Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File: nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier: 05AR8/DQQhLUnq2bUycLtTlIQfsP1DivXsrKNw9kEXk=
Subject key identifier: 70:DF:A8:4E:FD:D3:86:18:9A:EE:1F:C1:F1:46:56:43:20:96:B5:23
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer: /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial: 019CABD9C4301072960C1AB262C7FA49B168
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number: 1843
Signing time: Mon 02 Mar 2026 00:01:41 +0000
Manifest this update: Mon 02 Mar 2026 00:01:41 +0000
Manifest next update: Tue 03 Mar 2026 00:01:41 +0000
Files and hashes: 1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: YkbvdUya2SVLd4bfCTpehRtd+bFvyNHd+anPwEieFug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:c4:30:10:72:96:0c:1a:b2:62:c7:fa:49:b1:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Validity
Not Before: Mar 2 00:01:41 2026 GMT
Not After : Mar 3 00:01:41 2026 GMT
Subject: CN=70dfa84efdd386189aee1fc1f14656432096b523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:99:47:bc:bf:c3:15:af:71:2c:76:b1:bb:fc:
cc:c2:eb:c9:17:b7:46:0b:11:95:d3:d8:68:72:20:
f4:c0:5c:fc:8f:33:5c:bd:00:bd:4f:76:66:82:bd:
58:d5:d5:8f:8a:5f:47:d9:c1:2e:73:3b:f3:7e:4e:
95:c5:7d:fc:99:56:10:6c:64:9e:b6:1c:a7:87:31:
e2:51:5d:0e:72:f7:7e:02:86:25:b7:3b:1f:10:ea:
3a:d0:fa:a8:b2:f3:66:c7:3b:30:da:13:c0:b7:45:
ff:d8:72:33:ed:c5:fb:ac:a1:1a:ab:04:98:c2:cc:
b9:78:98:08:6c:dd:c1:91:89:34:11:2e:ec:66:9e:
c5:ac:77:b0:1f:a5:33:68:a8:5d:70:92:3a:95:ab:
f8:78:af:7a:65:b4:0c:e4:f2:ac:96:db:c3:ca:eb:
b6:5a:b1:24:d1:70:66:1b:a7:4c:8a:a4:95:9e:a2:
9b:21:15:de:da:a3:b6:84:ce:ef:63:24:bd:ca:bc:
93:f5:84:fd:b4:54:c5:2a:77:f9:11:ca:9c:55:b0:
ab:69:b8:f4:ef:b3:74:9e:fb:fe:0a:0c:7f:77:4a:
5d:b4:b6:50:b0:f6:38:80:91:68:3a:61:94:46:d5:
c7:f0:08:92:0e:45:22:b9:b2:b7:0b:2d:d8:c2:f9:
de:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:DF:A8:4E:FD:D3:86:18:9A:EE:1F:C1:F1:46:56:43:20:96:B5:23
X509v3 Authority Key Identifier:
keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c9:e2:60:89:07:d6:ce:6c:86:15:ac:ce:4e:bd:6c:da:fc:a5:
8d:ae:8f:84:a0:fd:cd:5b:9f:21:ca:38:57:b9:a5:a4:54:39:
03:07:19:41:5e:b7:61:6e:5c:43:52:83:12:3d:57:78:08:cd:
32:8a:e8:f1:96:35:f3:1c:90:bf:72:ce:16:38:7d:e9:06:14:
6d:3b:96:14:e3:ed:5e:66:d5:1d:41:de:9a:e5:f8:2d:14:3f:
c2:30:37:85:72:99:fd:60:d5:53:88:09:0c:10:b4:f6:a8:35:
cb:b8:cf:be:8f:24:af:61:e5:6c:48:37:e0:ba:be:28:a7:f2:
74:74:9f:56:09:ed:fc:5c:36:ce:44:20:8f:cc:45:6a:3a:5e:
33:b4:da:48:0a:e6:12:dd:b8:c5:7a:10:3e:42:50:8d:3a:e3:
39:67:3a:e9:cb:66:7b:ff:78:dd:39:8c:e9:35:48:bd:f9:8c:
73:ab:2e:a9:f2:ac:99:10:ce:0a:03:9d:a6:7f:4b:bd:13:ae:
5a:4d:1c:8d:dc:30:54:23:55:c6:b1:85:2c:8d:e2:46:7b:f5:
a6:71:42:18:32:6b:69:18:cc:ff:15:e8:ea:84:0b:d4:5e:ec:
6d:00:84:68:3d:2b:0c:f6:95:1a:41:3e:7e:d4:2b:06:39:f6:
b2:17:01:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2cQwEHKWDBqyYsf6SbFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjYwMzAyMDAwMTQxWhcNMjYwMzAzMDAwMTQxWjAzMTEwLwYDVQQD
Eyg3MGRmYTg0ZWZkZDM4NjE4OWFlZTFmYzFmMTQ2NTY0MzIwOTZiNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJlHvL/DFa9xLHaxu/zMwuvJF7dG
CxGV09hociD0wFz8jzNcvQC9T3Zmgr1Y1dWPil9H2cEuczvzfk6VxX38mVYQbGSe
thynhzHiUV0Ocvd+AoYltzsfEOo60PqosvNmxzsw2hPAt0X/2HIz7cX7rKEaqwSY
wsy5eJgIbN3BkYk0ES7sZp7FrHewH6UzaKhdcJI6lav4eK96ZbQM5PKsltvDyuu2
WrEk0XBmG6dMiqSVnqKbIRXe2qO2hM7vYyS9yryT9YT9tFTFKnf5EcqcVbCrabj0
77N0nvv+Cgx/d0pdtLZQsPY4gJFoOmGURtXH8AiSDkUiubK3Cy3YwvnerQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDfqE7904YYmu4fwfFGVkMglrUjMB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyeJgiQfW
zmyGFazOTr1s2vylja6PhKD9zVufIco4V7mlpFQ5AwcZQV63YW5cQ1KDEj1XeAjN
Moro8ZY18xyQv3LOFjh96QYUbTuWFOPtXmbVHUHemuX4LRQ/wjA3hXKZ/WDVU4gJ
DBC09qg1y7jPvo8kr2HlbEg34Lq+KKfydHSfVgnt/Fw2zkQgj8xFajpeM7TaSArm
Et24xXoQPkJQjTrjOWc66ctme/943TmM6TVIvfmMc6suqfKsmRDOCgOdpn9LvROu
Wk0cjdwwVCNVxrGFLI3iRnv1pnFCGDJraRjM/xXo6oQL1F7sbQCEaD0rDPaVGkE+
ftQrBjn2shcBRw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:27:06 2026 by rpki-client