Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft
File: NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft (raw, json)
Hash identifier: NqyDCwyZ+4+351gxUehFycD7sxpMk+1XIqSeniVey4w=
Subject key identifier: B5:BB:6E:59:93:5A:E4:6E:BD:A0:AB:7C:05:D8:48:23:BB:AF:07:B9
Authority key identifier: 34:DD:40:26:D2:90:F3:20:1D:28:EF:68:4D:3C:5A:C1:3C:96:EC:6D
Certificate issuer: /CN=34dd4026d290f3201d28ef684d3c5ac13c96ec6d
Certificate serial: 019DCD878E2B3BE5BB7019BEF56D4B7FF372
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NN1AJtKQ8yAdKO9oTTxawTyW7G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft
Manifest number: 042B
Signing time: Mon 27 Apr 2026 06:01:46 +0000
Manifest this update: Mon 27 Apr 2026 06:01:46 +0000
Manifest next update: Tue 28 Apr 2026 06:01:46 +0000
Files and hashes: 1: 7ksTJ_jFitxF4bukC24j3eo_mx0.roa (hash: P5sZaUJcRIlYxIsN9061EjjltvsNE9PdjoK/NkSXYrQ=)
2: NN1AJtKQ8yAdKO9oTTxawTyW7G0.crl (hash: Jg5ukFb/f+c3C6or+ylrJNzk/ZhMBJ3DlwmFc05PDlU=)
3: jSMK0-DQ4LkW8HGxfeOZqpRoUDg.roa (hash: LbCW9qnhO4rcrIcNPyJRkz9sjQKYiVfJkLlpl6db0Mw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NN1AJtKQ8yAdKO9oTTxawTyW7G0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 06:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cd:87:8e:2b:3b:e5:bb:70:19:be:f5:6d:4b:7f:f3:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34dd4026d290f3201d28ef684d3c5ac13c96ec6d
Validity
Not Before: Apr 27 06:01:46 2026 GMT
Not After : Apr 28 06:01:46 2026 GMT
Subject: CN=b5bb6e59935ae46ebda0ab7c05d84823bbaf07b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a7:8b:18:f4:40:69:0f:03:69:4b:b4:db:be:
d6:cb:71:6c:77:56:06:97:11:4f:77:b1:7e:7c:e5:
b3:33:70:fb:79:83:d1:8e:50:15:2f:8f:c8:4e:ef:
68:04:9f:dd:e4:1a:c1:0d:89:cd:66:6e:c3:8f:c6:
16:34:fb:1a:26:3d:5b:d8:c8:1d:f2:36:97:fe:60:
f2:04:d5:48:d2:e9:af:09:af:79:63:27:c0:8c:b5:
f9:69:ea:72:6a:c4:a6:04:d6:0b:a2:a0:73:67:36:
40:3e:91:db:de:17:f1:ee:a7:ce:06:24:58:cd:ec:
79:cd:ff:19:d5:50:e5:36:aa:67:e7:f6:a6:bd:f8:
aa:01:a1:be:d4:ea:53:d2:4c:d8:6a:e9:3b:ee:b4:
bf:28:cb:cb:87:00:63:f5:b8:9b:16:3f:f4:b5:a6:
5e:1e:e1:2e:72:a6:3b:0f:b9:f7:c7:4c:10:2a:c7:
43:b6:ed:08:98:8b:22:87:e3:bc:36:e6:7f:c3:9e:
33:b4:98:1e:04:05:de:32:08:e7:08:ee:80:64:99:
48:6f:8b:1a:48:75:46:e3:b7:3a:97:63:4a:c1:85:
4d:68:64:3a:4d:25:98:8b:72:c9:9b:54:51:2b:be:
d9:25:34:e8:2d:27:c5:35:5e:e9:e1:36:c7:f3:c9:
5a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BB:6E:59:93:5A:E4:6E:BD:A0:AB:7C:05:D8:48:23:BB:AF:07:B9
X509v3 Authority Key Identifier:
keyid:34:DD:40:26:D2:90:F3:20:1D:28:EF:68:4D:3C:5A:C1:3C:96:EC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NN1AJtKQ8yAdKO9oTTxawTyW7G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:9b:92:ac:29:8b:05:91:df:e5:5a:f8:5d:43:bc:64:e5:f7:
39:a4:e4:81:54:44:a7:cf:4a:18:8e:84:f1:bc:be:b6:8c:35:
c0:08:4f:72:78:5d:d4:97:0c:51:67:d5:1b:d5:f9:3b:0f:13:
cd:20:db:c6:66:7f:fa:0b:ad:fc:86:6c:05:9c:e3:fa:4b:b8:
7e:04:13:7f:3c:aa:5e:c1:a1:e1:20:39:2e:77:ac:fd:6d:e5:
ec:d1:60:6a:58:d2:09:e5:86:c0:c1:f6:ba:7d:12:97:a1:b6:
b5:4e:94:7e:4a:2f:56:0d:76:13:42:62:de:ad:ed:b5:43:82:
a7:6a:84:83:41:a9:91:06:90:5f:d5:f7:03:dc:aa:c5:bb:53:
aa:ca:8c:72:c8:26:9d:eb:5e:bb:de:49:05:3c:52:b4:e6:e3:
15:be:3f:ef:8f:2c:3c:ef:dc:14:61:fc:f2:76:71:aa:f3:de:
c0:f4:90:b8:cc:3e:56:85:ef:bb:09:69:08:69:57:34:1e:bb:
87:20:ac:39:c7:97:f5:56:e5:00:94:66:97:8e:d1:0a:fc:b3:
52:eb:d3:f0:a3:b4:c5:d0:f1:9d:29:f0:d2:93:03:d8:ac:0c:
65:14:4d:1e:63:f5:52:fa:c1:42:0c:9c:14:cb:0b:3f:b7:09:
46:f8:d2:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3Nh44rO+W7cBm+9W1Lf/NyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZGQ0MDI2ZDI5MGYzMjAxZDI4ZWY2ODRkM2M1YWMxM2M5
NmVjNmQwHhcNMjYwNDI3MDYwMTQ2WhcNMjYwNDI4MDYwMTQ2WjAzMTEwLwYDVQQD
EyhiNWJiNmU1OTkzNWFlNDZlYmRhMGFiN2MwNWQ4NDgyM2JiYWYwN2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaeLGPRAaQ8DaUu0277Wy3Fsd1YG
lxFPd7F+fOWzM3D7eYPRjlAVL4/ITu9oBJ/d5BrBDYnNZm7Dj8YWNPsaJj1b2Mgd
8jaX/mDyBNVI0umvCa95YyfAjLX5aepyasSmBNYLoqBzZzZAPpHb3hfx7qfOBiRY
zex5zf8Z1VDlNqpn5/amvfiqAaG+1OpT0kzYauk77rS/KMvLhwBj9bibFj/0taZe
HuEucqY7D7n3x0wQKsdDtu0ImIsih+O8NuZ/w54ztJgeBAXeMgjnCO6AZJlIb4sa
SHVG47c6l2NKwYVNaGQ6TSWYi3LJm1RRK77ZJTToLSfFNV7p4TbH88laVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLW7blmTWuRuvaCrfAXYSCO7rwe5MB8GA1UdIwQY
MBaAFDTdQCbSkPMgHSjvaE08WsE8luxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk4xQUp0S1E4eUFkS085b1RUeGF3VHlXN0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83MmE0MDUtMTU5OC00MDMzLThlMmIt
ODc4NTA3ZWQ0NmY3LzEvTk4xQUp0S1E4eUFkS085b1RUeGF3VHlXN0cwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83MmE0MDUtMTU5OC00MDMzLThlMmItODc4NTA3ZWQ0NmY3
LzEvTk4xQUp0S1E4eUFkS085b1RUeGF3VHlXN0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE5uSrCmL
BZHf5Vr4XUO8ZOX3OaTkgVREp89KGI6E8by+tow1wAhPcnhd1JcMUWfVG9X5Ow8T
zSDbxmZ/+gut/IZsBZzj+ku4fgQTfzyqXsGh4SA5Lnes/W3l7NFgaljSCeWGwMH2
un0Sl6G2tU6UfkovVg12E0Ji3q3ttUOCp2qEg0GpkQaQX9X3A9yqxbtTqsqMcsgm
neteu95JBTxStObjFb4/748sPO/cFGH88nZxqvPewPSQuMw+VoXvuwlpCGlXNB67
hyCsOceX9VblAJRml47RCvyzUuvT8KO0xdDxnSnw0pMD2KwMZRRNHmP1UvrBQgyc
FMsLP7cJRvjSLA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 16:14:47 2026 by rpki-client