Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft
File: NYzSZ8VKP8IovKHe43LZbGA3PCc.mft (raw, json)
Hash identifier: DM4kX0Jp3GLJkS/3OphbKuSPHsqm3SKOCqiKTvl8tf0=
Subject key identifier: 3D:99:AB:76:FF:0A:7D:63:21:BC:C5:73:63:89:19:A6:66:BD:F4:B8
Authority key identifier: 35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27
Certificate issuer: /CN=358cd267c54a3fc228bca1dee372d96c60373c27
Certificate serial: 019CBB82F3CBBB8015E7EA08B3E393596AAD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft
Manifest number: 012F
Signing time: Thu 05 Mar 2026 01:00:47 +0000
Manifest this update: Thu 05 Mar 2026 01:00:47 +0000
Manifest next update: Fri 06 Mar 2026 01:00:47 +0000
Files and hashes: 1: 5AyUcUP8UFa03d6jQItDEbWXyi0.roa (hash: ZjaIy+ybGhKGWcrRG6dw/kl40YV5Z1/+6QWlVZn1AoA=)
2: NYzSZ8VKP8IovKHe43LZbGA3PCc.crl (hash: EwQWxYKNMJQRgCVnM+YVgsX8smQTFTp4dax3JVBh39M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 19:55:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bb:82:f3:cb:bb:80:15:e7:ea:08:b3:e3:93:59:6a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=358cd267c54a3fc228bca1dee372d96c60373c27
Validity
Not Before: Mar 5 01:00:47 2026 GMT
Not After : Mar 6 01:00:47 2026 GMT
Subject: CN=3d99ab76ff0a7d6321bcc573638919a666bdf4b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7d:ad:e7:6b:b1:34:09:48:c8:be:c2:39:71:
eb:20:1d:1d:e5:60:d0:bf:05:0b:ac:c5:46:f5:0a:
e9:4d:47:51:4e:f7:2b:c8:fc:c5:07:53:c7:f7:8f:
13:0b:b9:b6:e0:1b:d9:2c:17:35:28:d7:4d:38:33:
c1:6d:6f:50:cf:25:3c:60:9d:eb:8f:ba:b8:24:8a:
5e:03:88:3a:f5:f9:83:77:25:be:2c:14:e5:a7:5a:
be:5b:3a:ba:3b:6b:b5:f6:b5:79:7f:ec:73:1e:da:
a9:e8:d2:6a:ab:98:6f:d2:53:3b:72:3c:8c:7d:8c:
b5:5c:85:2f:b6:0d:15:cb:7c:22:68:46:a3:4d:56:
15:c7:00:8c:a4:1c:43:7b:b0:29:8c:65:e8:e2:99:
33:9e:9c:62:d6:d4:af:2d:f5:f4:26:d2:d0:88:be:
dd:17:3a:4a:b1:7e:f2:0a:d9:01:70:da:2d:80:a3:
28:26:4a:ab:b0:56:ee:ac:66:55:de:f0:9a:7d:7d:
68:60:b6:ef:cb:c1:ba:d8:a1:ed:6a:a6:f4:0e:ae:
6a:06:4b:c1:b3:fe:fb:be:dd:20:0e:87:c8:29:b0:
cb:0c:1f:87:e9:aa:9f:f9:a5:dc:a2:60:35:d9:f4:
5c:6f:89:05:ad:bc:2d:d2:8c:80:51:55:0e:f7:72:
be:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:99:AB:76:FF:0A:7D:63:21:BC:C5:73:63:89:19:A6:66:BD:F4:B8
X509v3 Authority Key Identifier:
keyid:35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:72:b2:16:49:f8:ef:3f:46:ef:f7:9f:24:b9:f7:f6:34:58:
13:99:ea:d0:29:51:20:e0:97:51:d0:b5:4d:ac:46:fe:50:01:
bc:1d:b5:64:5c:e2:ba:ea:9e:cc:49:ea:23:09:7b:94:99:d5:
30:65:e6:a3:a4:44:9d:b3:09:fd:b4:9e:92:6a:3c:5d:62:bb:
5e:73:61:13:22:d9:9f:8a:93:d9:71:9b:e2:bb:b4:c8:61:46:
5f:03:0f:03:3a:e1:69:e4:a3:a1:40:42:0f:c2:e3:a1:db:59:
2f:02:aa:77:bb:15:c6:b3:e4:07:f7:81:f6:bb:81:11:4c:0d:
db:66:5f:35:98:37:16:f1:9e:c1:65:30:9c:0a:74:32:22:ee:
59:30:af:09:df:c2:96:0f:78:c2:5e:a8:bd:68:76:c0:fc:85:
d0:91:78:13:c0:df:48:88:69:9f:30:43:fa:65:f4:77:31:1a:
0e:c3:77:de:c3:cb:a4:91:4f:1d:82:fd:93:c7:74:5c:1e:73:
e2:70:73:5a:20:28:ff:77:34:d0:c9:21:a8:dd:58:16:e2:ad:
77:85:81:0a:17:28:82:c1:40:b6:3e:ba:b5:b0:ed:a0:ee:82:
fd:3d:cf:0b:d2:27:4a:98:f4:a9:e4:38:48:81:89:8c:50:a0:
85:92:ae:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZy7gvPLu4AV5+oIs+OTWWqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OGNkMjY3YzU0YTNmYzIyOGJjYTFkZWUzNzJkOTZjNjAz
NzNjMjcwHhcNMjYwMzA1MDEwMDQ3WhcNMjYwMzA2MDEwMDQ3WjAzMTEwLwYDVQQD
EygzZDk5YWI3NmZmMGE3ZDYzMjFiY2M1NzM2Mzg5MTlhNjY2YmRmNGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw32t52uxNAlIyL7COXHrIB0d5WDQ
vwULrMVG9QrpTUdRTvcryPzFB1PH948TC7m24BvZLBc1KNdNODPBbW9QzyU8YJ3r
j7q4JIpeA4g69fmDdyW+LBTlp1q+Wzq6O2u19rV5f+xzHtqp6NJqq5hv0lM7cjyM
fYy1XIUvtg0Vy3wiaEajTVYVxwCMpBxDe7ApjGXo4pkznpxi1tSvLfX0JtLQiL7d
FzpKsX7yCtkBcNotgKMoJkqrsFburGZV3vCafX1oYLbvy8G62KHtaqb0Dq5qBkvB
s/77vt0gDofIKbDLDB+H6aqf+aXcomA12fRcb4kFrbwt0oyAUVUO93K+MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2Zq3b/Cn1jIbzFc2OJGaZmvfS4MB8GA1UdIwQY
MBaAFDWM0mfFSj/CKLyh3uNy2WxgNzwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWIt
OGEyZTlhNDY4MTliLzEvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWItOGEyZTlhNDY4MTli
LzEvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALHKyFkn4
7z9G7/efJLn39jRYE5nq0ClRIOCXUdC1TaxG/lABvB21ZFziuuqezEnqIwl7lJnV
MGXmo6REnbMJ/bSekmo8XWK7XnNhEyLZn4qT2XGb4ru0yGFGXwMPAzrhaeSjoUBC
D8LjodtZLwKqd7sVxrPkB/eB9ruBEUwN22ZfNZg3FvGewWUwnAp0MiLuWTCvCd/C
lg94wl6ovWh2wPyF0JF4E8DfSIhpnzBD+mX0dzEaDsN33sPLpJFPHYL9k8d0XB5z
4nBzWiAo/3c00MkhqN1YFuKtd4WBChcogsFAtj66tbDtoO6C/T3PC9InSpj0qeQ4
SIGJjFCghZKuYg==
-----END CERTIFICATE-----
Generated at Thu Mar 5 04:44:57 2026 by rpki-client