Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft
File: NiQhSOPmNqkDQ_PpUES439udHNk.mft (raw, json)
Hash identifier: NT5kGaudlHIOXReDB9j1CrjwIvkjqa1gQpiwGWWjvX4=
Subject key identifier: 8A:53:0A:8B:22:66:F9:C9:9E:C9:46:5F:F8:45:F4:8C:87:48:A8:86
Authority key identifier: 36:24:21:48:E3:E6:36:A9:03:43:F3:E9:50:44:B8:DF:DB:9D:1C:D9
Certificate issuer: /CN=36242148e3e636a90343f3e95044b8dfdb9d1cd9
Certificate serial: 019CAFB571969BC9C4C0D25DB7681E21B8B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft
Manifest number: 03A3
Signing time: Mon 02 Mar 2026 18:00:29 +0000
Manifest this update: Mon 02 Mar 2026 18:00:29 +0000
Manifest next update: Tue 03 Mar 2026 18:00:29 +0000
Files and hashes: 1: Dr6F3L4xRt2i8RUfH4s0XX8o0U0.roa (hash: GCUyOT0XAk3FRNMCon8x2Cr9zKCfKsyTPv23kvE35X4=)
2: NiQhSOPmNqkDQ_PpUES439udHNk.crl (hash: /yVn4/jg99SOVsSxZvYAUKMCbxwJ9nSZtVLz88bqf6g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:b5:71:96:9b:c9:c4:c0:d2:5d:b7:68:1e:21:b8:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36242148e3e636a90343f3e95044b8dfdb9d1cd9
Validity
Not Before: Mar 2 18:00:29 2026 GMT
Not After : Mar 3 18:00:29 2026 GMT
Subject: CN=8a530a8b2266f9c99ec9465ff845f48c8748a886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:74:d6:d6:83:d3:22:ea:c8:53:63:a4:bb:3b:
f3:06:aa:7a:37:dc:ea:6c:24:a4:79:2a:ec:5c:26:
e7:cb:fd:0e:76:04:d9:e7:d7:a4:d9:e3:90:3c:cb:
c3:d2:47:a2:fb:f3:6e:1b:9b:75:80:23:6e:d1:6f:
0e:99:9c:1f:fe:aa:6c:89:79:1b:59:ba:b3:20:ff:
c2:22:fe:6b:03:b4:d6:14:5f:c0:85:e2:6a:f8:fc:
3b:d9:8e:d7:f1:72:9b:1a:63:41:4c:74:4d:7b:fa:
6f:38:1a:22:59:66:01:d9:2b:bf:f1:51:d0:94:46:
5a:95:36:0c:6a:01:44:73:b5:ea:b8:e1:4c:47:48:
2f:da:7c:13:e8:67:ca:cc:ec:50:df:48:95:c5:9d:
a1:00:41:a9:fd:18:97:7a:a0:0a:64:ca:db:06:4b:
e4:a8:0b:b3:7a:e4:b7:27:e0:66:37:c3:f0:8b:59:
7c:12:0c:f3:9e:8e:a2:6c:76:b4:1e:92:dc:fe:3a:
80:4f:3f:f8:9f:b1:90:bd:23:54:b0:bf:bf:1c:59:
30:ed:71:c2:11:58:3f:d9:c4:d8:dd:25:a4:6a:c0:
4b:19:aa:a5:b3:79:8f:70:8e:63:4f:4d:fc:f9:94:
26:e7:49:55:be:47:d7:b1:f9:1f:fb:49:ae:9c:7c:
92:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:53:0A:8B:22:66:F9:C9:9E:C9:46:5F:F8:45:F4:8C:87:48:A8:86
X509v3 Authority Key Identifier:
keyid:36:24:21:48:E3:E6:36:A9:03:43:F3:E9:50:44:B8:DF:DB:9D:1C:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:70:2b:ca:62:95:45:03:0d:c4:31:c7:03:4b:6c:2c:0a:08:
b9:b5:a0:b3:38:ee:b3:41:df:8a:7f:8b:18:cd:db:04:30:66:
16:12:ee:03:29:b5:67:f9:a8:a7:21:e2:9d:ce:ca:82:6d:b0:
b9:a4:3c:04:37:1c:57:d4:b0:dc:a6:62:4a:95:85:9b:e3:f6:
c3:32:2f:bd:e1:be:2d:b2:c5:dd:2e:78:ba:d7:92:89:3d:3e:
31:52:22:c1:ca:59:4a:17:60:86:b8:30:20:18:05:50:4f:8a:
23:c5:d8:17:f2:72:6e:df:b4:16:2e:2b:8e:d2:18:55:96:b1:
c7:12:86:91:c4:db:c4:0c:14:30:9d:33:1f:0b:50:78:db:9c:
ea:09:5c:d5:af:4b:11:68:92:dc:24:69:89:5d:5f:b6:ca:15:
d5:5c:d0:13:f3:80:81:48:01:55:6b:7e:7e:e9:09:70:a7:37:
97:9d:bf:df:03:e0:78:63:c7:c6:de:95:dd:98:0d:76:16:98:
bb:5e:99:a1:76:07:ef:e9:cf:c6:83:32:a9:83:be:99:18:83:
96:4e:b3:79:ee:1d:b4:d4:70:28:4b:7b:1b:f7:a8:18:6a:36:
ea:e0:e6:d8:bc:b7:36:86:28:c8:25:ae:b8:07:35:b2:93:66:
cd:38:fe:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvtXGWm8nEwNJdt2geIbiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjQyMTQ4ZTNlNjM2YTkwMzQzZjNlOTUwNDRiOGRmZGI5
ZDFjZDkwHhcNMjYwMzAyMTgwMDI5WhcNMjYwMzAzMTgwMDI5WjAzMTEwLwYDVQQD
Eyg4YTUzMGE4YjIyNjZmOWM5OWVjOTQ2NWZmODQ1ZjQ4Yzg3NDhhODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3TW1oPTIurIU2OkuzvzBqp6N9zq
bCSkeSrsXCbny/0OdgTZ59ek2eOQPMvD0kei+/NuG5t1gCNu0W8OmZwf/qpsiXkb
WbqzIP/CIv5rA7TWFF/AheJq+Pw72Y7X8XKbGmNBTHRNe/pvOBoiWWYB2Su/8VHQ
lEZalTYMagFEc7XquOFMR0gv2nwT6GfKzOxQ30iVxZ2hAEGp/RiXeqAKZMrbBkvk
qAuzeuS3J+BmN8Pwi1l8Egzzno6ibHa0HpLc/jqATz/4n7GQvSNUsL+/HFkw7XHC
EVg/2cTY3SWkasBLGaqls3mPcI5jT038+ZQm50lVvkfXsfkf+0munHySPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIpTCosiZvnJnslGX/hF9IyHSKiGMB8GA1UdIwQY
MBaAFDYkIUjj5japA0Pz6VBEuN/bnRzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zYzNkYTAtZDNmOC00YWEyLTgzMzQt
MjZkNzU5MzY1NDAyLzEvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zYzNkYTAtZDNmOC00YWEyLTgzMzQtMjZkNzU5MzY1NDAy
LzEvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM3ArymKV
RQMNxDHHA0tsLAoIubWgszjus0Hfin+LGM3bBDBmFhLuAym1Z/mopyHinc7Kgm2w
uaQ8BDccV9Sw3KZiSpWFm+P2wzIvveG+LbLF3S54uteSiT0+MVIiwcpZShdghrgw
IBgFUE+KI8XYF/Jybt+0Fi4rjtIYVZaxxxKGkcTbxAwUMJ0zHwtQeNuc6glc1a9L
EWiS3CRpiV1ftsoV1VzQE/OAgUgBVWt+fukJcKc3l52/3wPgeGPHxt6V3ZgNdhaY
u16ZoXYH7+nPxoMyqYO+mRiDlk6zee4dtNRwKEt7G/eoGGo26uDm2Ly3NoYoyCWu
uAc1spNmzTj+WQ==
-----END CERTIFICATE-----
Generated at Tue Mar 3 00:58:05 2026 by rpki-client