Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
File: NgHDzOanHKshpLut8KuE3ePyurI.mft (raw, json)
Hash identifier: hikGc3o1xgTrDMq81kD17RBfGqQGgMjx/2Tyd0tx11Y=
Subject key identifier: 12:C8:F8:9D:42:01:35:F0:0F:47:35:E5:FF:39:DA:3A:D9:0B:CF:49
Authority key identifier: 36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
Certificate issuer: /CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Certificate serial: 019D9AABA84249ABAA6F068711809D8CC1D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
Manifest number: 18C5
Signing time: Fri 17 Apr 2026 09:00:34 +0000
Manifest this update: Fri 17 Apr 2026 09:00:34 +0000
Manifest next update: Sat 18 Apr 2026 09:00:34 +0000
Files and hashes: 1: NgHDzOanHKshpLut8KuE3ePyurI.crl (hash: rQlYzc//K/5SGgwZscU0VVJ3JGTS6771mj62Z0BNR0w=)
2: n4exwERefxehosNF3vrmda7cVQg.roa (hash: Yi7HEiIp9Gzv2dhWbsT1GkQVLHDCPjnmDLNUTFuloG0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:ab:a8:42:49:ab:aa:6f:06:87:11:80:9d:8c:c1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Validity
Not Before: Apr 17 09:00:34 2026 GMT
Not After : Apr 18 09:00:34 2026 GMT
Subject: CN=12c8f89d420135f00f4735e5ff39da3ad90bcf49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f5:61:97:04:fa:81:48:9a:51:4c:bd:e5:8b:
53:4f:3a:99:62:40:9c:50:89:0a:26:05:2a:51:a9:
f5:36:45:b1:47:92:98:cc:2a:e4:58:ef:f0:5d:1b:
71:fe:6f:18:de:f8:82:a3:3f:02:a7:b6:1f:7d:5d:
a5:0f:8d:c8:82:70:57:fc:6f:5e:81:07:36:96:7f:
14:9a:81:e9:f0:8c:d1:5a:41:a1:5b:1a:50:f7:76:
c8:c1:b4:d6:73:f2:77:1f:7c:cc:cf:4e:f0:b0:51:
f4:2b:57:34:40:6c:42:2d:0f:be:af:bb:6d:57:0f:
a7:50:a7:8a:a0:ec:d0:3f:c8:2b:4e:75:52:93:d5:
43:b1:a4:22:a2:1b:32:c1:60:89:20:d2:0d:7c:f8:
4f:41:86:ca:f2:be:90:72:8b:2e:0d:0b:dd:5a:09:
16:d5:0e:64:88:df:7d:04:ef:82:99:65:eb:22:47:
79:05:67:25:7b:34:c3:db:29:df:e0:51:e8:b8:a7:
d9:eb:06:7f:5f:cc:35:d2:31:1c:08:68:c4:1d:06:
94:cc:70:a0:44:30:7c:db:23:72:cc:26:0f:fa:1f:
02:3c:22:42:6a:44:8d:b1:5e:4f:8d:0d:ea:8d:6f:
17:3a:76:de:48:68:54:4a:30:14:bd:44:ee:66:33:
df:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:C8:F8:9D:42:01:35:F0:0F:47:35:E5:FF:39:DA:3A:D9:0B:CF:49
X509v3 Authority Key Identifier:
keyid:36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:98:be:c1:70:fe:c2:6c:d2:dd:ce:82:21:23:1d:62:d5:b6:
16:c9:18:19:6f:39:9e:5e:24:ee:ec:a8:c9:65:24:5a:9c:a5:
08:6d:d9:20:a5:6b:b7:7b:a3:27:e8:52:5d:60:d6:f1:d8:57:
3b:77:16:98:4a:3d:15:4b:41:72:85:29:6d:0e:b8:9a:94:ed:
3d:4f:0f:f8:32:fc:80:09:75:8e:0d:a9:ad:03:cd:ea:0e:44:
cd:e5:b7:07:85:58:49:4e:9e:47:5c:0a:53:45:0d:71:64:f8:
9f:4e:94:c3:f3:63:4e:e6:af:f6:b3:67:a5:30:06:08:40:4e:
ce:60:86:20:13:68:4f:15:3c:50:43:84:8c:5f:05:33:97:b8:
38:1a:26:c7:ca:57:60:c6:2b:ef:5d:c4:26:ca:f1:4f:e6:86:
bb:40:b2:1b:ae:54:ae:22:ff:d8:4c:b8:33:1b:98:aa:d8:75:
4e:2a:06:2f:10:b8:cc:76:de:fe:80:16:25:48:be:e2:d7:9e:
a2:40:64:69:1c:a6:17:45:71:9e:6f:b4:6b:47:10:0a:56:78:
90:04:03:3f:46:a9:b4:2c:cc:76:03:57:f9:72:af:3d:ad:cd:
41:ef:67:20:1c:9f:4b:7c:f9:52:e8:f5:c8:c4:6c:ee:65:44:
18:a7:84:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aq6hCSauqbwaHEYCdjMHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MDFjM2NjZTZhNzFjYWIyMWE0YmJhZGYwYWI4NGRkZTNm
MmJhYjIwHhcNMjYwNDE3MDkwMDM0WhcNMjYwNDE4MDkwMDM0WjAzMTEwLwYDVQQD
EygxMmM4Zjg5ZDQyMDEzNWYwMGY0NzM1ZTVmZjM5ZGEzYWQ5MGJjZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPVhlwT6gUiaUUy95YtTTzqZYkCc
UIkKJgUqUan1NkWxR5KYzCrkWO/wXRtx/m8Y3viCoz8Cp7YffV2lD43IgnBX/G9e
gQc2ln8UmoHp8IzRWkGhWxpQ93bIwbTWc/J3H3zMz07wsFH0K1c0QGxCLQ++r7tt
Vw+nUKeKoOzQP8grTnVSk9VDsaQiohsywWCJININfPhPQYbK8r6QcosuDQvdWgkW
1Q5kiN99BO+CmWXrIkd5BWclezTD2ynf4FHouKfZ6wZ/X8w10jEcCGjEHQaUzHCg
RDB82yNyzCYP+h8CPCJCakSNsV5PjQ3qjW8XOnbeSGhUSjAUvUTuZjPfuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBLI+J1CATXwD0c15f852jrZC89JMB8GA1UdIwQY
MBaAFDYBw8zmpxyrIaS7rfCrhN3j8rqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUt
ODAxZWYzOGRlYTljLzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUtODAxZWYzOGRlYTlj
LzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA5i+wXD+
wmzS3c6CISMdYtW2FskYGW85nl4k7uyoyWUkWpylCG3ZIKVrt3ujJ+hSXWDW8dhX
O3cWmEo9FUtBcoUpbQ64mpTtPU8P+DL8gAl1jg2prQPN6g5EzeW3B4VYSU6eR1wK
U0UNcWT4n06Uw/NjTuav9rNnpTAGCEBOzmCGIBNoTxU8UEOEjF8FM5e4OBomx8pX
YMYr713EJsrxT+aGu0CyG65UriL/2Ey4MxuYqth1TioGLxC4zHbe/oAWJUi+4tee
okBkaRymF0Vxnm+0a0cQClZ4kAQDP0aptCzMdgNX+XKvPa3NQe9nIByfS3z5Uuj1
yMRs7mVEGKeEYA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:00:00 2026 by rpki-client