Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
File: nTHCM8vSZtsCYgud65DQjkFpLmc.mft (raw, json)
Hash identifier: hY/1BuhXbC9ZPrYv9ZDR+LK/LRmRUAN5i7LZEYIVmCo=
Subject key identifier: 7A:0E:1B:91:77:EF:1F:48:B4:84:7A:F9:35:9E:5D:60:45:00:45:CB
Authority key identifier: 9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
Certificate issuer: /CN=9d31c233cbd266db02620b9deb90d08e41692e67
Certificate serial: 019CACB4C53C9D52DFB790AA0728E2A8FEFA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
Manifest number: 0F27
Signing time: Mon 02 Mar 2026 04:00:53 +0000
Manifest this update: Mon 02 Mar 2026 04:00:53 +0000
Manifest next update: Tue 03 Mar 2026 04:00:53 +0000
Files and hashes: 1: 3kSbU0e5h99O_Tm79lGnT_Tp5Hc.roa (hash: RwQ/Qy1kKylc45gWPZOazTOGnIJ82QduJgu3sQQqwXY=)
2: nTHCM8vSZtsCYgud65DQjkFpLmc.crl (hash: /+QJ/DHrUvKVua0ilTdOtrg8kAR/Q8IBrJvbO1fPkGk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:b4:c5:3c:9d:52:df:b7:90:aa:07:28:e2:a8:fe:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d31c233cbd266db02620b9deb90d08e41692e67
Validity
Not Before: Mar 2 04:00:53 2026 GMT
Not After : Mar 3 04:00:53 2026 GMT
Subject: CN=7a0e1b9177ef1f48b4847af9359e5d60450045cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:54:fa:7a:90:b7:29:97:b1:74:1a:db:f9:7a:
44:eb:b5:55:e4:07:dc:04:7b:bc:02:7e:d4:13:e6:
b3:69:ec:9e:f5:fd:ba:18:21:c4:f0:41:4e:93:c2:
6c:66:21:ec:28:fd:53:f7:c6:63:f1:41:e4:8f:33:
1a:78:41:cf:21:78:d0:31:27:f9:8c:3c:e0:ee:cc:
20:ab:06:7f:8d:c5:f6:c8:48:93:f9:6d:eb:c9:94:
88:5b:e9:f1:b4:79:aa:83:6e:98:90:99:e9:87:c2:
cd:96:5d:81:70:b7:23:90:20:44:09:ce:da:d1:05:
5f:52:d5:fa:b9:d9:06:9d:07:92:95:fa:2c:67:07:
5b:de:10:c9:57:f7:df:bc:b9:46:3e:e1:b5:d5:da:
54:c2:51:70:cc:a5:d2:5b:15:cd:8d:5e:98:85:4b:
35:76:c3:43:02:15:70:b1:90:27:74:97:8d:47:a3:
a9:04:00:d9:1f:10:42:56:bd:87:74:ba:34:1e:5f:
e0:78:da:06:d3:d1:2c:06:b1:33:36:b5:0d:3c:fb:
c5:07:76:06:5d:5a:69:41:29:aa:98:34:e4:10:a0:
73:a8:94:fa:83:81:49:34:dc:64:62:be:ad:50:4b:
f3:30:39:3c:e8:b0:c4:be:46:b2:92:f0:36:96:20:
0f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0E:1B:91:77:EF:1F:48:B4:84:7A:F9:35:9E:5D:60:45:00:45:CB
X509v3 Authority Key Identifier:
keyid:9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d7:36:ad:cf:b0:ce:81:f3:28:18:c8:7a:96:02:61:4a:12:17:
a9:31:d3:5d:af:af:8e:d4:6b:b7:7c:25:33:3c:e7:73:61:10:
76:1b:a2:eb:33:7a:5d:f8:49:d7:fd:4d:dc:fd:b8:55:b3:41:
83:23:29:64:fa:d9:d5:fe:c9:a4:cb:21:ce:92:27:22:e1:2d:
4a:c0:43:49:d5:a2:63:3c:1b:65:15:72:40:4a:3d:08:ab:fb:
e7:b9:3c:b1:8e:7c:60:26:0e:d3:95:e1:5a:5e:2a:a4:c1:f1:
36:64:e4:62:30:95:fd:8e:2f:9f:02:90:df:bc:d3:f7:6d:f7:
83:ed:ad:e9:d2:8a:57:91:ad:99:24:3d:99:9f:2d:f2:54:4d:
2a:3d:b5:59:57:71:37:d6:24:e8:89:2e:94:01:33:4a:13:33:
92:c9:38:b1:43:61:4e:01:5a:6e:54:98:2a:dd:71:37:4f:8b:
a4:54:41:8a:77:a3:f7:70:52:c2:a8:bf:1b:bd:53:e9:63:44:
78:d7:d1:fd:96:2c:28:e4:9f:59:47:5e:55:06:15:67:3d:9f:
cb:c8:83:15:9a:71:a9:92:15:8e:a9:c6:a3:9e:71:33:41:ff:
bd:df:c2:ad:54:c1:9d:8a:a8:e8:db:9b:27:4e:6e:b7:f6:2c:
a3:58:0a:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystMU8nVLft5CqByjiqP76MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzFjMjMzY2JkMjY2ZGIwMjYyMGI5ZGViOTBkMDhlNDE2
OTJlNjcwHhcNMjYwMzAyMDQwMDUzWhcNMjYwMzAzMDQwMDUzWjAzMTEwLwYDVQQD
Eyg3YTBlMWI5MTc3ZWYxZjQ4YjQ4NDdhZjkzNTllNWQ2MDQ1MDA0NWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlT6epC3KZexdBrb+XpE67VV5Afc
BHu8An7UE+azaeye9f26GCHE8EFOk8JsZiHsKP1T98Zj8UHkjzMaeEHPIXjQMSf5
jDzg7swgqwZ/jcX2yEiT+W3ryZSIW+nxtHmqg26YkJnph8LNll2BcLcjkCBECc7a
0QVfUtX6udkGnQeSlfosZwdb3hDJV/ffvLlGPuG11dpUwlFwzKXSWxXNjV6YhUs1
dsNDAhVwsZAndJeNR6OpBADZHxBCVr2HdLo0Hl/geNoG09EsBrEzNrUNPPvFB3YG
XVppQSmqmDTkEKBzqJT6g4FJNNxkYr6tUEvzMDk86LDEvkaykvA2liAPWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHoOG5F37x9ItIR6+TWeXWBFAEXLMB8GA1UdIwQY
MBaAFJ0xwjPL0mbbAmILneuQ0I5BaS5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDct
ZmExNzI1MDM0NDkxLzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDctZmExNzI1MDM0NDkx
LzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1zatz7DO
gfMoGMh6lgJhShIXqTHTXa+vjtRrt3wlMzznc2EQdhui6zN6XfhJ1/1N3P24VbNB
gyMpZPrZ1f7JpMshzpInIuEtSsBDSdWiYzwbZRVyQEo9CKv757k8sY58YCYO05Xh
Wl4qpMHxNmTkYjCV/Y4vnwKQ37zT9233g+2t6dKKV5GtmSQ9mZ8t8lRNKj21WVdx
N9Yk6IkulAEzShMzksk4sUNhTgFablSYKt1xN0+LpFRBinej93BSwqi/G71T6WNE
eNfR/ZYsKOSfWUdeVQYVZz2fy8iDFZpxqZIVjqnGo55xM0H/vd/CrVTBnYqo6Nub
J05ut/Yso1gKUQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:55:47 2026 by rpki-client