Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
File: nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json)
Hash identifier: wp6Q26Wlr80R8InJL1L1QF9QmoYMv4HxSeqh5/W0oIU=
Subject key identifier: AF:D6:E6:F0:0A:D9:61:11:38:BE:8E:16:C1:9C:2A:6A:23:F1:8D:CA
Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
Certificate issuer: /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Certificate serial: 019D2B16FEA7EDE5F9C31B4F07B560EE8BAD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
Manifest number: 0B01
Signing time: Thu 26 Mar 2026 17:00:20 +0000
Manifest this update: Thu 26 Mar 2026 17:00:20 +0000
Manifest next update: Fri 27 Mar 2026 17:00:20 +0000
Files and hashes: 1: KggeSoYJuTH0OsCrW287o_IBVIU.roa (hash: 3X9Kd87JdDMTWZvK8kLFjDZVe2SDW7wiUWXk0sGtCM8=)
2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: imv43ib2/3eEqjvMef4nPj/hrAjQzFz2iasDX4XFZf4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:16:fe:a7:ed:e5:f9:c3:1b:4f:07:b5:60:ee:8b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Validity
Not Before: Mar 26 17:00:20 2026 GMT
Not After : Mar 27 17:00:20 2026 GMT
Subject: CN=afd6e6f00ad9611138be8e16c19c2a6a23f18dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c8:d8:20:0d:a2:ed:99:26:47:75:16:17:5e:
1a:99:31:d4:0c:42:3c:24:fe:26:4f:74:84:51:e1:
f0:87:85:9f:97:93:08:f2:0b:f2:ec:bb:9b:7c:76:
a9:3e:71:89:b9:57:2f:d1:86:ff:6c:51:5c:dd:d5:
75:e4:f6:7a:8c:59:d5:7d:52:e0:d9:d4:f7:87:b7:
c5:42:23:8d:55:2e:2e:2d:43:a9:51:73:77:19:33:
f1:3e:b6:63:17:c2:51:c2:51:3e:4a:2e:d0:be:f1:
2e:fd:31:7b:12:ce:79:81:cc:1e:18:86:4f:99:53:
f6:f2:d9:d5:5c:f9:21:a5:cc:45:e1:7b:73:38:92:
12:55:46:e1:e1:ec:93:b5:f4:a2:b3:a2:55:1a:74:
0a:10:f7:e9:12:d1:e1:aa:95:54:33:46:d7:23:14:
9b:37:32:a1:f7:77:33:80:c6:4a:2e:2e:d9:79:03:
ee:86:0d:f6:90:ff:a6:67:fe:1c:c0:09:91:9d:bb:
11:ca:ad:9c:0b:87:6c:88:de:d5:63:8d:f3:ae:e0:
b5:09:63:c2:97:cb:5b:71:00:ab:4f:1a:ad:fe:45:
b7:10:3a:ce:40:c5:b3:3e:d8:46:41:cb:23:c1:64:
d8:d8:9b:b7:70:39:be:76:bc:07:a4:87:b0:ed:e7:
eb:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:D6:E6:F0:0A:D9:61:11:38:BE:8E:16:C1:9C:2A:6A:23:F1:8D:CA
X509v3 Authority Key Identifier:
keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:91:78:ae:80:c0:a3:7d:05:92:88:36:4f:7d:ab:a5:de:b6:
6f:f5:89:e5:77:45:10:07:1f:40:96:0a:90:ef:41:16:55:ec:
d3:b5:a8:ca:08:dd:90:3b:98:51:d4:91:17:2f:00:02:61:24:
dd:cf:62:62:ae:a7:1f:b3:79:fb:ee:b8:de:ad:52:f3:20:15:
20:ee:76:74:a1:3f:19:2d:2b:19:29:7b:db:0c:2d:e1:db:06:
3f:4b:9d:df:92:85:08:b0:04:0c:5b:b5:ab:d8:93:01:53:da:
69:3d:66:ae:c0:77:92:31:83:88:76:3a:01:96:8c:4a:7b:3f:
c1:3f:86:61:c8:9e:1c:82:4d:d9:ac:ca:06:32:0d:9b:75:10:
46:8e:ab:4c:d2:7e:dc:09:6e:63:49:0c:82:88:80:a6:9e:78:
a9:78:54:93:d5:10:d9:88:6e:e0:7f:31:79:70:50:7a:d7:67:
04:b1:bf:f4:71:da:b5:4b:e3:5b:76:29:00:54:9f:95:7e:ab:
7b:b4:de:a9:a2:f1:76:d5:65:c5:a7:ee:c9:b5:17:5d:3a:b8:
9a:66:ee:01:23:88:cf:2e:52:ae:6d:c9:08:18:a2:5b:58:26:
71:2a:9f:e5:b1:e8:ef:fe:57:80:fc:7c:cc:61:80:2a:3f:03:
78:40:ca:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rFv6n7eX5wxtPB7Vg7outMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx
ZTkxYTAwHhcNMjYwMzI2MTcwMDIwWhcNMjYwMzI3MTcwMDIwWjAzMTEwLwYDVQQD
EyhhZmQ2ZTZmMDBhZDk2MTExMzhiZThlMTZjMTljMmE2YTIzZjE4ZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMjYIA2i7ZkmR3UWF14amTHUDEI8
JP4mT3SEUeHwh4Wfl5MI8gvy7LubfHapPnGJuVcv0Yb/bFFc3dV15PZ6jFnVfVLg
2dT3h7fFQiONVS4uLUOpUXN3GTPxPrZjF8JRwlE+Si7QvvEu/TF7Es55gcweGIZP
mVP28tnVXPkhpcxF4XtzOJISVUbh4eyTtfSis6JVGnQKEPfpEtHhqpVUM0bXIxSb
NzKh93czgMZKLi7ZeQPuhg32kP+mZ/4cwAmRnbsRyq2cC4dsiN7VY43zruC1CWPC
l8tbcQCrTxqt/kW3EDrOQMWzPthGQcsjwWTY2Ju3cDm+drwHpIew7efr9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/W5vAK2WEROL6OFsGcKmoj8Y3KMB8GA1UdIwQY
MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt
ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0
LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUJF4roDA
o30Fkog2T32rpd62b/WJ5XdFEAcfQJYKkO9BFlXs07WoygjdkDuYUdSRFy8AAmEk
3c9iYq6nH7N5++643q1S8yAVIO52dKE/GS0rGSl72wwt4dsGP0ud35KFCLAEDFu1
q9iTAVPaaT1mrsB3kjGDiHY6AZaMSns/wT+GYcieHIJN2azKBjINm3UQRo6rTNJ+
3AluY0kMgoiApp54qXhUk9UQ2Yhu4H8xeXBQetdnBLG/9HHatUvjW3YpAFSflX6r
e7TeqaLxdtVlxafuybUXXTq4mmbuASOIzy5Srm3JCBiiW1gmcSqf5bHo7/5XgPx8
zGGAKj8DeEDKaQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:44:26 2026 by rpki-client