Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
File: nTHCM8vSZtsCYgud65DQjkFpLmc.mft (raw, json)
Hash identifier: OQXYSlsTfC5o6n3n9pHYHdY4Be9qU9Qd4zoatZLBBWo=
Subject key identifier: 29:0D:3F:31:F4:57:DD:61:8F:3F:E3:38:2C:78:9A:3F:CE:3D:EB:D8
Authority key identifier: 9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
Certificate issuer: /CN=9d31c233cbd266db02620b9deb90d08e41692e67
Certificate serial: 019D9A3E01065B078FA194764E02F0C40CDC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
Manifest number: 0FA2
Signing time: Fri 17 Apr 2026 07:00:47 +0000
Manifest this update: Fri 17 Apr 2026 07:00:47 +0000
Manifest next update: Sat 18 Apr 2026 07:00:47 +0000
Files and hashes: 1: 3kSbU0e5h99O_Tm79lGnT_Tp5Hc.roa (hash: RwQ/Qy1kKylc45gWPZOazTOGnIJ82QduJgu3sQQqwXY=)
2: nTHCM8vSZtsCYgud65DQjkFpLmc.crl (hash: FG7/Pu5vCG7C2eiO1q1vKRN67eg107IK1zQoinRL3y0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:3e:01:06:5b:07:8f:a1:94:76:4e:02:f0:c4:0c:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d31c233cbd266db02620b9deb90d08e41692e67
Validity
Not Before: Apr 17 07:00:47 2026 GMT
Not After : Apr 18 07:00:47 2026 GMT
Subject: CN=290d3f31f457dd618f3fe3382c789a3fce3debd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d2:d0:56:5b:57:3e:3a:dd:bc:2c:5a:c4:ba:
5f:fc:d4:a3:a6:61:19:83:a9:81:45:dd:a0:43:60:
a4:db:2f:fb:95:11:df:ff:38:1a:12:17:1f:2f:96:
43:87:52:d3:52:1f:40:4f:58:c6:e1:69:3c:78:d8:
b1:10:17:11:e2:6e:e5:17:67:3f:0a:78:d4:20:c1:
dc:87:a6:d4:37:de:da:58:9f:98:dc:18:50:aa:3d:
73:32:9b:f7:89:63:94:10:a1:28:4f:41:b5:37:c5:
c0:f0:05:7d:2e:9f:19:b7:60:03:90:38:99:88:0e:
48:51:8d:27:5c:e6:85:9a:55:e4:63:ec:95:25:0d:
f6:a4:97:38:7a:89:eb:67:73:53:f0:ff:cb:f3:5e:
04:f3:7b:ba:c4:44:d5:4b:eb:ad:d7:1f:1e:4c:91:
a4:72:db:97:32:77:95:98:0a:a8:1e:e2:80:86:05:
cc:12:9d:08:26:1a:93:7d:96:db:cb:fc:ca:ac:fc:
58:d8:eb:9a:f6:56:9c:90:4c:f7:2c:51:a6:ae:c8:
29:b8:6a:24:40:0a:a1:ee:4f:cf:fe:de:fc:36:73:
8d:af:1b:3d:bf:2d:da:20:96:4c:d9:cc:7a:d8:c9:
34:fb:e5:95:4d:04:56:4c:fc:37:dd:78:c0:1d:12:
83:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0D:3F:31:F4:57:DD:61:8F:3F:E3:38:2C:78:9A:3F:CE:3D:EB:D8
X509v3 Authority Key Identifier:
keyid:9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:30:75:a4:cc:17:03:22:f6:29:1c:4a:77:ba:2d:2f:97:c1:
ce:93:35:2f:72:8b:5e:b0:2a:fc:aa:0e:e9:15:47:14:32:c0:
f0:46:09:39:08:10:ce:7a:1b:88:47:6b:d5:46:87:af:a8:f2:
84:2a:14:85:be:f4:1c:a5:9e:a5:2e:25:4f:bb:9f:8d:9e:5c:
5c:16:a1:48:33:06:ef:bf:a0:fe:07:4f:e0:55:02:6e:59:16:
26:28:92:d2:92:b0:d7:0a:33:1c:06:a4:1e:29:20:46:c9:22:
08:f4:5a:6d:fb:6b:31:63:90:85:70:33:09:75:8d:b1:67:96:
5e:31:ae:b3:4d:b5:0a:32:52:8e:9e:2c:e5:f8:af:7f:8f:e1:
4d:4e:81:05:f9:5a:d5:22:4f:01:1c:1c:6e:76:ef:2b:4d:34:
01:95:80:a0:64:e1:3a:ad:71:66:38:b8:bf:ad:6b:a3:cd:e8:
a6:e9:62:5e:79:1c:fc:f0:d2:49:9c:ad:c6:17:8b:40:9b:60:
7d:cf:d4:96:2c:67:e2:b9:21:21:6c:5d:27:3b:f1:1e:ec:10:
40:28:09:37:34:28:c3:a6:2f:36:f3:10:f0:12:06:e3:1f:50:
8d:c2:e6:a7:a1:19:6e:27:ae:77:51:7d:e5:9a:37:de:20:bf:
fe:e1:8e:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPgEGWwePoZR2TgLwxAzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzFjMjMzY2JkMjY2ZGIwMjYyMGI5ZGViOTBkMDhlNDE2
OTJlNjcwHhcNMjYwNDE3MDcwMDQ3WhcNMjYwNDE4MDcwMDQ3WjAzMTEwLwYDVQQD
EygyOTBkM2YzMWY0NTdkZDYxOGYzZmUzMzgyYzc4OWEzZmNlM2RlYmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytLQVltXPjrdvCxaxLpf/NSjpmEZ
g6mBRd2gQ2Ck2y/7lRHf/zgaEhcfL5ZDh1LTUh9AT1jG4Wk8eNixEBcR4m7lF2c/
CnjUIMHch6bUN97aWJ+Y3BhQqj1zMpv3iWOUEKEoT0G1N8XA8AV9Lp8Zt2ADkDiZ
iA5IUY0nXOaFmlXkY+yVJQ32pJc4eonrZ3NT8P/L814E83u6xETVS+ut1x8eTJGk
ctuXMneVmAqoHuKAhgXMEp0IJhqTfZbby/zKrPxY2Oua9lackEz3LFGmrsgpuGok
QAqh7k/P/t78NnONrxs9vy3aIJZM2cx62Mk0++WVTQRWTPw33XjAHRKDDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkNPzH0V91hjz/jOCx4mj/OPevYMB8GA1UdIwQY
MBaAFJ0xwjPL0mbbAmILneuQ0I5BaS5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDct
ZmExNzI1MDM0NDkxLzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDctZmExNzI1MDM0NDkx
LzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVTB1pMwX
AyL2KRxKd7otL5fBzpM1L3KLXrAq/KoO6RVHFDLA8EYJOQgQznobiEdr1UaHr6jy
hCoUhb70HKWepS4lT7ufjZ5cXBahSDMG77+g/gdP4FUCblkWJiiS0pKw1wozHAak
HikgRskiCPRabftrMWOQhXAzCXWNsWeWXjGus021CjJSjp4s5fivf4/hTU6BBfla
1SJPARwcbnbvK000AZWAoGThOq1xZji4v61ro83opuliXnkc/PDSSZytxheLQJtg
fc/Ulixn4rkhIWxdJzvxHuwQQCgJNzQow6YvNvMQ8BIG4x9QjcLmp6EZbieud1F9
5Zo33iC//uGO1Q==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:52:40 2026 by rpki-client