Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
File: NHkVOIV45h2IaEmiHXC6B1FJwaE.mft (raw, json)
Hash identifier: /3l2A6Qso30Pu4frNkxiDaGyxUZUYySy+iqOEgHfYPY=
Subject key identifier: 42:0C:5C:77:D7:0E:F9:77:8B:2C:C2:D2:1C:46:23:3F:7B:9D:22:0F
Authority key identifier: 34:79:15:38:85:78:E6:1D:88:68:49:A2:1D:70:BA:07:51:49:C1:A1
Certificate issuer: /CN=347915388578e61d886849a21d70ba075149c1a1
Certificate serial: 019CAF480B7C4EFFF59A386E2938252EE74B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
Manifest number: 0DD4
Signing time: Mon 02 Mar 2026 16:01:00 +0000
Manifest this update: Mon 02 Mar 2026 16:01:00 +0000
Manifest next update: Tue 03 Mar 2026 16:01:00 +0000
Files and hashes: 1: NHkVOIV45h2IaEmiHXC6B1FJwaE.crl (hash: CXU3U49s2WnSXz77FstfO3II5HZJfzf9/BiMRWuf2v0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:48:0b:7c:4e:ff:f5:9a:38:6e:29:38:25:2e:e7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347915388578e61d886849a21d70ba075149c1a1
Validity
Not Before: Mar 2 16:01:00 2026 GMT
Not After : Mar 3 16:01:00 2026 GMT
Subject: CN=420c5c77d70ef9778b2cc2d21c46233f7b9d220f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:20:7a:94:ba:d8:7c:c7:24:1a:c1:90:88:6c:
f4:9d:6b:90:ae:98:a4:61:27:ad:7c:31:47:1e:6a:
32:3e:32:83:ba:55:25:1c:e0:5a:3b:58:0a:36:4e:
2b:4f:46:96:c6:90:1e:30:ab:f4:fe:4b:49:ea:91:
fc:94:28:30:84:6e:cb:46:01:b2:d0:b9:f9:f6:6d:
94:a8:eb:6a:1f:39:6d:d8:c5:94:d1:7c:f7:20:b0:
92:f5:00:aa:31:87:8c:8d:48:ca:93:6f:36:15:2b:
87:41:06:76:b6:8a:b5:16:4d:56:2e:c3:be:5a:21:
6f:41:a7:f0:4c:95:e5:3b:44:2d:ac:d5:4a:60:bc:
49:fc:5b:a9:67:c8:4f:c6:b5:9c:76:6f:0f:f6:d0:
f3:13:fe:53:b8:76:0a:b1:dd:4a:1d:5f:99:d6:0d:
9a:d9:75:9c:d7:92:34:44:14:61:d5:3e:02:43:dc:
6f:42:4e:20:79:0d:2d:b5:15:a7:af:d4:7c:8b:a3:
4c:f8:9a:94:ae:27:52:5b:51:ff:55:dc:08:76:5b:
34:b6:04:51:57:f4:a3:78:00:a3:44:1a:c0:bf:16:
f0:58:36:52:07:3d:59:9a:05:33:ed:e1:28:03:e4:
31:de:3a:b6:25:f2:cc:64:4f:ed:6a:c0:67:92:26:
00:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0C:5C:77:D7:0E:F9:77:8B:2C:C2:D2:1C:46:23:3F:7B:9D:22:0F
X509v3 Authority Key Identifier:
keyid:34:79:15:38:85:78:E6:1D:88:68:49:A2:1D:70:BA:07:51:49:C1:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:35:d2:93:da:24:f7:fa:20:74:80:87:a9:f7:51:9c:38:26:
3e:80:d6:dc:5e:29:eb:81:9e:0f:79:c6:f7:25:a3:9b:49:17:
f5:8a:31:2d:66:be:73:dd:3c:fd:b0:10:75:ab:95:3d:57:0b:
43:6a:69:2c:4e:4f:4d:de:86:e7:85:58:89:72:60:cf:d2:ba:
2a:ef:13:68:36:0c:02:6f:3f:84:14:18:61:58:c7:b8:0b:dd:
d9:5c:3c:b6:99:ed:d9:83:f8:47:f6:7d:b9:73:89:fe:9a:85:
f7:0a:0d:32:c4:c6:8c:7d:b8:f9:45:77:25:98:6b:5c:4e:66:
b1:c0:77:e5:a3:dc:1f:bc:bc:7d:0a:a2:54:36:92:26:1c:e5:
a8:a8:d1:04:17:82:d3:8f:d3:31:3a:dc:c1:2d:5e:3f:6e:f6:
ce:d3:34:0a:aa:ca:f7:7b:fc:0c:4f:db:39:fc:f9:ea:e7:d5:
be:bd:ed:01:e1:21:26:00:ac:b2:df:39:1f:e5:23:07:ad:1c:
5d:1d:05:46:52:47:be:ea:a7:3f:da:37:d9:66:83:c1:8e:c9:
00:20:21:57:12:ef:58:46:ef:59:a5:eb:3c:bf:99:72:6b:0d:
cd:35:45:8c:7f:bb:90:88:bc:92:cf:c7:10:7b:96:68:ac:4e:
3a:9d:fb:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvSAt8Tv/1mjhuKTglLudLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzkxNTM4ODU3OGU2MWQ4ODY4NDlhMjFkNzBiYTA3NTE0
OWMxYTEwHhcNMjYwMzAyMTYwMTAwWhcNMjYwMzAzMTYwMTAwWjAzMTEwLwYDVQQD
Eyg0MjBjNWM3N2Q3MGVmOTc3OGIyY2MyZDIxYzQ2MjMzZjdiOWQyMjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCB6lLrYfMckGsGQiGz0nWuQrpik
YSetfDFHHmoyPjKDulUlHOBaO1gKNk4rT0aWxpAeMKv0/ktJ6pH8lCgwhG7LRgGy
0Ln59m2UqOtqHzlt2MWU0Xz3ILCS9QCqMYeMjUjKk282FSuHQQZ2toq1Fk1WLsO+
WiFvQafwTJXlO0QtrNVKYLxJ/FupZ8hPxrWcdm8P9tDzE/5TuHYKsd1KHV+Z1g2a
2XWc15I0RBRh1T4CQ9xvQk4geQ0ttRWnr9R8i6NM+JqUridSW1H/VdwIdls0tgRR
V/SjeACjRBrAvxbwWDZSBz1ZmgUz7eEoA+Qx3jq2JfLMZE/tasBnkiYAFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIMXHfXDvl3iyzC0hxGIz97nSIPMB8GA1UdIwQY
MBaAFDR5FTiFeOYdiGhJoh1wugdRScGhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80ZWY2OWUtOTk3OC00MzZkLTkwYzkt
ODJkOTdjMDY5NTY2LzEvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80ZWY2OWUtOTk3OC00MzZkLTkwYzktODJkOTdjMDY5NTY2
LzEvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMTXSk9ok
9/ogdICHqfdRnDgmPoDW3F4p64GeD3nG9yWjm0kX9YoxLWa+c908/bAQdauVPVcL
Q2ppLE5PTd6G54VYiXJgz9K6Ku8TaDYMAm8/hBQYYVjHuAvd2Vw8tpnt2YP4R/Z9
uXOJ/pqF9woNMsTGjH24+UV3JZhrXE5mscB35aPcH7y8fQqiVDaSJhzlqKjRBBeC
04/TMTrcwS1eP272ztM0CqrK93v8DE/bOfz56ufVvr3tAeEhJgCsst85H+UjB60c
XR0FRlJHvuqnP9o32WaDwY7JACAhVxLvWEbvWaXrPL+ZcmsNzTVFjH+7kIi8ks/H
EHuWaKxOOp37EQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:25:12 2026 by rpki-client