Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
File: NgHDzOanHKshpLut8KuE3ePyurI.mft (raw, json)
Hash identifier: QkbohAsWwb6kPXj4N8vvu73uEg1+AzENdESM5ZOjwtQ=
Subject key identifier: D4:92:4E:D0:64:CE:27:70:65:90:93:6B:73:0B:C7:80:DD:75:2C:97
Authority key identifier: 36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
Certificate issuer: /CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Certificate serial: 019D3A1CA82D38CDD75E9AB76379A9ECFF87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
Manifest number: 1893
Signing time: Sun 29 Mar 2026 15:00:49 +0000
Manifest this update: Sun 29 Mar 2026 15:00:49 +0000
Manifest next update: Mon 30 Mar 2026 15:00:49 +0000
Files and hashes: 1: NgHDzOanHKshpLut8KuE3ePyurI.crl (hash: 2PV3Fp9sQGJ9v0ck3z4Lg2ll1Gi7rZtOAHzGhHR2mfo=)
2: n4exwERefxehosNF3vrmda7cVQg.roa (hash: Yi7HEiIp9Gzv2dhWbsT1GkQVLHDCPjnmDLNUTFuloG0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:1c:a8:2d:38:cd:d7:5e:9a:b7:63:79:a9:ec:ff:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Validity
Not Before: Mar 29 15:00:49 2026 GMT
Not After : Mar 30 15:00:49 2026 GMT
Subject: CN=d4924ed064ce27706590936b730bc780dd752c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:74:fd:a3:e6:a9:32:2c:b3:fd:df:a4:e3:80:
8f:8a:14:bf:dd:14:eb:af:da:8d:dd:82:53:1b:42:
14:e8:ac:6c:c8:c0:a6:84:46:e3:27:e8:a8:d2:dc:
45:3c:b5:1f:91:3b:cc:64:b9:84:6b:c5:08:a3:24:
58:68:3e:8c:f5:d3:de:75:5e:68:14:2b:90:fd:6b:
97:57:e6:ac:94:92:7d:0e:cc:f0:34:c5:89:03:17:
40:dd:8c:35:3d:1d:69:44:17:ab:9e:e0:3b:54:92:
1d:d5:90:cc:a6:6a:97:41:65:da:56:9c:23:37:45:
f5:e3:43:7a:01:d7:e2:1d:f5:07:4c:46:5f:7f:02:
89:14:3a:20:55:3f:b7:ff:89:39:26:69:5d:b3:8e:
b8:78:93:9c:94:1b:3a:66:a1:9a:eb:93:40:35:bf:
83:64:8a:62:3d:5c:82:86:2e:54:d1:53:8c:3f:0c:
07:d0:ee:f5:21:9e:65:e9:13:94:96:af:94:cb:18:
f3:ad:4e:e8:33:63:59:79:85:fe:4f:eb:f4:d3:d6:
c6:1b:32:b2:5d:c2:c6:1d:c1:25:1f:3e:4f:7c:40:
a6:82:0f:39:97:5f:25:dc:11:e1:3d:27:94:8d:e3:
e9:29:15:de:5d:16:e5:7f:90:20:83:a8:21:49:64:
a0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:92:4E:D0:64:CE:27:70:65:90:93:6B:73:0B:C7:80:DD:75:2C:97
X509v3 Authority Key Identifier:
keyid:36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:72:eb:e8:65:e3:3d:b7:20:37:d0:8c:e8:8a:e9:4f:a0:c7:
9a:60:70:99:27:a5:8d:90:ee:f0:d2:14:10:90:49:a6:e6:3c:
6d:ff:6f:10:26:cc:b8:8d:af:c5:6d:72:f5:f8:5b:6a:84:e5:
9a:4c:a9:6b:9c:c2:cf:ce:08:c2:8a:4d:b4:56:56:a2:50:f6:
42:6d:64:54:36:f1:fc:b4:4e:fa:66:79:1c:1b:f5:8d:b1:05:
79:c6:58:2f:58:47:03:fb:90:7f:81:08:b3:94:42:c2:d9:8b:
ae:99:5d:a9:39:81:60:b7:b5:28:6e:0e:5f:9c:05:30:ae:5f:
e3:45:76:19:4c:ad:c2:f1:c8:a8:b7:85:5c:9c:94:0f:f4:db:
07:d9:2c:57:48:36:90:a0:db:c0:43:b7:55:9e:98:40:3f:23:
fd:0a:07:a4:68:d8:54:84:c7:d8:41:df:8d:21:66:46:1e:06:
ec:d2:f9:c0:cb:bb:ec:2e:04:e8:ff:df:75:a3:85:47:ad:fb:
37:95:1d:28:0b:f9:95:c9:de:4f:e9:38:da:e2:2e:7f:bd:ed:
99:7b:d9:3c:47:4a:2a:05:c8:45:8e:8d:83:95:fe:6f:8e:48:
43:3d:56:54:5f:49:b3:03:4c:70:11:49:82:4b:7e:9b:f9:af:
c5:57:c6:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HKgtOM3XXpq3Y3mp7P+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MDFjM2NjZTZhNzFjYWIyMWE0YmJhZGYwYWI4NGRkZTNm
MmJhYjIwHhcNMjYwMzI5MTUwMDQ5WhcNMjYwMzMwMTUwMDQ5WjAzMTEwLwYDVQQD
EyhkNDkyNGVkMDY0Y2UyNzcwNjU5MDkzNmI3MzBiYzc4MGRkNzUyYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHT9o+apMiyz/d+k44CPihS/3RTr
r9qN3YJTG0IU6KxsyMCmhEbjJ+io0txFPLUfkTvMZLmEa8UIoyRYaD6M9dPedV5o
FCuQ/WuXV+aslJJ9DszwNMWJAxdA3Yw1PR1pRBernuA7VJId1ZDMpmqXQWXaVpwj
N0X140N6AdfiHfUHTEZffwKJFDogVT+3/4k5Jmlds464eJOclBs6ZqGa65NANb+D
ZIpiPVyChi5U0VOMPwwH0O71IZ5l6ROUlq+UyxjzrU7oM2NZeYX+T+v009bGGzKy
XcLGHcElHz5PfECmgg85l18l3BHhPSeUjePpKRXeXRblf5Agg6ghSWSgcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSSTtBkzidwZZCTa3MLx4DddSyXMB8GA1UdIwQY
MBaAFDYBw8zmpxyrIaS7rfCrhN3j8rqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUt
ODAxZWYzOGRlYTljLzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUtODAxZWYzOGRlYTlj
LzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZHLr6GXj
PbcgN9CM6IrpT6DHmmBwmSeljZDu8NIUEJBJpuY8bf9vECbMuI2vxW1y9fhbaoTl
mkypa5zCz84IwopNtFZWolD2Qm1kVDbx/LRO+mZ5HBv1jbEFecZYL1hHA/uQf4EI
s5RCwtmLrpldqTmBYLe1KG4OX5wFMK5f40V2GUytwvHIqLeFXJyUD/TbB9ksV0g2
kKDbwEO3VZ6YQD8j/QoHpGjYVITH2EHfjSFmRh4G7NL5wMu77C4E6P/fdaOFR637
N5UdKAv5lcneT+k42uIuf73tmXvZPEdKKgXIRY6Ng5X+b45IQz1WVF9JswNMcBFJ
gkt+m/mvxVfGUw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:12:51 2026 by rpki-client