Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
File: nGfqNKARpHc4cVg-w5VOeR2MAo0.mft (raw, json)
Hash identifier: R+4ClF+NGEJcloRc7sk8AGruOWas/noLmNoo1SNc7W4=
Subject key identifier: 80:23:AD:4E:40:AE:80:AC:67:43:EC:1B:91:FB:A5:07:5A:CE:5D:40
Authority key identifier: 9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D
Certificate issuer: /CN=9c67ea34a011a4773871583ec3954e791d8c028d
Certificate serial: 019CAD2297819E8DFB1C3E65AD8510872925
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
Manifest number: 0F2C
Signing time: Mon 02 Mar 2026 06:00:51 +0000
Manifest this update: Mon 02 Mar 2026 06:00:51 +0000
Manifest next update: Tue 03 Mar 2026 06:00:51 +0000
Files and hashes: 1: 8QeOnl1jSGn4_0NxM6NuGpN-0Jo.roa (hash: J4omMw3D0N9tMXhiPZ3E3pOd7uQCU3TjcYrnPrhAQ04=)
2: nGfqNKARpHc4cVg-w5VOeR2MAo0.crl (hash: GScp4w2duqOisLyRT/+Qpz4aobKLZWeNZx66tPTomAg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:22:97:81:9e:8d:fb:1c:3e:65:ad:85:10:87:29:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c67ea34a011a4773871583ec3954e791d8c028d
Validity
Not Before: Mar 2 06:00:51 2026 GMT
Not After : Mar 3 06:00:51 2026 GMT
Subject: CN=8023ad4e40ae80ac6743ec1b91fba5075ace5d40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:69:73:08:36:8a:af:c8:d2:37:59:14:7a:af:
44:52:a4:bb:4c:28:aa:34:77:7d:b2:12:ae:e4:6e:
b0:2b:97:12:17:85:38:c9:4c:57:da:02:b7:17:b4:
09:9b:e1:5a:0a:db:f7:b8:12:c0:fb:b6:13:dd:64:
78:6a:03:9a:97:16:69:09:d6:39:5f:50:f0:89:a1:
3f:ba:f2:11:a5:1d:f2:17:ad:f2:6a:6f:75:6e:ab:
10:9f:f3:29:e5:e0:f6:d3:b3:9d:c0:9f:33:30:48:
b7:8b:a5:92:f4:80:f3:0a:e1:76:dd:32:4b:db:c6:
f2:5b:5f:9e:92:99:91:f5:de:cd:a7:c6:39:c8:a7:
9b:d2:44:e1:f5:e9:63:98:cc:5f:d7:9f:98:2a:f1:
e7:bc:ed:1d:d8:cd:5e:e2:c2:20:99:dd:63:47:e8:
e7:eb:09:e0:89:43:ef:fd:b9:c7:7e:08:90:cb:e3:
f9:40:ba:8a:9d:16:2d:40:83:b8:06:45:0a:b7:06:
d6:5e:19:42:98:d6:89:be:d6:aa:ce:c1:19:0d:92:
65:3c:8d:9a:56:00:1e:85:b7:e0:53:85:f8:b7:9a:
6e:02:52:62:32:0c:78:4c:84:2c:e4:1b:73:bd:7a:
ee:78:e7:5d:b6:d3:e2:53:8d:b5:03:47:59:48:fe:
ea:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:23:AD:4E:40:AE:80:AC:67:43:EC:1B:91:FB:A5:07:5A:CE:5D:40
X509v3 Authority Key Identifier:
keyid:9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:3f:18:84:83:75:28:c9:96:d9:5c:7e:37:17:1c:63:80:af:
09:7a:11:df:58:2d:4f:a8:83:98:e4:45:1c:0b:3b:4f:a4:f5:
03:e2:32:b3:33:b8:37:81:25:cb:e3:65:f6:44:b2:7b:08:6f:
63:76:0c:09:ba:13:7c:2c:ea:52:27:3c:23:f0:91:8f:67:fd:
96:33:95:88:fc:3b:45:42:1b:f9:28:6f:5c:2b:af:b5:f9:6a:
67:f5:39:df:73:8e:45:e7:93:2f:bb:52:b7:a0:58:22:6d:9e:
0e:93:6c:90:16:73:b6:b9:3d:10:5c:04:4b:16:fd:2b:2f:04:
66:40:f6:0e:f4:f9:18:68:92:d5:27:55:82:fe:7d:77:bc:e4:
0c:cd:43:cc:58:b6:e5:d3:18:02:8f:69:17:2b:74:61:4a:39:
d9:83:0c:33:cd:6a:92:bc:e2:41:6a:4e:90:ec:11:84:73:c9:
4b:3c:fe:3c:b6:ac:34:7a:14:41:e5:c7:b9:04:33:f4:b7:ae:
fc:76:b3:9e:24:9b:b7:dd:e4:e8:a2:36:e3:64:29:24:69:ed:
85:b7:1e:45:f0:65:01:e3:17:e0:b9:64:1a:8b:d8:46:34:83:
93:b2:f3:66:c9:d3:4c:b9:43:dd:dd:aa:c0:ca:d3:55:d2:bd:
7a:15:67:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytIpeBno37HD5lrYUQhyklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNjdlYTM0YTAxMWE0NzczODcxNTgzZWMzOTU0ZTc5MWQ4
YzAyOGQwHhcNMjYwMzAyMDYwMDUxWhcNMjYwMzAzMDYwMDUxWjAzMTEwLwYDVQQD
Eyg4MDIzYWQ0ZTQwYWU4MGFjNjc0M2VjMWI5MWZiYTUwNzVhY2U1ZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWlzCDaKr8jSN1kUeq9EUqS7TCiq
NHd9shKu5G6wK5cSF4U4yUxX2gK3F7QJm+FaCtv3uBLA+7YT3WR4agOalxZpCdY5
X1DwiaE/uvIRpR3yF63yam91bqsQn/Mp5eD207OdwJ8zMEi3i6WS9IDzCuF23TJL
28byW1+ekpmR9d7Np8Y5yKeb0kTh9eljmMxf15+YKvHnvO0d2M1e4sIgmd1jR+jn
6wngiUPv/bnHfgiQy+P5QLqKnRYtQIO4BkUKtwbWXhlCmNaJvtaqzsEZDZJlPI2a
VgAehbfgU4X4t5puAlJiMgx4TIQs5BtzvXrueOddttPiU421A0dZSP7qJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIAjrU5AroCsZ0PsG5H7pQdazl1AMB8GA1UdIwQY
MBaAFJxn6jSgEaR3OHFYPsOVTnkdjAKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgt
ODJjNjdjNjllOTIzLzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgtODJjNjdjNjllOTIz
LzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALT8YhIN1
KMmW2Vx+NxccY4CvCXoR31gtT6iDmORFHAs7T6T1A+IyszO4N4Ely+Nl9kSyewhv
Y3YMCboTfCzqUic8I/CRj2f9ljOViPw7RUIb+ShvXCuvtflqZ/U533OOReeTL7tS
t6BYIm2eDpNskBZztrk9EFwESxb9Ky8EZkD2DvT5GGiS1SdVgv59d7zkDM1DzFi2
5dMYAo9pFyt0YUo52YMMM81qkrziQWpOkOwRhHPJSzz+PLasNHoUQeXHuQQz9Leu
/HazniSbt93k6KI242QpJGnthbceRfBlAeMX4LlkGovYRjSDk7LzZsnTTLlD3d2q
wMrTVdK9ehVnYA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:08:19 2026 by rpki-client