Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/NW2albrOGXhcQGR2Y_MdkFYmHC8.mft
File: NW2albrOGXhcQGR2Y_MdkFYmHC8.mft (raw, json)
Hash identifier: eeADF5TYGXbMN6oC22aCOIgpkdgMnnh7MNXprZfRqbY=
Subject key identifier: 32:5A:3D:07:CF:AC:FD:6B:2A:65:A2:92:D6:03:A7:34:81:CB:1F:56
Authority key identifier: 35:6D:9A:95:BA:CE:19:78:5C:40:64:76:63:F3:1D:90:56:26:1C:2F
Certificate issuer: /CN=356d9a95bace19785c40647663f31d9056261c2f
Certificate serial: 019CAA583F8BF30D8BFA1F32FB828B00E185
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NW2albrOGXhcQGR2Y_MdkFYmHC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/NW2albrOGXhcQGR2Y_MdkFYmHC8.mft
Manifest number: 1844
Signing time: Sun 01 Mar 2026 17:00:35 +0000
Manifest this update: Sun 01 Mar 2026 17:00:35 +0000
Manifest next update: Mon 02 Mar 2026 17:00:35 +0000
Files and hashes: 1: KJ32RrCVAy4PyqYtI55Q1n1tyzU.roa (hash: LCB31ML0gf7+olaDPAC46q6pMd69LDFTi6lr8UwROW4=)
2: NW2albrOGXhcQGR2Y_MdkFYmHC8.crl (hash: 7JW2mEeaLf7ReRzZklzdK0BsRq5E63QfD/qPaxX3XXY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/NW2albrOGXhcQGR2Y_MdkFYmHC8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/NW2albrOGXhcQGR2Y_MdkFYmHC8.mft
rsync://rpki.ripe.net/repository/DEFAULT/NW2albrOGXhcQGR2Y_MdkFYmHC8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:3f:8b:f3:0d:8b:fa:1f:32:fb:82:8b:00:e1:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=356d9a95bace19785c40647663f31d9056261c2f
Validity
Not Before: Mar 1 17:00:35 2026 GMT
Not After : Mar 2 17:00:35 2026 GMT
Subject: CN=325a3d07cfacfd6b2a65a292d603a73481cb1f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bc:cb:f7:23:94:ff:27:ca:8c:39:ca:e1:77:
16:2d:76:1c:45:e1:1a:39:5a:88:e7:1c:42:af:fc:
cd:2a:0f:6f:e8:38:4d:8b:83:61:d7:0a:ed:2b:e5:
47:8c:c8:87:8c:10:b5:d7:b0:23:72:82:c3:f0:29:
77:af:da:79:d5:e1:17:de:3f:81:7b:48:a0:55:34:
f0:c6:f5:59:e8:d2:16:c6:80:36:98:fa:d0:8c:cf:
cf:5c:40:e1:ce:6b:96:de:39:ed:92:1b:9f:37:19:
96:4c:87:41:d4:01:c0:52:76:3e:aa:fe:33:77:fe:
b0:11:bc:a7:e4:50:00:0c:47:2d:c2:d6:1d:17:41:
e0:78:57:4c:fe:4e:7e:21:40:17:45:ff:7d:72:a4:
05:ec:5d:e0:a5:0e:9c:0b:91:83:65:61:ae:99:da:
03:a3:15:df:06:2a:e0:ad:be:62:57:02:76:d5:3c:
83:22:b6:eb:1d:77:88:79:1f:6a:18:c4:e1:cd:08:
09:fd:f8:51:20:4e:e6:75:15:82:97:dd:9a:57:b9:
b0:47:e8:d8:cd:e3:d4:ba:51:c0:40:8e:4f:4a:0f:
4f:f0:a2:78:f6:03:97:ae:41:8f:39:67:b1:e8:65:
3e:67:ab:59:d4:fe:c5:ad:6e:58:cc:1b:2a:4b:26:
72:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:5A:3D:07:CF:AC:FD:6B:2A:65:A2:92:D6:03:A7:34:81:CB:1F:56
X509v3 Authority Key Identifier:
keyid:35:6D:9A:95:BA:CE:19:78:5C:40:64:76:63:F3:1D:90:56:26:1C:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NW2albrOGXhcQGR2Y_MdkFYmHC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/NW2albrOGXhcQGR2Y_MdkFYmHC8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/NW2albrOGXhcQGR2Y_MdkFYmHC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:f2:00:d1:5b:02:d2:b7:b8:26:e0:d9:cc:60:fc:63:30:20:
15:90:57:14:9a:79:9c:9e:a3:79:ba:b5:27:d5:f6:a5:ea:97:
1b:80:22:9f:1c:93:ad:45:51:7f:b7:6c:e2:bf:f8:0f:de:47:
f6:3c:40:0a:72:0c:85:bb:b7:10:94:f9:45:dc:a4:4c:1a:51:
26:44:f4:be:8c:0e:11:10:6b:1d:96:6f:11:15:67:2b:e3:32:
fe:53:5b:49:20:a8:22:09:b1:0c:ce:ae:34:3c:2f:4d:03:c8:
85:1c:63:2d:5d:5f:b1:83:ab:8c:32:e7:45:50:20:1f:8d:d5:
19:38:65:d2:55:fd:1e:be:3b:46:a3:29:bc:8c:64:80:e1:f2:
48:8a:85:ce:3c:3f:31:3e:fe:88:1e:72:df:c4:70:7e:e9:c1:
3c:e2:c8:5a:1e:b0:f2:97:ec:93:3a:af:11:c9:a2:45:96:a0:
12:9e:ce:c9:e7:d9:26:21:9d:99:55:1b:6e:2f:22:67:87:27:
80:54:a4:27:ba:87:6a:99:e8:ea:70:ea:6d:60:e3:ab:d9:0f:
78:9b:26:f1:a5:25:9f:61:4d:ee:1d:7d:6d:c2:ee:9f:fa:23:
d2:2a:12:6e:aa:86:bf:70:8f:95:e7:df:c4:12:b8:b6:ff:ac:
8f:bd:9f:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWD+L8w2L+h8y+4KLAOGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NmQ5YTk1YmFjZTE5Nzg1YzQwNjQ3NjYzZjMxZDkwNTYy
NjFjMmYwHhcNMjYwMzAxMTcwMDM1WhcNMjYwMzAyMTcwMDM1WjAzMTEwLwYDVQQD
EygzMjVhM2QwN2NmYWNmZDZiMmE2NWEyOTJkNjAzYTczNDgxY2IxZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLzL9yOU/yfKjDnK4XcWLXYcReEa
OVqI5xxCr/zNKg9v6DhNi4Nh1wrtK+VHjMiHjBC117AjcoLD8Cl3r9p51eEX3j+B
e0igVTTwxvVZ6NIWxoA2mPrQjM/PXEDhzmuW3jntkhufNxmWTIdB1AHAUnY+qv4z
d/6wEbyn5FAADEctwtYdF0HgeFdM/k5+IUAXRf99cqQF7F3gpQ6cC5GDZWGumdoD
oxXfBirgrb5iVwJ21TyDIrbrHXeIeR9qGMThzQgJ/fhRIE7mdRWCl92aV7mwR+jY
zePUulHAQI5PSg9P8KJ49gOXrkGPOWex6GU+Z6tZ1P7FrW5YzBsqSyZy4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJaPQfPrP1rKmWiktYDpzSByx9WMB8GA1UdIwQY
MBaAFDVtmpW6zhl4XEBkdmPzHZBWJhwvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlcyYWxick9HWGhjUUdSMllfTWRrRlltSEM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9kZDljOTAtMzFhOS00OTk1LTlkYTMt
NGVmZGU2ZWIzMmQ0LzEvTlcyYWxick9HWGhjUUdSMllfTWRrRlltSEM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9kZDljOTAtMzFhOS00OTk1LTlkYTMtNGVmZGU2ZWIzMmQ0
LzEvTlcyYWxick9HWGhjUUdSMllfTWRrRlltSEM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGvIA0VsC
0re4JuDZzGD8YzAgFZBXFJp5nJ6jebq1J9X2peqXG4AinxyTrUVRf7ds4r/4D95H
9jxACnIMhbu3EJT5RdykTBpRJkT0vowOERBrHZZvERVnK+My/lNbSSCoIgmxDM6u
NDwvTQPIhRxjLV1fsYOrjDLnRVAgH43VGThl0lX9Hr47RqMpvIxkgOHySIqFzjw/
MT7+iB5y38RwfunBPOLIWh6w8pfskzqvEcmiRZagEp7OyefZJiGdmVUbbi8iZ4cn
gFSkJ7qHapno6nDqbWDjq9kPeJsm8aUln2FN7h19bcLun/oj0ioSbqqGv3CPleff
xBK4tv+sj72fJg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:50:41 2026 by rpki-client