Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
File: nTHCM8vSZtsCYgud65DQjkFpLmc.mft (raw, json)
Hash identifier: 2fcRkPa8RoopkHWLah2hdhU2P/Ldl45XXWDvkTt2WjI=
Subject key identifier: F1:1D:76:66:4A:0E:04:CD:60:7C:67:3C:BF:92:0E:C0:DC:63:BA:7B
Authority key identifier: 9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
Certificate issuer: /CN=9d31c233cbd266db02620b9deb90d08e41692e67
Certificate serial: 019CE4B5DDD1A4357BC9F5F895C2BE9C92A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
Manifest number: 0F44
Signing time: Fri 13 Mar 2026 01:00:49 +0000
Manifest this update: Fri 13 Mar 2026 01:00:49 +0000
Manifest next update: Sat 14 Mar 2026 01:00:49 +0000
Files and hashes: 1: 3kSbU0e5h99O_Tm79lGnT_Tp5Hc.roa (hash: RwQ/Qy1kKylc45gWPZOazTOGnIJ82QduJgu3sQQqwXY=)
2: nTHCM8vSZtsCYgud65DQjkFpLmc.crl (hash: we0qd4fS8vDn79mh+rtIsMcHY0dqqdjBM7xQG4qiO2c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e4:b5:dd:d1:a4:35:7b:c9:f5:f8:95:c2:be:9c:92:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d31c233cbd266db02620b9deb90d08e41692e67
Validity
Not Before: Mar 13 01:00:49 2026 GMT
Not After : Mar 14 01:00:49 2026 GMT
Subject: CN=f11d76664a0e04cd607c673cbf920ec0dc63ba7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:df:09:c8:de:a4:2b:dc:74:66:b6:96:b8:58:
5b:39:cb:7b:69:61:93:ab:3a:46:c6:4b:8b:d2:e9:
44:1d:3f:92:c1:b7:d1:31:42:0d:ca:04:39:12:95:
42:67:c1:7f:c6:4d:28:95:34:bf:06:d6:61:5c:80:
79:99:8a:49:ab:df:ab:3b:67:65:44:f4:fc:fa:0c:
33:c2:0b:32:d6:23:65:55:6c:79:c2:8d:96:24:07:
47:6b:c1:6f:55:90:1c:58:50:5f:40:e9:f5:fc:06:
cc:a8:e1:40:75:f6:0a:e7:0d:fd:d9:6a:b9:3d:50:
71:8a:38:37:4d:84:e4:a6:b3:77:d9:7d:55:dc:b8:
7b:b6:42:68:d6:70:c7:b3:98:cd:9c:f5:a3:f4:fb:
e3:24:73:2e:4e:51:73:aa:73:72:d0:5f:48:49:b7:
e7:5c:48:2c:86:6a:6a:e0:c8:b2:a1:31:e9:aa:9b:
c1:66:ad:06:06:12:2e:0a:56:ad:76:2b:c6:b7:fe:
39:c0:0e:81:a5:5c:0d:cf:d2:73:43:4b:d7:74:14:
b5:c8:dc:60:1f:43:36:5e:19:8f:22:fb:68:18:8e:
95:ca:8f:13:d7:4c:53:c7:cd:5d:54:54:86:fa:3d:
b9:b1:85:de:f2:18:89:26:5b:ba:5d:8e:dc:56:ab:
ac:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1D:76:66:4A:0E:04:CD:60:7C:67:3C:BF:92:0E:C0:DC:63:BA:7B
X509v3 Authority Key Identifier:
keyid:9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:f2:1c:65:b2:70:83:94:92:f4:d8:6b:c1:d1:9e:f0:26:34:
a5:46:98:fd:b2:16:9e:c0:82:91:f0:c0:59:63:4d:16:5f:d4:
72:5a:bb:96:1b:38:c2:5b:3b:0a:47:1c:cd:5c:bd:23:40:43:
80:aa:38:b5:2d:1f:a7:c8:c2:5c:b8:5e:44:c3:42:67:c0:8a:
27:7e:c1:5e:6b:5e:8e:50:0d:37:64:16:90:61:39:d1:ae:ce:
ef:35:d6:0e:79:2e:99:9e:75:6e:49:f6:c8:ce:e0:3b:6d:f7:
7a:2f:bc:80:c0:97:61:5f:30:34:fb:89:bd:69:f5:38:e2:9e:
f9:a5:2b:c2:e4:55:1b:c7:0e:41:95:7a:f4:14:8a:4a:d0:53:
30:d8:61:7e:33:38:21:94:21:c0:cd:4a:14:02:c1:cf:cd:0c:
ab:17:d4:58:78:ac:ed:35:f5:a7:b8:f6:88:32:19:78:e2:e4:
c9:9d:b8:c6:0b:08:d4:df:66:0e:86:a2:9f:94:a8:7b:07:c3:
0e:dc:0e:27:06:e7:72:5b:f5:53:6c:20:19:5c:9c:a8:c3:eb:
93:ae:1b:52:99:77:09:ad:21:b2:f5:d5:28:27:68:a5:b8:e2:
f4:ee:55:bd:cc:a5:5a:aa:db:3d:22:25:07:c0:5f:a7:75:dd:
a0:e5:fd:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzktd3RpDV7yfX4lcK+nJKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzFjMjMzY2JkMjY2ZGIwMjYyMGI5ZGViOTBkMDhlNDE2
OTJlNjcwHhcNMjYwMzEzMDEwMDQ5WhcNMjYwMzE0MDEwMDQ5WjAzMTEwLwYDVQQD
EyhmMTFkNzY2NjRhMGUwNGNkNjA3YzY3M2NiZjkyMGVjMGRjNjNiYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld8JyN6kK9x0ZraWuFhbOct7aWGT
qzpGxkuL0ulEHT+SwbfRMUINygQ5EpVCZ8F/xk0olTS/BtZhXIB5mYpJq9+rO2dl
RPT8+gwzwgsy1iNlVWx5wo2WJAdHa8FvVZAcWFBfQOn1/AbMqOFAdfYK5w392Wq5
PVBxijg3TYTkprN32X1V3Lh7tkJo1nDHs5jNnPWj9PvjJHMuTlFzqnNy0F9ISbfn
XEgshmpq4MiyoTHpqpvBZq0GBhIuClatdivGt/45wA6BpVwNz9JzQ0vXdBS1yNxg
H0M2XhmPIvtoGI6Vyo8T10xTx81dVFSG+j25sYXe8hiJJlu6XY7cVqusiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPEddmZKDgTNYHxnPL+SDsDcY7p7MB8GA1UdIwQY
MBaAFJ0xwjPL0mbbAmILneuQ0I5BaS5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDct
ZmExNzI1MDM0NDkxLzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDctZmExNzI1MDM0NDkx
LzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS/IcZbJw
g5SS9NhrwdGe8CY0pUaY/bIWnsCCkfDAWWNNFl/Uclq7lhs4wls7CkcczVy9I0BD
gKo4tS0fp8jCXLheRMNCZ8CKJ37BXmtejlANN2QWkGE50a7O7zXWDnkumZ51bkn2
yM7gO233ei+8gMCXYV8wNPuJvWn1OOKe+aUrwuRVG8cOQZV69BSKStBTMNhhfjM4
IZQhwM1KFALBz80MqxfUWHis7TX1p7j2iDIZeOLkyZ24xgsI1N9mDoain5SoewfD
DtwOJwbnclv1U2wgGVycqMPrk64bUpl3Ca0hsvXVKCdopbji9O5VvcylWqrbPSIl
B8Bfp3XdoOX98w==
-----END CERTIFICATE-----
Generated at Fri Mar 13 09:55:31 2026 by rpki-client