Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
File: nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json)
Hash identifier: sY05KFP/91n5A9XMZ5IAz2bAenNZWWaNKrXSdBulmJk=
Subject key identifier: 19:34:A8:5F:22:0B:68:88:82:5D:23:E0:88:E9:31:A8:5E:22:FF:95
Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
Certificate issuer: /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Certificate serial: 019D9B199A9B1096C66C07B22C03DD35DADE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
Manifest number: 0B3B
Signing time: Fri 17 Apr 2026 11:00:39 +0000
Manifest this update: Fri 17 Apr 2026 11:00:39 +0000
Manifest next update: Sat 18 Apr 2026 11:00:39 +0000
Files and hashes: 1: KggeSoYJuTH0OsCrW287o_IBVIU.roa (hash: 3X9Kd87JdDMTWZvK8kLFjDZVe2SDW7wiUWXk0sGtCM8=)
2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: kPahPqTagCeDK7vCKdXxaUJqboBWfQpDKMcc64ovcJA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 11:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:19:9a:9b:10:96:c6:6c:07:b2:2c:03:dd:35:da:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Validity
Not Before: Apr 17 11:00:39 2026 GMT
Not After : Apr 18 11:00:39 2026 GMT
Subject: CN=1934a85f220b6888825d23e088e931a85e22ff95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2e:92:f5:42:fb:bb:87:16:2b:b9:7d:00:eb:
ed:ea:a0:a5:cb:e6:24:b4:b4:78:b8:2d:da:0c:a5:
93:e5:50:88:06:98:93:8e:fc:ed:37:6b:09:7f:49:
43:f7:59:f0:d3:4f:cf:fd:ae:72:88:56:c9:c8:f9:
88:df:28:e0:8d:31:8a:f5:50:37:a7:13:c6:ed:4b:
19:6e:a2:6f:02:8c:07:a5:4c:40:3a:d1:36:8d:e9:
67:f2:2b:7c:56:59:41:52:bc:ec:35:55:8d:ca:ee:
53:04:97:e8:ec:dd:85:59:61:dc:65:c4:ca:8b:e7:
0b:8c:d4:fd:76:40:8f:3a:d2:43:0f:20:29:e3:03:
86:a8:43:19:b8:22:a7:0d:21:a7:bb:e4:55:37:03:
2c:e7:3f:43:d4:75:af:fe:22:fd:fb:84:9e:db:91:
01:02:74:7b:0c:41:c9:d1:9a:0c:f6:6f:8c:d7:7e:
0f:6e:fe:ac:9b:b8:58:3f:2d:b4:f9:6b:37:e9:bb:
cc:a1:4f:89:5a:3b:5a:77:21:fb:99:a2:25:5f:59:
bf:80:5a:e3:28:9f:c6:72:67:fb:48:cc:c7:57:39:
2c:6d:5e:04:0b:f2:56:57:a9:67:8f:04:0c:1b:7b:
2a:32:5a:4e:f0:88:f9:a9:59:5a:ab:b4:e9:6a:71:
8d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:34:A8:5F:22:0B:68:88:82:5D:23:E0:88:E9:31:A8:5E:22:FF:95
X509v3 Authority Key Identifier:
keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ce:9f:57:ba:9f:09:18:14:d4:99:9b:98:c1:5c:cb:0a:3d:09:
6f:a7:6c:e2:dc:b2:63:38:3c:4b:98:f9:bf:2b:c5:dd:85:2b:
4e:35:58:04:3c:1a:a4:0b:61:a1:12:9d:85:7e:9d:83:7f:ea:
d8:53:21:9a:33:2d:14:c1:3b:2d:cd:1f:7a:53:6a:85:92:6a:
4d:ac:35:a2:c4:22:2b:24:85:da:18:ec:6a:c1:e2:7f:73:b6:
5e:fd:bb:17:73:71:44:ae:84:7e:67:c6:55:58:b0:8c:a9:4d:
02:f9:f3:ca:3f:4f:56:6f:e2:13:e5:ae:e4:8b:6d:e7:13:c9:
3d:22:d8:bb:a1:3c:30:f6:bc:00:a6:2e:36:5a:b7:46:4e:b8:
a6:ed:14:66:e8:d0:01:dd:06:60:52:67:f9:fb:a2:e7:85:86:
25:50:a4:c4:b9:d4:3d:89:84:3e:6e:86:7d:df:51:22:21:d0:
80:f0:72:cb:a6:b5:77:48:fd:17:fb:a6:b7:5c:7a:d0:10:fc:
c3:ac:52:db:1b:70:53:ff:84:0d:bb:ba:5b:ea:26:70:12:a2:
67:ff:38:22:28:20:c0:01:de:cf:90:21:7a:ad:38:ba:e6:dc:
32:06:ba:ee:24:9d:ab:a7:0a:38:43:8d:af:29:69:bb:e8:1c:
b9:b7:55:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bGZqbEJbGbAeyLAPdNdreMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx
ZTkxYTAwHhcNMjYwNDE3MTEwMDM5WhcNMjYwNDE4MTEwMDM5WjAzMTEwLwYDVQQD
EygxOTM0YTg1ZjIyMGI2ODg4ODI1ZDIzZTA4OGU5MzFhODVlMjJmZjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC6S9UL7u4cWK7l9AOvt6qCly+Yk
tLR4uC3aDKWT5VCIBpiTjvztN2sJf0lD91nw00/P/a5yiFbJyPmI3yjgjTGK9VA3
pxPG7UsZbqJvAowHpUxAOtE2jeln8it8VllBUrzsNVWNyu5TBJfo7N2FWWHcZcTK
i+cLjNT9dkCPOtJDDyAp4wOGqEMZuCKnDSGnu+RVNwMs5z9D1HWv/iL9+4Se25EB
AnR7DEHJ0ZoM9m+M134Pbv6sm7hYPy20+Ws36bvMoU+JWjtadyH7maIlX1m/gFrj
KJ/Gcmf7SMzHVzksbV4EC/JWV6lnjwQMG3sqMlpO8Ij5qVlaq7TpanGNZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBk0qF8iC2iIgl0j4IjpMaheIv+VMB8GA1UdIwQY
MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt
ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0
LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzp9Xup8J
GBTUmZuYwVzLCj0Jb6ds4tyyYzg8S5j5vyvF3YUrTjVYBDwapAthoRKdhX6dg3/q
2FMhmjMtFME7Lc0felNqhZJqTaw1osQiKySF2hjsasHif3O2Xv27F3NxRK6EfmfG
VViwjKlNAvnzyj9PVm/iE+Wu5Itt5xPJPSLYu6E8MPa8AKYuNlq3Rk64pu0UZujQ
Ad0GYFJn+fui54WGJVCkxLnUPYmEPm6Gfd9RIiHQgPByy6a1d0j9F/umt1x60BD8
w6xS2xtwU/+EDbu6W+omcBKiZ/84IiggwAHez5Aheq04uubcMga67iSdq6cKOEON
rylpu+gcubdVQg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:05:33 2026 by rpki-client