Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.mft
File: nzcg6XD6oOB_UKY4nnrlOvpDnas.mft (raw, json)
Hash identifier: +jiUOziMToA64spP+O8u4yXjR9U37HYwudM8DxlX1dE=
Subject key identifier: 02:09:73:49:09:D3:EF:31:E3:5A:6C:45:2A:C0:F2:B3:3A:0F:F4:5D
Authority key identifier: 9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
Certificate issuer: /CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Certificate serial: 019D390A464BDF673E5E208816071ED2D111
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.mft
Manifest number: 1895
Signing time: Sun 29 Mar 2026 10:01:07 +0000
Manifest this update: Sun 29 Mar 2026 10:01:07 +0000
Manifest next update: Mon 30 Mar 2026 10:01:07 +0000
Files and hashes: 1: DwjBds5b0bny3-dZb3jOPo6oE6o.roa (hash: Rkq+xz9kCRAZI1zfzUNT6Gu5M/oAmAXmbyM5y+/YH1I=)
2: nzcg6XD6oOB_UKY4nnrlOvpDnas.crl (hash: dvXI+Essm9gov4oDLzACybiE5Gb6zDnw6Us3+3ob1NY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.mft
rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:46:4b:df:67:3e:5e:20:88:16:07:1e:d2:d1:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Validity
Not Before: Mar 29 10:01:07 2026 GMT
Not After : Mar 30 10:01:07 2026 GMT
Subject: CN=0209734909d3ef31e35a6c452ac0f2b33a0ff45d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fb:e7:2a:cc:41:7c:4d:3b:b3:82:9f:2a:c2:
2b:cd:0b:aa:c7:28:69:34:29:e0:b0:4f:e8:65:4e:
be:d7:4c:e3:ad:81:5c:19:af:cf:05:4f:a5:6c:0f:
a4:4e:46:4f:4f:6a:a7:f0:11:38:dd:fd:65:1d:7f:
f1:e8:a1:fa:89:31:26:f0:e5:2c:1b:2e:89:d2:e0:
32:8d:9c:66:0c:d6:a5:43:46:d0:2f:29:b2:d4:23:
7c:30:0e:4a:a1:22:f0:02:c4:b9:d6:95:57:2e:21:
55:d1:05:cb:3c:41:5f:94:24:14:74:2c:94:cf:67:
32:dd:d2:c9:be:95:95:a9:20:5d:26:2d:81:5c:26:
14:70:23:f7:9f:20:da:e3:ac:02:d0:64:78:bf:c5:
a6:1d:8d:26:b7:7c:3e:d6:ea:cf:fe:9d:ed:48:c6:
c9:d5:52:5a:af:4c:bc:90:4b:de:78:c0:7e:44:e7:
17:a2:10:37:8b:a4:a8:f9:02:60:a0:05:6d:7b:66:
52:b0:f3:01:50:26:30:9f:9c:b3:06:42:12:01:4b:
ae:d6:be:27:05:1f:dc:56:83:b8:15:02:73:bd:18:
8c:d0:ce:87:d4:9e:a2:77:40:b4:0c:92:96:aa:23:
ac:99:99:50:77:86:8c:16:0a:41:14:f1:6a:26:9f:
bc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:09:73:49:09:D3:EF:31:E3:5A:6C:45:2A:C0:F2:B3:3A:0F:F4:5D
X509v3 Authority Key Identifier:
keyid:9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:d7:72:79:49:eb:aa:75:75:c0:68:d2:8a:41:a4:f4:c1:65:
97:f2:90:0d:49:70:f3:8f:b2:91:1d:d8:39:78:c1:44:7a:b2:
95:eb:41:35:9f:0c:f8:4f:c4:d8:6d:59:1b:8d:ea:15:a7:5f:
cd:bd:63:e4:73:96:44:72:15:a5:0f:e0:d0:76:db:de:8e:75:
2a:62:1c:0f:5d:18:d2:84:5b:e0:81:0f:96:4e:87:af:ee:50:
44:80:3a:a1:2a:e4:e0:d3:55:c0:ae:5e:d2:43:25:56:9c:2e:
aa:43:f6:4c:35:04:89:52:d8:84:df:82:34:46:b3:ce:7f:90:
b9:ea:52:67:e7:d8:a6:7d:f5:4c:a4:e4:1b:31:99:9b:4d:f5:
cb:79:c9:53:f5:49:82:21:9f:0b:48:19:44:05:bc:3d:b8:dc:
80:5e:f2:67:57:d8:14:56:29:f3:ea:d4:c6:89:e9:93:97:f6:
ea:46:ae:85:e6:d2:e7:39:97:30:5a:45:54:d7:cc:81:f5:c3:
63:5e:32:2b:e7:47:04:5e:50:62:fa:c5:fc:7a:03:ee:b6:a8:
64:05:a9:16:5a:0e:a4:b9:cd:cc:ea:9e:e2:a2:e2:bd:66:2c:
fb:34:c8:39:aa:84:9b:36:2e:1f:fb:a1:f2:af:96:3d:18:b9:
04:70:43:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CkZL32c+XiCIFgce0tERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzcyMGU5NzBmYWEwZTA3ZjUwYTYzODllN2FlNTNhZmE0
MzlkYWIwHhcNMjYwMzI5MTAwMTA3WhcNMjYwMzMwMTAwMTA3WjAzMTEwLwYDVQQD
EygwMjA5NzM0OTA5ZDNlZjMxZTM1YTZjNDUyYWMwZjJiMzNhMGZmNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvvnKsxBfE07s4KfKsIrzQuqxyhp
NCngsE/oZU6+10zjrYFcGa/PBU+lbA+kTkZPT2qn8BE43f1lHX/x6KH6iTEm8OUs
Gy6J0uAyjZxmDNalQ0bQLymy1CN8MA5KoSLwAsS51pVXLiFV0QXLPEFflCQUdCyU
z2cy3dLJvpWVqSBdJi2BXCYUcCP3nyDa46wC0GR4v8WmHY0mt3w+1urP/p3tSMbJ
1VJar0y8kEveeMB+ROcXohA3i6So+QJgoAVte2ZSsPMBUCYwn5yzBkISAUuu1r4n
BR/cVoO4FQJzvRiM0M6H1J6id0C0DJKWqiOsmZlQd4aMFgpBFPFqJp+8cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIJc0kJ0+8x41psRSrA8rM6D/RdMB8GA1UdIwQY
MBaAFJ83IOlw+qDgf1CmOJ565Tr6Q52rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQt
MTJlNmEwZDQzMThhLzEvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQtMTJlNmEwZDQzMThh
LzEvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfNdyeUnr
qnV1wGjSikGk9MFll/KQDUlw84+ykR3YOXjBRHqyletBNZ8M+E/E2G1ZG43qFadf
zb1j5HOWRHIVpQ/g0Hbb3o51KmIcD10Y0oRb4IEPlk6Hr+5QRIA6oSrk4NNVwK5e
0kMlVpwuqkP2TDUEiVLYhN+CNEazzn+QuepSZ+fYpn31TKTkGzGZm031y3nJU/VJ
giGfC0gZRAW8PbjcgF7yZ1fYFFYp8+rUxonpk5f26kauhebS5zmXMFpFVNfMgfXD
Y14yK+dHBF5QYvrF/HoD7raoZAWpFloOpLnNzOqe4qLivWYs+zTIOaqEmzYuH/uh
8q+WPRi5BHBDSQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:26:48 2026 by rpki-client