Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
File: nlaYDUienFO8gp8-jWPTg_ONDeM.mft (raw, json)
Hash identifier: M8JsPjtyaBPiBwU4W8bghXNOfub551F3tQ3numGD27Y=
Subject key identifier: 1C:49:10:F6:93:38:BF:A5:C3:B2:6B:57:B8:A3:E8:42:DD:97:AF:2E
Authority key identifier: 9E:56:98:0D:48:9E:9C:53:BC:82:9F:3E:8D:63:D3:83:F3:8D:0D:E3
Certificate issuer: /CN=9e56980d489e9c53bc829f3e8d63d383f38d0de3
Certificate serial: 019CADC7A85BBC3557ABFD69FE3B0960A723
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
Manifest number: 17A4
Signing time: Mon 02 Mar 2026 09:01:08 +0000
Manifest this update: Mon 02 Mar 2026 09:01:08 +0000
Manifest next update: Tue 03 Mar 2026 09:01:08 +0000
Files and hashes: 1: Ty0AHGlJ9RoCTN7szHoodFNrVgY.roa (hash: CDSZ7X9fhOdv3vxjKS4CoPN0JEb8cRxrZ3+xOxMLrhk=)
2: nlaYDUienFO8gp8-jWPTg_ONDeM.crl (hash: 7D82dKzJas/JFlqO9XuHiTMufu7nXc7mE5vxdlrTs/c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c7:a8:5b:bc:35:57:ab:fd:69:fe:3b:09:60:a7:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e56980d489e9c53bc829f3e8d63d383f38d0de3
Validity
Not Before: Mar 2 09:01:08 2026 GMT
Not After : Mar 3 09:01:08 2026 GMT
Subject: CN=1c4910f69338bfa5c3b26b57b8a3e842dd97af2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:21:28:4e:51:9f:d7:7b:c7:b7:90:0e:1e:e8:
bc:08:f6:38:0f:9e:ad:07:15:f2:43:b7:22:e3:08:
b1:b0:cb:a4:c9:57:cd:85:ee:12:53:ed:73:3e:99:
58:78:5f:0d:03:74:dc:cd:eb:d7:22:73:54:2b:13:
31:ee:29:61:7d:19:dc:be:3f:89:07:0d:31:7e:6c:
6d:c2:4d:7c:50:1f:00:0f:bd:a3:ad:a5:f2:95:2f:
41:b5:31:a9:72:46:03:b3:b3:21:37:0d:0b:4d:39:
40:82:b8:31:c5:99:85:28:da:60:7f:b1:63:85:fe:
7a:5c:eb:04:f8:37:18:6c:3d:02:71:1b:4b:80:93:
cf:76:64:76:3d:03:ba:10:62:e7:58:81:f8:47:fc:
ca:51:05:74:0a:23:4e:26:e9:08:da:96:16:83:48:
e3:9e:b5:14:6f:66:93:80:01:d6:25:b8:3d:db:35:
cc:16:51:0c:cc:5d:30:e7:d7:44:2d:60:94:24:47:
20:ee:ff:66:3a:c8:bc:b2:d9:e0:49:93:5b:2d:9b:
97:ce:19:24:5d:1d:42:24:bf:42:c7:05:ec:2b:36:
05:d8:c0:d9:ea:4c:fb:2a:25:31:3a:79:aa:42:37:
88:76:1c:b9:9e:d6:7f:78:83:92:ab:65:f2:d9:49:
96:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:49:10:F6:93:38:BF:A5:C3:B2:6B:57:B8:A3:E8:42:DD:97:AF:2E
X509v3 Authority Key Identifier:
keyid:9E:56:98:0D:48:9E:9C:53:BC:82:9F:3E:8D:63:D3:83:F3:8D:0D:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:60:42:4c:2e:6e:51:d5:3f:1e:54:5a:c9:27:59:57:cc:b4:
e9:b0:82:e6:09:a1:15:e0:0a:ac:02:f3:06:2f:be:06:e4:72:
7a:fb:92:c8:77:37:32:3b:b2:c3:11:d6:68:60:91:3f:2d:3c:
b4:8e:f2:ae:26:7a:a0:be:85:ad:37:55:80:76:de:e2:76:cb:
26:27:a4:64:3c:26:83:63:05:1c:22:1f:85:ae:b1:e7:a4:3e:
b1:f1:66:07:db:a4:11:71:26:8c:1d:65:f5:79:2e:67:27:bf:
d3:67:6a:fe:c5:8f:98:75:44:19:da:cd:56:e9:92:23:2c:97:
a0:c0:45:cf:fd:46:6a:19:b7:51:35:5a:ec:8b:7f:07:fe:d7:
c9:9a:b9:34:1d:e2:4b:52:3e:5b:13:7a:66:2a:9b:1f:eb:df:
23:aa:aa:57:46:27:10:4a:94:c2:f7:11:50:05:b0:f0:34:60:
74:ed:07:e8:63:15:b4:1d:42:0e:79:c4:6a:a0:32:87:ee:f7:
93:09:10:22:7c:fe:97:6f:f6:13:30:b4:cb:03:a5:1a:c9:d4:
d8:2b:60:07:67:13:4a:80:4e:78:77:4c:b9:85:88:a7:15:dc:
0d:d1:87:4e:a2:b8:ab:1e:06:06:eb:11:5f:93:d7:b4:74:d9:
1a:1f:f4:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx6hbvDVXq/1p/jsJYKcjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTY5ODBkNDg5ZTljNTNiYzgyOWYzZThkNjNkMzgzZjM4
ZDBkZTMwHhcNMjYwMzAyMDkwMTA4WhcNMjYwMzAzMDkwMTA4WjAzMTEwLwYDVQQD
EygxYzQ5MTBmNjkzMzhiZmE1YzNiMjZiNTdiOGEzZTg0MmRkOTdhZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSEoTlGf13vHt5AOHui8CPY4D56t
BxXyQ7ci4wixsMukyVfNhe4SU+1zPplYeF8NA3TczevXInNUKxMx7ilhfRncvj+J
Bw0xfmxtwk18UB8AD72jraXylS9BtTGpckYDs7MhNw0LTTlAgrgxxZmFKNpgf7Fj
hf56XOsE+DcYbD0CcRtLgJPPdmR2PQO6EGLnWIH4R/zKUQV0CiNOJukI2pYWg0jj
nrUUb2aTgAHWJbg92zXMFlEMzF0w59dELWCUJEcg7v9mOsi8stngSZNbLZuXzhkk
XR1CJL9CxwXsKzYF2MDZ6kz7KiUxOnmqQjeIdhy5ntZ/eIOSq2Xy2UmW8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxJEPaTOL+lw7JrV7ij6ELdl68uMB8GA1UdIwQY
MBaAFJ5WmA1InpxTvIKfPo1j04PzjQ3jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMzAzNjAtMDMyOS00Y2YxLWEzN2Yt
ZGI3NDk4ZGFkZTBjLzEvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hMzAzNjAtMDMyOS00Y2YxLWEzN2YtZGI3NDk4ZGFkZTBj
LzEvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgWBCTC5u
UdU/HlRaySdZV8y06bCC5gmhFeAKrALzBi++BuRyevuSyHc3MjuywxHWaGCRPy08
tI7yriZ6oL6FrTdVgHbe4nbLJiekZDwmg2MFHCIfha6x56Q+sfFmB9ukEXEmjB1l
9XkuZye/02dq/sWPmHVEGdrNVumSIyyXoMBFz/1Gahm3UTVa7It/B/7XyZq5NB3i
S1I+WxN6ZiqbH+vfI6qqV0YnEEqUwvcRUAWw8DRgdO0H6GMVtB1CDnnEaqAyh+73
kwkQInz+l2/2EzC0ywOlGsnU2CtgB2cTSoBOeHdMuYWIpxXcDdGHTqK4qx4GBusR
X5PXtHTZGh/08A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:38:22 2026 by rpki-client