Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
File: nB7k05z6obOseZwX94grjOTigSA.mft (raw, json)
Hash identifier: ZOtNkJSd44py8GK2HC/531uKJzkUQ5qqy9x9GXuoHGw=
Subject key identifier: 4A:D3:E5:E4:49:7A:3C:6E:15:75:1D:A6:77:80:8D:13:2C:F0:2B:0D
Authority key identifier: 9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20
Certificate issuer: /CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
Certificate serial: 019D37F789250491E185C656587080AC525F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
Manifest number: 0B42
Signing time: Sun 29 Mar 2026 05:01:02 +0000
Manifest this update: Sun 29 Mar 2026 05:01:02 +0000
Manifest next update: Mon 30 Mar 2026 05:01:02 +0000
Files and hashes: 1: D6BGr-5dJZvETpMbA__Q61SK3f4.roa (hash: zOFmPuRjAmwk6FKGKP0FAzMgJQg9lT91lc24vYQHaUc=)
2: nB7k05z6obOseZwX94grjOTigSA.crl (hash: llxUlp+7U7K7hAMKy6NLKIJZNgHdf5ag5lj2PDsyfLk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:89:25:04:91:e1:85:c6:56:58:70:80:ac:52:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
Validity
Not Before: Mar 29 05:01:02 2026 GMT
Not After : Mar 30 05:01:02 2026 GMT
Subject: CN=4ad3e5e4497a3c6e15751da677808d132cf02b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2a:0e:c9:32:54:55:6e:cf:48:ea:cd:2b:ca:
dc:86:4b:28:97:73:c6:46:27:2b:2e:25:b6:36:f0:
d3:b3:73:55:0c:6f:ce:01:9e:07:99:83:eb:07:04:
27:14:db:31:66:70:d5:8c:b3:c9:e1:56:57:25:45:
60:75:1d:c5:0b:45:d0:9d:cf:32:58:90:c7:99:b0:
55:9e:59:ae:71:e1:fc:01:13:43:fc:9c:56:de:d6:
3b:79:00:a7:78:91:63:32:ea:9a:05:64:0b:2c:fb:
e2:4d:08:90:b0:97:12:9b:23:cf:9d:60:b0:10:9d:
95:bb:48:33:6c:51:9a:f6:5c:48:d4:e2:26:b3:a0:
c8:0d:30:29:4a:ac:2c:22:d3:97:b9:10:da:45:a8:
b2:7a:76:19:1b:41:8c:3c:03:19:8b:7e:50:68:8c:
b3:87:e2:be:72:25:f2:26:b0:16:4a:ef:35:f1:dc:
9b:f3:78:35:b3:33:20:db:76:7b:59:06:d5:ed:f6:
c7:c6:e9:33:7a:a7:d9:1e:51:ef:58:46:f6:83:6c:
43:1f:fa:87:91:f1:e7:5e:6c:ab:aa:a6:60:72:ba:
2b:23:0b:28:51:c8:3e:47:ed:6d:94:e1:40:ba:20:
3a:7d:ef:0a:57:da:25:7d:42:af:e1:65:b2:9b:46:
77:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D3:E5:E4:49:7A:3C:6E:15:75:1D:A6:77:80:8D:13:2C:F0:2B:0D
X509v3 Authority Key Identifier:
keyid:9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:5d:4a:1a:27:fa:b8:f2:83:dd:86:a4:b8:39:bb:7b:cb:60:
be:53:e3:0f:42:d7:de:8c:8f:74:6b:3f:78:d8:1a:2b:7e:9d:
f6:5f:d5:8d:09:1c:63:14:19:e7:6e:9b:9a:6c:3a:c3:9b:c7:
05:2d:64:6f:7a:ef:c3:a2:b0:b2:08:0c:19:43:45:bb:4b:56:
f9:a3:f9:b6:d2:9b:af:f8:d9:61:b0:7e:4e:45:70:ac:f3:d8:
16:b1:fa:65:6f:b4:ef:27:2d:57:90:8b:1b:b9:98:9d:f9:2c:
7a:8e:ab:42:e6:9c:40:e1:19:63:44:f8:21:e7:11:0a:10:65:
ab:a3:89:f8:47:71:ee:32:10:8a:b6:1e:0e:73:dc:e1:07:49:
5c:8f:be:bc:a2:e7:c4:79:1a:da:f3:83:1b:ed:5e:57:78:ba:
54:74:62:b6:3f:97:0f:77:bc:02:a8:ed:32:d4:d0:91:e2:3b:
29:bd:23:fe:f1:5b:b7:f3:fa:e8:63:f1:68:a3:ba:0b:7c:87:
9b:31:43:ed:4f:18:1d:5a:9d:53:d2:5e:3e:13:4d:d0:62:91:
30:00:97:72:f5:d2:13:4d:b1:f2:be:18:f8:c8:53:2d:51:8d:
08:e3:48:60:93:ef:51:96:d1:a7:ba:1a:3a:2d:60:43:21:ae:
be:ef:e9:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0394klBJHhhcZWWHCArFJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWVlNGQzOWNmYWExYjNhYzc5OWMxN2Y3ODgyYjhjZTRl
MjgxMjAwHhcNMjYwMzI5MDUwMTAyWhcNMjYwMzMwMDUwMTAyWjAzMTEwLwYDVQQD
Eyg0YWQzZTVlNDQ5N2EzYzZlMTU3NTFkYTY3NzgwOGQxMzJjZjAyYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSoOyTJUVW7PSOrNK8rchksol3PG
RicrLiW2NvDTs3NVDG/OAZ4HmYPrBwQnFNsxZnDVjLPJ4VZXJUVgdR3FC0XQnc8y
WJDHmbBVnlmuceH8ARND/JxW3tY7eQCneJFjMuqaBWQLLPviTQiQsJcSmyPPnWCw
EJ2Vu0gzbFGa9lxI1OIms6DIDTApSqwsItOXuRDaRaiyenYZG0GMPAMZi35QaIyz
h+K+ciXyJrAWSu818dyb83g1szMg23Z7WQbV7fbHxukzeqfZHlHvWEb2g2xDH/qH
kfHnXmyrqqZgcrorIwsoUcg+R+1tlOFAuiA6fe8KV9olfUKv4WWym0Z3nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFErT5eRJejxuFXUdpneAjRMs8CsNMB8GA1UdIwQY
MBaAFJwe5NOc+qGzrHmcF/eIK4zk4oEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAt
YmQ0NjVjZTcxMWJiLzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAtYmQ0NjVjZTcxMWJi
LzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOF1KGif6
uPKD3YakuDm7e8tgvlPjD0LX3oyPdGs/eNgaK36d9l/VjQkcYxQZ526bmmw6w5vH
BS1kb3rvw6KwsggMGUNFu0tW+aP5ttKbr/jZYbB+TkVwrPPYFrH6ZW+07yctV5CL
G7mYnfkseo6rQuacQOEZY0T4IecRChBlq6OJ+Edx7jIQirYeDnPc4QdJXI++vKLn
xHka2vODG+1eV3i6VHRitj+XD3e8AqjtMtTQkeI7Kb0j/vFbt/P66GPxaKO6C3yH
mzFD7U8YHVqdU9JePhNN0GKRMACXcvXSE02x8r4Y+MhTLVGNCONIYJPvUZbRp7oa
Oi1gQyGuvu/p9Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:39:05 2026 by rpki-client