Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft
File: NkYULOMpCrZ4bT0w8mteQf1oTd4.mft (raw, json)
Hash identifier: f1lhPNytwxPTj5/Ud38vpvB1BwDUIKbw0tEsAqUExUs=
Subject key identifier: B1:84:E9:2D:86:BD:2A:2E:02:51:F5:DF:54:3B:22:D6:3E:2A:02:B6
Authority key identifier: 36:46:14:2C:E3:29:0A:B6:78:6D:3D:30:F2:6B:5E:41:FD:68:4D:DE
Certificate issuer: /CN=3646142ce3290ab6786d3d30f26b5e41fd684dde
Certificate serial: 019CACEBEA6F44DFD34A1566A10DDD9A7749
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft
Manifest number: 0C25
Signing time: Mon 02 Mar 2026 05:01:07 +0000
Manifest this update: Mon 02 Mar 2026 05:01:07 +0000
Manifest next update: Tue 03 Mar 2026 05:01:07 +0000
Files and hashes: 1: 8sd6i61fK2pFKRyKUFXIcecWNdA.roa (hash: 0lP2EukbQ7lxiIB/1dg6Wt6kXv3T/8YmxZYQdbkSyU4=)
2: LZcyPq5gcVmCZJNsmUPn5VwCWKQ.roa (hash: qXtKcLjBnYcfm5KPZ6PRmpU8Z0A5pTm8Psp+7+d29jQ=)
3: NkYULOMpCrZ4bT0w8mteQf1oTd4.crl (hash: C01oa0qzzBBCQNAYsY7G5jZt/1cX7FHZ8crSAldrIwc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:eb:ea:6f:44:df:d3:4a:15:66:a1:0d:dd:9a:77:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3646142ce3290ab6786d3d30f26b5e41fd684dde
Validity
Not Before: Mar 2 05:01:07 2026 GMT
Not After : Mar 3 05:01:07 2026 GMT
Subject: CN=b184e92d86bd2a2e0251f5df543b22d63e2a02b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:92:ff:11:41:05:3c:85:a2:a9:62:3a:15:9f:
71:2e:67:32:1f:c1:f8:87:16:ba:65:12:99:c7:3c:
b5:83:96:63:de:ae:0e:37:07:01:1f:ab:20:0d:26:
c9:61:88:59:dc:78:8d:2f:6f:12:86:8e:55:6a:fc:
f8:a9:09:95:45:11:9f:ff:06:46:34:af:55:55:e9:
2c:0b:b1:ed:5a:4c:66:51:78:76:40:f6:d0:81:34:
61:93:69:da:11:e1:2a:00:93:5b:36:50:d7:7d:4e:
df:b4:0f:5d:67:c9:7d:33:5b:87:78:38:0d:6b:8e:
e1:1c:fa:c9:bf:73:af:60:b2:17:04:1b:cf:4f:7f:
0b:93:94:ae:91:29:28:81:88:72:3c:2f:09:eb:a0:
8c:74:e8:15:f2:ed:a5:06:d3:f6:99:36:d1:62:ce:
de:47:fa:6c:dc:d0:95:b1:27:68:fb:79:ca:40:90:
86:32:f4:e6:05:88:b1:b1:4f:f8:52:36:93:a2:77:
5e:3f:ee:fc:76:6c:00:76:e9:c8:60:38:04:4a:45:
88:70:da:19:5f:80:40:6d:3a:3b:91:f1:bc:36:be:
f9:40:f3:59:80:85:27:a2:75:d5:99:cb:f4:f9:b5:
7b:cf:78:7a:6b:9f:77:62:9d:ed:0d:01:81:6a:dd:
24:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:84:E9:2D:86:BD:2A:2E:02:51:F5:DF:54:3B:22:D6:3E:2A:02:B6
X509v3 Authority Key Identifier:
keyid:36:46:14:2C:E3:29:0A:B6:78:6D:3D:30:F2:6B:5E:41:FD:68:4D:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:a8:47:21:ac:ef:fc:9b:31:ce:6a:4e:f2:63:d7:e1:dd:1a:
76:21:ec:f6:7a:f7:0a:ff:be:93:e9:2d:0e:6d:bd:c3:59:7f:
24:29:5d:ef:76:dd:4b:8c:40:69:07:d4:1b:f4:1c:6c:97:28:
06:47:70:e2:1c:c1:78:2a:76:3d:3b:7c:70:98:5d:da:cb:20:
23:87:78:d6:1c:c8:e3:9c:d3:04:53:72:f3:9b:9b:db:e0:3b:
f0:d0:9a:cd:12:96:13:4e:7e:55:10:c5:9a:a3:92:c6:04:e0:
98:13:ce:3a:ec:ba:9d:4e:e9:cb:9c:6c:64:cb:95:ee:a4:f7:
79:d3:b3:40:4c:2c:8d:db:16:d1:21:4a:ed:24:a2:82:c8:91:
a5:fc:11:34:63:24:9f:9d:a1:24:a0:05:6b:21:a8:95:3f:9d:
70:21:8b:4e:d7:07:18:49:9e:fa:1f:d4:e9:43:bb:60:63:c9:
fa:9f:19:41:b0:a1:f0:9f:8e:e4:38:0c:38:aa:f0:7b:09:ff:
ce:4e:4b:21:34:d1:f8:fb:f7:73:31:eb:f4:61:f3:aa:57:1a:
24:31:09:b9:8e:f5:6a:42:17:8d:6b:1d:17:a4:2a:83:fb:ea:
87:c3:1c:f9:78:59:83:20:61:80:7e:84:73:f6:42:39:bc:22:
65:3d:54:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZys6+pvRN/TShVmoQ3dmndJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDYxNDJjZTMyOTBhYjY3ODZkM2QzMGYyNmI1ZTQxZmQ2
ODRkZGUwHhcNMjYwMzAyMDUwMTA3WhcNMjYwMzAzMDUwMTA3WjAzMTEwLwYDVQQD
EyhiMTg0ZTkyZDg2YmQyYTJlMDI1MWY1ZGY1NDNiMjJkNjNlMmEwMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZL/EUEFPIWiqWI6FZ9xLmcyH8H4
hxa6ZRKZxzy1g5Zj3q4ONwcBH6sgDSbJYYhZ3HiNL28Sho5Vavz4qQmVRRGf/wZG
NK9VVeksC7HtWkxmUXh2QPbQgTRhk2naEeEqAJNbNlDXfU7ftA9dZ8l9M1uHeDgN
a47hHPrJv3OvYLIXBBvPT38Lk5SukSkogYhyPC8J66CMdOgV8u2lBtP2mTbRYs7e
R/ps3NCVsSdo+3nKQJCGMvTmBYixsU/4UjaTondeP+78dmwAdunIYDgESkWIcNoZ
X4BAbTo7kfG8Nr75QPNZgIUnonXVmcv0+bV7z3h6a593Yp3tDQGBat0kbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLGE6S2GvSouAlH131Q7ItY+KgK2MB8GA1UdIwQY
MBaAFDZGFCzjKQq2eG09MPJrXkH9aE3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9jZDgyMDYtNzY0ZS00YTMxLWFjZTct
ZDMwODU0MmExZDg2LzEvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9jZDgyMDYtNzY0ZS00YTMxLWFjZTctZDMwODU0MmExZDg2
LzEvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFKhHIazv
/JsxzmpO8mPX4d0adiHs9nr3Cv++k+ktDm29w1l/JCld73bdS4xAaQfUG/QcbJco
Bkdw4hzBeCp2PTt8cJhd2ssgI4d41hzI45zTBFNy85ub2+A78NCazRKWE05+VRDF
mqOSxgTgmBPOOuy6nU7py5xsZMuV7qT3edOzQEwsjdsW0SFK7SSigsiRpfwRNGMk
n52hJKAFayGolT+dcCGLTtcHGEme+h/U6UO7YGPJ+p8ZQbCh8J+O5DgMOKrwewn/
zk5LITTR+Pv3czHr9GHzqlcaJDEJuY71akIXjWsdF6Qqg/vqh8Mc+XhZgyBhgH6E
c/ZCObwiZT1UCg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:55:10 2026 by rpki-client