Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
File: NQtAztNuMfkF4abo4DxiHp-_yyk.mft (raw, json)
Hash identifier: 8ccccFOSq/JUvBUBFA70xE8+qwiWGHbq9W9GIEJgrRo=
Subject key identifier: A0:D6:41:A5:61:A2:C8:2C:82:27:60:0E:40:C7:89:08:1E:98:EE:ED
Authority key identifier: 35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
Certificate issuer: /CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Certificate serial: 019CAAC6A3599803164C3424C0FD275C62B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
Manifest number: 1583
Signing time: Sun 01 Mar 2026 19:01:10 +0000
Manifest this update: Sun 01 Mar 2026 19:01:10 +0000
Manifest next update: Mon 02 Mar 2026 19:01:10 +0000
Files and hashes: 1: FGksGgzRp3dqx5JNslhPDHOeSF8.roa (hash: Ae+SgijVIMWeitkLixTQZhBAwcIx6R8bn51UQHedapk=)
2: NQtAztNuMfkF4abo4DxiHp-_yyk.crl (hash: 3cEIQCy34w2gEklyLotdWzEcHA7eKsC2f24FaslJqZQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:a3:59:98:03:16:4c:34:24:c0:fd:27:5c:62:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Validity
Not Before: Mar 1 19:01:10 2026 GMT
Not After : Mar 2 19:01:10 2026 GMT
Subject: CN=a0d641a561a2c82c8227600e40c789081e98eeed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:de:fc:5c:de:dd:7c:95:14:d4:55:0b:9d:45:
f6:95:67:e6:41:21:d3:ee:e7:a7:a6:7a:50:07:e2:
47:82:92:79:f3:ce:bb:28:b9:d3:94:87:dd:f8:46:
0e:b0:9a:80:3c:7b:37:5b:dd:95:e3:44:ab:a8:b9:
05:2f:4c:68:50:9b:42:e0:08:23:db:a3:57:5d:14:
f4:2a:ca:9a:0a:d0:43:61:d8:1f:64:d6:10:17:d8:
2b:c3:f1:8b:54:9f:d3:4e:be:cd:6b:3f:32:47:b5:
27:8d:a8:dc:5c:8c:91:c9:92:bd:bd:88:d5:09:15:
7c:b1:de:e2:9b:d2:69:50:bf:f2:8a:27:20:4f:05:
fd:eb:ff:b9:35:ce:9a:1b:48:ca:58:8f:a7:fe:0f:
a3:4b:fd:b3:83:95:9b:00:09:b6:21:07:09:d9:47:
b9:ee:a5:19:0f:a8:fc:9e:62:be:f3:6e:67:af:93:
12:04:ad:af:90:0d:27:ea:38:3f:0c:e9:a3:47:c7:
6d:60:ac:34:81:1e:3e:b0:4a:cc:5e:e6:19:76:b0:
bf:6f:d6:00:df:a6:37:6e:f8:dc:0e:b4:9a:9c:93:
31:f3:dc:68:b8:ef:f7:cb:1d:d1:59:81:6d:ac:83:
db:be:5a:ac:2a:97:e8:ea:91:d6:cd:99:06:8b:8b:
38:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D6:41:A5:61:A2:C8:2C:82:27:60:0E:40:C7:89:08:1E:98:EE:ED
X509v3 Authority Key Identifier:
keyid:35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:49:80:75:b3:2a:b2:46:b3:b4:46:9e:1c:fe:0b:98:97:7e:
a9:29:f2:3b:d1:ac:38:e4:2b:60:8e:68:57:f7:fa:65:87:b4:
4a:f2:f5:9e:44:0f:21:5a:af:a9:36:6f:52:84:6b:34:43:8a:
bb:1f:e9:84:25:79:a5:90:e0:31:fb:33:d4:82:26:cd:cb:0e:
15:b9:0c:92:1b:da:5c:e3:07:cd:14:bb:98:6f:b0:32:60:74:
8e:0d:0a:42:b5:5f:fb:80:d8:b5:96:a1:f5:ad:e1:19:6a:70:
70:9f:93:b5:11:e3:4c:b9:93:5b:e2:15:34:dd:16:7f:3e:06:
65:4e:5a:fc:be:e5:15:b2:19:96:5a:be:83:bc:da:d9:ee:5b:
11:6f:1e:a3:e4:f3:13:58:ba:9a:e6:93:1c:4a:0e:49:bf:f9:
12:8b:33:a2:e4:41:f6:43:9a:74:6e:7e:53:c6:fb:0c:d4:8c:
bf:ad:c8:83:98:7b:23:43:9e:fa:49:5e:f4:58:19:91:3f:cd:
37:55:1a:f8:26:f8:72:9f:92:93:7e:b6:74:82:b1:0a:39:04:
06:54:e1:90:ba:96:34:40:24:44:ec:a5:31:09:16:4a:61:96:
09:c5:0c:0f:47:a9:95:84:51:cd:df:89:ce:0d:69:e3:e0:47:
02:d8:e8:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxqNZmAMWTDQkwP0nXGK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGI0MGNlZDM2ZTMxZjkwNWUxYTZlOGUwM2M2MjFlOWZi
ZmNiMjkwHhcNMjYwMzAxMTkwMTEwWhcNMjYwMzAyMTkwMTEwWjAzMTEwLwYDVQQD
EyhhMGQ2NDFhNTYxYTJjODJjODIyNzYwMGU0MGM3ODkwODFlOThlZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst78XN7dfJUU1FULnUX2lWfmQSHT
7uenpnpQB+JHgpJ58867KLnTlIfd+EYOsJqAPHs3W92V40SrqLkFL0xoUJtC4Agj
26NXXRT0KsqaCtBDYdgfZNYQF9grw/GLVJ/TTr7Naz8yR7UnjajcXIyRyZK9vYjV
CRV8sd7im9JpUL/yiicgTwX96/+5Nc6aG0jKWI+n/g+jS/2zg5WbAAm2IQcJ2Ue5
7qUZD6j8nmK+825nr5MSBK2vkA0n6jg/DOmjR8dtYKw0gR4+sErMXuYZdrC/b9YA
36Y3bvjcDrSanJMx89xouO/3yx3RWYFtrIPbvlqsKpfo6pHWzZkGi4s45QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKDWQaVhosgsgidgDkDHiQgemO7tMB8GA1UdIwQY
MBaAFDULQM7TbjH5BeGm6OA8Yh6fv8spMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTkt
NzJmNmNhNzU3YTA4LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTktNzJmNmNhNzU3YTA4
LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgEmAdbMq
skaztEaeHP4LmJd+qSnyO9GsOOQrYI5oV/f6ZYe0SvL1nkQPIVqvqTZvUoRrNEOK
ux/phCV5pZDgMfsz1IImzcsOFbkMkhvaXOMHzRS7mG+wMmB0jg0KQrVf+4DYtZah
9a3hGWpwcJ+TtRHjTLmTW+IVNN0Wfz4GZU5a/L7lFbIZllq+g7za2e5bEW8eo+Tz
E1i6muaTHEoOSb/5EoszouRB9kOadG5+U8b7DNSMv63Ig5h7I0Oe+kle9FgZkT/N
N1Ua+Cb4cp+Sk362dIKxCjkEBlThkLqWNEAkROylMQkWSmGWCcUMD0eplYRRzd+J
zg1p4+BHAtjoeg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:21:38 2026 by rpki-client