Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft
File: nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft (raw, json)
Hash identifier: zTYwYM9TQ6Sxfw4gfEdMHxvOFWmAgS1t+F6ZKpxw0oQ=
Subject key identifier: 23:C0:D6:2C:6E:DF:6E:DF:FD:5E:A9:5D:CB:38:3B:E9:FD:E0:0E:99
Authority key identifier: 9D:0E:2B:9E:69:F5:62:DF:14:CF:77:2B:DE:05:F7:DA:CD:E2:59:61
Certificate issuer: /CN=9d0e2b9e69f562df14cf772bde05f7dacde25961
Certificate serial: 019CACEBD75C0AF8CE009C899AD327382F81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft
Manifest number: 0F1A
Signing time: Mon 02 Mar 2026 05:01:03 +0000
Manifest this update: Mon 02 Mar 2026 05:01:03 +0000
Manifest next update: Tue 03 Mar 2026 05:01:03 +0000
Files and hashes: 1: _-WgAdeW2Y99K-sGrqhGfWbfEYA.roa (hash: 66pgLoCvktoVUaDGxvzDuDueB2STnHHTVeeS6krd+lc=)
2: nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.crl (hash: 4BNhLn+hNZWkXNUFY0rf0uclAnQSPH2OftnmkU1BnTc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:eb:d7:5c:0a:f8:ce:00:9c:89:9a:d3:27:38:2f:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d0e2b9e69f562df14cf772bde05f7dacde25961
Validity
Not Before: Mar 2 05:01:03 2026 GMT
Not After : Mar 3 05:01:03 2026 GMT
Subject: CN=23c0d62c6edf6edffd5ea95dcb383be9fde00e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:36:e1:f7:1d:fd:13:93:27:7a:2c:09:89:c0:
89:1b:11:9a:5f:2e:85:6d:eb:4a:6c:e6:75:13:15:
d9:58:09:85:8e:4e:fe:55:bf:6b:d9:f5:a4:31:7c:
0e:82:d6:5c:5e:0b:71:c7:26:c9:1f:10:71:cf:c6:
06:d5:a1:55:9a:6a:77:2b:31:77:e2:a8:d3:e6:76:
ce:a1:08:ce:cd:00:70:1c:05:df:35:07:ff:d4:ec:
c3:8d:0b:98:e1:9c:6f:cf:73:e8:62:f0:ff:0e:7c:
84:c9:88:41:b3:39:1c:77:1f:82:34:4f:3e:a8:2c:
1d:fc:f5:6f:88:04:19:0f:eb:0f:69:3c:b4:5c:8e:
da:63:be:b3:bf:ce:c4:27:d5:f4:bc:62:47:a3:5f:
ee:05:4a:20:d5:37:cd:0f:6d:a2:a4:97:50:66:2d:
c9:8e:d0:6a:38:56:58:bc:96:a4:9c:d2:84:cc:89:
58:bf:87:1a:61:3e:b9:62:1c:c2:6f:84:90:b6:b8:
9e:71:28:b0:03:7e:1c:89:26:01:bb:b6:a5:51:2f:
12:0e:6c:d1:54:0a:48:8e:ee:c2:9e:ca:66:fc:88:
fc:1a:a8:25:f1:4b:1d:57:e2:9a:1f:fb:9b:6e:b4:
96:62:95:dc:be:51:8f:69:1f:3e:35:81:43:d8:3a:
db:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C0:D6:2C:6E:DF:6E:DF:FD:5E:A9:5D:CB:38:3B:E9:FD:E0:0E:99
X509v3 Authority Key Identifier:
keyid:9D:0E:2B:9E:69:F5:62:DF:14:CF:77:2B:DE:05:F7:DA:CD:E2:59:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:b8:1d:40:16:54:b0:dd:bd:c2:ea:a0:92:3f:ff:40:6b:a0:
1b:bf:e0:6c:71:19:a5:11:90:e5:96:11:9d:ee:4d:39:95:96:
c4:17:9b:d6:fd:86:ff:b7:12:eb:91:63:14:61:be:53:24:98:
9e:f2:81:a1:b3:df:5e:2e:6f:88:f0:47:38:71:43:90:f7:fd:
d5:2f:0c:88:79:c4:b3:c8:ec:7b:84:26:f6:db:2b:34:70:3d:
d6:8f:db:02:f8:d0:c8:ff:e0:a9:c7:c6:e9:20:c1:a9:b4:6f:
b8:55:a6:cd:9d:64:40:de:55:56:fd:51:fd:26:b4:43:f1:64:
08:be:c1:4c:14:e5:6c:32:3d:0e:11:13:11:b9:72:54:cc:5f:
ba:f5:10:8b:27:ee:29:b5:3b:0a:23:ac:cf:f5:85:5f:b2:d4:
e6:86:ed:36:dd:f5:0e:ac:7c:b4:f7:72:58:6d:84:84:e9:d7:
88:33:01:52:1c:68:00:d2:a7:82:7c:48:88:d2:5f:1a:06:e0:
6e:97:3f:7a:58:79:0f:f6:51:7a:64:cb:49:ac:d3:1e:df:42:
37:a6:55:fd:8e:d6:63:47:cc:74:95:2a:d9:6f:89:45:8e:9c:
15:75:33:9a:23:db:66:04:ab:ad:1a:11:ab:1b:75:26:6f:96:
1c:cb:56:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZys69dcCvjOAJyJmtMnOC+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMGUyYjllNjlmNTYyZGYxNGNmNzcyYmRlMDVmN2RhY2Rl
MjU5NjEwHhcNMjYwMzAyMDUwMTAzWhcNMjYwMzAzMDUwMTAzWjAzMTEwLwYDVQQD
EygyM2MwZDYyYzZlZGY2ZWRmZmQ1ZWE5NWRjYjM4M2JlOWZkZTAwZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjbh9x39E5MneiwJicCJGxGaXy6F
betKbOZ1ExXZWAmFjk7+Vb9r2fWkMXwOgtZcXgtxxybJHxBxz8YG1aFVmmp3KzF3
4qjT5nbOoQjOzQBwHAXfNQf/1OzDjQuY4Zxvz3PoYvD/DnyEyYhBszkcdx+CNE8+
qCwd/PVviAQZD+sPaTy0XI7aY76zv87EJ9X0vGJHo1/uBUog1TfND22ipJdQZi3J
jtBqOFZYvJaknNKEzIlYv4caYT65YhzCb4SQtriecSiwA34ciSYBu7alUS8SDmzR
VApIju7Cnspm/Ij8Gqgl8UsdV+KaH/ubbrSWYpXcvlGPaR8+NYFD2DrbxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPA1ixu327f/V6pXcs4O+n94A6ZMB8GA1UdIwQY
MBaAFJ0OK55p9WLfFM93K94F99rN4llhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblE0cm5tbjFZdDhVejNjcjNnWDMyczNpV1dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8yNWJlMmYtOTJlYi00Y2RlLWEyNDct
ZDhkYzM0MDM2Y2U3LzEvblE0cm5tbjFZdDhVejNjcjNnWDMyczNpV1dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8yNWJlMmYtOTJlYi00Y2RlLWEyNDctZDhkYzM0MDM2Y2U3
LzEvblE0cm5tbjFZdDhVejNjcjNnWDMyczNpV1dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADrgdQBZU
sN29wuqgkj//QGugG7/gbHEZpRGQ5ZYRne5NOZWWxBeb1v2G/7cS65FjFGG+UySY
nvKBobPfXi5viPBHOHFDkPf91S8MiHnEs8jse4Qm9tsrNHA91o/bAvjQyP/gqcfG
6SDBqbRvuFWmzZ1kQN5VVv1R/Sa0Q/FkCL7BTBTlbDI9DhETEblyVMxfuvUQiyfu
KbU7CiOsz/WFX7LU5obtNt31Dqx8tPdyWG2EhOnXiDMBUhxoANKngnxIiNJfGgbg
bpc/elh5D/ZRemTLSazTHt9CN6ZV/Y7WY0fMdJUq2W+JRY6cFXUzmiPbZgSrrRoR
qxt1Jm+WHMtWVw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:19:43 2026 by rpki-client