Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/25f375-140f-46e9-967e-6e459a58e1d6/1/nKkOfa8VwXwbmrxXIVe8fZF7OZE.mft
File: nKkOfa8VwXwbmrxXIVe8fZF7OZE.mft (raw, json)
Hash identifier: TJMSQpUQN9Uv/Vx3PAsAIkZ2AlGeQ8tVnjOHTZt7E/0=
Subject key identifier: D1:1B:91:21:47:EA:46:59:1F:EC:65:63:1F:85:6E:57:5D:B2:9C:92
Authority key identifier: 9C:A9:0E:7D:AF:15:C1:7C:1B:9A:BC:57:21:57:BC:7D:91:7B:39:91
Certificate issuer: /CN=9ca90e7daf15c17c1b9abc572157bc7d917b3991
Certificate serial: 019D37896B87775C06346B23DC0B8C4C5DB2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nKkOfa8VwXwbmrxXIVe8fZF7OZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/25f375-140f-46e9-967e-6e459a58e1d6/1/nKkOfa8VwXwbmrxXIVe8fZF7OZE.mft
Manifest number: 1415
Signing time: Sun 29 Mar 2026 03:00:45 +0000
Manifest this update: Sun 29 Mar 2026 03:00:45 +0000
Manifest next update: Mon 30 Mar 2026 03:00:45 +0000
Files and hashes: 1: dXqJHsXxR-aG7OFxfLVmTOQ0LlE.roa (hash: y6lcuFolmZ4jWJsuhnKkZ1m94mf4BMO+drqZeVWCJUI=)
2: nKkOfa8VwXwbmrxXIVe8fZF7OZE.crl (hash: QtQ7HqZtjbnEqFemPKuDNsSQ+DZWGDz/GTs+uSxVsus=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/25f375-140f-46e9-967e-6e459a58e1d6/1/nKkOfa8VwXwbmrxXIVe8fZF7OZE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/25f375-140f-46e9-967e-6e459a58e1d6/1/nKkOfa8VwXwbmrxXIVe8fZF7OZE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nKkOfa8VwXwbmrxXIVe8fZF7OZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:6b:87:77:5c:06:34:6b:23:dc:0b:8c:4c:5d:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ca90e7daf15c17c1b9abc572157bc7d917b3991
Validity
Not Before: Mar 29 03:00:45 2026 GMT
Not After : Mar 30 03:00:45 2026 GMT
Subject: CN=d11b912147ea46591fec65631f856e575db29c92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:67:eb:c7:15:d4:4e:b3:a2:fb:12:64:8d:88:
f8:29:29:f8:54:88:b8:64:88:b6:4a:fe:d8:59:92:
97:35:f3:ae:f5:18:d2:bd:34:5f:57:a4:fb:81:d2:
75:18:cf:a1:14:50:f9:57:e7:9a:89:8e:d8:64:d6:
3c:82:2b:5d:e2:9f:58:52:b0:37:98:6a:ca:2b:78:
5a:dc:61:54:0e:4f:75:10:10:48:4f:50:4e:f7:28:
1a:ef:1f:0b:c7:47:b6:99:49:6a:66:5c:8f:7f:b3:
d8:f8:c8:45:f5:6d:13:a1:1d:7f:ab:42:ac:a5:d1:
da:85:69:f7:5f:fc:60:d6:16:f0:cd:2d:7f:a4:96:
fc:6a:c5:cd:ef:bc:84:c1:0a:00:1b:74:cc:0d:f8:
e2:1b:8b:39:99:b3:37:60:4e:f2:fd:cf:e5:6a:67:
d1:94:43:56:59:ff:f0:c9:4b:07:60:fa:c3:57:c7:
3e:e4:73:80:2c:a8:d3:9b:c9:60:46:e1:49:c0:ea:
74:4b:cf:23:af:96:bf:dc:a5:5f:11:eb:a9:40:62:
d9:f4:c8:e6:6a:fe:7c:dd:d7:44:8c:ed:ad:75:22:
04:4e:42:95:72:ce:fb:96:46:dc:9c:40:29:38:4b:
7c:43:09:50:17:ac:1f:c8:83:02:b3:7d:95:9f:34:
85:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:1B:91:21:47:EA:46:59:1F:EC:65:63:1F:85:6E:57:5D:B2:9C:92
X509v3 Authority Key Identifier:
keyid:9C:A9:0E:7D:AF:15:C1:7C:1B:9A:BC:57:21:57:BC:7D:91:7B:39:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nKkOfa8VwXwbmrxXIVe8fZF7OZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/25f375-140f-46e9-967e-6e459a58e1d6/1/nKkOfa8VwXwbmrxXIVe8fZF7OZE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/25f375-140f-46e9-967e-6e459a58e1d6/1/nKkOfa8VwXwbmrxXIVe8fZF7OZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:74:aa:72:96:ae:25:0e:34:ad:59:4e:71:9d:c5:12:2a:bc:
2a:c3:8d:1b:3d:4c:a4:5b:31:ac:54:6b:dc:5a:44:93:5a:13:
35:bf:56:80:f4:7d:f0:c0:ba:ab:5b:41:6a:34:b1:98:1a:98:
0d:19:c1:ad:5a:ee:74:b0:2a:14:5a:3f:95:28:2a:66:f7:e0:
92:aa:81:3b:f1:f2:01:af:e5:3d:85:65:70:c5:74:27:85:65:
21:ba:40:de:22:04:92:d6:48:12:f1:9d:7a:2f:d3:d7:41:fe:
8b:20:f5:56:91:c4:71:4e:f9:40:dd:de:9c:65:9c:a8:01:c4:
21:cd:82:b5:46:1e:a7:ec:65:5d:3e:37:99:cd:23:be:31:36:
71:cb:89:9b:94:ef:7c:79:8e:bc:d0:a3:a8:45:b5:a3:12:cd:
4f:cb:04:31:a1:f4:31:f7:ff:37:34:36:b5:70:e1:23:6e:04:
e9:cc:d6:05:88:4c:d9:47:bf:44:55:52:87:85:bf:86:89:be:
f7:dc:29:cd:f9:14:04:17:86:94:4b:14:78:21:59:8b:7f:54:
8a:f3:da:f5:36:5e:7b:a4:d4:d6:d0:d6:ff:33:23:46:4e:64:
a7:22:fb:72:63:5d:40:c7:64:7a:5d:b9:eb:5e:a5:ee:53:57:
d1:09:e5:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iWuHd1wGNGsj3AuMTF2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYTkwZTdkYWYxNWMxN2MxYjlhYmM1NzIxNTdiYzdkOTE3
YjM5OTEwHhcNMjYwMzI5MDMwMDQ1WhcNMjYwMzMwMDMwMDQ1WjAzMTEwLwYDVQQD
EyhkMTFiOTEyMTQ3ZWE0NjU5MWZlYzY1NjMxZjg1NmU1NzVkYjI5YzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGfrxxXUTrOi+xJkjYj4KSn4VIi4
ZIi2Sv7YWZKXNfOu9RjSvTRfV6T7gdJ1GM+hFFD5V+eaiY7YZNY8gitd4p9YUrA3
mGrKK3ha3GFUDk91EBBIT1BO9yga7x8Lx0e2mUlqZlyPf7PY+MhF9W0ToR1/q0Ks
pdHahWn3X/xg1hbwzS1/pJb8asXN77yEwQoAG3TMDfjiG4s5mbM3YE7y/c/lamfR
lENWWf/wyUsHYPrDV8c+5HOALKjTm8lgRuFJwOp0S88jr5a/3KVfEeupQGLZ9Mjm
av583ddEjO2tdSIETkKVcs77lkbcnEApOEt8QwlQF6wfyIMCs32VnzSFkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNEbkSFH6kZZH+xlYx+FblddspySMB8GA1UdIwQY
MBaAFJypDn2vFcF8G5q8VyFXvH2RezmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbktrT2ZhOFZ3WHdibXJ4WElWZThmWkY3T1pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8yNWYzNzUtMTQwZi00NmU5LTk2N2Ut
NmU0NTlhNThlMWQ2LzEvbktrT2ZhOFZ3WHdibXJ4WElWZThmWkY3T1pFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8yNWYzNzUtMTQwZi00NmU5LTk2N2UtNmU0NTlhNThlMWQ2
LzEvbktrT2ZhOFZ3WHdibXJ4WElWZThmWkY3T1pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALHSqcpau
JQ40rVlOcZ3FEiq8KsONGz1MpFsxrFRr3FpEk1oTNb9WgPR98MC6q1tBajSxmBqY
DRnBrVrudLAqFFo/lSgqZvfgkqqBO/HyAa/lPYVlcMV0J4VlIbpA3iIEktZIEvGd
ei/T10H+iyD1VpHEcU75QN3enGWcqAHEIc2CtUYep+xlXT43mc0jvjE2ccuJm5Tv
fHmOvNCjqEW1oxLNT8sEMaH0Mff/NzQ2tXDhI24E6czWBYhM2Ue/RFVSh4W/hom+
99wpzfkUBBeGlEsUeCFZi39UivPa9TZee6TU1tDW/zMjRk5kpyL7cmNdQMdkel25
616l7lNX0QnlSg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:45:15 2026 by rpki-client