Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
File: NQtAztNuMfkF4abo4DxiHp-_yyk.mft (raw, json)
Hash identifier: 4zef6B85m+i16jPOLmcZNE8ZctTcPSQShFPziXyVlTE=
Subject key identifier: F4:A9:6B:F8:DA:87:A0:3D:24:2F:6C:FE:4C:69:1B:8A:F3:53:E5:DF
Authority key identifier: 35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
Certificate issuer: /CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Certificate serial: 019D37C0A6A0F6A4565C12C3E219AB8C23C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
Manifest number: 15CC
Signing time: Sun 29 Mar 2026 04:01:05 +0000
Manifest this update: Sun 29 Mar 2026 04:01:05 +0000
Manifest next update: Mon 30 Mar 2026 04:01:05 +0000
Files and hashes: 1: FGksGgzRp3dqx5JNslhPDHOeSF8.roa (hash: Ae+SgijVIMWeitkLixTQZhBAwcIx6R8bn51UQHedapk=)
2: NQtAztNuMfkF4abo4DxiHp-_yyk.crl (hash: 80wXGuyIzl59DkJMmnjkfbGc4FQj3oh3mTWIRPO98XE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:a6:a0:f6:a4:56:5c:12:c3:e2:19:ab:8c:23:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Validity
Not Before: Mar 29 04:01:05 2026 GMT
Not After : Mar 30 04:01:05 2026 GMT
Subject: CN=f4a96bf8da87a03d242f6cfe4c691b8af353e5df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:33:5b:4e:7f:97:09:22:5c:64:3a:d6:f1:4b:
7c:05:96:a7:49:90:fb:db:b0:f4:30:48:46:87:b1:
b2:0c:6c:3d:c1:ff:99:26:6d:45:b4:e6:8d:b3:60:
e4:08:fc:9b:4b:19:5a:99:c9:9c:ac:1d:2b:37:60:
11:10:09:2d:30:76:da:a5:86:4b:f2:ee:32:57:86:
b3:c1:cd:2c:c4:58:f2:e4:fc:88:ee:b2:74:74:27:
37:24:c3:df:9c:23:9a:6f:0b:20:cc:d5:77:5d:24:
25:39:3e:82:eb:6e:15:5d:8a:0a:d5:5e:11:bb:5b:
50:6e:d1:36:3b:e7:24:80:a7:09:0f:c0:fe:9a:30:
8d:6f:9b:8c:f2:29:9c:a6:b0:b1:b8:13:26:e1:42:
b7:54:9e:d7:45:07:69:8a:8a:58:1b:65:42:53:11:
9c:14:1e:e0:7e:97:a1:97:98:8c:ae:32:74:b7:f8:
8a:39:f9:a9:62:fd:1c:12:37:40:47:77:98:83:56:
e6:0e:63:f9:7e:2c:2c:cd:7c:b7:5b:25:b9:88:af:
42:7d:3b:19:7d:93:27:57:e7:57:a1:21:d8:a6:0d:
b8:da:40:01:5d:55:56:6c:c6:95:cb:e1:af:19:7b:
c5:bb:23:ff:26:c0:2e:d7:eb:20:3f:92:f0:29:d6:
91:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A9:6B:F8:DA:87:A0:3D:24:2F:6C:FE:4C:69:1B:8A:F3:53:E5:DF
X509v3 Authority Key Identifier:
keyid:35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:75:af:3c:cd:d5:33:24:f0:e3:d1:50:d8:f9:cf:b5:91:6e:
fe:f2:f7:ef:ff:29:25:f1:e4:34:8c:c3:e9:15:7d:ec:fb:57:
0c:b6:aa:82:0b:74:12:b2:07:d6:f8:f5:82:72:9e:2f:cb:4e:
ed:0e:05:59:1e:76:42:ff:86:7c:bc:e9:7a:59:a1:c3:70:d0:
b2:70:b5:9a:0f:29:ba:d2:03:40:f4:3c:ca:5d:a5:b2:f4:11:
0e:a4:55:e9:5d:c9:94:db:24:ee:5a:4c:b6:4c:95:38:fe:cc:
07:fc:4e:af:ab:66:6b:98:6c:ae:c4:86:54:2b:b7:2a:27:4c:
78:14:af:24:1e:dd:0f:f9:60:11:47:8e:61:bb:c4:c9:f7:92:
3d:05:80:ea:b0:ac:1a:9e:13:26:0f:0b:88:4b:62:83:df:4d:
88:e5:bd:f6:e5:b7:07:f6:ae:0b:8e:29:30:14:a4:6f:01:96:
b5:8f:56:10:7f:8e:fb:66:48:b0:52:59:e4:57:03:f8:e0:57:
e9:d8:24:b7:1d:4c:6a:ce:da:9f:13:59:52:ed:29:ed:d2:46:
41:db:28:5c:af:fc:7f:0a:f0:df:53:6e:f2:c3:11:ba:d0:ee:
65:e1:0d:3a:48:89:92:7c:3f:cf:55:c9:6d:20:0e:cb:1e:7b:
fa:b6:ef:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wKag9qRWXBLD4hmrjCPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGI0MGNlZDM2ZTMxZjkwNWUxYTZlOGUwM2M2MjFlOWZi
ZmNiMjkwHhcNMjYwMzI5MDQwMTA1WhcNMjYwMzMwMDQwMTA1WjAzMTEwLwYDVQQD
EyhmNGE5NmJmOGRhODdhMDNkMjQyZjZjZmU0YzY5MWI4YWYzNTNlNWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDNbTn+XCSJcZDrW8Ut8BZanSZD7
27D0MEhGh7GyDGw9wf+ZJm1FtOaNs2DkCPybSxlamcmcrB0rN2AREAktMHbapYZL
8u4yV4azwc0sxFjy5PyI7rJ0dCc3JMPfnCOabwsgzNV3XSQlOT6C624VXYoK1V4R
u1tQbtE2O+ckgKcJD8D+mjCNb5uM8imcprCxuBMm4UK3VJ7XRQdpiopYG2VCUxGc
FB7gfpehl5iMrjJ0t/iKOfmpYv0cEjdAR3eYg1bmDmP5fiwszXy3WyW5iK9CfTsZ
fZMnV+dXoSHYpg242kABXVVWbMaVy+GvGXvFuyP/JsAu1+sgP5LwKdaR1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSpa/jah6A9JC9s/kxpG4rzU+XfMB8GA1UdIwQY
MBaAFDULQM7TbjH5BeGm6OA8Yh6fv8spMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTkt
NzJmNmNhNzU3YTA4LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTktNzJmNmNhNzU3YTA4
LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHXWvPM3V
MyTw49FQ2PnPtZFu/vL37/8pJfHkNIzD6RV97PtXDLaqggt0ErIH1vj1gnKeL8tO
7Q4FWR52Qv+GfLzpelmhw3DQsnC1mg8putIDQPQ8yl2lsvQRDqRV6V3JlNsk7lpM
tkyVOP7MB/xOr6tma5hsrsSGVCu3KidMeBSvJB7dD/lgEUeOYbvEyfeSPQWA6rCs
Gp4TJg8LiEtig99NiOW99uW3B/auC44pMBSkbwGWtY9WEH+O+2ZIsFJZ5FcD+OBX
6dgktx1Mas7anxNZUu0p7dJGQdsoXK/8fwrw31Nu8sMRutDuZeENOkiJknw/z1XJ
bSAOyx57+rbv1A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:46:43 2026 by rpki-client