Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
File: nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft (raw, json)
Hash identifier: V1cstUoc2t0/Fd+Ib9hLr4QwadpgmVFIUZMgxa21POQ=
Subject key identifier: 73:EC:91:AD:89:1A:26:5C:19:5E:97:42:3D:EF:37:D8:3D:B8:D1:1D
Authority key identifier: 9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E
Certificate issuer: /CN=9d3627d9766514578942420050bf83a8b129166e
Certificate serial: 019D39AE692272AEDAAC644B00A17481AD28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
Manifest number: 1520
Signing time: Sun 29 Mar 2026 13:00:24 +0000
Manifest this update: Sun 29 Mar 2026 13:00:24 +0000
Manifest next update: Mon 30 Mar 2026 13:00:24 +0000
Files and hashes: 1: nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl (hash: dxCgbesdhXRAX2wnQoaLuZH8L8KHrkRFTQFEX+ONiYc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:69:22:72:ae:da:ac:64:4b:00:a1:74:81:ad:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d3627d9766514578942420050bf83a8b129166e
Validity
Not Before: Mar 29 13:00:24 2026 GMT
Not After : Mar 30 13:00:24 2026 GMT
Subject: CN=73ec91ad891a265c195e97423def37d83db8d11d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9f:6c:d2:13:8b:9e:b8:8a:d7:e6:20:84:b4:
f6:fe:27:5d:e0:38:c0:7c:ad:2e:67:de:0c:cf:3e:
cd:36:0f:98:eb:50:95:1f:73:b5:9e:77:6c:32:c5:
d3:39:37:a4:95:d5:69:5c:17:90:4d:bc:18:22:45:
8c:c9:c6:1f:df:e7:a0:fc:bd:b5:62:c8:b1:dd:f2:
27:f5:e7:e0:e9:db:d7:60:80:ef:e7:f0:0f:3f:64:
22:cf:05:88:b3:3b:f9:ca:bf:36:39:2f:25:b6:49:
bc:43:c9:e2:63:65:07:48:da:50:05:4f:42:6e:9a:
18:d4:52:b6:a9:a2:5a:db:17:ea:c0:02:2c:64:8d:
0c:a6:6b:1e:54:28:d3:14:3f:44:71:16:3d:cf:dc:
0f:b4:41:07:e9:11:56:2d:b5:21:57:0b:49:67:de:
73:f0:a1:80:0a:23:7a:17:68:ac:f6:17:c6:2b:da:
cd:d4:03:31:4e:b0:38:e6:f3:0a:ac:85:49:77:b5:
a6:a5:d6:17:1f:fc:a1:d6:41:e6:26:6f:bb:93:35:
33:ca:56:74:82:80:e3:f3:d1:f1:c4:c4:fb:50:3c:
dc:83:bf:19:a7:b3:4b:10:ba:4b:8b:4f:92:df:ca:
8f:9a:59:49:10:58:0b:cc:b4:29:35:f1:c9:91:06:
46:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:EC:91:AD:89:1A:26:5C:19:5E:97:42:3D:EF:37:D8:3D:B8:D1:1D
X509v3 Authority Key Identifier:
keyid:9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:d2:b7:08:4c:f9:ea:89:c5:44:57:59:f4:2d:a7:6d:d2:5a:
4d:0c:bd:c9:68:b5:50:15:09:5f:d8:d8:48:24:47:c5:7b:08:
48:15:98:71:75:68:98:55:d0:ab:6c:cc:b8:21:a7:71:35:34:
7b:c9:7a:8f:ae:73:1a:e2:bc:d2:60:e0:ac:58:a1:fd:d1:fd:
ec:8e:90:90:5f:b5:ae:75:06:d9:b6:85:20:c0:b2:9e:c9:84:
50:fa:0e:48:40:bd:7c:d3:b2:08:40:27:53:ce:24:e8:51:de:
de:d6:df:91:97:d5:23:21:46:1d:90:c6:d5:7f:79:3d:2e:d1:
97:1c:ef:2b:1c:d0:4c:c5:ae:c0:61:6d:71:10:1b:d1:d3:e3:
3d:4b:e5:52:92:41:91:77:12:95:7d:ac:30:05:c3:60:7a:06:
37:69:b7:f1:a6:09:a1:da:07:82:80:05:39:75:2e:ee:65:f2:
45:c7:80:bb:f6:48:9a:55:b3:de:8f:85:fb:af:b1:9d:74:06:
94:f4:fa:98:cc:02:53:d0:9b:f4:72:e4:db:bd:7b:e6:16:5c:
79:b7:91:07:a0:db:1b:1f:c0:71:05:29:35:92:ab:5f:2c:51:
b9:40:27:f7:2a:7d:fb:9b:76:ff:91:79:c0:c5:1c:53:32:53:
c1:fa:2c:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rmkicq7arGRLAKF0ga0oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzYyN2Q5NzY2NTE0NTc4OTQyNDIwMDUwYmY4M2E4YjEy
OTE2NmUwHhcNMjYwMzI5MTMwMDI0WhcNMjYwMzMwMTMwMDI0WjAzMTEwLwYDVQQD
Eyg3M2VjOTFhZDg5MWEyNjVjMTk1ZTk3NDIzZGVmMzdkODNkYjhkMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq59s0hOLnriK1+YghLT2/idd4DjA
fK0uZ94Mzz7NNg+Y61CVH3O1nndsMsXTOTekldVpXBeQTbwYIkWMycYf3+eg/L21
Ysix3fIn9efg6dvXYIDv5/APP2QizwWIszv5yr82OS8ltkm8Q8niY2UHSNpQBU9C
bpoY1FK2qaJa2xfqwAIsZI0MpmseVCjTFD9EcRY9z9wPtEEH6RFWLbUhVwtJZ95z
8KGACiN6F2is9hfGK9rN1AMxTrA45vMKrIVJd7WmpdYXH/yh1kHmJm+7kzUzylZ0
goDj89HxxMT7UDzcg78Zp7NLELpLi0+S38qPmllJEFgLzLQpNfHJkQZGTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPska2JGiZcGV6XQj3vN9g9uNEdMB8GA1UdIwQY
MBaAFJ02J9l2ZRRXiUJCAFC/g6ixKRZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2Qt
MWQ1ZGQyMjU4YzRlLzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2QtMWQ1ZGQyMjU4YzRl
LzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARNK3CEz5
6onFRFdZ9C2nbdJaTQy9yWi1UBUJX9jYSCRHxXsISBWYcXVomFXQq2zMuCGncTU0
e8l6j65zGuK80mDgrFih/dH97I6QkF+1rnUG2baFIMCynsmEUPoOSEC9fNOyCEAn
U84k6FHe3tbfkZfVIyFGHZDG1X95PS7RlxzvKxzQTMWuwGFtcRAb0dPjPUvlUpJB
kXcSlX2sMAXDYHoGN2m38aYJodoHgoAFOXUu7mXyRceAu/ZImlWz3o+F+6+xnXQG
lPT6mMwCU9Cb9HLk27175hZcebeRB6DbGx/AcQUpNZKrXyxRuUAn9yp9+5t2/5F5
wMUcUzJTwfosag==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:49:04 2026 by rpki-client