Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
File: nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft (raw, json)
Hash identifier: JUPFNJ1Wocm3mv+/nZNb/sezcHYpinlq9grei1KUBp0=
Subject key identifier: 8A:89:87:38:FE:9E:4F:B8:B9:FE:E7:57:0D:89:13:CC:F8:CE:F3:22
Authority key identifier: 9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
Certificate issuer: /CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Certificate serial: 019D39AE8ADFFE2C86E78EC4AFF11B24407B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 13:00:33 +0000
Manifest this update: Sun 29 Mar 2026 13:00:33 +0000
Manifest next update: Mon 30 Mar 2026 13:00:33 +0000
Files and hashes: 1: nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl (hash: as8exLrcV1vzjliqY+uFCUtfWHc9EfZZWiZhK3nfdtg=)
2: yE7elJQcwCE2lQSAbWletTxQ5Qo.roa (hash: tKAft8gW1YvZxBPlZ5+27HK7UOl/JK2+eMjDk7cQl10=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 13:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:8a:df:fe:2c:86:e7:8e:c4:af:f1:1b:24:40:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Validity
Not Before: Mar 29 13:00:33 2026 GMT
Not After : Mar 30 13:00:33 2026 GMT
Subject: CN=8a898738fe9e4fb8b9fee7570d8913ccf8cef322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fc:07:03:47:76:d8:47:de:ad:fc:9e:d4:d8:
71:e6:04:ea:36:b8:91:aa:5d:01:29:15:ab:16:89:
ef:7e:b4:2a:f3:2b:f4:d2:8b:33:6d:1f:a9:d4:9b:
b8:70:3d:d7:86:1c:d1:79:31:9b:f1:55:04:db:d4:
35:ef:b5:a3:32:5f:71:4c:cd:36:c5:62:75:11:bf:
49:65:76:8b:75:00:5a:5f:d1:7b:83:2b:2d:1f:82:
8b:23:28:39:61:00:6e:53:d3:77:70:17:88:44:83:
bc:db:30:94:98:d0:27:e5:ac:e4:f6:9d:4a:d0:51:
c0:35:3e:a6:92:8b:e0:31:51:90:22:18:7d:88:15:
bc:15:be:e5:1f:b8:ac:00:6e:ee:d4:21:12:b6:54:
b4:7e:d7:62:2f:2c:c8:b0:52:b3:c4:0e:f8:ff:35:
07:53:7b:06:e1:61:89:6a:7b:a6:b5:87:26:e0:6b:
f6:1a:af:fb:ec:61:68:07:92:7c:10:2a:76:93:83:
c2:bb:8d:86:5c:cf:c3:cf:47:f7:1d:b7:32:6b:17:
e0:c0:83:19:78:da:59:9f:f3:f9:60:0e:a3:88:9f:
7e:2e:df:8d:a5:8a:78:09:18:90:f6:75:4a:28:42:
00:08:69:d8:9a:c2:3f:78:dc:66:a7:82:e5:70:e3:
d3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:89:87:38:FE:9E:4F:B8:B9:FE:E7:57:0D:89:13:CC:F8:CE:F3:22
X509v3 Authority Key Identifier:
keyid:9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:ee:d2:af:f8:36:ad:8e:51:77:a7:b4:11:00:f2:23:a6:d5:
e0:2e:80:39:d8:5d:7e:ce:d6:9e:8a:78:7b:5b:6f:f5:f5:56:
3c:a6:95:5e:2c:fe:e7:0f:32:9c:5e:1b:84:21:0c:83:59:69:
b3:af:10:65:0b:93:70:71:f7:c7:10:43:3d:64:b7:0b:40:4e:
37:e6:83:75:79:81:a3:fb:9b:9d:5a:47:c3:9c:55:49:49:fb:
57:91:ba:c4:d4:94:62:9c:61:8e:d9:a7:f8:97:14:93:46:6e:
01:bc:dc:13:e3:e6:71:ec:cd:38:0b:0b:28:0d:ed:72:b7:f4:
66:fa:53:dd:22:59:96:c7:71:3c:99:b0:67:b8:04:4b:13:d8:
89:c2:da:55:cb:3a:9c:33:b7:4e:69:cc:2b:2e:e9:af:dc:e6:
a0:3f:1e:a6:ae:e1:33:71:db:42:4b:82:36:dd:63:56:ec:ee:
1e:38:a3:6c:aa:32:6f:51:04:45:aa:7c:66:ae:36:39:a4:c4:
40:fa:8b:e7:db:b4:69:df:fe:3d:20:b8:7d:86:d5:d9:8c:e9:
92:9f:aa:6c:48:0b:17:4d:3a:b2:ee:48:0c:2f:8e:89:66:e2:
57:f3:29:d6:fa:86:a5:58:e5:4e:d9:d6:5f:64:33:32:df:cb:
de:ca:1c:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rorf/iyG547Er/EbJEB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjM5YzA4ZWFkOTRiYjA0ZmMzZTZiNGE2NWU2ZTFjN2Rj
ZjM4ZjQwHhcNMjYwMzI5MTMwMDMzWhcNMjYwMzMwMTMwMDMzWjAzMTEwLwYDVQQD
Eyg4YTg5ODczOGZlOWU0ZmI4YjlmZWU3NTcwZDg5MTNjY2Y4Y2VmMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/wHA0d22Eferfye1Nhx5gTqNriR
ql0BKRWrFonvfrQq8yv00oszbR+p1Ju4cD3XhhzReTGb8VUE29Q177WjMl9xTM02
xWJ1Eb9JZXaLdQBaX9F7gystH4KLIyg5YQBuU9N3cBeIRIO82zCUmNAn5azk9p1K
0FHANT6mkovgMVGQIhh9iBW8Fb7lH7isAG7u1CEStlS0ftdiLyzIsFKzxA74/zUH
U3sG4WGJanumtYcm4Gv2Gq/77GFoB5J8ECp2k4PCu42GXM/Dz0f3HbcyaxfgwIMZ
eNpZn/P5YA6jiJ9+Lt+NpYp4CRiQ9nVKKEIACGnYmsI/eNxmp4LlcOPTKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqJhzj+nk+4uf7nVw2JE8z4zvMiMB8GA1UdIwQY
MBaAFJ0jnAjq2UuwT8PmtKZebhx9zzj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAt
ZGJiMjkzMWEwZjY0LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAtZGJiMjkzMWEwZjY0
LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhu7Sr/g2
rY5Rd6e0EQDyI6bV4C6AOdhdfs7Wnop4e1tv9fVWPKaVXiz+5w8ynF4bhCEMg1lp
s68QZQuTcHH3xxBDPWS3C0BON+aDdXmBo/ubnVpHw5xVSUn7V5G6xNSUYpxhjtmn
+JcUk0ZuAbzcE+PmcezNOAsLKA3tcrf0ZvpT3SJZlsdxPJmwZ7gESxPYicLaVcs6
nDO3TmnMKy7pr9zmoD8epq7hM3HbQkuCNt1jVuzuHjijbKoyb1EERap8Zq42OaTE
QPqL59u0ad/+PSC4fYbV2Yzpkp+qbEgLF006su5IDC+OiWbiV/Mp1vqGpVjlTtnW
X2QzMt/L3socfA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:22:23 2026 by rpki-client