Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
File: NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft (raw, json)
Hash identifier: taTtmIQO1lt+S0S63Xz83dvxGJdZrCFvFnyMr2mHaIs=
Subject key identifier: EF:27:52:3B:D5:94:39:50:F8:37:52:58:FC:03:E2:79:92:A8:62:CD
Authority key identifier: 35:D7:DB:AA:75:EF:34:20:D8:D9:45:91:30:ED:01:DC:53:51:36:FB
Certificate issuer: /CN=35d7dbaa75ef3420d8d9459130ed01dc535136fb
Certificate serial: 019D39414416751619610F00BF621C5B78B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdfbqnXvNCDY2UWRMO0B3FNRNvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
Manifest number: 0661
Signing time: Sun 29 Mar 2026 11:01:11 +0000
Manifest this update: Sun 29 Mar 2026 11:01:11 +0000
Manifest next update: Mon 30 Mar 2026 11:01:11 +0000
Files and hashes: 1: NdfbqnXvNCDY2UWRMO0B3FNRNvs.crl (hash: hYQO6OO1nh+p9Z0r4eIlzq+P3e/4Nv8io+xmffLl/vA=)
2: V0FXBHF7zd7eoSFLKhrjKxi24vc.roa (hash: Ku0lrgk8w0+7zmhpvQbPryOCwIndLIyVecGBgi9w3MY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
rsync://rpki.ripe.net/repository/DEFAULT/NdfbqnXvNCDY2UWRMO0B3FNRNvs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:44:16:75:16:19:61:0f:00:bf:62:1c:5b:78:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35d7dbaa75ef3420d8d9459130ed01dc535136fb
Validity
Not Before: Mar 29 11:01:11 2026 GMT
Not After : Mar 30 11:01:11 2026 GMT
Subject: CN=ef27523bd5943950f8375258fc03e27992a862cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a9:2d:dc:50:68:bc:9e:4f:26:b6:ee:2e:35:
9a:ff:0b:95:81:ac:b0:42:d1:29:35:ed:44:24:26:
4a:c0:a2:40:59:bd:85:4f:a4:16:64:41:31:b0:12:
5e:53:09:3a:b8:79:64:fd:23:07:72:01:0f:f4:f1:
00:f0:6b:f6:c3:97:9f:b0:3f:65:d6:3f:72:3a:bc:
ab:91:6f:2c:5f:25:72:f2:c2:7e:43:a7:c0:b0:60:
5a:64:7c:0c:90:ef:27:50:50:7c:c6:fe:b0:69:09:
86:26:4a:80:eb:c9:6e:95:64:72:67:45:e4:ca:37:
0f:22:88:45:a7:29:11:c4:e3:f3:aa:31:3b:80:cd:
44:d7:8e:f8:07:01:27:40:95:86:d5:e8:bb:01:52:
cb:aa:52:c3:9b:20:57:df:fb:29:f6:93:f7:e9:c9:
36:13:9e:6b:93:6f:fd:e5:fd:13:c8:62:77:48:21:
54:dc:b9:04:a8:a8:96:45:c1:02:3f:38:d1:54:22:
e6:af:1a:2f:a5:aa:b7:e4:e4:3d:bd:2e:a6:50:93:
50:e3:95:fb:b7:91:a1:4a:ff:92:17:6f:5f:7e:9d:
29:cc:f3:32:71:23:f7:83:33:85:e0:2e:10:34:7c:
97:fd:95:ad:7f:b2:d7:b8:a3:c4:51:5c:a9:eb:c0:
9f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:27:52:3B:D5:94:39:50:F8:37:52:58:FC:03:E2:79:92:A8:62:CD
X509v3 Authority Key Identifier:
keyid:35:D7:DB:AA:75:EF:34:20:D8:D9:45:91:30:ED:01:DC:53:51:36:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdfbqnXvNCDY2UWRMO0B3FNRNvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:60:ef:91:33:d1:1b:26:7c:19:75:f9:a4:93:d3:29:3a:9e:
f0:c3:22:b0:87:ec:26:a9:44:06:44:d8:70:5f:56:ab:51:0b:
e0:16:d5:de:6d:03:fc:54:c0:27:d0:78:37:df:9e:bf:bc:5e:
40:14:b9:b9:17:c1:be:c8:fc:f9:72:18:03:e1:bd:1a:df:fb:
6d:8d:5a:64:2b:ef:e7:dc:cb:82:66:cb:21:1d:71:b4:02:71:
77:24:2b:73:ff:32:87:56:62:96:bb:32:22:9a:81:fa:7e:89:
e1:d4:6a:8d:26:be:83:f6:ba:d6:a4:4a:60:c2:79:c1:e2:da:
61:5d:4d:37:82:0b:b3:1f:4d:69:95:56:69:f3:06:91:b2:33:
cb:f8:39:14:9e:60:c3:94:74:1a:86:12:80:f8:ae:0c:ed:a8:
ed:77:18:9e:a1:82:73:4f:08:b9:4b:91:e5:71:3f:a8:97:f9:
58:14:94:74:15:e1:f2:c0:eb:a5:42:1b:62:0d:f9:9a:80:c8:
c2:95:1d:33:d9:c1:cc:56:2d:1a:5f:51:be:10:85:04:5d:56:
9e:b8:f5:c4:9d:74:7f:c1:25:83:8e:e3:5a:e3:cb:fc:50:4a:
dc:ca:99:53:2a:e4:4c:74:4d:62:5e:f3:19:ae:5f:1d:2e:ca:
29:25:dc:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QUQWdRYZYQ8Av2IcW3iwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZDdkYmFhNzVlZjM0MjBkOGQ5NDU5MTMwZWQwMWRjNTM1
MTM2ZmIwHhcNMjYwMzI5MTEwMTExWhcNMjYwMzMwMTEwMTExWjAzMTEwLwYDVQQD
EyhlZjI3NTIzYmQ1OTQzOTUwZjgzNzUyNThmYzAzZTI3OTkyYTg2MmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6kt3FBovJ5PJrbuLjWa/wuVgayw
QtEpNe1EJCZKwKJAWb2FT6QWZEExsBJeUwk6uHlk/SMHcgEP9PEA8Gv2w5efsD9l
1j9yOryrkW8sXyVy8sJ+Q6fAsGBaZHwMkO8nUFB8xv6waQmGJkqA68lulWRyZ0Xk
yjcPIohFpykRxOPzqjE7gM1E1474BwEnQJWG1ei7AVLLqlLDmyBX3/sp9pP36ck2
E55rk2/95f0TyGJ3SCFU3LkEqKiWRcECPzjRVCLmrxovpaq35OQ9vS6mUJNQ45X7
t5GhSv+SF29ffp0pzPMycSP3gzOF4C4QNHyX/ZWtf7LXuKPEUVyp68CfxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO8nUjvVlDlQ+DdSWPwD4nmSqGLNMB8GA1UdIwQY
MBaAFDXX26p17zQg2NlFkTDtAdxTUTb7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmRmYnFuWHZOQ0RZMlVXUk1PMEIzRk5STnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi85YThhM2ItOWI0NC00OWNhLWI2NzQt
ZDkyYzkzODBhZjMzLzEvTmRmYnFuWHZOQ0RZMlVXUk1PMEIzRk5STnZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi85YThhM2ItOWI0NC00OWNhLWI2NzQtZDkyYzkzODBhZjMz
LzEvTmRmYnFuWHZOQ0RZMlVXUk1PMEIzRk5STnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdGDvkTPR
GyZ8GXX5pJPTKTqe8MMisIfsJqlEBkTYcF9Wq1EL4BbV3m0D/FTAJ9B4N9+ev7xe
QBS5uRfBvsj8+XIYA+G9Gt/7bY1aZCvv59zLgmbLIR1xtAJxdyQrc/8yh1Zilrsy
IpqB+n6J4dRqjSa+g/a61qRKYMJ5weLaYV1NN4ILsx9NaZVWafMGkbIzy/g5FJ5g
w5R0GoYSgPiuDO2o7XcYnqGCc08IuUuR5XE/qJf5WBSUdBXh8sDrpUIbYg35moDI
wpUdM9nBzFYtGl9RvhCFBF1Wnrj1xJ10f8Elg47jWuPL/FBK3MqZUyrkTHRNYl7z
Ga5fHS7KKSXcLA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:03:12 2026 by rpki-client