Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
File: nTHCM8vSZtsCYgud65DQjkFpLmc.mft (raw, json)
Hash identifier: vGlwyllYhEJHbbsyOHr+1Y+VsHE71EYtVtMEhKLrPq4=
Subject key identifier: FC:B8:B9:10:BD:63:C9:45:F9:DB:B4:0B:C1:04:92:95:D9:28:17:9A
Authority key identifier: 9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
Certificate issuer: /CN=9d31c233cbd266db02620b9deb90d08e41692e67
Certificate serial: 019DCE62CC3CCC67107431E3DBF90D8918D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
Manifest number: 0FBD
Signing time: Mon 27 Apr 2026 10:01:14 +0000
Manifest this update: Mon 27 Apr 2026 10:01:14 +0000
Manifest next update: Tue 28 Apr 2026 10:01:14 +0000
Files and hashes: 1: 3kSbU0e5h99O_Tm79lGnT_Tp5Hc.roa (hash: RwQ/Qy1kKylc45gWPZOazTOGnIJ82QduJgu3sQQqwXY=)
2: nTHCM8vSZtsCYgud65DQjkFpLmc.crl (hash: /uSeokbIb+aZrh4cO8vXdNLnKqV0BhHDkVkSd+S+foI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 10:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:62:cc:3c:cc:67:10:74:31:e3:db:f9:0d:89:18:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d31c233cbd266db02620b9deb90d08e41692e67
Validity
Not Before: Apr 27 10:01:14 2026 GMT
Not After : Apr 28 10:01:14 2026 GMT
Subject: CN=fcb8b910bd63c945f9dbb40bc1049295d928179a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d0:e9:1c:49:1f:7a:ed:ed:f0:7f:2b:21:22:
fc:2c:db:e5:1d:4e:70:af:e1:55:91:29:cf:2a:cd:
71:ec:9e:75:34:9b:69:22:20:a4:42:74:01:ea:c5:
9c:e7:0f:b1:d9:da:bf:1a:b5:19:b5:f4:61:4b:3a:
b9:3c:7a:1c:40:be:e7:f4:29:a9:e1:f2:50:65:d2:
75:fe:40:00:65:d2:65:e1:5f:7a:ec:d0:c0:2f:2c:
e5:e5:48:de:fb:39:f0:91:e8:a6:fa:6b:c8:e2:ae:
4e:13:7f:6c:7e:14:08:06:4d:d3:de:4d:91:0c:2e:
92:85:7a:e0:c3:00:ec:2c:d1:83:06:ea:cd:f1:27:
c4:7c:b7:7a:9a:a0:dc:13:e7:7d:bc:82:b3:2c:43:
5d:df:5b:dc:73:28:61:3f:75:4e:01:8e:31:a8:9e:
de:37:62:31:44:91:10:0d:24:3b:98:a6:6b:8c:93:
2b:f5:2f:bb:fb:2f:35:c1:8f:cd:a4:f4:d6:70:8e:
7c:da:79:2d:0d:ae:95:1e:0e:97:35:03:a7:10:7e:
02:c3:06:5d:74:b5:91:f5:2e:60:70:b4:d8:d0:ec:
6f:cb:f5:11:10:3c:62:ea:c5:9d:8c:34:4a:9d:b9:
a1:51:f4:09:e4:a4:24:83:30:be:b4:79:07:2a:ac:
a4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:B8:B9:10:BD:63:C9:45:F9:DB:B4:0B:C1:04:92:95:D9:28:17:9A
X509v3 Authority Key Identifier:
keyid:9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:bd:69:a2:f1:51:31:51:6b:b0:97:2f:b7:35:1c:13:8f:bf:
2c:8f:f1:4a:13:fd:40:bc:83:35:ae:d4:f0:e0:15:d1:fa:b9:
e8:c5:39:7a:6f:8f:b5:77:d5:44:a2:c0:22:99:53:aa:ea:b6:
de:3c:d2:d5:ff:c5:fc:d5:e7:8e:4f:c5:53:87:7b:e7:20:5b:
e7:41:85:33:4f:4d:26:c4:21:66:2d:37:15:51:74:b2:9d:ec:
e7:17:c2:e4:14:3e:ea:1b:32:36:97:e0:1a:40:7b:f3:81:fd:
5c:58:50:67:12:32:2b:0b:0e:34:af:0c:90:97:e2:72:eb:92:
b3:17:79:45:0e:24:7c:11:28:83:00:74:3f:59:af:ac:cb:7c:
69:72:62:a2:98:9b:11:3f:5d:3e:b9:a3:2d:4e:3d:e8:36:16:
e5:cb:e4:f7:d4:38:24:d0:cb:0d:51:07:c9:85:9a:78:c0:a0:
d5:a5:98:07:57:82:58:d5:55:98:89:be:6e:d1:fa:20:b5:3d:
14:21:2a:7f:1a:95:73:98:31:3c:55:16:4f:f8:d7:da:84:f4:
64:99:b9:0e:f9:92:32:5b:7c:fb:f9:55:13:39:67:67:68:f0:
c4:79:ac:76:f0:d2:ae:80:dd:65:39:3a:62:6f:bc:e8:d0:b6:
0f:34:52:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3OYsw8zGcQdDHj2/kNiRjVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzFjMjMzY2JkMjY2ZGIwMjYyMGI5ZGViOTBkMDhlNDE2
OTJlNjcwHhcNMjYwNDI3MTAwMTE0WhcNMjYwNDI4MTAwMTE0WjAzMTEwLwYDVQQD
EyhmY2I4YjkxMGJkNjNjOTQ1ZjlkYmI0MGJjMTA0OTI5NWQ5MjgxNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9DpHEkfeu3t8H8rISL8LNvlHU5w
r+FVkSnPKs1x7J51NJtpIiCkQnQB6sWc5w+x2dq/GrUZtfRhSzq5PHocQL7n9Cmp
4fJQZdJ1/kAAZdJl4V967NDALyzl5Uje+znwkeim+mvI4q5OE39sfhQIBk3T3k2R
DC6ShXrgwwDsLNGDBurN8SfEfLd6mqDcE+d9vIKzLENd31vccyhhP3VOAY4xqJ7e
N2IxRJEQDSQ7mKZrjJMr9S+7+y81wY/NpPTWcI582nktDa6VHg6XNQOnEH4CwwZd
dLWR9S5gcLTY0Oxvy/UREDxi6sWdjDRKnbmhUfQJ5KQkgzC+tHkHKqykoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPy4uRC9Y8lF+du0C8EEkpXZKBeaMB8GA1UdIwQY
MBaAFJ0xwjPL0mbbAmILneuQ0I5BaS5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDct
ZmExNzI1MDM0NDkxLzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDctZmExNzI1MDM0NDkx
LzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABL1povFR
MVFrsJcvtzUcE4+/LI/xShP9QLyDNa7U8OAV0fq56MU5em+PtXfVRKLAIplTquq2
3jzS1f/F/NXnjk/FU4d75yBb50GFM09NJsQhZi03FVF0sp3s5xfC5BQ+6hsyNpfg
GkB784H9XFhQZxIyKwsONK8MkJficuuSsxd5RQ4kfBEogwB0P1mvrMt8aXJiopib
ET9dPrmjLU496DYW5cvk99Q4JNDLDVEHyYWaeMCg1aWYB1eCWNVVmIm+btH6ILU9
FCEqfxqVc5gxPFUWT/jX2oT0ZJm5DvmSMlt8+/lVEzlnZ2jwxHmsdvDSroDdZTk6
Ym+86NC2DzRStw==
-----END CERTIFICATE-----
Generated at Mon Apr 27 18:35:59 2026 by rpki-client