Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft
File: NYzSZ8VKP8IovKHe43LZbGA3PCc.mft (raw, json)
Hash identifier: RNYqsITYfNO/Vl3R2Jklp15QNcMqHfdlNpqba/Ex7gw=
Subject key identifier: 32:FB:36:61:0E:4C:DF:08:7A:1A:28:37:F4:CC:A7:4B:2B:68:3C:45
Authority key identifier: 35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27
Certificate issuer: /CN=358cd267c54a3fc228bca1dee372d96c60373c27
Certificate serial: 019DA90C43C784B25B3788AF70FE1CD897BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft
Manifest number: 01AA
Signing time: Mon 20 Apr 2026 04:00:46 +0000
Manifest this update: Mon 20 Apr 2026 04:00:46 +0000
Manifest next update: Tue 21 Apr 2026 04:00:46 +0000
Files and hashes: 1: 5AyUcUP8UFa03d6jQItDEbWXyi0.roa (hash: ZjaIy+ybGhKGWcrRG6dw/kl40YV5Z1/+6QWlVZn1AoA=)
2: NYzSZ8VKP8IovKHe43LZbGA3PCc.crl (hash: uIHWb7tAfM1xTuIbWPNB56w3U2um8wd5Rkn6qtioUWQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Apr 2026 04:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a9:0c:43:c7:84:b2:5b:37:88:af:70:fe:1c:d8:97:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=358cd267c54a3fc228bca1dee372d96c60373c27
Validity
Not Before: Apr 20 04:00:46 2026 GMT
Not After : Apr 21 04:00:46 2026 GMT
Subject: CN=32fb36610e4cdf087a1a2837f4cca74b2b683c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7d:e0:71:42:08:78:b6:3a:42:c4:65:70:05:
07:f2:c8:b5:7b:33:35:00:fe:3c:ec:3b:be:fc:fe:
af:a0:ca:5a:1d:2c:1f:b6:94:87:9d:a0:e5:72:27:
79:b1:c4:05:05:66:65:42:a5:0a:fb:d5:a7:c2:03:
b0:31:82:ce:5c:bb:01:9c:1f:98:67:3f:e9:5c:87:
5a:84:74:50:aa:42:d8:ee:bd:1d:59:01:73:50:2a:
09:af:59:8c:1b:fc:f1:10:bf:20:66:d4:e3:56:99:
3c:a9:64:7b:26:06:06:b8:e7:58:74:c3:e2:f3:cf:
fc:8e:6a:f3:a7:76:7a:3d:e5:ca:0f:b9:48:c6:f2:
83:3a:05:ff:9d:c6:b6:2e:9d:29:4b:d1:76:ad:51:
aa:0a:34:8e:62:99:cf:8b:ee:01:60:a3:45:32:10:
1c:9b:53:80:d3:24:eb:ee:96:96:c3:5d:fa:f3:dd:
b3:5b:6b:f1:36:f7:43:a7:25:ae:16:a5:39:e2:22:
87:89:e4:b4:34:d1:6b:80:9a:92:28:b9:0f:a7:c7:
33:f5:d6:9f:0f:b0:ca:74:ab:7a:20:c6:9e:13:5a:
25:43:ed:15:3e:93:9d:5a:e9:32:80:bc:0d:a7:bb:
e5:f1:69:57:0e:39:d2:fd:11:ab:c6:f6:ab:10:ff:
4e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:FB:36:61:0E:4C:DF:08:7A:1A:28:37:F4:CC:A7:4B:2B:68:3C:45
X509v3 Authority Key Identifier:
keyid:35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:3f:f6:33:44:97:7d:0f:c4:a3:2b:78:b5:2b:54:0c:6a:69:
ab:25:7c:2d:c2:40:0e:fc:e8:4c:9a:30:6c:4a:50:9a:86:cf:
95:56:08:67:fd:01:ec:94:88:e8:61:cc:e4:80:6d:20:18:b1:
74:38:b6:36:2a:08:ba:a3:03:e4:21:5b:35:48:8f:ab:80:02:
f0:b3:9d:a6:c7:01:61:22:ff:9c:2a:96:8d:ce:a1:9c:69:3a:
e3:b4:cb:8e:cb:6d:15:81:d1:a5:0a:cc:ba:3a:48:ea:f6:1f:
08:41:81:b9:d8:46:5d:99:25:7f:e2:26:2e:b3:b5:be:7f:70:
18:b4:a6:29:0a:a4:68:8b:07:32:c5:aa:bd:a8:28:cc:13:91:
83:03:ea:3e:c4:40:e5:d7:79:35:8f:06:09:88:18:49:8a:49:
5c:52:fc:2b:d6:25:59:08:7b:31:3f:e5:64:f4:b9:f6:2d:70:
65:45:3b:80:a6:d2:3a:a8:76:d6:ed:43:91:ff:bd:28:6b:1e:
b1:a4:bc:d4:93:ff:fb:31:8e:84:8f:cc:f1:97:4b:9f:2f:80:
0c:ac:83:44:00:8c:ab:03:66:cb:2a:9b:83:61:dc:7f:73:6c:
62:57:5d:28:25:ae:be:ea:ac:9c:98:e1:de:01:5e:4b:54:fd:
91:e1:ec:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2pDEPHhLJbN4ivcP4c2Je/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OGNkMjY3YzU0YTNmYzIyOGJjYTFkZWUzNzJkOTZjNjAz
NzNjMjcwHhcNMjYwNDIwMDQwMDQ2WhcNMjYwNDIxMDQwMDQ2WjAzMTEwLwYDVQQD
EygzMmZiMzY2MTBlNGNkZjA4N2ExYTI4MzdmNGNjYTc0YjJiNjgzYzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx33gcUIIeLY6QsRlcAUH8si1ezM1
AP487Du+/P6voMpaHSwftpSHnaDlcid5scQFBWZlQqUK+9WnwgOwMYLOXLsBnB+Y
Zz/pXIdahHRQqkLY7r0dWQFzUCoJr1mMG/zxEL8gZtTjVpk8qWR7JgYGuOdYdMPi
88/8jmrzp3Z6PeXKD7lIxvKDOgX/nca2Lp0pS9F2rVGqCjSOYpnPi+4BYKNFMhAc
m1OA0yTr7paWw136892zW2vxNvdDpyWuFqU54iKHieS0NNFrgJqSKLkPp8cz9daf
D7DKdKt6IMaeE1olQ+0VPpOdWukygLwNp7vl8WlXDjnS/RGrxvarEP9O8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDL7NmEOTN8IehooN/TMp0sraDxFMB8GA1UdIwQY
MBaAFDWM0mfFSj/CKLyh3uNy2WxgNzwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWIt
OGEyZTlhNDY4MTliLzEvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWItOGEyZTlhNDY4MTli
LzEvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtT/2M0SX
fQ/Eoyt4tStUDGppqyV8LcJADvzoTJowbEpQmobPlVYIZ/0B7JSI6GHM5IBtIBix
dDi2NioIuqMD5CFbNUiPq4AC8LOdpscBYSL/nCqWjc6hnGk647TLjsttFYHRpQrM
ujpI6vYfCEGBudhGXZklf+ImLrO1vn9wGLSmKQqkaIsHMsWqvagozBORgwPqPsRA
5dd5NY8GCYgYSYpJXFL8K9YlWQh7MT/lZPS59i1wZUU7gKbSOqh21u1Dkf+9KGse
saS81JP/+zGOhI/M8ZdLny+ADKyDRACMqwNmyyqbg2Hcf3NsYlddKCWuvuqsnJjh
3gFeS1T9keHsdg==
-----END CERTIFICATE-----
Generated at Mon Apr 20 13:04:22 2026 by rpki-client