Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
File: nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json)
Hash identifier: yLiMcy/cPNBMp+NGs8qOCs6ghBswPSgzasjRuk56H4o=
Subject key identifier: 50:26:42:BD:80:58:B4:F1:3F:20:DD:99:E7:E2:84:E1:0A:6D:89:4E
Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
Certificate issuer: /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Certificate serial: 019EC2922D3F8112DA7EAEBA9AA89D6BC9EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
Manifest number: 0BD4
Signing time: Sat 13 Jun 2026 20:00:20 +0000
Manifest this update: Sat 13 Jun 2026 20:00:20 +0000
Manifest next update: Sun 14 Jun 2026 20:00:20 +0000
Files and hashes: 1: KggeSoYJuTH0OsCrW287o_IBVIU.roa (hash: 3X9Kd87JdDMTWZvK8kLFjDZVe2SDW7wiUWXk0sGtCM8=)
2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: hj96ikih1X76oZT7drE5RzID4XX8cCE3V+jb9k9qVKY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c2:92:2d:3f:81:12:da:7e:ae:ba:9a:a8:9d:6b:c9:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Validity
Not Before: Jun 13 20:00:20 2026 GMT
Not After : Jun 14 20:00:20 2026 GMT
Subject: CN=502642bd8058b4f13f20dd99e7e284e10a6d894e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e0:fe:be:be:df:cb:77:5a:83:88:f5:89:ad:
13:06:93:4a:f4:d0:ff:46:0a:ca:7e:c8:42:b4:84:
e3:af:97:e8:df:fd:21:bc:0e:65:c8:11:7e:c0:62:
25:f8:7f:8e:07:c3:53:96:da:c0:d1:9e:62:57:c1:
6b:a1:9c:e9:1f:79:d1:5c:c5:ea:e5:2c:7b:c7:bb:
a2:27:5e:0b:5c:4c:cd:69:a7:3e:72:05:d0:16:34:
56:16:78:0e:a2:d0:88:f7:d0:fc:e6:f6:b5:d0:6f:
79:2f:bb:32:bf:ed:19:ec:2f:82:02:9f:40:bb:c2:
27:e9:f7:c0:bb:3a:88:df:32:b3:51:78:c7:49:4d:
dd:4b:ee:a1:37:0a:18:4c:fa:a0:b2:5e:8f:ee:b6:
e9:f8:48:e5:03:48:7d:33:0d:e5:59:14:52:e4:7f:
f4:0b:cb:49:61:c2:05:6b:d0:31:4c:97:cc:fa:a9:
69:33:84:1c:16:fa:87:dd:31:03:c8:2a:1e:15:d8:
3a:4c:58:2c:6e:e3:85:c2:43:24:65:70:b0:6f:95:
15:ae:4a:df:f5:ba:98:cd:59:30:7f:0b:05:59:e0:
53:9e:88:e5:50:9e:42:63:59:17:0a:58:99:d5:98:
20:95:5d:96:32:1f:af:fd:44:a9:52:f3:fd:e1:6e:
15:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:26:42:BD:80:58:B4:F1:3F:20:DD:99:E7:E2:84:E1:0A:6D:89:4E
X509v3 Authority Key Identifier:
keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:3f:dc:c8:53:2b:02:9c:ec:0c:72:3a:ca:fc:e0:9e:18:a7:
d1:d7:95:13:44:47:f6:62:c9:95:29:9c:75:09:07:3f:11:b6:
2c:d4:8f:bc:a5:7b:46:a9:ff:61:70:ef:4d:48:b5:ab:8c:27:
51:32:ab:7a:17:66:b6:78:7a:29:2a:49:3f:09:59:3f:56:c1:
df:f6:c6:8a:da:32:38:fe:c9:54:b1:21:60:70:1e:9e:f3:83:
8d:d5:26:d3:b0:56:1f:e6:8a:25:2c:1c:68:4c:d9:61:85:ee:
be:bf:da:a1:b3:d5:f8:bb:46:40:f4:40:fd:74:7d:d7:29:d2:
dd:d4:03:0c:32:53:e7:21:2a:9d:80:29:c6:b5:fb:61:a1:60:
cf:ee:cc:5c:8f:b9:bc:86:8e:95:b5:02:a6:00:ef:b8:b5:cf:
b0:3f:1f:13:47:da:c9:c8:2b:c9:2c:fa:04:5c:50:79:c6:e2:
f7:eb:f9:72:56:90:02:77:64:b7:03:82:92:f8:ff:95:0b:3e:
08:81:b2:1a:c9:f7:04:71:a0:a2:b0:3f:68:47:9f:a2:b4:bb:
bb:c3:a5:bf:85:bf:79:ed:db:08:f6:a3:55:cb:da:12:2e:fd:
aa:e9:0a:5a:a9:44:5e:4d:80:7b:13:a6:82:1d:10:3f:a3:e1:
15:d7:56:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7Cki0/gRLafq66mqida8nqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx
ZTkxYTAwHhcNMjYwNjEzMjAwMDIwWhcNMjYwNjE0MjAwMDIwWjAzMTEwLwYDVQQD
Eyg1MDI2NDJiZDgwNThiNGYxM2YyMGRkOTllN2UyODRlMTBhNmQ4OTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluD+vr7fy3dag4j1ia0TBpNK9ND/
RgrKfshCtITjr5fo3/0hvA5lyBF+wGIl+H+OB8NTltrA0Z5iV8FroZzpH3nRXMXq
5Sx7x7uiJ14LXEzNaac+cgXQFjRWFngOotCI99D85va10G95L7syv+0Z7C+CAp9A
u8In6ffAuzqI3zKzUXjHSU3dS+6hNwoYTPqgsl6P7rbp+EjlA0h9Mw3lWRRS5H/0
C8tJYcIFa9AxTJfM+qlpM4QcFvqH3TEDyCoeFdg6TFgsbuOFwkMkZXCwb5UVrkrf
9bqYzVkwfwsFWeBTnojlUJ5CY1kXCliZ1ZgglV2WMh+v/USpUvP94W4VlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFAmQr2AWLTxPyDdmefihOEKbYlOMB8GA1UdIwQY
MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt
ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0
LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmz/cyFMr
ApzsDHI6yvzgnhin0deVE0RH9mLJlSmcdQkHPxG2LNSPvKV7Rqn/YXDvTUi1q4wn
UTKrehdmtnh6KSpJPwlZP1bB3/bGitoyOP7JVLEhYHAenvODjdUm07BWH+aKJSwc
aEzZYYXuvr/aobPV+LtGQPRA/XR91ynS3dQDDDJT5yEqnYApxrX7YaFgz+7MXI+5
vIaOlbUCpgDvuLXPsD8fE0faycgrySz6BFxQecbi9+v5claQAndktwOCkvj/lQs+
CIGyGsn3BHGgorA/aEeforS7u8Olv4W/ee3bCPajVcvaEi79qukKWqlEXk2AexOm
gh0QP6PhFddWpg==
-----END CERTIFICATE-----
Generated at Sun Jun 14 04:03:33 2026 by rpki-client