Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
File: nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft (raw, json)
Hash identifier: zcAXKFrllLIN1nGQj4bv2oF2XQDEyRFM+zKI1B/uDA0=
Subject key identifier: FE:1B:AF:99:A7:B8:F9:AD:57:F3:D2:DA:E6:78:97:E3:DD:45:E0:47
Authority key identifier: 9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
Certificate issuer: /CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Certificate serial: 019CAAC638116D1DB7CDBA3FAA09F8FD75ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
Manifest number: 1848
Signing time: Sun 01 Mar 2026 19:00:42 +0000
Manifest this update: Sun 01 Mar 2026 19:00:42 +0000
Manifest next update: Mon 02 Mar 2026 19:00:42 +0000
Files and hashes: 1: nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl (hash: ojFrShLxCro4ZhdBIDtpTMAVyEqneuJPgB1LZ155PXc=)
2: yE7elJQcwCE2lQSAbWletTxQ5Qo.roa (hash: tKAft8gW1YvZxBPlZ5+27HK7UOl/JK2+eMjDk7cQl10=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:38:11:6d:1d:b7:cd:ba:3f:aa:09:f8:fd:75:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Validity
Not Before: Mar 1 19:00:42 2026 GMT
Not After : Mar 2 19:00:42 2026 GMT
Subject: CN=fe1baf99a7b8f9ad57f3d2dae67897e3dd45e047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a8:d2:aa:ca:7d:5e:2f:df:09:e0:51:e5:d3:
3e:8f:69:b7:38:fb:ff:fe:88:8d:1c:97:38:8e:94:
f7:5c:f7:f3:30:ea:c6:ea:f1:50:3b:8d:bc:a1:a2:
9b:99:76:f5:66:fc:dc:d1:bc:1f:78:29:e4:11:f9:
cf:85:e9:1f:0d:01:0d:9b:5c:b9:ae:01:af:9d:d5:
b0:c8:89:e1:72:16:67:36:99:88:f2:cf:2f:b2:d3:
18:e6:ee:f7:57:6e:5f:77:ab:6c:d9:a1:57:1f:fe:
0c:55:73:4f:40:d3:c0:31:18:c4:2a:f4:57:f1:52:
ae:98:b2:f3:3a:1e:28:54:c8:99:fb:5b:72:97:ea:
56:05:44:90:1c:26:27:df:dd:39:6b:b5:58:38:e4:
b0:17:6e:d5:b0:a6:86:88:e5:87:9c:af:e9:e1:d6:
01:f7:b0:1a:be:ac:f5:35:7f:dc:65:e1:65:7f:2b:
73:52:c8:69:05:33:5c:72:bc:91:8f:22:b3:9d:96:
35:d2:57:b0:6b:95:d7:a7:a0:23:e8:22:0d:cc:b8:
1f:05:67:94:c3:da:30:77:88:57:76:bb:fc:3a:5a:
ec:e3:84:d6:83:3a:72:bf:b0:3c:ae:f3:0b:07:f7:
bb:6b:d4:e2:5a:27:e9:bd:da:51:30:da:e3:79:2d:
37:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:1B:AF:99:A7:B8:F9:AD:57:F3:D2:DA:E6:78:97:E3:DD:45:E0:47
X509v3 Authority Key Identifier:
keyid:9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:e6:9f:01:3e:86:9e:d3:ad:ee:aa:26:4c:78:43:4d:13:af:
de:6c:c2:b2:4d:aa:15:fd:58:52:67:fd:f0:8e:15:35:fe:e4:
b9:60:ef:82:2a:14:90:8e:1d:49:26:fc:09:95:0a:95:61:02:
5e:c6:bd:d3:1f:7a:c2:f9:1c:71:17:66:24:82:44:86:e2:0d:
94:7d:b5:71:0b:a0:04:52:21:39:de:88:84:b6:04:40:d7:85:
71:5c:68:50:28:90:3c:da:2a:9d:e4:c4:ae:55:59:c2:9c:82:
c4:99:e8:f9:4d:83:95:37:b7:e8:8d:91:b3:82:65:5b:b1:41:
64:56:cc:3f:33:5e:cd:4e:56:13:cd:a5:c7:1a:3b:68:c2:a4:
22:4b:a7:58:72:33:c2:be:3e:e1:b6:7b:43:af:3b:b7:29:b6:
b7:e0:c3:3e:06:61:7f:90:06:93:08:5f:43:c7:b4:e5:2b:fc:
03:cc:b5:45:82:f1:1f:0e:d9:21:78:8e:2a:3a:80:9b:2b:d8:
3b:7d:be:f0:2d:68:05:dd:24:42:f0:84:1d:6a:75:20:29:96:
4a:aa:fe:0c:6a:7b:67:db:1e:5b:7d:2a:ee:20:41:10:cf:10:
b6:fe:03:0e:30:ec:b6:90:5c:09:98:a5:2b:f2:e8:96:f5:f4:
cd:d7:2c:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxjgRbR23zbo/qgn4/XXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjM5YzA4ZWFkOTRiYjA0ZmMzZTZiNGE2NWU2ZTFjN2Rj
ZjM4ZjQwHhcNMjYwMzAxMTkwMDQyWhcNMjYwMzAyMTkwMDQyWjAzMTEwLwYDVQQD
EyhmZTFiYWY5OWE3YjhmOWFkNTdmM2QyZGFlNjc4OTdlM2RkNDVlMDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26jSqsp9Xi/fCeBR5dM+j2m3OPv/
/oiNHJc4jpT3XPfzMOrG6vFQO428oaKbmXb1Zvzc0bwfeCnkEfnPhekfDQENm1y5
rgGvndWwyInhchZnNpmI8s8vstMY5u73V25fd6ts2aFXH/4MVXNPQNPAMRjEKvRX
8VKumLLzOh4oVMiZ+1tyl+pWBUSQHCYn3905a7VYOOSwF27VsKaGiOWHnK/p4dYB
97Aavqz1NX/cZeFlfytzUshpBTNccryRjyKznZY10lewa5XXp6Aj6CINzLgfBWeU
w9owd4hXdrv8Olrs44TWgzpyv7A8rvMLB/e7a9TiWifpvdpRMNrjeS039wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP4br5mnuPmtV/PS2uZ4l+PdReBHMB8GA1UdIwQY
MBaAFJ0jnAjq2UuwT8PmtKZebhx9zzj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAt
ZGJiMjkzMWEwZjY0LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAtZGJiMjkzMWEwZjY0
LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj+afAT6G
ntOt7qomTHhDTROv3mzCsk2qFf1YUmf98I4VNf7kuWDvgioUkI4dSSb8CZUKlWEC
Xsa90x96wvkccRdmJIJEhuINlH21cQugBFIhOd6IhLYEQNeFcVxoUCiQPNoqneTE
rlVZwpyCxJno+U2DlTe36I2Rs4JlW7FBZFbMPzNezU5WE82lxxo7aMKkIkunWHIz
wr4+4bZ7Q687tym2t+DDPgZhf5AGkwhfQ8e05Sv8A8y1RYLxHw7ZIXiOKjqAmyvY
O32+8C1oBd0kQvCEHWp1ICmWSqr+DGp7Z9seW30q7iBBEM8Qtv4DDjDstpBcCZil
K/LolvX0zdcssQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:17:41 2026 by rpki-client