Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft
File: nxFouFcXoUZmABtbL2yQgBmX3gY.mft (raw, json)
Hash identifier: WwQu4NY4rljnGaueg6rK5i0+ImqixRY8GqIlXkwBPh8=
Subject key identifier: 34:3C:23:68:85:E8:F1:5A:5F:00:36:7C:72:AE:92:A4:8C:5F:E7:8D
Authority key identifier: 9F:11:68:B8:57:17:A1:46:66:00:1B:5B:2F:6C:90:80:19:97:DE:06
Certificate issuer: /CN=9f1168b85717a14666001b5b2f6c90801997de06
Certificate serial: 019CAD5A13C90E7D3654FEB5A0E4E0138047
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft
Manifest number: 05F9
Signing time: Mon 02 Mar 2026 07:01:27 +0000
Manifest this update: Mon 02 Mar 2026 07:01:27 +0000
Manifest next update: Tue 03 Mar 2026 07:01:27 +0000
Files and hashes: 1: 4mcjlfKQeAXTF7xGEKQ2QAqMI50.roa (hash: JOKnaNGFem+HWwH7PdEKl79mLEfLJaQb9H34d4OS4AM=)
2: nxFouFcXoUZmABtbL2yQgBmX3gY.crl (hash: cytIK9rvK5B+6uMwWXmyjbYP8KQu3UfXCiZBO1VmWdg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft
rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:5a:13:c9:0e:7d:36:54:fe:b5:a0:e4:e0:13:80:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f1168b85717a14666001b5b2f6c90801997de06
Validity
Not Before: Mar 2 07:01:27 2026 GMT
Not After : Mar 3 07:01:27 2026 GMT
Subject: CN=343c236885e8f15a5f00367c72ae92a48c5fe78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:76:06:60:dd:a2:eb:05:19:34:3c:ab:77:85:
78:52:67:ab:c1:27:b7:44:40:d6:ad:7c:0b:77:c3:
5d:52:f6:ef:dc:aa:46:5e:16:89:75:c8:5b:9a:0e:
b7:43:8d:3b:ae:7d:aa:9d:49:66:05:5e:80:b4:d9:
02:70:db:78:0d:1c:78:e0:ce:d3:90:92:a2:06:57:
1c:36:61:1b:c8:7c:ae:9b:4f:76:d6:c1:00:d5:0a:
d5:22:fc:31:1e:c0:13:7b:a9:96:e8:a9:fd:36:2c:
cb:1f:8e:4c:be:4a:c0:23:54:90:25:3a:0c:42:8b:
50:2e:62:7c:b2:fa:a6:6d:0a:08:02:d5:a8:53:8b:
db:e6:c3:e8:ec:90:77:52:53:9b:73:e0:63:8a:b8:
1f:f5:bf:ce:bf:f2:ed:55:7b:f8:3d:d5:7e:f3:2b:
2d:25:82:af:6e:41:75:1b:7b:44:33:ee:84:cf:52:
af:23:69:e6:53:20:31:5c:fc:73:40:c2:b6:4a:4f:
16:dd:12:7a:c2:3d:1f:a2:44:42:51:2a:8d:1a:db:
1d:b0:b8:cb:a5:a3:e0:6b:cf:d2:9a:e1:1a:62:e8:
aa:1b:41:41:dd:5b:a1:0f:1d:4d:d5:da:7c:0d:90:
77:83:b5:46:cf:1e:00:72:85:c5:27:08:84:ce:55:
d5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3C:23:68:85:E8:F1:5A:5F:00:36:7C:72:AE:92:A4:8C:5F:E7:8D
X509v3 Authority Key Identifier:
keyid:9F:11:68:B8:57:17:A1:46:66:00:1B:5B:2F:6C:90:80:19:97:DE:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:af:79:ab:1f:a0:82:fc:b7:ff:ac:d5:47:3d:94:ec:83:50:
7d:2b:81:bd:12:1a:8d:79:49:d5:c1:c1:5d:3e:7f:b5:ab:c1:
69:7c:76:61:51:d6:fc:58:6a:de:80:64:6b:cd:10:23:a9:ba:
c9:e2:fc:06:b2:32:e8:22:96:4b:59:cf:5c:d0:04:59:a1:aa:
7d:3a:a9:74:fc:5d:86:9e:e0:99:d6:f6:0d:c0:35:1e:c7:43:
33:35:c1:7b:3f:02:53:2e:d1:fd:ea:d3:f2:af:a8:e0:38:6c:
fc:21:53:4d:de:da:6c:e9:2f:06:1e:5f:4d:fc:d7:08:4c:89:
73:2b:e2:72:03:34:65:2c:fd:3a:d2:cf:cb:e1:c6:fb:c8:01:
b5:6c:e6:c5:e0:84:0d:ab:77:80:ff:75:73:38:96:1e:dd:4a:
8f:cb:a1:46:1b:d6:00:f9:c8:26:1a:4b:ca:f4:7e:38:b0:51:
69:65:b8:c4:05:a7:0d:2b:6d:ae:41:51:7d:fe:94:b1:01:33:
5f:52:1f:00:99:f0:0a:cf:e3:99:b3:21:1c:fb:b3:b9:da:ea:
2e:01:4c:d2:a0:f9:86:ed:a4:03:7d:22:26:81:45:05:fa:bb:
18:21:ac:bb:f9:7c:36:ed:bb:4a:86:7c:06:3c:28:a7:e2:c9:
39:ee:ad:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWhPJDn02VP61oOTgE4BHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMTE2OGI4NTcxN2ExNDY2NjAwMWI1YjJmNmM5MDgwMTk5
N2RlMDYwHhcNMjYwMzAyMDcwMTI3WhcNMjYwMzAzMDcwMTI3WjAzMTEwLwYDVQQD
EygzNDNjMjM2ODg1ZThmMTVhNWYwMDM2N2M3MmFlOTJhNDhjNWZlNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnYGYN2i6wUZNDyrd4V4UmerwSe3
REDWrXwLd8NdUvbv3KpGXhaJdchbmg63Q407rn2qnUlmBV6AtNkCcNt4DRx44M7T
kJKiBlccNmEbyHyum0921sEA1QrVIvwxHsATe6mW6Kn9NizLH45MvkrAI1SQJToM
QotQLmJ8svqmbQoIAtWoU4vb5sPo7JB3UlObc+Bjirgf9b/Ov/LtVXv4PdV+8yst
JYKvbkF1G3tEM+6Ez1KvI2nmUyAxXPxzQMK2Sk8W3RJ6wj0fokRCUSqNGtsdsLjL
paPga8/SmuEaYuiqG0FB3VuhDx1N1dp8DZB3g7VGzx4AcoXFJwiEzlXV6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQ8I2iF6PFaXwA2fHKukqSMX+eNMB8GA1UdIwQY
MBaAFJ8RaLhXF6FGZgAbWy9skIAZl94GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84ZjY1OGMtM2ZhYy00OThkLWI5NWUt
ZjQyMTliZWRkYjM3LzEvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84ZjY1OGMtM2ZhYy00OThkLWI5NWUtZjQyMTliZWRkYjM3
LzEvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWq95qx+g
gvy3/6zVRz2U7INQfSuBvRIajXlJ1cHBXT5/tavBaXx2YVHW/Fhq3oBka80QI6m6
yeL8BrIy6CKWS1nPXNAEWaGqfTqpdPxdhp7gmdb2DcA1HsdDMzXBez8CUy7R/erT
8q+o4Dhs/CFTTd7abOkvBh5fTfzXCEyJcyvicgM0ZSz9OtLPy+HG+8gBtWzmxeCE
Dat3gP91cziWHt1Kj8uhRhvWAPnIJhpLyvR+OLBRaWW4xAWnDSttrkFRff6UsQEz
X1IfAJnwCs/jmbMhHPuzudrqLgFM0qD5hu2kA30iJoFFBfq7GCGsu/l8Nu27SoZ8
Bjwop+LJOe6txQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:03:53 2026 by rpki-client