Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
File: NYx3zUAYPEEVsr8NznFuC8XQv9U.mft (raw, json)
Hash identifier: YiYLaYwb2+CGHYgfQZh6KvJi2WkArjAk+tCT6zXmb8k=
Subject key identifier: 28:91:A8:52:04:9B:B3:B0:0C:D3:F5:30:56:9C:40:F2:02:9D:C8:11
Authority key identifier: 35:8C:77:CD:40:18:3C:41:15:B2:BF:0D:CE:71:6E:0B:C5:D0:BF:D5
Certificate issuer: /CN=358c77cd40183c4115b2bf0dce716e0bc5d0bfd5
Certificate serial: 019CAD9065CAEBDD1BA22E426FF07DB43C1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
Manifest number: 05B2
Signing time: Mon 02 Mar 2026 08:00:47 +0000
Manifest this update: Mon 02 Mar 2026 08:00:47 +0000
Manifest next update: Tue 03 Mar 2026 08:00:47 +0000
Files and hashes: 1: NYx3zUAYPEEVsr8NznFuC8XQv9U.crl (hash: XO/LTrRlaFkhYAzaGnX8or5+eNNKNdf76PI5Id6WXFI=)
2: UlEC3VpAKX5fgFyuoTuBA8htBuc.roa (hash: OCopTvk4i816iUhH+QXazE3VcJpYfdLODiRXhmC1WXY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:65:ca:eb:dd:1b:a2:2e:42:6f:f0:7d:b4:3c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=358c77cd40183c4115b2bf0dce716e0bc5d0bfd5
Validity
Not Before: Mar 2 08:00:47 2026 GMT
Not After : Mar 3 08:00:47 2026 GMT
Subject: CN=2891a852049bb3b00cd3f530569c40f2029dc811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:b9:97:ee:7d:c5:7e:20:14:b3:ab:c0:a7:f5:
8e:0d:65:0f:6d:e9:a0:b3:1b:5a:ba:54:ff:c5:97:
26:3d:ff:cf:63:79:97:69:5c:f9:14:7f:1e:7d:64:
1e:62:26:ca:3a:84:c7:48:19:49:77:81:bf:1f:78:
69:34:69:09:29:90:ff:14:5a:7b:6e:ac:23:14:e6:
bd:2f:eb:e8:a8:e9:0a:44:28:11:9a:97:e2:52:fa:
09:e3:0b:f5:ef:73:62:ac:fe:dd:8a:30:19:3e:b5:
d6:73:bf:ca:0a:08:99:80:28:b3:fd:59:94:89:78:
e4:2c:d4:fe:25:70:d4:0f:26:4f:62:12:7e:f7:c4:
af:34:82:5e:6f:be:51:b7:9a:81:29:b0:8c:51:5f:
fb:77:7a:e5:02:f6:ef:63:ed:5d:2a:3e:90:35:bc:
44:d9:fa:97:d6:22:09:f5:bf:60:b9:9a:0a:f3:fb:
46:cb:d2:95:98:31:97:05:e4:64:b0:7d:97:91:0b:
2e:f8:ae:2d:1b:5f:d8:ae:b3:8d:a7:b1:2e:d7:77:
b3:f0:6a:cd:03:23:fb:ea:eb:2f:a0:73:ed:93:f3:
6d:3d:4a:a8:88:ba:3e:8c:35:af:67:02:bd:7d:74:
8f:62:db:52:01:22:cf:07:a9:6d:fe:8c:6e:f0:c4:
ca:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:91:A8:52:04:9B:B3:B0:0C:D3:F5:30:56:9C:40:F2:02:9D:C8:11
X509v3 Authority Key Identifier:
keyid:35:8C:77:CD:40:18:3C:41:15:B2:BF:0D:CE:71:6E:0B:C5:D0:BF:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:d3:a2:ca:08:08:71:84:50:a6:eb:a2:c9:68:e2:4c:0c:cf:
69:9a:31:77:01:7d:59:5c:ec:f2:73:2d:83:1f:c4:13:a5:65:
2d:4d:ae:c0:ad:cf:1c:ec:51:ad:c0:92:80:e4:20:8d:7a:8b:
e0:c1:cd:df:75:f4:35:86:66:10:5c:4a:ce:a0:d1:cb:14:a4:
82:cc:06:2a:57:c0:61:24:78:62:74:5e:90:f7:87:c8:d3:fa:
16:45:9d:e0:58:2b:2a:50:ba:01:e7:d1:f3:ef:be:1a:96:f2:
0e:11:6f:b1:a4:52:1c:98:1b:be:10:43:55:e4:9d:f8:08:85:
e6:07:6c:fd:c6:8f:fe:6c:75:c3:3f:6a:ff:80:e6:c8:4b:7d:
dc:60:3c:4b:48:b5:67:e2:ef:05:68:2f:fe:0a:e4:be:4d:a4:
1c:26:cf:1e:a0:e1:9e:e3:0e:24:24:ed:3c:c9:ba:55:ed:3b:
6e:bc:c0:02:6a:0b:e5:19:4e:46:79:68:2d:9b:03:d9:04:b4:
0a:f5:6d:1d:4a:d4:f8:98:a6:ae:8c:b5:52:61:00:ae:e1:51:
ce:2a:8c:60:a9:8e:94:3e:d9:bb:10:1d:32:92:1a:98:19:3a:
3e:47:8f:4d:4e:e2:93:64:e2:3f:b9:59:6c:a9:5c:40:0d:b5:
9d:44:09:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkGXK690boi5Cb/B9tDwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OGM3N2NkNDAxODNjNDExNWIyYmYwZGNlNzE2ZTBiYzVk
MGJmZDUwHhcNMjYwMzAyMDgwMDQ3WhcNMjYwMzAzMDgwMDQ3WjAzMTEwLwYDVQQD
EygyODkxYTg1MjA0OWJiM2IwMGNkM2Y1MzA1NjljNDBmMjAyOWRjODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8LmX7n3FfiAUs6vAp/WODWUPbemg
sxtaulT/xZcmPf/PY3mXaVz5FH8efWQeYibKOoTHSBlJd4G/H3hpNGkJKZD/FFp7
bqwjFOa9L+voqOkKRCgRmpfiUvoJ4wv173NirP7dijAZPrXWc7/KCgiZgCiz/VmU
iXjkLNT+JXDUDyZPYhJ+98SvNIJeb75Rt5qBKbCMUV/7d3rlAvbvY+1dKj6QNbxE
2fqX1iIJ9b9guZoK8/tGy9KVmDGXBeRksH2XkQsu+K4tG1/YrrONp7Eu13ez8GrN
AyP76usvoHPtk/NtPUqoiLo+jDWvZwK9fXSPYttSASLPB6lt/oxu8MTKAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCiRqFIEm7OwDNP1MFacQPICncgRMB8GA1UdIwQY
MBaAFDWMd81AGDxBFbK/Dc5xbgvF0L/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTJiNDEtN2RjNi00NWE0LWFhMDgt
MzE1MWExNzk0Yjk3LzEvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTJiNDEtN2RjNi00NWE0LWFhMDgtMzE1MWExNzk0Yjk3
LzEvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC9OiyggI
cYRQpuuiyWjiTAzPaZoxdwF9WVzs8nMtgx/EE6VlLU2uwK3PHOxRrcCSgOQgjXqL
4MHN33X0NYZmEFxKzqDRyxSkgswGKlfAYSR4YnRekPeHyNP6FkWd4FgrKlC6AefR
8+++GpbyDhFvsaRSHJgbvhBDVeSd+AiF5gds/caP/mx1wz9q/4DmyEt93GA8S0i1
Z+LvBWgv/grkvk2kHCbPHqDhnuMOJCTtPMm6Ve07brzAAmoL5RlORnloLZsD2QS0
CvVtHUrU+Jimroy1UmEAruFRziqMYKmOlD7ZuxAdMpIamBk6PkePTU7ik2TiP7lZ
bKlcQA21nUQJnA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:54:15 2026 by rpki-client