Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft
File: nSAoCNH5FFVeG9WcFncof_mztZA.mft (raw, json)
Hash identifier: XCL9Evm26Jzj5J7pc/44htt1KxTNn7zoidOY4I8lX3g=
Subject key identifier: AF:66:0F:AE:58:64:18:92:ED:03:E4:C0:9A:13:CE:7E:61:18:0B:92
Authority key identifier: 9D:20:28:08:D1:F9:14:55:5E:1B:D5:9C:16:77:28:7F:F9:B3:B5:90
Certificate issuer: /CN=9d202808d1f914555e1bd59c1677287ff9b3b590
Certificate serial: 019CAAC6132944AA30FAA8F2C8E332295E23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft
Manifest number: 1250
Signing time: Sun 01 Mar 2026 19:00:33 +0000
Manifest this update: Sun 01 Mar 2026 19:00:33 +0000
Manifest next update: Mon 02 Mar 2026 19:00:33 +0000
Files and hashes: 1: 8hQk0KTYs3g5ZR66-EC5Vv0X6G8.roa (hash: xP2My60JlMvvPw+zYTcbdyBWhfmdlTseIN2HIlpIMRY=)
2: nSAoCNH5FFVeG9WcFncof_mztZA.crl (hash: yIhuE4OANSQXPqCO6FcydzPZLh7VERX6w7AIqbFoa3c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:13:29:44:aa:30:fa:a8:f2:c8:e3:32:29:5e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d202808d1f914555e1bd59c1677287ff9b3b590
Validity
Not Before: Mar 1 19:00:33 2026 GMT
Not After : Mar 2 19:00:33 2026 GMT
Subject: CN=af660fae58641892ed03e4c09a13ce7e61180b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:47:82:57:ad:8e:17:91:f4:05:7d:1a:b3:4b:
8c:f7:92:8a:8b:a9:32:92:71:a1:da:89:ca:ce:78:
2d:16:af:df:1a:39:a2:0e:d1:b3:1d:60:b7:90:76:
d8:fc:d6:62:b3:ce:e1:02:6c:43:ba:37:81:62:f1:
bc:ee:16:32:b1:5b:1a:b3:7b:07:3f:69:58:67:79:
76:7b:d4:b7:65:90:9e:20:94:4c:09:e5:59:d8:39:
16:26:a6:c8:6e:12:9d:d4:cb:95:0c:a9:31:6c:65:
9f:0c:16:90:cb:3e:cc:2f:09:48:21:ea:2a:e9:fe:
64:c9:b2:d9:0c:10:f0:fe:52:62:02:eb:41:c1:22:
80:59:04:63:ef:e1:7a:e8:80:18:ef:94:7a:08:f7:
43:43:1f:bc:da:48:42:92:75:94:32:3f:09:a2:ea:
e9:f5:f3:ca:55:98:8b:12:fa:a8:60:4d:e4:58:fc:
e7:c3:7c:fa:69:91:83:60:36:fd:d3:fd:52:55:80:
4c:be:e1:8f:17:67:11:f0:95:d5:51:2f:dd:ac:0a:
68:56:d4:81:ee:98:80:3a:de:61:e4:5e:e8:7f:2e:
29:5d:06:89:36:65:3d:4e:50:e8:6f:f1:bb:13:14:
b8:a1:2d:c8:59:af:a9:af:6c:17:34:16:3d:db:dd:
3d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:66:0F:AE:58:64:18:92:ED:03:E4:C0:9A:13:CE:7E:61:18:0B:92
X509v3 Authority Key Identifier:
keyid:9D:20:28:08:D1:F9:14:55:5E:1B:D5:9C:16:77:28:7F:F9:B3:B5:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:85:38:ab:8c:89:a9:a4:ec:ea:8c:d8:50:f0:a0:63:05:d4:
2a:5a:6a:b9:4f:aa:55:fd:6e:a8:22:f0:a8:89:6b:50:e0:9d:
b7:95:00:62:57:d4:1c:1d:86:a3:c1:55:f1:29:b5:3b:f4:8c:
2e:9b:e0:ab:d5:af:84:af:13:25:d3:07:bb:aa:86:0d:22:f8:
19:1c:0f:a1:9c:0c:50:86:ae:9a:6e:00:14:6e:ce:bc:81:2c:
1c:4b:8b:c3:20:d1:9e:17:ba:5e:e1:19:bf:93:0a:77:7c:ae:
69:4d:10:b2:1d:76:73:9c:31:02:e4:82:1c:65:17:05:54:b1:
c7:c3:09:08:15:78:5d:63:56:18:51:f7:ed:fe:69:68:c0:7e:
bf:0e:72:36:f3:13:2f:cd:a5:83:b6:c8:30:3d:b2:44:77:8c:
2c:6f:3a:d5:be:d5:dd:3c:17:c8:93:b1:3e:29:b3:80:67:d8:
ca:81:de:ea:7b:dd:e3:06:46:3e:57:7f:4f:10:94:71:9f:ef:
f1:b1:98:28:b6:58:8b:68:56:2d:fd:41:11:aa:83:ec:db:c1:
2d:81:7d:f7:a1:eb:05:f1:55:f8:06:92:1e:d5:46:61:08:4e:
76:b5:0d:b6:1a:56:0f:9b:48:47:ea:69:60:62:ad:47:ba:07:
46:94:2f:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxhMpRKow+qjyyOMyKV4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjAyODA4ZDFmOTE0NTU1ZTFiZDU5YzE2NzcyODdmZjli
M2I1OTAwHhcNMjYwMzAxMTkwMDMzWhcNMjYwMzAyMTkwMDMzWjAzMTEwLwYDVQQD
EyhhZjY2MGZhZTU4NjQxODkyZWQwM2U0YzA5YTEzY2U3ZTYxMTgwYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkeCV62OF5H0BX0as0uM95KKi6ky
knGh2onKzngtFq/fGjmiDtGzHWC3kHbY/NZis87hAmxDujeBYvG87hYysVsas3sH
P2lYZ3l2e9S3ZZCeIJRMCeVZ2DkWJqbIbhKd1MuVDKkxbGWfDBaQyz7MLwlIIeoq
6f5kybLZDBDw/lJiAutBwSKAWQRj7+F66IAY75R6CPdDQx+82khCknWUMj8Jourp
9fPKVZiLEvqoYE3kWPznw3z6aZGDYDb90/1SVYBMvuGPF2cR8JXVUS/drApoVtSB
7piAOt5h5F7ofy4pXQaJNmU9TlDob/G7ExS4oS3IWa+pr2wXNBY92909vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9mD65YZBiS7QPkwJoTzn5hGAuSMB8GA1UdIwQY
MBaAFJ0gKAjR+RRVXhvVnBZ3KH/5s7WQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9hNWMwNjktODA2MS00ZGVlLTk1Njgt
ODgwYjJkZjU3ZjI1LzEvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9hNWMwNjktODA2MS00ZGVlLTk1NjgtODgwYjJkZjU3ZjI1
LzEvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO4U4q4yJ
qaTs6ozYUPCgYwXUKlpquU+qVf1uqCLwqIlrUOCdt5UAYlfUHB2Go8FV8Sm1O/SM
Lpvgq9WvhK8TJdMHu6qGDSL4GRwPoZwMUIaumm4AFG7OvIEsHEuLwyDRnhe6XuEZ
v5MKd3yuaU0Qsh12c5wxAuSCHGUXBVSxx8MJCBV4XWNWGFH37f5paMB+vw5yNvMT
L82lg7bIMD2yRHeMLG861b7V3TwXyJOxPimzgGfYyoHe6nvd4wZGPld/TxCUcZ/v
8bGYKLZYi2hWLf1BEaqD7NvBLYF996HrBfFV+AaSHtVGYQhOdrUNthpWD5tIR+pp
YGKtR7oHRpQvJA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:31:21 2026 by rpki-client