Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
File: nSh1M866BkWhSM8QyMJ-qachoJ0.mft (raw, json)
Hash identifier: Nh+ERCg5yqf/jw8qy+F/u3leZ+1j7lAAvxtRGRWUF18=
Subject key identifier: 55:C2:B5:46:37:7E:3E:FB:A0:14:B0:F4:3D:12:4F:3D:88:49:AE:BD
Authority key identifier: 9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
Certificate issuer: /CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Certificate serial: 019D9C2C891C24353CCED381A8309DB52CF8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
Manifest number: 18C2
Signing time: Fri 17 Apr 2026 16:00:57 +0000
Manifest this update: Fri 17 Apr 2026 16:00:57 +0000
Manifest next update: Sat 18 Apr 2026 16:00:57 +0000
Files and hashes: 1: 54EH0AkM2oIGqv7eAmOmOB-xeho.roa (hash: NM/JAZ4ZRze3goIGV4nxJHsbs+egnPq8XUH12SQCKoo=)
2: dqQcATTiVDcYhuyOfiuaEN-dzH0.roa (hash: vdWyxZWoqaf18qoRAgHeLHy8Ubdk/kl3p3xQIpz4Who=)
3: nSh1M866BkWhSM8QyMJ-qachoJ0.crl (hash: pGH9P6cslVPPrA57QVOpXcsqCBdOu2XWMKsZT/pll9E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:2c:89:1c:24:35:3c:ce:d3:81:a8:30:9d:b5:2c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Validity
Not Before: Apr 17 16:00:57 2026 GMT
Not After : Apr 18 16:00:57 2026 GMT
Subject: CN=55c2b546377e3efba014b0f43d124f3d8849aebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c3:54:68:b6:24:24:f2:c1:2c:7b:a0:47:c0:
3e:b9:c1:5a:0b:d2:1b:7f:20:56:d6:2c:4c:b6:49:
39:11:c3:72:28:e4:da:04:f4:ae:e6:2b:ae:96:a2:
19:09:04:c3:2f:d4:41:55:c6:de:7d:8a:9b:69:0f:
ad:17:10:5d:93:cc:68:9c:30:ad:24:a6:e7:6e:9a:
f8:c2:93:a5:b3:95:19:f3:da:a9:33:03:04:40:46:
95:41:5e:a6:29:d0:0e:64:fe:94:a0:79:e2:cd:fa:
b4:81:e4:64:8d:46:4b:fc:26:07:2d:b2:78:4e:46:
cf:f2:23:53:a0:38:27:4b:73:70:1f:d2:9e:26:64:
b1:a5:9b:55:d8:fe:ed:49:ed:e5:76:d4:df:39:40:
df:35:96:33:d6:36:6a:75:24:71:7f:15:e7:22:4e:
65:7c:d2:d8:34:8d:c6:d4:46:b4:54:fc:45:60:bc:
a7:ef:2c:cf:df:97:f0:56:e4:3a:1d:3e:75:dc:21:
38:0f:a9:c1:05:b4:70:dc:29:5a:30:3e:e4:f5:dd:
15:2c:8b:d5:54:d0:ea:6f:53:00:a2:99:f5:65:19:
db:e9:85:a8:2b:24:16:1e:aa:4b:41:de:8e:c6:e9:
8d:3e:c0:76:21:61:0d:7b:00:fe:8f:27:b8:74:74:
b0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:C2:B5:46:37:7E:3E:FB:A0:14:B0:F4:3D:12:4F:3D:88:49:AE:BD
X509v3 Authority Key Identifier:
keyid:9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:ca:64:ab:6e:4a:ff:ac:20:72:a6:e3:f1:a8:e4:8d:c5:35:
06:15:25:99:32:15:f6:cd:de:87:5b:19:1b:4e:70:ad:01:0d:
d5:dd:58:d8:53:79:66:9c:6f:9d:7d:e4:9a:36:84:90:57:43:
2e:b2:b3:59:59:45:6e:be:2a:0a:1a:03:2a:8e:fe:85:31:6a:
6b:53:4a:d6:a0:7a:64:4a:48:ff:ab:24:7d:63:eb:e1:4d:51:
00:12:71:6e:96:b8:91:35:b2:3c:f9:8d:3f:e2:1b:c3:bb:e0:
b6:95:0e:13:08:a9:e8:50:ee:2c:df:1f:60:19:8b:1d:34:e0:
0a:95:75:0e:b1:79:3d:a5:e5:f4:36:73:c7:3b:7b:ae:a0:16:
ed:75:9c:1e:b8:63:29:59:10:66:69:44:24:29:09:4f:f7:a6:
ab:6c:9a:c2:7b:ea:df:4b:41:b7:98:8c:36:0c:02:08:b8:d7:
e6:07:9a:43:f5:f1:08:e1:ec:e1:a3:c9:ce:33:45:06:56:ca:
05:32:ac:92:a7:e1:a7:dd:f5:8b:f9:fa:96:52:10:a6:4f:34:
3a:00:26:35:fb:fc:75:f5:a1:64:8e:26:76:f4:21:2b:f1:95:
97:0a:b5:d4:04:cd:67:dd:84:1f:b3:dd:3a:85:87:73:9b:0e:
eb:ee:08:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cLIkcJDU8ztOBqDCdtSz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjg3NTMzY2ViYTA2NDVhMTQ4Y2YxMGM4YzI3ZWE5YTcy
MWEwOWQwHhcNMjYwNDE3MTYwMDU3WhcNMjYwNDE4MTYwMDU3WjAzMTEwLwYDVQQD
Eyg1NWMyYjU0NjM3N2UzZWZiYTAxNGIwZjQzZDEyNGYzZDg4NDlhZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sNUaLYkJPLBLHugR8A+ucFaC9Ib
fyBW1ixMtkk5EcNyKOTaBPSu5iuulqIZCQTDL9RBVcbefYqbaQ+tFxBdk8xonDCt
JKbnbpr4wpOls5UZ89qpMwMEQEaVQV6mKdAOZP6UoHnizfq0geRkjUZL/CYHLbJ4
TkbP8iNToDgnS3NwH9KeJmSxpZtV2P7tSe3ldtTfOUDfNZYz1jZqdSRxfxXnIk5l
fNLYNI3G1Ea0VPxFYLyn7yzP35fwVuQ6HT513CE4D6nBBbRw3ClaMD7k9d0VLIvV
VNDqb1MAopn1ZRnb6YWoKyQWHqpLQd6OxumNPsB2IWENewD+jye4dHSwnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXCtUY3fj77oBSw9D0STz2ISa69MB8GA1UdIwQY
MBaAFJ0odTPOugZFoUjPEMjCfqmnIaCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEt
MDIxMmIzZWFlOTdjLzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEtMDIxMmIzZWFlOTdj
LzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA8pkq25K
/6wgcqbj8ajkjcU1BhUlmTIV9s3eh1sZG05wrQEN1d1Y2FN5ZpxvnX3kmjaEkFdD
LrKzWVlFbr4qChoDKo7+hTFqa1NK1qB6ZEpI/6skfWPr4U1RABJxbpa4kTWyPPmN
P+Ibw7vgtpUOEwip6FDuLN8fYBmLHTTgCpV1DrF5PaXl9DZzxzt7rqAW7XWcHrhj
KVkQZmlEJCkJT/emq2yawnvq30tBt5iMNgwCCLjX5geaQ/XxCOHs4aPJzjNFBlbK
BTKskqfhp931i/n6llIQpk80OgAmNfv8dfWhZI4mdvQhK/GVlwq11ATNZ92EH7Pd
OoWHc5sO6+4IgQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:25:48 2026 by rpki-client