Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/deb102-423f-4e92-b7c5-73d014e8349b/1/nPmIlqiK6PNUCut37KHxqUu9aXg.mft
File: nPmIlqiK6PNUCut37KHxqUu9aXg.mft (raw, json)
Hash identifier: As/LDHBusWMW6ioMfQHERPVIWMXpXc1DqOPEzUtClNg=
Subject key identifier: FA:78:D5:90:DF:F4:DF:C5:BE:83:14:C9:B1:FE:B8:71:17:AB:0A:84
Authority key identifier: 9C:F9:88:96:A8:8A:E8:F3:54:0A:EB:77:EC:A1:F1:A9:4B:BD:69:78
Certificate issuer: /CN=9cf98896a88ae8f3540aeb77eca1f1a94bbd6978
Certificate serial: 019CAD599F36A8C14771C5398E8DAAC50EC5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nPmIlqiK6PNUCut37KHxqUu9aXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/deb102-423f-4e92-b7c5-73d014e8349b/1/nPmIlqiK6PNUCut37KHxqUu9aXg.mft
Manifest number: 09DD
Signing time: Mon 02 Mar 2026 07:00:57 +0000
Manifest this update: Mon 02 Mar 2026 07:00:57 +0000
Manifest next update: Tue 03 Mar 2026 07:00:57 +0000
Files and hashes: 1: nPmIlqiK6PNUCut37KHxqUu9aXg.crl (hash: bdra9OJqHFoMEqUdSqvYYwB0/DMRn+KFtpa9XRky3WE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/deb102-423f-4e92-b7c5-73d014e8349b/1/nPmIlqiK6PNUCut37KHxqUu9aXg.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/deb102-423f-4e92-b7c5-73d014e8349b/1/nPmIlqiK6PNUCut37KHxqUu9aXg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nPmIlqiK6PNUCut37KHxqUu9aXg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:59:9f:36:a8:c1:47:71:c5:39:8e:8d:aa:c5:0e:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cf98896a88ae8f3540aeb77eca1f1a94bbd6978
Validity
Not Before: Mar 2 07:00:57 2026 GMT
Not After : Mar 3 07:00:57 2026 GMT
Subject: CN=fa78d590dff4dfc5be8314c9b1feb87117ab0a84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a4:1a:39:cc:fc:46:60:1c:ce:1a:d0:0f:3d:
84:26:b9:c3:85:c1:20:3a:fd:43:c0:5f:09:18:39:
1d:3e:70:86:bf:68:c2:c9:3a:bb:cd:c7:f6:93:18:
07:e3:42:54:28:4a:9e:2b:fe:81:4b:7c:01:f6:88:
0b:45:98:28:84:14:94:d0:e5:73:41:ec:58:80:64:
80:29:df:23:fe:b8:0f:86:93:db:38:34:69:3e:6a:
51:bb:c3:d5:e0:27:31:90:19:ce:ab:fa:6f:18:ae:
44:0c:09:d4:11:0c:fd:4d:a8:ba:eb:04:b5:bd:30:
7d:a4:2c:f6:ad:4f:85:96:0f:bb:3b:2b:e2:01:04:
4d:b6:5f:a2:da:22:b0:b4:c3:14:24:de:2e:8d:c3:
6c:a5:e8:68:34:54:56:34:ec:27:34:3f:0b:83:04:
81:8a:04:7b:c8:5f:a5:ad:d3:fc:94:74:66:fe:d2:
d9:61:c6:85:97:51:7c:5d:c0:16:8e:b0:47:37:88:
d9:6a:72:37:18:06:07:a9:53:45:71:69:42:b1:f5:
7f:26:cc:53:37:9f:1c:e9:ac:e9:a8:95:6e:26:0b:
f3:06:1e:d9:15:e8:13:21:6e:c1:52:84:aa:10:0e:
df:3f:4f:52:b3:bd:c6:9e:68:d3:c1:71:14:19:ae:
49:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:78:D5:90:DF:F4:DF:C5:BE:83:14:C9:B1:FE:B8:71:17:AB:0A:84
X509v3 Authority Key Identifier:
keyid:9C:F9:88:96:A8:8A:E8:F3:54:0A:EB:77:EC:A1:F1:A9:4B:BD:69:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nPmIlqiK6PNUCut37KHxqUu9aXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/deb102-423f-4e92-b7c5-73d014e8349b/1/nPmIlqiK6PNUCut37KHxqUu9aXg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/deb102-423f-4e92-b7c5-73d014e8349b/1/nPmIlqiK6PNUCut37KHxqUu9aXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:bc:fe:d2:5d:5f:d6:62:4c:d2:65:7e:61:57:19:c5:7b:b7:
0b:da:6e:c3:53:12:14:b9:46:4d:bc:7d:87:a2:9f:99:c4:29:
7c:ba:a3:ca:bc:e8:d7:2c:65:d1:32:34:31:2e:d6:62:c8:c5:
2d:b0:37:16:32:9f:a6:a3:7d:81:d8:9b:99:ee:3c:a6:d8:27:
51:60:06:81:91:40:3f:a8:1d:3b:e6:bb:e0:1b:9d:c0:3e:3d:
a5:ae:e2:0e:1f:2b:cc:c2:e4:1f:32:b6:17:6a:c4:36:98:5c:
9f:a6:df:a0:c2:c0:c7:0a:65:0d:64:f9:50:85:31:f9:57:5a:
dc:fb:ff:06:1a:96:00:61:2a:13:33:65:4c:04:0c:b2:dd:c2:
fa:68:06:5c:63:97:0c:f0:3e:01:8e:f3:40:e2:66:f7:d5:d3:
6f:91:e1:c2:97:02:ac:db:12:ca:8d:d0:70:9e:a7:45:a9:46:
a8:e0:88:79:12:86:35:7c:04:a2:39:1d:b9:48:1d:08:b2:77:
7a:c1:de:a0:c1:a6:7b:a7:6a:5c:58:ec:97:3f:4f:14:a6:a5:
f3:73:78:5a:e9:36:51:2f:25:9f:bc:07:89:92:9b:d1:30:50:
f4:7a:0c:ce:55:6b:8f:60:40:2c:44:95:8a:85:11:ed:e8:11:
24:6d:e7:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWZ82qMFHccU5jo2qxQ7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZjk4ODk2YTg4YWU4ZjM1NDBhZWI3N2VjYTFmMWE5NGJi
ZDY5NzgwHhcNMjYwMzAyMDcwMDU3WhcNMjYwMzAzMDcwMDU3WjAzMTEwLwYDVQQD
EyhmYTc4ZDU5MGRmZjRkZmM1YmU4MzE0YzliMWZlYjg3MTE3YWIwYTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqQaOcz8RmAczhrQDz2EJrnDhcEg
Ov1DwF8JGDkdPnCGv2jCyTq7zcf2kxgH40JUKEqeK/6BS3wB9ogLRZgohBSU0OVz
QexYgGSAKd8j/rgPhpPbODRpPmpRu8PV4CcxkBnOq/pvGK5EDAnUEQz9Tai66wS1
vTB9pCz2rU+Flg+7OyviAQRNtl+i2iKwtMMUJN4ujcNspehoNFRWNOwnND8LgwSB
igR7yF+lrdP8lHRm/tLZYcaFl1F8XcAWjrBHN4jZanI3GAYHqVNFcWlCsfV/JsxT
N58c6azpqJVuJgvzBh7ZFegTIW7BUoSqEA7fP09Ss73GnmjTwXEUGa5JjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPp41ZDf9N/FvoMUybH+uHEXqwqEMB8GA1UdIwQY
MBaAFJz5iJaoiujzVArrd+yh8alLvWl4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblBtSWxxaUs2UE5VQ3V0MzdLSHhxVXU5YVhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kZWIxMDItNDIzZi00ZTkyLWI3YzUt
NzNkMDE0ZTgzNDliLzEvblBtSWxxaUs2UE5VQ3V0MzdLSHhxVXU5YVhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kZWIxMDItNDIzZi00ZTkyLWI3YzUtNzNkMDE0ZTgzNDli
LzEvblBtSWxxaUs2UE5VQ3V0MzdLSHhxVXU5YVhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPbz+0l1f
1mJM0mV+YVcZxXu3C9puw1MSFLlGTbx9h6KfmcQpfLqjyrzo1yxl0TI0MS7WYsjF
LbA3FjKfpqN9gdibme48ptgnUWAGgZFAP6gdO+a74BudwD49pa7iDh8rzMLkHzK2
F2rENphcn6bfoMLAxwplDWT5UIUx+Vda3Pv/BhqWAGEqEzNlTAQMst3C+mgGXGOX
DPA+AY7zQOJm99XTb5HhwpcCrNsSyo3QcJ6nRalGqOCIeRKGNXwEojkduUgdCLJ3
esHeoMGme6dqXFjslz9PFKal83N4Wuk2US8ln7wHiZKb0TBQ9HoMzlVrj2BALESV
ioUR7egRJG3nzA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:04:14 2026 by rpki-client