Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft
File: NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft (raw, json)
Hash identifier: 4kENW+w3boe6nfl1kUeYj1piAzjz8fWKH9XXuMePs+I=
Subject key identifier: 19:42:35:E3:51:F1:23:E4:10:FE:CE:B6:3A:67:47:53:8F:DC:EA:5A
Authority key identifier: 34:DD:40:26:D2:90:F3:20:1D:28:EF:68:4D:3C:5A:C1:3C:96:EC:6D
Certificate issuer: /CN=34dd4026d290f3201d28ef684d3c5ac13c96ec6d
Certificate serial: 019CE5C85646BD5A09BEF95B68268767573A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NN1AJtKQ8yAdKO9oTTxawTyW7G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft
Manifest number: 03B3
Signing time: Fri 13 Mar 2026 06:00:37 +0000
Manifest this update: Fri 13 Mar 2026 06:00:37 +0000
Manifest next update: Sat 14 Mar 2026 06:00:37 +0000
Files and hashes: 1: 7ksTJ_jFitxF4bukC24j3eo_mx0.roa (hash: P5sZaUJcRIlYxIsN9061EjjltvsNE9PdjoK/NkSXYrQ=)
2: NN1AJtKQ8yAdKO9oTTxawTyW7G0.crl (hash: pBI3i51+qZICznBFWuq8XcjUS+tVq9oUCIbAg8n5kMU=)
3: jSMK0-DQ4LkW8HGxfeOZqpRoUDg.roa (hash: LbCW9qnhO4rcrIcNPyJRkz9sjQKYiVfJkLlpl6db0Mw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NN1AJtKQ8yAdKO9oTTxawTyW7G0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e5:c8:56:46:bd:5a:09:be:f9:5b:68:26:87:67:57:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34dd4026d290f3201d28ef684d3c5ac13c96ec6d
Validity
Not Before: Mar 13 06:00:37 2026 GMT
Not After : Mar 14 06:00:37 2026 GMT
Subject: CN=194235e351f123e410feceb63a6747538fdcea5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6f:c4:b6:4e:07:69:06:69:19:58:87:0b:4e:
10:03:93:2d:6a:1c:bc:d5:5f:a5:ba:f6:5a:02:38:
4d:0e:04:f2:e1:75:28:f4:c9:77:84:a4:ae:88:b9:
d8:04:25:f1:10:d8:1e:c1:03:4c:ec:1b:3b:c2:35:
35:19:a0:1a:54:26:96:c4:4e:63:ae:2a:f9:07:04:
b4:45:cb:16:93:9d:b1:24:a3:84:0e:8e:47:ec:50:
39:9f:14:4d:63:e7:2b:76:b8:94:ec:36:04:19:39:
9a:27:61:1d:e8:73:cc:69:7a:31:9d:75:ac:3b:73:
5c:30:30:9b:61:46:35:76:17:49:50:2c:25:15:63:
62:a3:f4:77:4f:a7:f9:9f:3e:2e:81:a4:3b:ab:00:
29:cf:57:cf:bd:b1:57:0d:08:db:e7:20:08:72:c5:
fa:b0:81:5e:7c:b1:6b:85:f3:36:d7:f8:cc:b1:f3:
17:7e:7b:00:5a:01:8b:ee:8a:c3:69:88:07:4a:aa:
5b:98:78:cf:fa:02:fe:fa:1d:9d:7f:68:14:c9:f7:
16:62:43:52:dc:26:45:8c:ba:1a:38:9a:bd:8a:24:
4d:12:45:dd:ca:db:eb:9f:9a:8b:54:48:2b:94:a3:
bb:f5:09:fa:db:63:52:62:19:24:5b:8a:ca:71:a9:
ff:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:42:35:E3:51:F1:23:E4:10:FE:CE:B6:3A:67:47:53:8F:DC:EA:5A
X509v3 Authority Key Identifier:
keyid:34:DD:40:26:D2:90:F3:20:1D:28:EF:68:4D:3C:5A:C1:3C:96:EC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NN1AJtKQ8yAdKO9oTTxawTyW7G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:2a:72:21:e4:1c:1b:dd:61:24:c9:de:c3:1e:07:12:23:9c:
2f:95:42:bf:a9:0c:b3:db:51:68:65:8d:79:4a:e8:71:d3:3b:
30:54:0e:fd:32:d1:07:8b:df:6e:4d:dc:f4:a2:87:c8:dc:4c:
e7:5a:3c:d1:40:1b:4f:29:60:3b:46:48:5d:c5:6c:a2:73:6e:
cc:c5:61:96:7f:a0:e1:05:11:55:b0:1a:43:c8:0f:74:4d:94:
39:57:21:00:f9:8c:38:10:da:10:df:69:e2:7d:e3:50:7b:5e:
fc:14:93:83:14:d2:ee:1f:69:69:f3:da:5f:d9:47:2e:ef:af:
4c:81:e2:22:99:a8:1f:4f:82:2c:c8:a7:29:ee:82:42:70:9c:
df:ee:21:a8:53:d5:e8:97:14:06:01:45:91:b8:d0:1d:a7:be:
ad:da:68:b6:81:c9:fa:84:a9:cb:fd:06:f3:1d:ba:c2:03:cd:
17:82:92:56:e6:66:63:1b:19:59:3f:5a:77:70:9c:3b:9d:45:
c5:ca:08:f8:8d:7f:80:74:4a:30:04:47:8a:cd:4e:25:2d:84:
33:94:bf:90:bf:75:a8:50:b8:e3:f2:47:fd:bd:4f:5c:1b:ce:
2b:54:32:84:5f:d7:e2:4d:da:49:44:a8:01:0d:bc:3c:8e:05:
f8:77:14:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzlyFZGvVoJvvlbaCaHZ1c6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZGQ0MDI2ZDI5MGYzMjAxZDI4ZWY2ODRkM2M1YWMxM2M5
NmVjNmQwHhcNMjYwMzEzMDYwMDM3WhcNMjYwMzE0MDYwMDM3WjAzMTEwLwYDVQQD
EygxOTQyMzVlMzUxZjEyM2U0MTBmZWNlYjYzYTY3NDc1MzhmZGNlYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2/Etk4HaQZpGViHC04QA5Mtahy8
1V+luvZaAjhNDgTy4XUo9Ml3hKSuiLnYBCXxENgewQNM7Bs7wjU1GaAaVCaWxE5j
rir5BwS0RcsWk52xJKOEDo5H7FA5nxRNY+crdriU7DYEGTmaJ2Ed6HPMaXoxnXWs
O3NcMDCbYUY1dhdJUCwlFWNio/R3T6f5nz4ugaQ7qwApz1fPvbFXDQjb5yAIcsX6
sIFefLFrhfM21/jMsfMXfnsAWgGL7orDaYgHSqpbmHjP+gL++h2df2gUyfcWYkNS
3CZFjLoaOJq9iiRNEkXdytvrn5qLVEgrlKO79Qn622NSYhkkW4rKcan/qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBlCNeNR8SPkEP7OtjpnR1OP3OpaMB8GA1UdIwQY
MBaAFDTdQCbSkPMgHSjvaE08WsE8luxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk4xQUp0S1E4eUFkS085b1RUeGF3VHlXN0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83MmE0MDUtMTU5OC00MDMzLThlMmIt
ODc4NTA3ZWQ0NmY3LzEvTk4xQUp0S1E4eUFkS085b1RUeGF3VHlXN0cwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83MmE0MDUtMTU5OC00MDMzLThlMmItODc4NTA3ZWQ0NmY3
LzEvTk4xQUp0S1E4eUFkS085b1RUeGF3VHlXN0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMipyIeQc
G91hJMnewx4HEiOcL5VCv6kMs9tRaGWNeUrocdM7MFQO/TLRB4vfbk3c9KKHyNxM
51o80UAbTylgO0ZIXcVsonNuzMVhln+g4QURVbAaQ8gPdE2UOVchAPmMOBDaEN9p
4n3jUHte/BSTgxTS7h9pafPaX9lHLu+vTIHiIpmoH0+CLMinKe6CQnCc3+4hqFPV
6JcUBgFFkbjQHae+rdpotoHJ+oSpy/0G8x26wgPNF4KSVuZmYxsZWT9ad3CcO51F
xcoI+I1/gHRKMARHis1OJS2EM5S/kL91qFC44/JH/b1PXBvOK1QyhF/X4k3aSUSo
AQ28PI4F+HcUIg==
-----END CERTIFICATE-----
Generated at Fri Mar 13 08:51:43 2026 by rpki-client