Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
File: NQtAztNuMfkF4abo4DxiHp-_yyk.mft (raw, json)
Hash identifier: y7i3V9/yZYkVzdyoSGpwaiy6dxyyy63x7Pje86MsabE=
Subject key identifier: 39:F2:06:DF:28:F1:29:8E:D6:46:02:FC:18:6A:A8:A9:7D:75:68:2C
Authority key identifier: 35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
Certificate issuer: /CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Certificate serial: 019DA3E686ED4D26FFAE29F59F42BEE328B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
Manifest number: 1604
Signing time: Sun 19 Apr 2026 04:01:27 +0000
Manifest this update: Sun 19 Apr 2026 04:01:27 +0000
Manifest next update: Mon 20 Apr 2026 04:01:27 +0000
Files and hashes: 1: FGksGgzRp3dqx5JNslhPDHOeSF8.roa (hash: Ae+SgijVIMWeitkLixTQZhBAwcIx6R8bn51UQHedapk=)
2: NQtAztNuMfkF4abo4DxiHp-_yyk.crl (hash: I47Kn+qmKKyxEBDbS3rm/58PmKgwC1tlaQPShaEd6C0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a3:e6:86:ed:4d:26:ff:ae:29:f5:9f:42:be:e3:28:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Validity
Not Before: Apr 19 04:01:27 2026 GMT
Not After : Apr 20 04:01:27 2026 GMT
Subject: CN=39f206df28f1298ed64602fc186aa8a97d75682c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ab:e2:5c:6d:ff:52:31:86:e6:dd:4b:0b:40:
f4:8b:a6:ba:ab:33:87:c8:f2:5a:59:9d:c4:db:7d:
98:d7:ad:4d:62:8a:ed:f3:c7:41:b0:30:fa:15:09:
83:89:f4:60:ae:73:1c:80:b3:b3:42:b4:70:20:75:
5f:d2:5a:f4:fc:32:9f:22:51:7b:8c:45:ad:c9:07:
1f:cb:bd:63:55:a2:9e:31:cf:e8:fb:aa:8d:dc:b0:
9f:24:50:00:0f:4f:41:a9:52:08:91:86:9f:d1:df:
01:20:a6:30:d0:28:61:06:01:55:4c:39:7f:57:f5:
ba:74:36:00:dc:af:56:ac:ba:b8:7f:2e:23:a2:b3:
93:5c:7f:e8:07:83:b6:94:07:a0:0c:cf:bf:94:da:
c6:6d:6f:eb:1f:75:36:6d:5b:97:01:08:d5:48:05:
71:55:2a:8b:76:2f:5e:51:da:56:0c:5e:1a:d0:1c:
48:47:d6:bd:4a:55:30:40:c7:11:fa:ff:36:13:77:
52:06:34:e5:f5:da:c6:2d:8b:d2:bc:69:a3:58:9b:
2d:06:64:36:3e:81:a8:4a:3e:d8:0b:81:db:7b:a1:
72:71:ae:56:f0:ed:0d:fd:29:e2:94:ba:9d:26:88:
f4:7b:d7:c5:1e:70:58:90:b2:61:7f:be:ce:f4:22:
51:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F2:06:DF:28:F1:29:8E:D6:46:02:FC:18:6A:A8:A9:7D:75:68:2C
X509v3 Authority Key Identifier:
keyid:35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:2e:ff:bc:8f:2e:7a:90:ba:c2:c0:2a:01:3c:23:7b:0f:f9:
33:e3:7a:16:f8:fd:33:e7:f5:ce:d0:e1:bd:46:6c:7e:0a:62:
29:7a:e9:f4:af:75:b7:bf:7b:ce:3b:ea:2d:24:06:e6:6b:1f:
27:b5:49:ef:52:65:6f:37:31:d8:47:2d:ba:1c:56:56:0b:7c:
b8:df:a1:8c:6d:07:24:87:f2:4e:83:25:36:36:5b:ec:f8:8f:
e7:6f:d6:36:18:1e:02:92:23:5a:a1:6c:50:53:4f:45:e5:88:
06:a1:ec:ec:71:8c:58:96:4f:dd:d5:b3:b4:fd:1b:20:01:60:
06:2b:4b:5d:fa:fd:a1:a9:47:72:cc:d7:aa:ad:83:bb:6e:4b:
64:38:d8:95:6f:85:77:30:29:e3:af:22:7b:8e:17:74:82:03:
97:f9:d2:b1:55:e4:c1:77:f2:a5:1d:10:ad:7a:ae:d2:9f:0f:
06:ca:9a:8f:c0:21:0c:ab:fd:7a:a1:cc:da:38:7a:20:f9:62:
0f:bd:58:9a:ca:7f:6f:f3:0b:65:19:af:23:47:41:95:2f:52:
00:a6:e2:6d:0d:de:2d:45:f4:12:cf:7b:1e:82:36:e1:3f:b0:
85:95:be:24:39:62:f4:32:95:ac:df:05:b0:00:0a:76:d8:16:
d0:7b:5a:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5obtTSb/rin1n0K+4yi0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGI0MGNlZDM2ZTMxZjkwNWUxYTZlOGUwM2M2MjFlOWZi
ZmNiMjkwHhcNMjYwNDE5MDQwMTI3WhcNMjYwNDIwMDQwMTI3WjAzMTEwLwYDVQQD
EygzOWYyMDZkZjI4ZjEyOThlZDY0NjAyZmMxODZhYThhOTdkNzU2ODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaviXG3/UjGG5t1LC0D0i6a6qzOH
yPJaWZ3E232Y161NYort88dBsDD6FQmDifRgrnMcgLOzQrRwIHVf0lr0/DKfIlF7
jEWtyQcfy71jVaKeMc/o+6qN3LCfJFAAD09BqVIIkYaf0d8BIKYw0ChhBgFVTDl/
V/W6dDYA3K9WrLq4fy4jorOTXH/oB4O2lAegDM+/lNrGbW/rH3U2bVuXAQjVSAVx
VSqLdi9eUdpWDF4a0BxIR9a9SlUwQMcR+v82E3dSBjTl9drGLYvSvGmjWJstBmQ2
PoGoSj7YC4Hbe6Fyca5W8O0N/SnilLqdJoj0e9fFHnBYkLJhf77O9CJRGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDnyBt8o8SmO1kYC/BhqqKl9dWgsMB8GA1UdIwQY
MBaAFDULQM7TbjH5BeGm6OA8Yh6fv8spMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTkt
NzJmNmNhNzU3YTA4LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTktNzJmNmNhNzU3YTA4
LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWi7/vI8u
epC6wsAqATwjew/5M+N6Fvj9M+f1ztDhvUZsfgpiKXrp9K91t797zjvqLSQG5msf
J7VJ71Jlbzcx2EctuhxWVgt8uN+hjG0HJIfyToMlNjZb7PiP52/WNhgeApIjWqFs
UFNPReWIBqHs7HGMWJZP3dWztP0bIAFgBitLXfr9oalHcszXqq2Du25LZDjYlW+F
dzAp468ie44XdIIDl/nSsVXkwXfypR0QrXqu0p8PBsqaj8AhDKv9eqHM2jh6IPli
D71Ymsp/b/MLZRmvI0dBlS9SAKbibQ3eLUX0Es97HoI24T+whZW+JDli9DKVrN8F
sAAKdtgW0HtaRg==
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:15:46 2026 by rpki-client