Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft
File: NTPUOQNczcXww50bP7FhlbVV_KM.mft (raw, json)
Hash identifier: 0HuWwskWlnAcWTeq2YIOYbuCzajOPS/0LQL0UA3EMFE=
Subject key identifier: AA:D5:4B:92:73:4F:4F:27:59:D6:50:BC:BB:59:AA:8C:D8:0A:E3:6C
Authority key identifier: 35:33:D4:39:03:5C:CD:C5:F0:C3:9D:1B:3F:B1:61:95:B5:55:FC:A3
Certificate issuer: /CN=3533d439035ccdc5f0c39d1b3fb16195b555fca3
Certificate serial: 019D9A74CDC80B9FBB44A2236D56FB09078A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft
Manifest number: 0DB8
Signing time: Fri 17 Apr 2026 08:00:39 +0000
Manifest this update: Fri 17 Apr 2026 08:00:39 +0000
Manifest next update: Sat 18 Apr 2026 08:00:39 +0000
Files and hashes: 1: GkloadKipNGLxGdn49lnbZG57SQ.roa (hash: HQ8BBGVI4OetCOmU12/iTT2SoIrhzR4vqVTSloeX4A8=)
2: NTPUOQNczcXww50bP7FhlbVV_KM.crl (hash: jRg7ZSgDB7X1v9cddW8e9BDgI3QuW7z0ASEdZPkJNJ0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:74:cd:c8:0b:9f:bb:44:a2:23:6d:56:fb:09:07:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3533d439035ccdc5f0c39d1b3fb16195b555fca3
Validity
Not Before: Apr 17 08:00:39 2026 GMT
Not After : Apr 18 08:00:39 2026 GMT
Subject: CN=aad54b92734f4f2759d650bcbb59aa8cd80ae36c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:26:79:60:94:dc:aa:26:6a:cf:ba:fe:f4:c4:
aa:c2:a4:b4:31:98:bf:e5:95:cd:34:9c:15:a2:9f:
50:24:84:9e:7c:27:1b:6b:e7:80:fc:59:3c:42:41:
e6:a7:fe:cc:c4:65:c4:0b:96:1d:75:46:7a:ad:99:
7d:50:a7:31:ab:54:ce:30:93:a4:75:e6:27:c2:d8:
bb:4f:fd:5e:a2:b3:5c:a4:b0:b1:44:56:39:99:7e:
57:86:f6:f7:d5:6c:f3:82:39:68:1b:d9:6f:c8:ba:
53:05:37:03:e0:12:24:e2:ce:f3:06:68:e4:04:66:
72:3f:06:55:0d:b6:51:99:51:f1:72:51:1d:19:47:
89:86:2c:f1:c3:ba:c6:9e:89:f5:bf:86:fb:d0:b8:
d0:06:c6:ac:f8:91:7d:f9:bf:69:41:e0:43:9d:71:
64:5c:1e:4e:0d:35:3b:8e:dd:df:57:da:27:7a:15:
76:6f:f6:ac:7d:e5:44:fb:d8:fe:cc:81:6b:37:a5:
09:39:64:89:f1:59:04:47:6f:f7:a5:27:b2:b4:a0:
f8:ab:ac:41:94:ff:cb:52:d8:44:77:91:90:24:f5:
b7:37:31:65:dc:80:26:d7:49:c2:4b:4d:5a:09:cd:
03:2e:8a:01:4a:00:4e:9e:00:7b:2a:dc:c8:36:79:
7f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D5:4B:92:73:4F:4F:27:59:D6:50:BC:BB:59:AA:8C:D8:0A:E3:6C
X509v3 Authority Key Identifier:
keyid:35:33:D4:39:03:5C:CD:C5:F0:C3:9D:1B:3F:B1:61:95:B5:55:FC:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:ef:cf:e1:0d:0c:49:dd:1e:28:14:2f:b2:aa:0d:89:10:8a:
e9:2f:61:df:f1:33:e4:b6:e1:2d:92:d2:17:cb:55:8f:3b:db:
9c:51:85:18:28:3a:5f:4a:7a:b7:b3:64:16:2b:71:e3:fe:96:
35:f6:ed:3e:03:fb:e2:8f:91:57:cf:65:36:df:18:8d:18:c9:
44:32:a8:46:02:7b:c2:df:72:91:88:57:24:5e:74:90:e4:ee:
f4:01:90:d7:97:65:94:be:b7:a9:19:d0:e4:06:0d:59:9e:3f:
b8:1f:d6:e2:5c:72:70:1e:20:dc:ea:dd:9c:2c:d4:16:c6:27:
91:04:23:78:a8:91:fb:b2:cc:0d:1b:52:b2:42:24:94:c2:82:
b7:95:e5:8f:48:60:3d:8e:bc:84:57:15:c3:e7:96:34:93:5a:
57:fe:de:b8:a3:7d:69:f2:95:de:44:41:e6:da:0a:ee:33:dd:
76:0c:d1:07:06:33:75:ea:8b:c1:9e:c5:38:9c:80:c9:59:5d:
07:d7:75:9e:d4:db:e3:72:6e:ba:6a:d8:fa:3d:5d:68:34:7c:
52:b1:2c:37:d3:c5:36:d0:0a:f3:47:a7:cf:e4:f0:16:62:cc:
c2:37:4b:b1:f7:72:1e:bc:04:9b:9c:81:23:75:4e:00:e7:93:
87:24:23:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2adM3IC5+7RKIjbVb7CQeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MzNkNDM5MDM1Y2NkYzVmMGMzOWQxYjNmYjE2MTk1YjU1
NWZjYTMwHhcNMjYwNDE3MDgwMDM5WhcNMjYwNDE4MDgwMDM5WjAzMTEwLwYDVQQD
EyhhYWQ1NGI5MjczNGY0ZjI3NTlkNjUwYmNiYjU5YWE4Y2Q4MGFlMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiZ5YJTcqiZqz7r+9MSqwqS0MZi/
5ZXNNJwVop9QJISefCcba+eA/Fk8QkHmp/7MxGXEC5YddUZ6rZl9UKcxq1TOMJOk
deYnwti7T/1eorNcpLCxRFY5mX5Xhvb31WzzgjloG9lvyLpTBTcD4BIk4s7zBmjk
BGZyPwZVDbZRmVHxclEdGUeJhizxw7rGnon1v4b70LjQBsas+JF9+b9pQeBDnXFk
XB5ODTU7jt3fV9onehV2b/asfeVE+9j+zIFrN6UJOWSJ8VkER2/3pSeytKD4q6xB
lP/LUthEd5GQJPW3NzFl3IAm10nCS01aCc0DLooBSgBOngB7KtzINnl/kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrVS5JzT08nWdZQvLtZqozYCuNsMB8GA1UdIwQY
MBaAFDUz1DkDXM3F8MOdGz+xYZW1VfyjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy84Y2YyYTYtNDUyOS00M2Q5LWI3ODIt
MzZlODVhYmU1MmZmLzEvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy84Y2YyYTYtNDUyOS00M2Q5LWI3ODItMzZlODVhYmU1MmZm
LzEvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASO/P4Q0M
Sd0eKBQvsqoNiRCK6S9h3/Ez5LbhLZLSF8tVjzvbnFGFGCg6X0p6t7NkFitx4/6W
NfbtPgP74o+RV89lNt8YjRjJRDKoRgJ7wt9ykYhXJF50kOTu9AGQ15dllL63qRnQ
5AYNWZ4/uB/W4lxycB4g3OrdnCzUFsYnkQQjeKiR+7LMDRtSskIklMKCt5Xlj0hg
PY68hFcVw+eWNJNaV/7euKN9afKV3kRB5toK7jPddgzRBwYzdeqLwZ7FOJyAyVld
B9d1ntTb43JuumrY+j1daDR8UrEsN9PFNtAK80enz+TwFmLMwjdLsfdyHrwEm5yB
I3VOAOeThyQjBQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:03:51 2026 by rpki-client