Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.mft
File: NgAOvu0kK5VkrclUhTI7lr1vXAI.mft (raw, json)
Hash identifier: GmeeLXQMvq87X7ne3nlqjOGJLi/NLrTIk5XPucPGXXQ=
Subject key identifier: AF:03:C0:6B:BE:E1:EC:AB:62:EF:15:12:F0:F3:BF:51:73:07:B1:21
Authority key identifier: 36:00:0E:BE:ED:24:2B:95:64:AD:C9:54:85:32:3B:96:BD:6F:5C:02
Certificate issuer: /CN=36000ebeed242b9564adc95485323b96bd6f5c02
Certificate serial: 019D389BD9F8B0DA38B13767C9463FC74131
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgAOvu0kK5VkrclUhTI7lr1vXAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.mft
Manifest number: 13FD
Signing time: Sun 29 Mar 2026 08:00:30 +0000
Manifest this update: Sun 29 Mar 2026 08:00:30 +0000
Manifest next update: Mon 30 Mar 2026 08:00:30 +0000
Files and hashes: 1: BHf8SWUieWyp8CsFi-LkKjkwID0.roa (hash: r6mZHm7Sd1CEnMX4mNcO0XlOAIiIxrl1PQK5EqAyZj4=)
2: NgAOvu0kK5VkrclUhTI7lr1vXAI.crl (hash: hl89HOdhhNhwrwU8wM0kSgLraiBhmJupG7Vqi6m0n6Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NgAOvu0kK5VkrclUhTI7lr1vXAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:d9:f8:b0:da:38:b1:37:67:c9:46:3f:c7:41:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36000ebeed242b9564adc95485323b96bd6f5c02
Validity
Not Before: Mar 29 08:00:30 2026 GMT
Not After : Mar 30 08:00:30 2026 GMT
Subject: CN=af03c06bbee1ecab62ef1512f0f3bf517307b121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2c:0a:37:db:75:05:82:9a:71:cd:cb:7e:28:
d1:32:bf:65:80:b3:87:b7:8c:bd:4d:e4:1a:07:78:
ef:9f:fa:a3:06:a7:f1:59:6e:9b:88:ef:5b:ad:e1:
13:93:f4:93:b7:8d:d6:17:8a:37:b7:e9:e0:aa:61:
1a:b6:95:7f:a2:11:1d:3b:88:3f:05:88:21:01:91:
96:ee:f9:ae:32:b3:9a:16:ac:01:ce:2d:fc:59:f1:
b3:b1:9c:17:1f:80:9d:5e:f7:b4:44:f7:1a:f7:53:
ea:ef:96:b7:56:8e:8d:de:01:84:54:f1:31:2d:eb:
d2:38:62:7a:ab:87:c1:06:84:ea:8e:f9:8d:3f:20:
0e:c3:85:d1:4a:95:85:5d:d2:39:85:48:4a:86:8b:
a2:08:32:2c:f1:72:4c:8c:0c:fd:e9:bc:ce:c2:20:
c9:2b:b2:15:15:db:af:28:65:9e:85:56:53:35:7d:
3d:67:12:ef:b3:38:58:dc:98:f7:e9:35:b9:ad:8a:
07:d5:28:d0:d9:b1:fc:b5:b0:26:81:5f:e8:20:60:
f6:f2:57:77:9c:5a:32:99:eb:4d:4f:b4:c3:d9:c3:
ef:d6:c5:dd:3b:fb:c7:cf:35:ff:0d:af:59:f5:53:
77:24:19:f0:1e:82:55:4f:94:b2:f1:c9:e7:fc:a9:
ba:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:03:C0:6B:BE:E1:EC:AB:62:EF:15:12:F0:F3:BF:51:73:07:B1:21
X509v3 Authority Key Identifier:
keyid:36:00:0E:BE:ED:24:2B:95:64:AD:C9:54:85:32:3B:96:BD:6F:5C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgAOvu0kK5VkrclUhTI7lr1vXAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:ab:6a:cb:cc:4b:d6:17:e9:e3:aa:e8:4b:cc:d0:64:ba:47:
ee:a2:1e:6d:6e:73:ea:39:eb:27:83:6f:df:43:ca:32:d6:79:
a8:1a:2c:70:91:0a:66:ac:87:de:9c:c6:51:02:13:d9:26:cb:
23:41:b4:2e:a8:88:18:7e:14:e2:5e:81:4e:f4:cc:cf:34:54:
9b:57:82:d5:83:05:62:dd:0c:8d:20:67:29:00:62:bc:57:38:
55:89:84:a7:27:c6:f6:33:d6:72:ed:fc:52:99:93:93:1d:6c:
04:51:be:6b:aa:89:26:29:8f:2f:f9:ee:5d:4a:d6:c8:6f:4e:
ad:4c:6d:84:4a:bb:35:af:82:96:22:4f:91:d3:af:58:90:ba:
ad:3d:b0:40:57:3f:76:3f:c1:f8:64:af:b5:c3:ee:b7:02:50:
7c:42:f5:cc:f6:1c:86:96:f1:80:34:cb:80:0f:4a:31:1d:6c:
9f:05:b4:06:a2:d4:e6:c8:c7:d1:60:72:0e:53:74:cc:d6:d9:
24:fe:06:c0:76:42:32:49:3f:7e:c3:2e:7a:ed:f9:f6:6d:39:
b1:09:a6:b4:95:59:41:e5:6b:29:50:c8:43:e6:f5:f8:91:25:
22:65:16:60:ba:19:58:6c:70:7e:e8:14:eb:53:4b:76:ae:7b:
3d:02:ac:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m9n4sNo4sTdnyUY/x0ExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MDAwZWJlZWQyNDJiOTU2NGFkYzk1NDg1MzIzYjk2YmQ2
ZjVjMDIwHhcNMjYwMzI5MDgwMDMwWhcNMjYwMzMwMDgwMDMwWjAzMTEwLwYDVQQD
EyhhZjAzYzA2YmJlZTFlY2FiNjJlZjE1MTJmMGYzYmY1MTczMDdiMTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiwKN9t1BYKacc3LfijRMr9lgLOH
t4y9TeQaB3jvn/qjBqfxWW6biO9breETk/STt43WF4o3t+ngqmEatpV/ohEdO4g/
BYghAZGW7vmuMrOaFqwBzi38WfGzsZwXH4CdXve0RPca91Pq75a3Vo6N3gGEVPEx
LevSOGJ6q4fBBoTqjvmNPyAOw4XRSpWFXdI5hUhKhouiCDIs8XJMjAz96bzOwiDJ
K7IVFduvKGWehVZTNX09ZxLvszhY3Jj36TW5rYoH1SjQ2bH8tbAmgV/oIGD28ld3
nFoymetNT7TD2cPv1sXdO/vHzzX/Da9Z9VN3JBnwHoJVT5Sy8cnn/Km6rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8DwGu+4eyrYu8VEvDzv1FzB7EhMB8GA1UdIwQY
MBaAFDYADr7tJCuVZK3JVIUyO5a9b1wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdBT3Z1MGtLNVZrcmNsVWhUSTdscjF2WEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iNzdlMWEtNjYzYS00NDViLThlNjEt
MzcwMTUwYjY2OWU0LzEvTmdBT3Z1MGtLNVZrcmNsVWhUSTdscjF2WEFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iNzdlMWEtNjYzYS00NDViLThlNjEtMzcwMTUwYjY2OWU0
LzEvTmdBT3Z1MGtLNVZrcmNsVWhUSTdscjF2WEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALqtqy8xL
1hfp46roS8zQZLpH7qIebW5z6jnrJ4Nv30PKMtZ5qBoscJEKZqyH3pzGUQIT2SbL
I0G0LqiIGH4U4l6BTvTMzzRUm1eC1YMFYt0MjSBnKQBivFc4VYmEpyfG9jPWcu38
UpmTkx1sBFG+a6qJJimPL/nuXUrWyG9OrUxthEq7Na+CliJPkdOvWJC6rT2wQFc/
dj/B+GSvtcPutwJQfEL1zPYchpbxgDTLgA9KMR1snwW0BqLU5sjH0WByDlN0zNbZ
JP4GwHZCMkk/fsMueu359m05sQmmtJVZQeVrKVDIQ+b1+JElImUWYLoZWGxwfugU
61NLdq57PQKsrw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:03:56 2026 by rpki-client