Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
File: nSh1M866BkWhSM8QyMJ-qachoJ0.mft (raw, json)
Hash identifier: D3gEhN8joQOEHCI1VAnGFK4FRKE0eyDlYD4+nd7ad+Q=
Subject key identifier: 5F:6C:BB:64:1A:6D:58:70:38:2D:EE:0D:B4:8D:98:0C:CA:92:57:B2
Authority key identifier: 9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
Certificate issuer: /CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Certificate serial: 019D37C049DD1EFBDA1A2BEFCAD2F5362998
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
Manifest number: 188E
Signing time: Sun 29 Mar 2026 04:00:41 +0000
Manifest this update: Sun 29 Mar 2026 04:00:41 +0000
Manifest next update: Mon 30 Mar 2026 04:00:41 +0000
Files and hashes: 1: 54EH0AkM2oIGqv7eAmOmOB-xeho.roa (hash: NM/JAZ4ZRze3goIGV4nxJHsbs+egnPq8XUH12SQCKoo=)
2: dqQcATTiVDcYhuyOfiuaEN-dzH0.roa (hash: vdWyxZWoqaf18qoRAgHeLHy8Ubdk/kl3p3xQIpz4Who=)
3: nSh1M866BkWhSM8QyMJ-qachoJ0.crl (hash: BD0otQOKqzGYe1BeZySCombzNvVyQnjNZ2jPYkkBZMs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:49:dd:1e:fb:da:1a:2b:ef:ca:d2:f5:36:29:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Validity
Not Before: Mar 29 04:00:41 2026 GMT
Not After : Mar 30 04:00:41 2026 GMT
Subject: CN=5f6cbb641a6d5870382dee0db48d980cca9257b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7c:52:09:23:08:d3:f1:a3:26:0e:3d:71:f3:
23:0a:0e:98:34:68:f6:98:58:fd:18:42:ce:64:24:
8f:00:cd:dc:00:41:1d:e2:bc:4d:1a:3b:ba:05:40:
0f:cc:be:d2:eb:3f:5f:d9:99:0e:14:b9:07:d9:4b:
f6:cc:09:c1:c2:55:bd:09:91:67:e2:78:94:19:b2:
70:b3:9f:7a:da:b0:90:da:0b:7c:ee:2e:2e:d8:e8:
09:43:64:5c:3d:bc:2b:5e:bd:a6:f2:e8:83:3c:73:
7e:2c:e9:d4:10:a7:1c:6d:e1:12:19:88:02:a5:43:
88:18:5b:76:c0:0f:23:95:1c:df:54:ba:d0:65:7a:
1c:c4:86:4f:44:11:0a:39:d0:3c:7f:ac:47:a1:f8:
6d:ae:69:a5:4c:51:09:02:9a:6d:04:a0:31:7c:5a:
22:8e:7d:a9:32:68:cf:eb:c6:42:ec:97:5d:36:bd:
b6:b4:95:4e:24:75:15:c0:c8:8f:f1:f1:3c:4b:75:
08:49:67:eb:6d:ad:ed:9e:f0:9e:fb:8f:73:29:a6:
ce:67:0f:5f:a6:43:d5:16:69:80:16:db:9b:72:bf:
a2:66:42:ac:94:df:48:b1:fb:a5:c2:a4:f9:96:0f:
67:e8:e4:91:48:37:f2:c0:20:a5:23:20:76:bf:b2:
df:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6C:BB:64:1A:6D:58:70:38:2D:EE:0D:B4:8D:98:0C:CA:92:57:B2
X509v3 Authority Key Identifier:
keyid:9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:98:f2:58:1f:6f:70:b5:0c:44:29:b1:7b:6a:5c:a3:c5:c0:
3b:94:aa:98:0e:1f:3b:15:97:89:56:b8:90:1b:9e:4f:2b:42:
6d:ce:ec:5a:bd:b9:1a:27:21:50:c1:ef:ac:60:8b:9f:71:af:
9f:c6:2b:3e:b4:96:f3:a4:d7:a5:20:08:60:73:49:fb:50:eb:
83:52:fe:f7:79:1e:3c:7c:cf:cd:ba:3c:fc:5c:2b:5a:d0:2e:
00:d1:2a:db:8c:9e:8b:02:d1:f7:77:e2:f3:6b:8c:32:9b:64:
e5:29:d3:2c:a9:97:31:3f:29:02:6d:8b:c9:04:33:9f:e9:3e:
83:e6:5e:e8:a6:5b:ff:3c:62:2a:48:3a:4c:27:e7:64:6e:1d:
b9:83:78:2a:d4:0e:20:44:f8:42:fd:af:14:35:9d:a7:78:b0:
15:79:56:b3:aa:81:d6:3f:db:cd:44:f5:9f:c2:4c:2e:e7:95:
23:71:ec:49:93:e1:ab:09:1c:67:45:c2:9f:c6:b8:4c:de:a5:
a8:5e:d7:59:99:b5:96:18:ca:05:6d:01:f3:c4:dc:07:37:d1:
23:73:9d:67:02:c2:97:f4:1d:c6:37:52:ec:21:3f:e5:2f:f1:
e1:10:46:cb:df:e8:be:ea:74:c3:c0:d2:86:cd:88:7f:ed:61:
c2:78:b0:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wEndHvvaGivvytL1NimYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjg3NTMzY2ViYTA2NDVhMTQ4Y2YxMGM4YzI3ZWE5YTcy
MWEwOWQwHhcNMjYwMzI5MDQwMDQxWhcNMjYwMzMwMDQwMDQxWjAzMTEwLwYDVQQD
Eyg1ZjZjYmI2NDFhNmQ1ODcwMzgyZGVlMGRiNDhkOTgwY2NhOTI1N2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HxSCSMI0/GjJg49cfMjCg6YNGj2
mFj9GELOZCSPAM3cAEEd4rxNGju6BUAPzL7S6z9f2ZkOFLkH2Uv2zAnBwlW9CZFn
4niUGbJws5962rCQ2gt87i4u2OgJQ2RcPbwrXr2m8uiDPHN+LOnUEKccbeESGYgC
pUOIGFt2wA8jlRzfVLrQZXocxIZPRBEKOdA8f6xHofhtrmmlTFEJApptBKAxfFoi
jn2pMmjP68ZC7JddNr22tJVOJHUVwMiP8fE8S3UISWfrba3tnvCe+49zKabOZw9f
pkPVFmmAFtubcr+iZkKslN9IsfulwqT5lg9n6OSRSDfywCClIyB2v7LfCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF9su2QabVhwOC3uDbSNmAzKkleyMB8GA1UdIwQY
MBaAFJ0odTPOugZFoUjPEMjCfqmnIaCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEt
MDIxMmIzZWFlOTdjLzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEtMDIxMmIzZWFlOTdj
LzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA5jyWB9v
cLUMRCmxe2pco8XAO5SqmA4fOxWXiVa4kBueTytCbc7sWr25GichUMHvrGCLn3Gv
n8YrPrSW86TXpSAIYHNJ+1Drg1L+93kePHzPzbo8/FwrWtAuANEq24yeiwLR93fi
82uMMptk5SnTLKmXMT8pAm2LyQQzn+k+g+Ze6KZb/zxiKkg6TCfnZG4duYN4KtQO
IET4Qv2vFDWdp3iwFXlWs6qB1j/bzUT1n8JMLueVI3HsSZPhqwkcZ0XCn8a4TN6l
qF7XWZm1lhjKBW0B88TcBzfRI3OdZwLCl/QdxjdS7CE/5S/x4RBGy9/ovup0w8DS
hs2If+1hwniwRg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:52:26 2026 by rpki-client