Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a2d47e-d114-43a1-bdca-59005b2981d3/1/N1_CEWNZalFHLA_xhKZJkdyDpsE.mft
File: N1_CEWNZalFHLA_xhKZJkdyDpsE.mft (raw, json)
Hash identifier: GeKLtsEKZnQqchEbekOJZCsbIRXGF5Cawikafj/ZKHI=
Subject key identifier: 95:7B:13:9C:F7:34:CB:A0:19:5A:12:09:99:17:E1:91:36:44:BD:1C
Authority key identifier: 37:5F:C2:11:63:59:6A:51:47:2C:0F:F1:84:A6:49:91:DC:83:A6:C1
Certificate issuer: /CN=375fc21163596a51472c0ff184a64991dc83a6c1
Certificate serial: 019CAB345F7D6930C421A0E8E4E709DC63DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1_CEWNZalFHLA_xhKZJkdyDpsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/a2d47e-d114-43a1-bdca-59005b2981d3/1/N1_CEWNZalFHLA_xhKZJkdyDpsE.mft
Manifest number: 1019
Signing time: Sun 01 Mar 2026 21:01:02 +0000
Manifest this update: Sun 01 Mar 2026 21:01:02 +0000
Manifest next update: Mon 02 Mar 2026 21:01:02 +0000
Files and hashes: 1: N1_CEWNZalFHLA_xhKZJkdyDpsE.crl (hash: 03YUCGv9nBaLiBvOZFTyeXy1og0/V8aCBMIexPqPZ+g=)
2: YLBXJ11mEGO5PlbXThO83EcE_Ns.roa (hash: 35AN0IfH7ydkQxRJiaol/kYL6o8B/ZFyI8+hr+xzEtU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/a2d47e-d114-43a1-bdca-59005b2981d3/1/N1_CEWNZalFHLA_xhKZJkdyDpsE.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/a2d47e-d114-43a1-bdca-59005b2981d3/1/N1_CEWNZalFHLA_xhKZJkdyDpsE.mft
rsync://rpki.ripe.net/repository/DEFAULT/N1_CEWNZalFHLA_xhKZJkdyDpsE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:5f:7d:69:30:c4:21:a0:e8:e4:e7:09:dc:63:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=375fc21163596a51472c0ff184a64991dc83a6c1
Validity
Not Before: Mar 1 21:01:02 2026 GMT
Not After : Mar 2 21:01:02 2026 GMT
Subject: CN=957b139cf734cba0195a12099917e1913644bd1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3b:70:71:ba:64:89:be:88:bb:6a:5c:b5:bb:
ca:69:02:3d:89:ae:25:84:3b:28:1e:1d:d8:e2:85:
90:79:80:2d:4e:a3:ec:4b:de:ad:80:ea:ed:0a:ec:
99:aa:c3:30:d8:e2:02:31:75:23:b5:01:c6:26:55:
0d:59:4a:56:e6:68:46:70:4c:17:2e:14:38:b4:79:
5a:3f:f6:30:f1:40:7c:42:e5:e3:7e:49:10:3b:6e:
32:3f:ce:f5:55:6e:26:f3:45:6f:07:59:1a:bc:7e:
8f:4a:91:09:2d:21:5c:17:ff:37:52:66:da:b4:85:
d2:0e:7a:d3:b3:0a:0a:0f:ec:cb:2a:d1:01:7c:70:
ae:bb:ac:96:fb:0d:ed:57:40:70:b8:e0:c3:a4:c6:
5b:6a:e4:fd:f9:fc:58:23:79:81:49:e6:8a:c3:de:
40:70:f9:db:8c:ce:f1:83:ac:92:26:fc:fd:85:cc:
57:15:f9:eb:24:06:d5:22:f9:d7:c2:ba:cd:59:4f:
0a:d9:e5:b5:b0:1a:54:df:e1:12:df:56:6f:18:1d:
c8:1a:ed:48:d5:24:af:04:f2:5b:83:bf:01:3a:37:
06:1d:c1:1c:c0:ef:3e:b1:28:cf:d8:42:41:f5:1e:
28:a5:5c:72:6e:8f:ac:ae:03:9d:29:ce:5f:b0:03:
0b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:7B:13:9C:F7:34:CB:A0:19:5A:12:09:99:17:E1:91:36:44:BD:1C
X509v3 Authority Key Identifier:
keyid:37:5F:C2:11:63:59:6A:51:47:2C:0F:F1:84:A6:49:91:DC:83:A6:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1_CEWNZalFHLA_xhKZJkdyDpsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a2d47e-d114-43a1-bdca-59005b2981d3/1/N1_CEWNZalFHLA_xhKZJkdyDpsE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a2d47e-d114-43a1-bdca-59005b2981d3/1/N1_CEWNZalFHLA_xhKZJkdyDpsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:97:ae:10:22:3e:66:81:82:16:81:91:c4:ee:4e:ca:d9:6c:
b7:65:b9:c9:84:7e:05:e3:78:8e:5e:7f:58:8e:6b:2a:37:cd:
70:0d:5d:e2:ff:b3:03:75:89:98:5d:49:63:f4:2e:93:55:c1:
a2:40:ff:45:12:c7:c2:d1:38:d9:f1:3e:ed:29:98:f3:45:5c:
ec:7f:9f:33:1d:ff:fb:2d:5a:48:77:a6:f0:4b:65:29:19:74:
59:a0:f8:30:2e:34:a3:01:07:01:9c:15:f3:36:86:db:33:a9:
ed:9b:0e:2b:94:c8:09:f7:13:5b:64:5b:c7:28:eb:1d:b8:85:
0b:27:c8:34:d5:af:32:15:3b:82:10:84:d3:cf:b7:86:a4:94:
65:69:63:0f:c0:0f:1d:f5:eb:e8:4d:e4:d2:3f:d2:ad:07:0b:
bc:c4:66:d2:7c:1c:de:09:f3:36:33:fc:d8:73:2f:15:ad:df:
99:a6:4e:b8:a5:c5:e7:92:67:61:6b:0f:46:95:f1:cc:57:5a:
25:03:ac:25:cb:5b:07:e4:18:d8:a9:69:12:1a:6b:f2:62:b4:
26:d5:40:d4:91:16:1e:8a:97:6b:cd:02:16:7d:93:4f:ec:1f:
11:ee:1d:d7:4a:0c:6f:85:f3:9f:45:ea:6d:9c:28:52:99:00:
f0:b3:94:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNF99aTDEIaDo5OcJ3GPeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NWZjMjExNjM1OTZhNTE0NzJjMGZmMTg0YTY0OTkxZGM4
M2E2YzEwHhcNMjYwMzAxMjEwMTAyWhcNMjYwMzAyMjEwMTAyWjAzMTEwLwYDVQQD
Eyg5NTdiMTM5Y2Y3MzRjYmEwMTk1YTEyMDk5OTE3ZTE5MTM2NDRiZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTtwcbpkib6Iu2pctbvKaQI9ia4l
hDsoHh3Y4oWQeYAtTqPsS96tgOrtCuyZqsMw2OICMXUjtQHGJlUNWUpW5mhGcEwX
LhQ4tHlaP/Yw8UB8QuXjfkkQO24yP871VW4m80VvB1kavH6PSpEJLSFcF/83Umba
tIXSDnrTswoKD+zLKtEBfHCuu6yW+w3tV0BwuODDpMZbauT9+fxYI3mBSeaKw95A
cPnbjM7xg6ySJvz9hcxXFfnrJAbVIvnXwrrNWU8K2eW1sBpU3+ES31ZvGB3IGu1I
1SSvBPJbg78BOjcGHcEcwO8+sSjP2EJB9R4opVxybo+srgOdKc5fsAML2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJV7E5z3NMugGVoSCZkX4ZE2RL0cMB8GA1UdIwQY
MBaAFDdfwhFjWWpRRywP8YSmSZHcg6bBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFfQ0VXTlphbEZITEFfeGhLWkprZHlEcHNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hMmQ0N2UtZDExNC00M2ExLWJkY2Et
NTkwMDViMjk4MWQzLzEvTjFfQ0VXTlphbEZITEFfeGhLWkprZHlEcHNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hMmQ0N2UtZDExNC00M2ExLWJkY2EtNTkwMDViMjk4MWQz
LzEvTjFfQ0VXTlphbEZITEFfeGhLWkprZHlEcHNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkJeuECI+
ZoGCFoGRxO5Oytlst2W5yYR+BeN4jl5/WI5rKjfNcA1d4v+zA3WJmF1JY/Quk1XB
okD/RRLHwtE42fE+7SmY80Vc7H+fMx3/+y1aSHem8EtlKRl0WaD4MC40owEHAZwV
8zaG2zOp7ZsOK5TICfcTW2RbxyjrHbiFCyfINNWvMhU7ghCE08+3hqSUZWljD8AP
HfXr6E3k0j/SrQcLvMRm0nwc3gnzNjP82HMvFa3fmaZOuKXF55JnYWsPRpXxzFda
JQOsJctbB+QY2KlpEhpr8mK0JtVA1JEWHoqXa80CFn2TT+wfEe4d10oMb4Xzn0Xq
bZwoUpkA8LOUGw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:28:04 2026 by rpki-client