Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
File: NkITiw7v_lajLMuqWNb_5u3D8p4.mft (raw, json)
Hash identifier: f/+KcHh+bX6oxicr5L3RPrukjEQ/zChkjKlhwJhHxxA=
Subject key identifier: 14:90:40:7B:04:E2:33:14:CA:11:DE:61:5A:AC:96:9E:E8:00:39:24
Authority key identifier: 36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E
Certificate issuer: /CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
Certificate serial: 019D98F4108C157DD362A953CCA083901020
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
Manifest number: 07C5
Signing time: Fri 17 Apr 2026 01:00:24 +0000
Manifest this update: Fri 17 Apr 2026 01:00:24 +0000
Manifest next update: Sat 18 Apr 2026 01:00:24 +0000
Files and hashes: 1: NkITiw7v_lajLMuqWNb_5u3D8p4.crl (hash: SD1erfdrp29m6zubPxvsfbqBqebDkAbTXw9PwGHKbfU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:10:8c:15:7d:d3:62:a9:53:cc:a0:83:90:10:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
Validity
Not Before: Apr 17 01:00:24 2026 GMT
Not After : Apr 18 01:00:24 2026 GMT
Subject: CN=1490407b04e23314ca11de615aac969ee8003924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c9:73:57:d3:d5:cb:a2:9e:cb:ff:8a:57:80:
ea:9e:9f:6c:e6:f5:4f:0b:b7:5a:af:2c:8a:38:0f:
83:ad:d6:d8:44:af:bd:d7:67:10:46:66:da:0b:50:
74:ba:53:be:59:c0:bd:73:10:f4:4e:de:af:3f:7d:
4b:c7:51:47:18:79:5a:0c:b3:8a:07:00:85:d1:68:
18:aa:dd:00:14:3f:85:b3:3e:c0:9d:55:5a:3c:40:
ff:86:d4:d1:55:97:65:7f:f8:fe:44:87:e6:b8:7e:
9b:37:72:d6:e5:1e:b3:f2:91:c7:e5:52:0b:26:78:
93:03:de:1d:ca:79:f3:4e:cd:f3:cb:72:c7:1d:7b:
eb:f8:e3:6f:db:fc:86:a1:8a:b7:54:90:0a:f1:20:
74:dc:76:75:6f:e0:f1:ce:be:01:b6:a5:b3:ff:56:
be:2b:69:2d:84:7c:1f:ce:38:32:15:2c:31:be:a5:
ac:c8:71:04:d1:69:1d:28:f1:c4:29:38:70:1d:00:
e3:ae:60:d7:5b:8c:cd:5e:eb:f0:dd:2a:9c:a6:75:
32:c1:11:31:3c:22:9f:67:de:dc:90:c2:9a:a9:12:
ee:49:4f:09:57:d5:1e:32:d0:7b:c5:6f:05:a3:bc:
4f:43:2a:87:2e:c6:d0:96:ac:c1:19:51:6a:b6:98:
b1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:90:40:7B:04:E2:33:14:CA:11:DE:61:5A:AC:96:9E:E8:00:39:24
X509v3 Authority Key Identifier:
keyid:36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:c6:dd:93:09:38:8b:e4:cc:51:b2:b8:52:d0:f4:4c:ff:09:
f9:4b:88:29:59:db:41:a6:f6:87:ab:40:13:4b:24:e1:c5:7c:
70:20:dd:76:69:78:15:dd:61:e2:86:db:14:35:9b:60:17:bd:
76:1d:4f:13:5b:d6:a6:b6:5f:06:08:5c:c2:3b:b9:d6:db:18:
ff:9e:3c:1a:dc:de:8b:4f:4f:3d:f0:f8:ad:27:49:27:05:31:
3c:91:14:29:83:8d:57:55:3c:d9:cf:36:f7:93:94:fa:7b:bc:
30:df:ef:0c:c9:b0:67:be:18:7b:56:d7:e7:93:ab:bb:54:06:
1f:97:6a:c1:71:c7:63:0a:9a:a6:8f:82:cf:e0:2b:15:da:4d:
6a:9c:6d:b9:eb:20:33:72:31:02:1b:da:5a:20:07:59:26:48:
25:d8:89:db:9c:7e:5b:74:0a:77:15:21:9c:66:1b:3d:cd:8b:
d9:88:3f:31:c3:55:5c:0d:b9:f0:54:58:95:91:da:e9:c4:14:
41:ae:e7:5a:e4:25:e5:fc:64:b0:df:7b:2d:f3:87:0b:39:8c:
0c:7c:51:2b:1b:59:50:88:28:08:55:93:b3:60:47:48:64:fb:
5f:94:85:68:f7:65:55:45:9e:76:6c:59:03:76:32:00:52:78:
fd:77:5a:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9BCMFX3TYqlTzKCDkBAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDIxMzhiMGVlZmZlNTZhMzJjY2JhYTU4ZDZmZmU2ZWRj
M2YyOWUwHhcNMjYwNDE3MDEwMDI0WhcNMjYwNDE4MDEwMDI0WjAzMTEwLwYDVQQD
EygxNDkwNDA3YjA0ZTIzMzE0Y2ExMWRlNjE1YWFjOTY5ZWU4MDAzOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4clzV9PVy6Key/+KV4Dqnp9s5vVP
C7daryyKOA+DrdbYRK+912cQRmbaC1B0ulO+WcC9cxD0Tt6vP31Lx1FHGHlaDLOK
BwCF0WgYqt0AFD+Fsz7AnVVaPED/htTRVZdlf/j+RIfmuH6bN3LW5R6z8pHH5VIL
JniTA94dynnzTs3zy3LHHXvr+ONv2/yGoYq3VJAK8SB03HZ1b+Dxzr4BtqWz/1a+
K2kthHwfzjgyFSwxvqWsyHEE0WkdKPHEKThwHQDjrmDXW4zNXuvw3SqcpnUywREx
PCKfZ97ckMKaqRLuSU8JV9UeMtB7xW8Fo7xPQyqHLsbQlqzBGVFqtpix+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSQQHsE4jMUyhHeYVqslp7oADkkMB8GA1UdIwQY
MBaAFDZCE4sO7/5WoyzLqljW/+btw/KeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgt
ZTA3Zjk1OTM1NmExLzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgtZTA3Zjk1OTM1NmEx
LzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcsbdkwk4
i+TMUbK4UtD0TP8J+UuIKVnbQab2h6tAE0sk4cV8cCDddml4Fd1h4obbFDWbYBe9
dh1PE1vWprZfBghcwju51tsY/548Gtzei09PPfD4rSdJJwUxPJEUKYONV1U82c82
95OU+nu8MN/vDMmwZ74Ye1bX55Oru1QGH5dqwXHHYwqapo+Cz+ArFdpNapxtuesg
M3IxAhvaWiAHWSZIJdiJ25x+W3QKdxUhnGYbPc2L2Yg/McNVXA258FRYlZHa6cQU
Qa7nWuQl5fxksN97LfOHCzmMDHxRKxtZUIgoCFWTs2BHSGT7X5SFaPdlVUWedmxZ
A3YyAFJ4/XdaCA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:10:32 2026 by rpki-client