Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft
File: NTPUOQNczcXww50bP7FhlbVV_KM.mft (raw, json)
Hash identifier: NkbrAezdhLroqjgYMyoN6JBthSjjEmwg+tuCKaqkRvU=
Subject key identifier: 94:89:8A:DC:1C:5F:52:AE:BF:84:9D:3F:93:9E:D3:A8:90:14:55:77
Authority key identifier: 35:33:D4:39:03:5C:CD:C5:F0:C3:9D:1B:3F:B1:61:95:B5:55:FC:A3
Certificate issuer: /CN=3533d439035ccdc5f0c39d1b3fb16195b555fca3
Certificate serial: 019D28845A956A30F658340D7336348AD6FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft
Manifest number: 0D7D
Signing time: Thu 26 Mar 2026 05:00:55 +0000
Manifest this update: Thu 26 Mar 2026 05:00:55 +0000
Manifest next update: Fri 27 Mar 2026 05:00:55 +0000
Files and hashes: 1: GkloadKipNGLxGdn49lnbZG57SQ.roa (hash: HQ8BBGVI4OetCOmU12/iTT2SoIrhzR4vqVTSloeX4A8=)
2: NTPUOQNczcXww50bP7FhlbVV_KM.crl (hash: gvm61CJmh4i+dTIWf+SfLz3kg14DPlm29ZWUcRyrIqQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:84:5a:95:6a:30:f6:58:34:0d:73:36:34:8a:d6:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3533d439035ccdc5f0c39d1b3fb16195b555fca3
Validity
Not Before: Mar 26 05:00:55 2026 GMT
Not After : Mar 27 05:00:55 2026 GMT
Subject: CN=94898adc1c5f52aebf849d3f939ed3a890145577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:45:64:f2:66:28:b0:10:89:ac:c6:e7:b6:c8:
92:0d:76:4d:e1:3f:0f:cf:8e:5c:1a:b2:b3:59:ae:
61:cc:fd:ca:17:be:cb:75:02:f6:d5:73:b3:86:b1:
5f:11:23:b2:41:b9:22:14:4f:8b:6d:a2:3d:65:2f:
49:f4:3f:63:77:83:49:e9:93:ea:27:66:11:b1:6b:
1f:61:18:49:b2:d6:5c:c6:11:3b:d7:31:a3:a4:d9:
f7:f7:d3:b5:b1:71:26:8a:38:c4:6b:0d:c8:9c:81:
ba:3a:84:96:dd:a3:b3:e8:6e:e3:04:b5:9a:50:9d:
0c:8d:9a:b1:45:a1:74:f1:cd:21:1a:38:3e:e6:1a:
46:76:eb:7c:3e:85:3d:15:15:3b:f4:d8:ca:d0:22:
e5:5d:47:3f:91:84:ac:7c:71:75:1a:81:d9:2b:32:
fb:8b:17:5a:ff:ec:91:4b:0b:c6:f7:55:9f:54:dd:
dd:6a:e7:31:7d:34:ad:a7:25:f9:92:a2:4c:88:43:
8c:95:0d:ec:71:fe:51:e8:c4:26:ad:28:a3:6f:6c:
9b:4f:9e:88:c2:3d:24:f4:d9:27:b3:e2:18:09:cf:
39:e0:cd:16:5f:0c:eb:43:0d:05:b4:dc:2f:a2:58:
8c:17:7c:61:29:cb:66:11:38:99:28:cf:98:b6:36:
98:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:89:8A:DC:1C:5F:52:AE:BF:84:9D:3F:93:9E:D3:A8:90:14:55:77
X509v3 Authority Key Identifier:
keyid:35:33:D4:39:03:5C:CD:C5:F0:C3:9D:1B:3F:B1:61:95:B5:55:FC:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c6:b8:10:13:b6:7d:9e:38:ab:d6:06:65:68:08:f6:33:3d:0e:
c7:25:09:ff:04:68:2c:2c:04:cd:02:e1:cd:c5:6c:24:e8:de:
1d:51:6a:ba:46:cb:36:61:2c:94:3a:43:1e:b9:a5:ae:1b:4d:
fa:d2:31:23:c4:09:82:f3:b4:37:bf:84:03:c3:31:0a:6d:18:
f8:74:66:30:1a:82:ee:63:de:c2:11:0d:10:ec:9d:31:11:27:
b4:6d:9f:5e:d4:86:08:4e:5e:a7:da:61:03:2e:c7:68:8a:22:
6d:35:1b:df:d1:dd:0f:19:f2:5f:b4:7b:72:62:1b:89:82:f7:
f0:b0:49:ce:d2:31:db:3a:02:67:90:ba:d7:80:35:0e:94:c4:
93:73:63:c6:23:93:c7:96:6b:f6:73:87:df:79:b4:18:9a:3d:
9e:cc:e1:f2:e0:83:e7:6c:74:ab:0a:c9:a1:63:39:5c:ba:15:
c5:32:89:07:e2:40:4a:97:10:cc:f2:82:5d:0e:b7:40:3a:7f:
67:7d:cb:14:7d:08:df:6f:d4:5e:04:71:31:53:89:ef:a3:27:
36:d6:92:e3:eb:27:d9:e5:11:ee:4b:c5:b6:8c:8b:bc:54:dc:
70:a1:1b:5a:2c:4d:81:74:7c:cb:0f:e9:f8:69:6b:ab:44:e9:
d6:e7:db:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohFqVajD2WDQNczY0itb/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MzNkNDM5MDM1Y2NkYzVmMGMzOWQxYjNmYjE2MTk1YjU1
NWZjYTMwHhcNMjYwMzI2MDUwMDU1WhcNMjYwMzI3MDUwMDU1WjAzMTEwLwYDVQQD
Eyg5NDg5OGFkYzFjNWY1MmFlYmY4NDlkM2Y5MzllZDNhODkwMTQ1NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEVk8mYosBCJrMbntsiSDXZN4T8P
z45cGrKzWa5hzP3KF77LdQL21XOzhrFfESOyQbkiFE+LbaI9ZS9J9D9jd4NJ6ZPq
J2YRsWsfYRhJstZcxhE71zGjpNn399O1sXEmijjEaw3InIG6OoSW3aOz6G7jBLWa
UJ0MjZqxRaF08c0hGjg+5hpGdut8PoU9FRU79NjK0CLlXUc/kYSsfHF1GoHZKzL7
ixda/+yRSwvG91WfVN3daucxfTStpyX5kqJMiEOMlQ3scf5R6MQmrSijb2ybT56I
wj0k9Nkns+IYCc854M0WXwzrQw0FtNwvoliMF3xhKctmETiZKM+YtjaYrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSJitwcX1Kuv4SdP5Oe06iQFFV3MB8GA1UdIwQY
MBaAFDUz1DkDXM3F8MOdGz+xYZW1VfyjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy84Y2YyYTYtNDUyOS00M2Q5LWI3ODIt
MzZlODVhYmU1MmZmLzEvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy84Y2YyYTYtNDUyOS00M2Q5LWI3ODItMzZlODVhYmU1MmZm
LzEvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxrgQE7Z9
njir1gZlaAj2Mz0OxyUJ/wRoLCwEzQLhzcVsJOjeHVFqukbLNmEslDpDHrmlrhtN
+tIxI8QJgvO0N7+EA8MxCm0Y+HRmMBqC7mPewhENEOydMREntG2fXtSGCE5ep9ph
Ay7HaIoibTUb39HdDxnyX7R7cmIbiYL38LBJztIx2zoCZ5C614A1DpTEk3NjxiOT
x5Zr9nOH33m0GJo9nszh8uCD52x0qwrJoWM5XLoVxTKJB+JASpcQzPKCXQ63QDp/
Z33LFH0I32/UXgRxMVOJ76MnNtaS4+sn2eUR7kvFtoyLvFTccKEbWixNgXR8yw/p
+Glrq0Tp1ufbJQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:33:32 2026 by rpki-client