Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
File: NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json)
Hash identifier: Jmf4z4oDaThAM6FO0ppgc9afWwssTfO4ThrYb7T12DI=
Subject key identifier: 66:41:AA:92:96:76:BD:01:78:95:A0:15:CB:B4:14:3C:DD:0B:95:3E
Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
Certificate issuer: /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Certificate serial: 019DA48B15C2ED4B9B28809C333BF75876E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
Manifest number: 10D5
Signing time: Sun 19 Apr 2026 07:01:11 +0000
Manifest this update: Sun 19 Apr 2026 07:01:11 +0000
Manifest next update: Mon 20 Apr 2026 07:01:11 +0000
Files and hashes: 1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: Gow4XKYeX4aD/9S7V3e5VexZ0jH9Rg+Yutp0VDGoMAE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:8b:15:c2:ed:4b:9b:28:80:9c:33:3b:f7:58:76:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Validity
Not Before: Apr 19 07:01:11 2026 GMT
Not After : Apr 20 07:01:11 2026 GMT
Subject: CN=6641aa929676bd017895a015cbb4143cdd0b953e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e6:fd:d0:bb:eb:4c:81:77:41:ba:52:96:9d:
8e:18:d8:70:c6:ab:03:67:9b:7f:ef:2f:61:69:5c:
95:55:1a:dc:99:12:f2:b0:59:4c:59:e0:47:16:4b:
86:b9:44:be:81:70:58:e9:cb:47:42:31:1e:fc:72:
f2:e1:e5:43:69:ac:37:94:46:44:6c:7d:9e:10:59:
de:cf:a9:0b:bc:f2:3b:6c:05:a5:c1:c0:04:44:d7:
0f:c3:de:96:73:18:6a:34:e1:4e:8a:10:7e:3f:21:
c3:6a:f4:72:9e:18:77:d5:1b:b0:6c:8d:a3:d2:41:
40:0b:97:ee:96:96:e7:58:1c:60:3f:e6:67:2c:56:
ff:2c:3c:94:1d:8b:0e:08:4c:2b:28:72:9a:7d:bd:
29:1a:68:97:af:cd:3c:62:5e:a0:db:dd:bb:d2:2d:
1d:cb:73:1b:52:aa:e8:b9:4d:6d:8f:da:6a:b7:3d:
f9:be:d2:74:85:2f:32:8c:34:7e:49:d1:7d:c0:2c:
29:5f:62:df:e9:b3:b6:31:a0:09:2f:1c:63:69:57:
f9:18:e4:a1:a3:65:e4:dc:9c:11:8d:7d:38:bd:94:
39:b3:20:a8:0f:b6:7e:19:9c:35:b7:1c:ba:d0:6f:
0d:71:c9:37:59:5e:47:46:fd:6a:c2:1f:79:55:80:
58:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:41:AA:92:96:76:BD:01:78:95:A0:15:CB:B4:14:3C:DD:0B:95:3E
X509v3 Authority Key Identifier:
keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:ed:0b:26:f2:d1:fc:68:61:2f:78:a1:23:d2:f7:56:ea:3e:
9c:d8:15:20:27:0b:03:50:a0:b7:fa:cb:6e:95:8c:59:14:78:
92:11:b4:0c:15:23:5a:85:f0:df:1b:4d:42:fe:83:2f:58:28:
33:d4:eb:d8:47:32:0c:c1:08:c0:5d:10:6a:98:41:ac:77:5a:
54:33:15:73:b3:5f:63:a8:0b:21:03:bc:5e:31:47:88:29:9a:
03:93:2e:1b:ad:77:2b:e6:01:a4:6a:80:07:ee:bc:3e:20:2c:
ad:4e:1b:f2:63:bb:52:63:34:20:82:87:3d:8a:4a:95:5a:4e:
d9:03:36:fb:9e:0c:84:51:39:6e:1a:8b:c1:5c:30:5e:f1:62:
9d:41:ee:8b:d0:62:6e:bb:4f:6f:3d:4e:6f:3d:5b:b3:95:df:
87:90:f0:85:5c:82:62:d7:37:fc:cb:01:b8:ee:8c:ec:28:4f:
20:8a:30:66:fe:0d:35:98:86:26:e3:8a:cf:ca:ed:b9:3e:36:
92:d1:27:ca:df:ac:2a:81:9b:af:1c:0d:7b:ef:52:57:c0:b0:
55:51:e2:c2:bf:8c:15:4d:ce:e5:dc:17:dd:49:e4:a8:c4:e5:
2d:c3:ae:5a:1e:02:dc:70:c3:ae:6b:b5:b9:1b:6e:7b:93:bb:
0a:cc:1a:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kixXC7UubKICcMzv3WHbkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl
NTY0NmIwHhcNMjYwNDE5MDcwMTExWhcNMjYwNDIwMDcwMTExWjAzMTEwLwYDVQQD
Eyg2NjQxYWE5Mjk2NzZiZDAxNzg5NWEwMTVjYmI0MTQzY2RkMGI5NTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvub90LvrTIF3QbpSlp2OGNhwxqsD
Z5t/7y9haVyVVRrcmRLysFlMWeBHFkuGuUS+gXBY6ctHQjEe/HLy4eVDaaw3lEZE
bH2eEFnez6kLvPI7bAWlwcAERNcPw96WcxhqNOFOihB+PyHDavRynhh31RuwbI2j
0kFAC5fulpbnWBxgP+ZnLFb/LDyUHYsOCEwrKHKafb0pGmiXr808Yl6g29270i0d
y3MbUqrouU1tj9pqtz35vtJ0hS8yjDR+SdF9wCwpX2Lf6bO2MaAJLxxjaVf5GOSh
o2Xk3JwRjX04vZQ5syCoD7Z+GZw1txy60G8Ncck3WV5HRv1qwh95VYBYqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZBqpKWdr0BeJWgFcu0FDzdC5U+MB8GA1UdIwQY
MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt
NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi
LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA+0LJvLR
/GhhL3ihI9L3Vuo+nNgVICcLA1Cgt/rLbpWMWRR4khG0DBUjWoXw3xtNQv6DL1go
M9Tr2EcyDMEIwF0QaphBrHdaVDMVc7NfY6gLIQO8XjFHiCmaA5MuG613K+YBpGqA
B+68PiAsrU4b8mO7UmM0IIKHPYpKlVpO2QM2+54MhFE5bhqLwVwwXvFinUHui9Bi
brtPbz1Obz1bs5Xfh5DwhVyCYtc3/MsBuO6M7ChPIIowZv4NNZiGJuOKz8rtuT42
ktEnyt+sKoGbrxwNe+9SV8CwVVHiwr+MFU3O5dwX3UnkqMTlLcOuWh4C3HDDrmu1
uRtue5O7Cswa3g==
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:18:21 2026 by rpki-client