Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
File: nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json)
Hash identifier: A4JN7uLLqUvcR4jE1fgiP75zcNqJu3QsKCoVxOFFaQE=
Subject key identifier: 04:0C:52:A6:AB:30:06:EA:35:65:6D:5A:78:81:C2:75:AB:CD:D6:83
Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
Certificate issuer: /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Certificate serial: 019CAD90C55AB11E8DF77A7E223C8F3797C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
Manifest number: 0AC0
Signing time: Mon 02 Mar 2026 08:01:11 +0000
Manifest this update: Mon 02 Mar 2026 08:01:11 +0000
Manifest next update: Tue 03 Mar 2026 08:01:11 +0000
Files and hashes: 1: KggeSoYJuTH0OsCrW287o_IBVIU.roa (hash: 3X9Kd87JdDMTWZvK8kLFjDZVe2SDW7wiUWXk0sGtCM8=)
2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: coTzQR+kF81LkKo5zcu1EUap95gkhqP99f3bYo8hRMc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:c5:5a:b1:1e:8d:f7:7a:7e:22:3c:8f:37:97:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Validity
Not Before: Mar 2 08:01:11 2026 GMT
Not After : Mar 3 08:01:11 2026 GMT
Subject: CN=040c52a6ab3006ea35656d5a7881c275abcdd683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:93:60:e7:88:61:d3:20:d8:44:4c:18:3f:fa:
3a:71:9c:e3:4c:bd:1d:e5:ac:66:2d:f3:45:ac:94:
f1:6e:c5:f5:b4:e5:1f:5a:ec:34:e5:41:d0:dd:c1:
87:ad:8c:bd:7f:77:da:5e:dc:18:fc:0d:42:3a:2a:
31:15:5f:4c:aa:fc:06:29:e4:08:ef:57:d0:e4:67:
79:ee:09:78:30:13:95:87:4e:90:00:85:c6:d7:3e:
c2:27:82:28:59:98:c7:05:a4:97:14:82:b8:21:92:
43:b1:61:7e:b4:7b:df:26:44:fb:e7:8c:13:7b:21:
98:7b:cb:49:fc:75:07:6f:c0:53:d9:91:b9:75:5f:
1f:af:74:b6:7b:7d:63:a1:50:1c:33:49:d3:1b:55:
4d:cf:f3:73:91:b6:e5:60:6f:16:05:ce:9b:9b:25:
af:e6:f4:0c:dd:73:8b:46:ac:21:c7:30:1a:d0:2c:
e5:6a:81:f5:d1:98:a4:66:c8:30:15:b7:01:b4:14:
d7:28:87:d1:15:b7:e1:f8:46:89:26:aa:07:b0:c3:
84:dd:ff:7c:58:99:3e:4d:f8:c8:00:b0:1f:96:03:
78:c0:28:d3:67:99:fe:e5:8f:6a:f1:26:20:44:f4:
d4:1a:56:42:2b:1f:2f:4f:b4:a1:aa:32:dd:27:c5:
31:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:0C:52:A6:AB:30:06:EA:35:65:6D:5A:78:81:C2:75:AB:CD:D6:83
X509v3 Authority Key Identifier:
keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:aa:41:a7:de:37:81:03:59:55:a8:6d:28:de:93:4a:07:66:
be:82:65:a8:37:07:8e:f9:c4:00:5e:6b:0f:4b:79:cb:98:e4:
a9:85:4c:5c:0b:2a:c5:f2:ea:3f:58:50:ac:3b:80:03:79:53:
a1:f1:c6:05:a7:12:e6:e5:78:20:e5:20:74:55:1f:9b:d6:d4:
a4:03:5f:52:c7:f6:98:65:ed:90:d3:9d:bd:41:3e:3b:36:1d:
86:be:93:de:2a:b1:32:97:61:46:51:84:2a:9c:8f:69:c7:c1:
3e:c5:80:35:95:00:3c:82:bf:fe:da:fb:85:c1:e0:e6:7b:34:
b6:22:06:10:32:70:03:ac:77:1b:95:71:4f:8a:63:3f:04:85:
d2:57:25:e8:9f:66:55:a4:e7:01:1d:5e:86:e7:f7:9d:f5:6a:
ba:c3:31:77:36:c4:fc:99:25:58:9d:55:66:d0:63:b5:c8:45:
1a:b1:58:99:62:50:52:03:51:5e:f6:be:8d:aa:32:d4:3a:75:
28:28:8f:1b:fc:5c:ef:d1:1e:1d:d6:e6:62:87:96:08:78:a7:
82:a3:4b:53:2b:0e:0c:c2:08:9e:77:7d:4a:78:b9:70:c1:e7:
65:f5:5c:5d:be:e3:cd:98:74:36:a8:bb:16:bf:9c:cd:b6:4c:
20:6c:e2:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkMVasR6N93p+IjyPN5fHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx
ZTkxYTAwHhcNMjYwMzAyMDgwMTExWhcNMjYwMzAzMDgwMTExWjAzMTEwLwYDVQQD
EygwNDBjNTJhNmFiMzAwNmVhMzU2NTZkNWE3ODgxYzI3NWFiY2RkNjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZNg54hh0yDYREwYP/o6cZzjTL0d
5axmLfNFrJTxbsX1tOUfWuw05UHQ3cGHrYy9f3faXtwY/A1COioxFV9MqvwGKeQI
71fQ5Gd57gl4MBOVh06QAIXG1z7CJ4IoWZjHBaSXFIK4IZJDsWF+tHvfJkT754wT
eyGYe8tJ/HUHb8BT2ZG5dV8fr3S2e31joVAcM0nTG1VNz/NzkbblYG8WBc6bmyWv
5vQM3XOLRqwhxzAa0CzlaoH10ZikZsgwFbcBtBTXKIfRFbfh+EaJJqoHsMOE3f98
WJk+TfjIALAflgN4wCjTZ5n+5Y9q8SYgRPTUGlZCKx8vT7ShqjLdJ8Ux5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQMUqarMAbqNWVtWniBwnWrzdaDMB8GA1UdIwQY
MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt
ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0
LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUqpBp943
gQNZVahtKN6TSgdmvoJlqDcHjvnEAF5rD0t5y5jkqYVMXAsqxfLqP1hQrDuAA3lT
ofHGBacS5uV4IOUgdFUfm9bUpANfUsf2mGXtkNOdvUE+OzYdhr6T3iqxMpdhRlGE
KpyPacfBPsWANZUAPIK//tr7hcHg5ns0tiIGEDJwA6x3G5VxT4pjPwSF0lcl6J9m
VaTnAR1ehuf3nfVqusMxdzbE/JklWJ1VZtBjtchFGrFYmWJQUgNRXva+jaoy1Dp1
KCiPG/xc79EeHdbmYoeWCHingqNLUysODMIInnd9Sni5cMHnZfVcXb7jzZh0Nqi7
Fr+czbZMIGziXQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:24:28 2026 by rpki-client