Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
File: NAahLsxTolGnXOe6yqyeQa7otMo.mft (raw, json)
Hash identifier: wtoiUSKFqxLn3t8wczeUDhaVV5ykVlTqTyazvvH1qjo=
Subject key identifier: B6:54:DE:C8:18:10:32:1A:C6:91:32:8E:AC:DE:19:1E:A2:5B:3D:35
Authority key identifier: 34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
Certificate issuer: /CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Certificate serial: 019EB7D7EC2BDA53C18751E7D3C4B99D586A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
Manifest number: 1955
Signing time: Thu 11 Jun 2026 18:00:41 +0000
Manifest this update: Thu 11 Jun 2026 18:00:41 +0000
Manifest next update: Fri 12 Jun 2026 18:00:41 +0000
Files and hashes: 1: NAahLsxTolGnXOe6yqyeQa7otMo.crl (hash: ikp3ZkpSzeR1kvWCFdRzevI5MEp8iAYWAx8P7nsoy4U=)
2: oCkrji-yhOLJX8VHxwbdTNBaxF4.roa (hash: vhMG86jwpjaLSfFs6ZRS9x4Io+mWCNdI1hjeUMa7cfs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 18:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b7:d7:ec:2b:da:53:c1:87:51:e7:d3:c4:b9:9d:58:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Validity
Not Before: Jun 11 18:00:41 2026 GMT
Not After : Jun 12 18:00:41 2026 GMT
Subject: CN=b654dec81810321ac691328eacde191ea25b3d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:97:93:29:30:29:5a:fe:a0:0d:c7:1c:80:68:
c9:8f:71:cc:8f:ad:fb:20:55:70:08:26:cb:22:f0:
5f:b5:ab:41:ac:ba:7b:01:19:7c:3a:17:fb:ce:23:
c7:15:b0:dd:19:99:c4:de:1f:4e:c0:0c:d1:7a:4e:
48:36:ba:91:e5:71:b6:de:03:3e:88:81:c6:55:84:
9e:a3:78:ad:20:86:bd:97:99:3c:2c:23:c9:4e:42:
e6:0e:31:3f:aa:e4:cc:a2:31:b1:9f:a1:c2:84:04:
aa:8c:f5:52:2d:9e:cc:eb:57:1d:0f:2e:bf:1f:07:
2b:ed:bd:36:da:a8:d3:9f:c7:74:bb:2b:44:69:d7:
87:31:60:f3:7d:a4:d9:b8:20:cf:68:9c:ee:1d:ea:
f9:4a:00:b8:21:6c:8f:7b:d2:7f:b2:9a:42:eb:b8:
dd:02:1c:63:94:4d:d1:9f:7d:66:6f:1b:d8:18:14:
7c:3b:f2:ad:36:6f:d4:15:b9:1b:95:c0:72:f8:78:
d1:d0:85:a1:79:ca:cb:5b:c8:91:5c:3c:76:9d:d0:
78:b7:32:db:98:88:28:79:84:34:a5:85:8a:0d:1c:
d4:1d:0a:41:20:d3:cb:45:ed:30:ac:21:34:c0:8b:
c4:69:38:68:d2:14:8d:4c:ff:ba:99:5f:c6:8a:e7:
86:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:54:DE:C8:18:10:32:1A:C6:91:32:8E:AC:DE:19:1E:A2:5B:3D:35
X509v3 Authority Key Identifier:
keyid:34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:7f:c1:f5:40:ca:69:b7:0e:08:0f:fb:d3:84:b2:b5:76:74:
91:00:66:ba:9b:de:ee:93:ce:bc:74:10:0d:a6:9e:8b:e6:b0:
26:7a:ae:23:c1:fc:37:87:9c:9c:e0:49:67:7f:2b:a1:9e:c0:
41:09:e6:a1:1f:6f:c2:c4:32:34:8e:ad:ad:00:01:67:f4:fe:
c8:dc:a6:4c:62:79:bd:a1:48:e1:d4:7e:ca:34:14:1c:94:22:
05:6c:97:66:e1:96:ad:ef:91:f2:0f:00:d5:5f:84:d6:c7:0d:
8f:97:a1:5f:c2:f8:1e:3a:f5:ea:d6:21:2b:2b:e9:3a:69:c8:
63:fb:d3:3d:9a:ba:2d:64:20:13:12:fd:be:d6:5c:ce:27:16:
33:5e:9a:5c:11:1c:6b:1c:49:4f:80:ec:47:a4:5b:07:35:27:
6a:ae:4e:a7:08:6d:6e:51:e2:a9:db:6e:96:90:ae:91:94:e3:
74:8f:4a:43:5d:ee:25:53:22:cb:f8:19:2b:1d:4f:8f:40:7f:
c9:63:e9:dc:ed:7e:cb:74:2e:71:63:11:6e:e5:00:91:6a:3a:
c0:9f:c9:5f:fb:1d:d6:a9:f2:03:7b:b5:fc:de:9b:c5:47:82:
c7:e8:20:1d:1b:66:b1:1e:c8:f8:ed:9e:78:1a:f6:44:06:7f:
3d:42:68:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ631+wr2lPBh1Hn08S5nVhqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDZhMTJlY2M1M2EyNTFhNzVjZTdiYWNhYWM5ZTQxYWVl
OGI0Y2EwHhcNMjYwNjExMTgwMDQxWhcNMjYwNjEyMTgwMDQxWjAzMTEwLwYDVQQD
EyhiNjU0ZGVjODE4MTAzMjFhYzY5MTMyOGVhY2RlMTkxZWEyNWIzZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJeTKTApWv6gDcccgGjJj3HMj637
IFVwCCbLIvBftatBrLp7ARl8Ohf7ziPHFbDdGZnE3h9OwAzRek5INrqR5XG23gM+
iIHGVYSeo3itIIa9l5k8LCPJTkLmDjE/quTMojGxn6HChASqjPVSLZ7M61cdDy6/
Hwcr7b022qjTn8d0uytEadeHMWDzfaTZuCDPaJzuHer5SgC4IWyPe9J/sppC67jd
AhxjlE3Rn31mbxvYGBR8O/KtNm/UFbkblcBy+HjR0IWhecrLW8iRXDx2ndB4tzLb
mIgoeYQ0pYWKDRzUHQpBINPLRe0wrCE0wIvEaTho0hSNTP+6mV/GiueGGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZU3sgYEDIaxpEyjqzeGR6iWz01MB8GA1UdIwQY
MBaAFDQGoS7MU6JRp1znusqsnkGu6LTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUt
YTc3OWJhYWE3NTk5LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUtYTc3OWJhYWE3NTk5
LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPn/B9UDK
abcOCA/704SytXZ0kQBmupve7pPOvHQQDaaei+awJnquI8H8N4ecnOBJZ38roZ7A
QQnmoR9vwsQyNI6trQABZ/T+yNymTGJ5vaFI4dR+yjQUHJQiBWyXZuGWre+R8g8A
1V+E1scNj5ehX8L4Hjr16tYhKyvpOmnIY/vTPZq6LWQgExL9vtZczicWM16aXBEc
axxJT4DsR6RbBzUnaq5OpwhtblHiqdtulpCukZTjdI9KQ13uJVMiy/gZKx1Pj0B/
yWPp3O1+y3QucWMRbuUAkWo6wJ/JX/sd1qnyA3u1/N6bxUeCx+ggHRtmsR7I+O2e
eBr2RAZ/PUJo7A==
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:53:41 2026 by rpki-client