Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/5bf8a9-d434-454b-8885-525d626799ef/1/nypoaxwl1Ex9vU1KMf4Mev0CoS4.mft
File: nypoaxwl1Ex9vU1KMf4Mev0CoS4.mft (raw, json)
Hash identifier: dSXaWQ14ZAE6dTJ6GtItbhrLENkNoeyb10TfJKLnxXI=
Subject key identifier: 26:04:26:38:36:9F:A4:02:A0:F9:FB:BD:50:DC:60:CE:86:16:E2:E5
Authority key identifier: 9F:2A:68:6B:1C:25:D4:4C:7D:BD:4D:4A:31:FE:0C:7A:FD:02:A1:2E
Certificate issuer: /CN=9f2a686b1c25d44c7dbd4d4a31fe0c7afd02a12e
Certificate serial: 019D389C624744CD21BE15B3243481B3C873
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nypoaxwl1Ex9vU1KMf4Mev0CoS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/5bf8a9-d434-454b-8885-525d626799ef/1/nypoaxwl1Ex9vU1KMf4Mev0CoS4.mft
Manifest number: 19
Signing time: Sun 29 Mar 2026 08:01:05 +0000
Manifest this update: Sun 29 Mar 2026 08:01:05 +0000
Manifest next update: Mon 30 Mar 2026 08:01:05 +0000
Files and hashes: 1: 1-vCuLQv8-0dOJxqABaWxM4UUc8I.roa (hash: E0Bqgi4xo21RkZJec+827sz7pg8AMyWIq6lhPjrYbo8=)
2: nypoaxwl1Ex9vU1KMf4Mev0CoS4.crl (hash: hZYOwMOt4irf6LubeJq2O0b22pZngN+5b2vWXV9ZpMQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/5bf8a9-d434-454b-8885-525d626799ef/1/nypoaxwl1Ex9vU1KMf4Mev0CoS4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/5bf8a9-d434-454b-8885-525d626799ef/1/nypoaxwl1Ex9vU1KMf4Mev0CoS4.mft
rsync://rpki.ripe.net/repository/DEFAULT/nypoaxwl1Ex9vU1KMf4Mev0CoS4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:62:47:44:cd:21:be:15:b3:24:34:81:b3:c8:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f2a686b1c25d44c7dbd4d4a31fe0c7afd02a12e
Validity
Not Before: Mar 29 08:01:05 2026 GMT
Not After : Mar 30 08:01:05 2026 GMT
Subject: CN=26042638369fa402a0f9fbbd50dc60ce8616e2e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:29:29:8a:2f:de:a9:97:e9:71:7e:41:96:c2:
60:72:fa:55:56:cf:60:de:71:d0:74:80:6a:5e:16:
79:15:3c:3d:15:ba:7a:79:c4:ab:8d:b2:72:ef:b1:
da:1e:fb:71:6b:4e:ab:54:13:99:e9:3e:82:bd:2c:
61:08:3f:a5:18:c3:89:a1:44:40:a4:80:3a:a4:3b:
67:8a:1f:97:33:7c:ad:8c:ce:a0:18:b0:1a:eb:dd:
27:07:70:71:59:8f:54:9a:2a:c2:18:c5:64:b6:1d:
72:88:98:b3:80:df:03:c9:89:1a:21:e0:c4:f0:bb:
90:87:74:a4:a3:e5:6d:b8:29:ac:d1:ed:d3:30:e1:
5d:9a:2c:8c:e9:c2:33:3a:32:59:18:f4:95:d1:13:
13:0e:48:b4:76:91:e3:0c:8b:e0:e5:e8:ea:7c:59:
7c:9f:51:c1:a1:f5:2c:dd:8d:d9:b9:3d:a3:b5:00:
7c:55:f8:c1:8b:aa:ea:e2:6b:dc:52:7e:97:25:0b:
15:30:f8:84:ad:16:c2:f7:0a:39:eb:aa:01:7a:90:
ff:ab:82:e9:ad:54:d8:dd:4d:c1:ad:53:cb:eb:05:
d0:19:66:bc:91:ff:23:d4:6a:6b:04:c6:d0:19:cf:
03:47:fe:cf:d9:2a:23:5f:c4:3b:94:84:07:c8:4b:
53:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:04:26:38:36:9F:A4:02:A0:F9:FB:BD:50:DC:60:CE:86:16:E2:E5
X509v3 Authority Key Identifier:
keyid:9F:2A:68:6B:1C:25:D4:4C:7D:BD:4D:4A:31:FE:0C:7A:FD:02:A1:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nypoaxwl1Ex9vU1KMf4Mev0CoS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5bf8a9-d434-454b-8885-525d626799ef/1/nypoaxwl1Ex9vU1KMf4Mev0CoS4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5bf8a9-d434-454b-8885-525d626799ef/1/nypoaxwl1Ex9vU1KMf4Mev0CoS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:31:98:1e:7a:71:2a:e9:de:c4:47:db:f9:5c:35:70:b6:9b:
bf:46:8e:0a:93:cb:57:fb:06:e0:51:88:06:d4:21:0f:5a:92:
81:76:8c:7d:18:06:1b:d4:b6:8e:b9:5a:cf:75:1a:d7:bb:a0:
f0:a1:ed:7f:b1:de:eb:ad:c8:5c:28:21:be:59:e8:f9:eb:f2:
3e:54:99:be:ed:25:8d:cb:24:f5:31:77:82:a2:2c:bf:3a:90:
51:c6:74:ad:24:41:96:7a:5e:0f:be:88:0e:b5:8a:dc:3f:79:
dd:40:87:af:01:37:e0:77:0b:de:78:ab:9b:26:92:5c:24:76:
06:34:22:34:e3:7e:9f:c4:44:d0:45:cc:cd:74:ed:4c:0e:55:
6e:65:49:56:31:ae:62:d2:24:6c:44:bb:4f:2f:8e:d7:d4:0d:
1b:2b:3b:8b:79:c5:c6:80:da:e6:89:77:d2:f1:d8:62:a3:a4:
cd:ed:d4:6a:95:27:8f:25:37:ea:63:52:32:29:55:99:d1:e3:
16:1e:e7:76:cf:28:b8:42:c7:40:7c:59:34:96:01:ae:4e:14:
af:73:1a:a0:81:58:f6:28:d9:61:71:64:1f:dc:7c:00:9b:59:
a7:78:36:f2:8f:61:44:b4:bd:b9:d2:35:ae:48:47:a3:9a:e4:
df:38:9c:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nGJHRM0hvhWzJDSBs8hzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmE2ODZiMWMyNWQ0NGM3ZGJkNGQ0YTMxZmUwYzdhZmQw
MmExMmUwHhcNMjYwMzI5MDgwMTA1WhcNMjYwMzMwMDgwMTA1WjAzMTEwLwYDVQQD
EygyNjA0MjYzODM2OWZhNDAyYTBmOWZiYmQ1MGRjNjBjZTg2MTZlMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Skpii/eqZfpcX5BlsJgcvpVVs9g
3nHQdIBqXhZ5FTw9Fbp6ecSrjbJy77HaHvtxa06rVBOZ6T6CvSxhCD+lGMOJoURA
pIA6pDtnih+XM3ytjM6gGLAa690nB3BxWY9UmirCGMVkth1yiJizgN8DyYkaIeDE
8LuQh3Sko+VtuCms0e3TMOFdmiyM6cIzOjJZGPSV0RMTDki0dpHjDIvg5ejqfFl8
n1HBofUs3Y3ZuT2jtQB8VfjBi6rq4mvcUn6XJQsVMPiErRbC9wo566oBepD/q4Lp
rVTY3U3BrVPL6wXQGWa8kf8j1GprBMbQGc8DR/7P2SojX8Q7lIQHyEtTdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYEJjg2n6QCoPn7vVDcYM6GFuLlMB8GA1UdIwQY
MBaAFJ8qaGscJdRMfb1NSjH+DHr9AqEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlwb2F4d2wxRXg5dlUxS01mNE1ldjBDb1M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81YmY4YTktZDQzNC00NTRiLTg4ODUt
NTI1ZDYyNjc5OWVmLzEvbnlwb2F4d2wxRXg5dlUxS01mNE1ldjBDb1M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81YmY4YTktZDQzNC00NTRiLTg4ODUtNTI1ZDYyNjc5OWVm
LzEvbnlwb2F4d2wxRXg5dlUxS01mNE1ldjBDb1M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPzGYHnpx
KunexEfb+Vw1cLabv0aOCpPLV/sG4FGIBtQhD1qSgXaMfRgGG9S2jrlaz3Ua17ug
8KHtf7He663IXCghvlno+evyPlSZvu0ljcsk9TF3gqIsvzqQUcZ0rSRBlnpeD76I
DrWK3D953UCHrwE34HcL3nirmyaSXCR2BjQiNON+n8RE0EXMzXTtTA5VbmVJVjGu
YtIkbES7Ty+O19QNGys7i3nFxoDa5ol30vHYYqOkze3UapUnjyU36mNSMilVmdHj
Fh7nds8ouELHQHxZNJYBrk4Ur3MaoIFY9ijZYXFkH9x8AJtZp3g28o9hRLS9udI1
rkhHo5rk3zicoQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:14:26 2026 by rpki-client