ/51p1xBNEyipdTP80CCDnjg1McwEd+V
J7XYzPkCZCVNxwYsPOBgjbv6WpuyuKO131aI1gtnY4Q/JjWuu3DD7rbfvItUX/Ns
7t/K3RrqbU022vUE9v8KzfuUKZgSPl4RqsZ9cARBuYEynaET35UrsObfP7mSGuNl
anpYZ6TygRVbqg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:15 2026 by rpki-client