Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
File: NkITiw7v_lajLMuqWNb_5u3D8p4.mft (raw, json)
Hash identifier: tcQZBB7tZZbF6OhUMwOWSx0DpEihwJbrzTgVehwfpCQ=
Subject key identifier: 91:1B:70:65:BB:55:95:0A:C5:CB:EF:7B:7C:A1:18:16:D0:1C:B4:A6
Authority key identifier: 36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E
Certificate issuer: /CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
Certificate serial: 019D38666679ACCC06B77952508134D93EE3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
Manifest number: 0793
Signing time: Sun 29 Mar 2026 07:02:08 +0000
Manifest this update: Sun 29 Mar 2026 07:02:08 +0000
Manifest next update: Mon 30 Mar 2026 07:02:08 +0000
Files and hashes: 1: NkITiw7v_lajLMuqWNb_5u3D8p4.crl (hash: 3criQp8iryXXeo+wg9nuoc9aNv+FPwQEdGny5RV4Woc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:66:79:ac:cc:06:b7:79:52:50:81:34:d9:3e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
Validity
Not Before: Mar 29 07:02:08 2026 GMT
Not After : Mar 30 07:02:08 2026 GMT
Subject: CN=911b7065bb55950ac5cbef7b7ca11816d01cb4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:c9:e0:bd:b1:6d:df:1d:da:22:32:95:0c:2e:
ec:44:2a:89:26:19:69:76:23:e4:e1:e6:77:f9:fc:
0e:ca:05:54:a0:5a:f7:7f:d4:3a:09:71:35:8b:38:
b8:49:7b:1b:21:79:db:a8:cb:9b:a7:6c:62:11:4b:
ec:50:2f:28:80:69:b5:04:a8:32:02:a5:11:c1:4a:
a0:ab:b9:96:fc:e4:15:6f:8c:9e:9b:bf:c2:de:8a:
1e:d8:67:41:07:fd:fb:62:14:d4:4a:98:f9:43:b3:
8d:10:eb:7c:a8:9d:01:de:26:68:11:d6:b9:c1:6e:
c3:76:fa:d0:05:a7:87:8b:5d:0a:b1:30:ff:17:cb:
20:33:cf:75:b2:18:1b:28:45:9a:3f:3f:28:18:d4:
5d:54:aa:f3:65:0e:59:dd:15:a0:69:7c:06:36:ac:
8b:d8:f3:8a:7b:ae:d8:70:76:98:a4:62:10:f4:50:
71:a8:bd:77:a8:5f:26:f6:90:b6:1a:01:40:5d:eb:
06:22:e4:38:34:aa:95:cc:44:5d:b9:f8:2d:66:87:
23:1e:07:51:c4:04:38:5b:a7:a2:84:50:95:c8:e4:
0a:e9:90:e8:d5:74:3c:80:55:1d:ff:19:fb:7f:3f:
34:d3:43:e7:ae:3b:51:d5:88:e7:14:b4:ef:cb:1f:
9f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1B:70:65:BB:55:95:0A:C5:CB:EF:7B:7C:A1:18:16:D0:1C:B4:A6
X509v3 Authority Key Identifier:
keyid:36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:99:f2:6b:9e:a6:50:01:cb:f8:46:04:ec:62:88:35:a5:b1:
eb:9a:ca:20:c0:9d:93:e5:9d:9d:04:17:a5:3c:a6:b6:43:92:
4b:b0:fa:72:ca:88:27:a0:78:bd:9a:82:8e:5c:74:b8:3c:84:
80:e0:69:c2:7b:56:0d:fa:f8:df:79:b2:95:62:08:be:7b:bd:
c1:c3:3c:a3:20:7f:42:1c:2e:50:2d:a1:f3:d5:98:86:d5:b3:
42:34:85:52:b4:a3:ae:7f:d9:00:bb:40:53:83:38:d5:40:0d:
82:64:b7:49:25:f0:08:98:d4:61:fa:88:2c:da:58:42:41:0e:
da:99:2b:f6:45:e7:e5:54:a1:12:0c:11:b3:46:06:5e:a3:89:
ef:b2:33:63:54:43:fc:b8:c7:97:92:62:b7:3e:9c:dc:10:b6:
63:61:f2:48:5e:29:d7:a8:33:c0:3c:16:c3:19:ef:a3:52:bf:
45:28:41:e6:72:4e:7b:30:ee:c9:46:d7:eb:93:aa:ab:54:5c:
30:c9:f7:59:df:38:6b:2e:61:92:b6:89:50:ab:c2:12:77:f7:
5e:fb:36:13:c3:86:95:70:e0:90:4a:4a:39:20:0d:36:81:3f:
a4:ce:2f:43:26:ee:ca:7f:e2:0f:e1:ca:b5:c6:a8:8b:dd:77:
72:c1:c4:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZmZ5rMwGt3lSUIE02T7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDIxMzhiMGVlZmZlNTZhMzJjY2JhYTU4ZDZmZmU2ZWRj
M2YyOWUwHhcNMjYwMzI5MDcwMjA4WhcNMjYwMzMwMDcwMjA4WjAzMTEwLwYDVQQD
Eyg5MTFiNzA2NWJiNTU5NTBhYzVjYmVmN2I3Y2ExMTgxNmQwMWNiNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6cngvbFt3x3aIjKVDC7sRCqJJhlp
diPk4eZ3+fwOygVUoFr3f9Q6CXE1izi4SXsbIXnbqMubp2xiEUvsUC8ogGm1BKgy
AqURwUqgq7mW/OQVb4yem7/C3ooe2GdBB/37YhTUSpj5Q7ONEOt8qJ0B3iZoEda5
wW7DdvrQBaeHi10KsTD/F8sgM891shgbKEWaPz8oGNRdVKrzZQ5Z3RWgaXwGNqyL
2POKe67YcHaYpGIQ9FBxqL13qF8m9pC2GgFAXesGIuQ4NKqVzERdufgtZocjHgdR
xAQ4W6eihFCVyOQK6ZDo1XQ8gFUd/xn7fz8000PnrjtR1YjnFLTvyx+fjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJEbcGW7VZUKxcvve3yhGBbQHLSmMB8GA1UdIwQY
MBaAFDZCE4sO7/5WoyzLqljW/+btw/KeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgt
ZTA3Zjk1OTM1NmExLzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgtZTA3Zjk1OTM1NmEx
LzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh5nya56m
UAHL+EYE7GKINaWx65rKIMCdk+WdnQQXpTymtkOSS7D6csqIJ6B4vZqCjlx0uDyE
gOBpwntWDfr433mylWIIvnu9wcM8oyB/QhwuUC2h89WYhtWzQjSFUrSjrn/ZALtA
U4M41UANgmS3SSXwCJjUYfqILNpYQkEO2pkr9kXn5VShEgwRs0YGXqOJ77IzY1RD
/LjHl5Jitz6c3BC2Y2HySF4p16gzwDwWwxnvo1K/RShB5nJOezDuyUbX65Oqq1Rc
MMn3Wd84ay5hkraJUKvCEnf3Xvs2E8OGlXDgkEpKOSANNoE/pM4vQybuyn/iD+HK
tcaoi913csHE6w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:50:13 2026 by rpki-client