Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft
File: NHi9VqAesq4wdvaW0B1P_NFAGp8.mft (raw, json)
Hash identifier: Yo6L7lJRiPQV5zTa/urUCv1/GZj4is4A0CvztP16tJk=
Subject key identifier: 7D:28:B0:A0:CC:7A:DB:FE:28:34:FB:FB:E8:D6:BE:9F:01:54:8A:61
Authority key identifier: 34:78:BD:56:A0:1E:B2:AE:30:76:F6:96:D0:1D:4F:FC:D1:40:1A:9F
Certificate issuer: /CN=3478bd56a01eb2ae3076f696d01d4ffcd1401a9f
Certificate serial: 019D9AE2B0857345B0C2864D9C9E1C566D02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHi9VqAesq4wdvaW0B1P_NFAGp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft
Manifest number: 18C1
Signing time: Fri 17 Apr 2026 10:00:40 +0000
Manifest this update: Fri 17 Apr 2026 10:00:40 +0000
Manifest next update: Sat 18 Apr 2026 10:00:40 +0000
Files and hashes: 1: NHi9VqAesq4wdvaW0B1P_NFAGp8.crl (hash: HrcH98JHU+zx8IGVrt8PBjcH1mrzUT2asbsyYiWAsdI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHi9VqAesq4wdvaW0B1P_NFAGp8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e2:b0:85:73:45:b0:c2:86:4d:9c:9e:1c:56:6d:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3478bd56a01eb2ae3076f696d01d4ffcd1401a9f
Validity
Not Before: Apr 17 10:00:40 2026 GMT
Not After : Apr 18 10:00:40 2026 GMT
Subject: CN=7d28b0a0cc7adbfe2834fbfbe8d6be9f01548a61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:c8:24:af:93:b8:dc:c8:a0:aa:74:e8:73:51:
ec:6c:ef:6e:36:8b:2e:72:bd:23:6f:3c:d7:c7:43:
09:b9:be:14:fb:e7:09:5d:89:50:1e:81:2a:d3:5d:
b6:31:19:5b:67:dd:72:4f:fb:d1:a1:61:ca:fa:ef:
fb:da:ab:81:1f:47:e8:5a:6f:9b:72:32:61:f5:ef:
5d:3e:f2:4b:4c:6f:82:03:ef:75:07:6a:02:a0:fe:
85:2f:ff:8e:58:ba:84:a0:22:74:13:85:55:bd:8d:
d6:47:0f:9c:34:50:1d:c2:97:56:b0:59:84:78:a0:
3c:10:5f:74:0d:5a:94:af:52:b5:03:4b:2c:8c:52:
3a:f5:b1:12:5c:7c:60:af:4b:59:3a:0b:16:3c:5b:
35:f6:13:c1:05:6a:9e:d5:3f:12:14:10:8f:c2:a3:
3b:fd:af:79:2b:ca:52:e3:4f:f5:de:05:20:f3:83:
5a:d1:e8:4b:8e:7f:c6:50:b0:9f:33:37:3b:a6:6a:
d5:8c:39:ef:02:4e:b9:02:1a:d8:ab:db:9c:c7:c8:
7c:d7:4a:a2:b4:57:b0:70:01:19:fa:27:74:fe:83:
d2:0b:5d:5a:a0:a3:b3:62:bd:d9:04:5c:81:22:21:
8e:8c:34:5a:30:e5:21:52:86:3e:85:30:52:ee:71:
f6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:28:B0:A0:CC:7A:DB:FE:28:34:FB:FB:E8:D6:BE:9F:01:54:8A:61
X509v3 Authority Key Identifier:
keyid:34:78:BD:56:A0:1E:B2:AE:30:76:F6:96:D0:1D:4F:FC:D1:40:1A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHi9VqAesq4wdvaW0B1P_NFAGp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b7:40:eb:bb:53:d2:ae:b6:26:8f:ec:2d:00:7e:d1:bf:89:d8:
22:a7:5e:00:11:01:0f:6b:c9:4e:4a:97:61:b9:ac:fd:41:74:
0d:64:df:62:3d:2c:40:de:f5:74:51:52:ec:33:2b:2e:bb:82:
8a:8d:28:07:2a:34:46:fc:40:11:eb:c8:2e:7f:2f:d9:db:2a:
88:09:29:87:03:f4:4c:e6:0f:c0:00:3b:b3:d9:8e:18:a5:9c:
8d:e5:82:8e:4d:57:45:b3:5d:d0:1b:ac:97:96:d0:ef:a2:aa:
c8:db:a7:1d:bc:dc:c2:5c:c0:e9:fc:66:42:3b:39:68:63:89:
e5:ce:99:c8:10:84:32:93:0d:e9:f4:8e:d8:42:fa:e2:7f:06:
4f:6a:ad:71:45:85:ef:89:af:3a:fd:14:4d:ab:b0:00:49:6b:
f5:4e:a4:24:34:22:73:71:e5:ed:6c:9c:7a:23:61:ca:f2:9b:
52:2f:3a:1f:a1:ff:0f:aa:7a:56:2e:a2:b6:66:c6:29:fc:c7:
db:60:29:1d:6b:ee:87:12:0c:04:4a:8c:aa:46:a4:12:73:23:
20:93:f1:99:a5:50:11:4e:26:b9:6e:95:d3:9a:da:76:fc:af:
fa:9d:73:ee:45:37:61:50:13:26:85:6b:c9:77:ee:82:c5:3b:
30:74:65:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4rCFc0WwwoZNnJ4cVm0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzhiZDU2YTAxZWIyYWUzMDc2ZjY5NmQwMWQ0ZmZjZDE0
MDFhOWYwHhcNMjYwNDE3MTAwMDQwWhcNMjYwNDE4MTAwMDQwWjAzMTEwLwYDVQQD
Eyg3ZDI4YjBhMGNjN2FkYmZlMjgzNGZiZmJlOGQ2YmU5ZjAxNTQ4YTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/Mgkr5O43MigqnToc1HsbO9uNosu
cr0jbzzXx0MJub4U++cJXYlQHoEq0122MRlbZ91yT/vRoWHK+u/72quBH0foWm+b
cjJh9e9dPvJLTG+CA+91B2oCoP6FL/+OWLqEoCJ0E4VVvY3WRw+cNFAdwpdWsFmE
eKA8EF90DVqUr1K1A0ssjFI69bESXHxgr0tZOgsWPFs19hPBBWqe1T8SFBCPwqM7
/a95K8pS40/13gUg84Na0ehLjn/GULCfMzc7pmrVjDnvAk65AhrYq9ucx8h810qi
tFewcAEZ+id0/oPSC11aoKOzYr3ZBFyBIiGOjDRaMOUhUoY+hTBS7nH2NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0osKDMetv+KDT7++jWvp8BVIphMB8GA1UdIwQY
MBaAFDR4vVagHrKuMHb2ltAdT/zRQBqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhpOVZxQWVzcTR3ZHZhVzBCMVBfTkZBR3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wZmM3ZDgtMmE1Zi00YjM4LWEyMzAt
ODM5NmY4YzYyNTVhLzEvTkhpOVZxQWVzcTR3ZHZhVzBCMVBfTkZBR3A4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wZmM3ZDgtMmE1Zi00YjM4LWEyMzAtODM5NmY4YzYyNTVh
LzEvTkhpOVZxQWVzcTR3ZHZhVzBCMVBfTkZBR3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt0Dru1PS
rrYmj+wtAH7Rv4nYIqdeABEBD2vJTkqXYbms/UF0DWTfYj0sQN71dFFS7DMrLruC
io0oByo0RvxAEevILn8v2dsqiAkphwP0TOYPwAA7s9mOGKWcjeWCjk1XRbNd0Bus
l5bQ76KqyNunHbzcwlzA6fxmQjs5aGOJ5c6ZyBCEMpMN6fSO2EL64n8GT2qtcUWF
74mvOv0UTauwAElr9U6kJDQic3Hl7WyceiNhyvKbUi86H6H/D6p6Vi6itmbGKfzH
22ApHWvuhxIMBEqMqkakEnMjIJPxmaVQEU4muW6V05radvyv+p1z7kU3YVATJoVr
yXfugsU7MHRlXA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:57:14 2026 by rpki-client