Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft
File: NkYULOMpCrZ4bT0w8mteQf1oTd4.mft (raw, json)
Hash identifier: 1im8tw7+bP0GM5feFgNtyUm+l4HYkajdMLfwLSCdajQ=
Subject key identifier: 2F:2A:56:29:D8:15:A9:D2:3C:46:0D:CA:48:9D:11:67:47:42:85:0C
Authority key identifier: 36:46:14:2C:E3:29:0A:B6:78:6D:3D:30:F2:6B:5E:41:FD:68:4D:DE
Certificate issuer: /CN=3646142ce3290ab6786d3d30f26b5e41fd684dde
Certificate serial: 019DA41C799A0F915536AAC2CAFA277CEE20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft
Manifest number: 0CA5
Signing time: Sun 19 Apr 2026 05:00:22 +0000
Manifest this update: Sun 19 Apr 2026 05:00:22 +0000
Manifest next update: Mon 20 Apr 2026 05:00:22 +0000
Files and hashes: 1: 8sd6i61fK2pFKRyKUFXIcecWNdA.roa (hash: 0lP2EukbQ7lxiIB/1dg6Wt6kXv3T/8YmxZYQdbkSyU4=)
2: LZcyPq5gcVmCZJNsmUPn5VwCWKQ.roa (hash: qXtKcLjBnYcfm5KPZ6PRmpU8Z0A5pTm8Psp+7+d29jQ=)
3: NkYULOMpCrZ4bT0w8mteQf1oTd4.crl (hash: 1qgOV29f9he1+1AJaQJp7BKIZwFt9mOtAuRrpu7VzTY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:1c:79:9a:0f:91:55:36:aa:c2:ca:fa:27:7c:ee:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3646142ce3290ab6786d3d30f26b5e41fd684dde
Validity
Not Before: Apr 19 05:00:22 2026 GMT
Not After : Apr 20 05:00:22 2026 GMT
Subject: CN=2f2a5629d815a9d23c460dca489d11674742850c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:44:ee:27:14:34:8d:a7:43:ec:25:b6:f5:01:
8f:47:03:62:f8:d3:41:54:f4:ca:5a:07:8a:27:88:
d4:c1:d4:75:95:03:86:d3:01:8a:5a:c2:76:57:15:
d8:38:8c:1f:33:21:07:77:aa:55:c1:bf:cd:24:e2:
9c:db:be:cc:26:24:ab:0d:26:7b:af:b6:61:7d:81:
01:ce:7c:dc:63:35:32:8a:54:28:c8:37:0a:bb:f7:
26:0b:45:82:55:15:72:8d:92:5f:f9:1a:b3:89:09:
47:7b:fa:d2:18:5d:74:8b:42:e0:22:b2:0c:b0:4c:
a0:fd:53:a9:6d:2b:ae:2b:63:fd:5b:ae:15:b3:4c:
a5:a5:0c:f5:06:29:56:4b:6a:ca:6b:1f:dc:fb:db:
bf:af:8c:3e:96:91:07:f6:7a:3e:bc:7c:27:42:ea:
ff:2b:ae:b8:3c:e1:02:6e:cb:c8:82:c8:ed:d4:f3:
a0:b4:f5:20:b8:80:5a:42:89:3b:16:7e:33:c8:a6:
4d:fd:c1:96:96:79:ca:5e:c6:65:39:14:df:92:ba:
eb:6d:e5:8e:60:f6:9b:ab:28:3a:7f:f6:7f:40:5b:
55:bb:12:c6:95:10:89:2f:c9:f8:03:5c:1e:93:b7:
9e:dc:ad:66:f9:a7:e0:70:8e:80:99:7a:42:e1:7f:
08:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:2A:56:29:D8:15:A9:D2:3C:46:0D:CA:48:9D:11:67:47:42:85:0C
X509v3 Authority Key Identifier:
keyid:36:46:14:2C:E3:29:0A:B6:78:6D:3D:30:F2:6B:5E:41:FD:68:4D:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:ec:8e:a0:90:c7:f1:88:7b:80:48:52:3b:bc:24:b0:e6:92:
e0:8e:33:d2:76:85:92:4f:c5:ec:4c:92:7f:c7:28:1a:2a:c1:
a3:15:71:94:d6:1b:4a:e8:7d:d6:74:37:aa:3d:33:4a:5f:f0:
18:34:a8:82:33:0c:cf:b9:79:7f:0c:aa:02:dc:e4:ac:f7:74:
d9:ef:5a:fd:b3:a8:12:ea:10:a3:8b:c1:c3:0c:91:98:da:43:
22:e7:bc:ad:1d:24:80:fa:21:9d:98:28:27:cf:ed:49:e5:1b:
99:b6:37:06:69:60:37:bb:52:6b:29:fa:4d:c3:b3:5d:25:75:
2b:5f:a8:8e:5e:7f:ea:6d:fd:70:67:93:39:c7:ee:3d:80:8e:
96:2f:62:fe:d4:22:56:d3:85:15:72:18:22:e8:46:56:47:08:
67:5c:2b:00:44:af:db:30:2d:36:36:d8:68:e4:32:e7:d8:5c:
e9:c1:af:9d:6b:29:de:f5:51:87:70:bf:83:c6:c3:5f:1e:cc:
3b:80:e6:c6:03:99:02:d2:0e:89:62:88:5a:f9:9a:48:10:f1:
a2:ce:5f:2b:9d:82:33:65:89:1c:91:60:ef:fd:cf:16:44:9e:
97:1f:89:49:51:39:e4:80:a6:48:89:19:47:63:af:88:ad:39:
ac:7c:9a:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kHHmaD5FVNqrCyvonfO4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDYxNDJjZTMyOTBhYjY3ODZkM2QzMGYyNmI1ZTQxZmQ2
ODRkZGUwHhcNMjYwNDE5MDUwMDIyWhcNMjYwNDIwMDUwMDIyWjAzMTEwLwYDVQQD
EygyZjJhNTYyOWQ4MTVhOWQyM2M0NjBkY2E0ODlkMTE2NzQ3NDI4NTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUTuJxQ0jadD7CW29QGPRwNi+NNB
VPTKWgeKJ4jUwdR1lQOG0wGKWsJ2VxXYOIwfMyEHd6pVwb/NJOKc277MJiSrDSZ7
r7ZhfYEBznzcYzUyilQoyDcKu/cmC0WCVRVyjZJf+RqziQlHe/rSGF10i0LgIrIM
sEyg/VOpbSuuK2P9W64Vs0ylpQz1BilWS2rKax/c+9u/r4w+lpEH9no+vHwnQur/
K664POECbsvIgsjt1POgtPUguIBaQok7Fn4zyKZN/cGWlnnKXsZlORTfkrrrbeWO
YPabqyg6f/Z/QFtVuxLGlRCJL8n4A1wek7ee3K1m+afgcI6AmXpC4X8I2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC8qVinYFanSPEYNykidEWdHQoUMMB8GA1UdIwQY
MBaAFDZGFCzjKQq2eG09MPJrXkH9aE3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9jZDgyMDYtNzY0ZS00YTMxLWFjZTct
ZDMwODU0MmExZDg2LzEvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9jZDgyMDYtNzY0ZS00YTMxLWFjZTctZDMwODU0MmExZDg2
LzEvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASuyOoJDH
8Yh7gEhSO7wksOaS4I4z0naFkk/F7EySf8coGirBoxVxlNYbSuh91nQ3qj0zSl/w
GDSogjMMz7l5fwyqAtzkrPd02e9a/bOoEuoQo4vBwwyRmNpDIue8rR0kgPohnZgo
J8/tSeUbmbY3BmlgN7tSayn6TcOzXSV1K1+ojl5/6m39cGeTOcfuPYCOli9i/tQi
VtOFFXIYIuhGVkcIZ1wrAESv2zAtNjbYaOQy59hc6cGvnWsp3vVRh3C/g8bDXx7M
O4DmxgOZAtIOiWKIWvmaSBDxos5fK52CM2WJHJFg7/3PFkSelx+JSVE55ICmSIkZ
R2OviK05rHya9g==
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:06:45 2026 by rpki-client