Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.mft
File: NawwjJT1exHO4bqE7xJ4RHxnhes.mft (raw, json)
Hash identifier: XIjttfEaMunJIuRyUnpQy20vCXKyhqpRGM117cRjX+I=
Subject key identifier: 4C:1B:4B:1B:9E:2A:CF:8E:87:AC:22:59:9D:6B:D2:06:90:28:E9:D9
Authority key identifier: 35:AC:30:8C:94:F5:7B:11:CE:E1:BA:84:EF:12:78:44:7C:67:85:EB
Certificate issuer: /CN=35ac308c94f57b11cee1ba84ef1278447c6785eb
Certificate serial: 019D2628A3E1E2B91AB9B2351E8FB782D970
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NawwjJT1exHO4bqE7xJ4RHxnhes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.mft
Manifest number: 1888
Signing time: Wed 25 Mar 2026 18:01:30 +0000
Manifest this update: Wed 25 Mar 2026 18:01:30 +0000
Manifest next update: Thu 26 Mar 2026 18:01:30 +0000
Files and hashes: 1: EaZSZwZGmcsZnUkQYcJgmv5A-IQ.roa (hash: +ZyiIncgTcIegMEpnSnkV8RC0hP2tnJjSSGms0iMy6Y=)
2: NawwjJT1exHO4bqE7xJ4RHxnhes.crl (hash: AiH7hMlzeaRo3tu3ZqdAmAsJ7pzoskOHBCkZfGsLJbE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.mft
rsync://rpki.ripe.net/repository/DEFAULT/NawwjJT1exHO4bqE7xJ4RHxnhes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:28:a3:e1:e2:b9:1a:b9:b2:35:1e:8f:b7:82:d9:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35ac308c94f57b11cee1ba84ef1278447c6785eb
Validity
Not Before: Mar 25 18:01:30 2026 GMT
Not After : Mar 26 18:01:30 2026 GMT
Subject: CN=4c1b4b1b9e2acf8e87ac22599d6bd2069028e9d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6c:4e:b0:ad:92:03:4a:7b:57:c6:37:b8:66:
55:82:16:5f:14:92:91:50:1c:ae:b7:e8:ba:d4:38:
0b:c6:ca:04:66:a9:c6:de:94:0a:bc:fb:0b:ac:38:
ca:f2:fb:3e:38:bf:3c:0c:eb:21:9b:2e:56:f1:90:
cf:e3:85:e6:4a:c7:e2:e8:e4:c8:37:72:c3:f8:4d:
2f:35:ab:ca:f8:f4:fc:1a:9e:6f:5d:2b:c2:e1:b9:
79:00:c6:5d:64:4b:6d:96:96:08:c2:06:5f:c2:bc:
8a:15:ba:72:8f:f9:34:43:71:c8:e4:a4:12:23:a9:
07:85:08:f5:11:2a:e4:03:af:d6:5b:c5:c3:d6:b3:
04:f6:49:81:95:a9:eb:2d:dd:22:6c:a5:3f:bb:90:
e5:18:11:88:c7:4a:36:b1:12:03:ee:95:dd:00:eb:
67:a4:ec:76:c8:79:b0:2b:9b:fd:80:43:3a:e0:eb:
88:a5:ae:0e:a3:cd:9c:e2:a7:c2:63:45:67:b5:dc:
d5:40:13:6c:22:73:64:aa:53:81:b0:b2:74:c7:2f:
61:8a:85:d7:67:fe:86:62:de:d9:c7:39:a5:be:a1:
4a:0f:f9:9a:28:e6:c7:92:dc:9b:39:f6:a2:e7:dc:
e7:ca:85:bc:bc:7a:8b:5d:76:32:5e:9f:68:5a:38:
0e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:1B:4B:1B:9E:2A:CF:8E:87:AC:22:59:9D:6B:D2:06:90:28:E9:D9
X509v3 Authority Key Identifier:
keyid:35:AC:30:8C:94:F5:7B:11:CE:E1:BA:84:EF:12:78:44:7C:67:85:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NawwjJT1exHO4bqE7xJ4RHxnhes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:81:88:22:60:d6:73:44:7f:9a:28:aa:66:a7:88:27:fc:f4:
e6:08:70:91:b6:5e:04:71:f1:e5:df:16:d9:bb:e8:b8:d3:88:
f3:03:54:c9:d6:7d:a4:f4:94:c9:bc:56:a1:03:a9:f2:bc:d2:
35:28:7a:6f:a3:2f:c8:74:b1:97:7c:a9:27:5c:94:26:c2:e1:
9c:4e:34:d9:5e:60:a2:0c:57:54:4c:df:2c:52:82:d0:09:69:
84:55:f9:fb:eb:f0:60:6c:51:b5:5e:15:ad:9a:77:b5:09:ff:
a5:b2:87:91:40:20:d9:b4:02:4d:c3:0e:35:bf:30:5d:e1:fd:
10:87:aa:ef:f9:87:ac:99:fd:49:f7:c3:78:4d:0a:e5:4f:74:
42:d5:f1:d4:34:7a:a4:d0:a9:bf:8c:78:7d:23:98:65:79:22:
51:e9:67:7f:8b:ac:86:09:f1:64:46:4b:f9:de:52:cf:cd:a2:
ac:fe:38:3f:b9:6a:51:c8:90:94:89:d8:bb:0e:18:fc:82:18:
d4:ef:29:1b:e1:6f:fc:07:a2:eb:64:54:42:7d:29:51:0d:11:
37:5f:39:a2:9b:f2:6c:95:f1:a9:88:30:3e:33:88:cc:d4:d9:
63:9a:50:09:e2:a6:dc:a6:9f:3c:f1:59:fa:73:b3:da:ac:88:
f1:8d:f3:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKKPh4rkaubI1Ho+3gtlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1YWMzMDhjOTRmNTdiMTFjZWUxYmE4NGVmMTI3ODQ0N2M2
Nzg1ZWIwHhcNMjYwMzI1MTgwMTMwWhcNMjYwMzI2MTgwMTMwWjAzMTEwLwYDVQQD
Eyg0YzFiNGIxYjllMmFjZjhlODdhYzIyNTk5ZDZiZDIwNjkwMjhlOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mxOsK2SA0p7V8Y3uGZVghZfFJKR
UByut+i61DgLxsoEZqnG3pQKvPsLrDjK8vs+OL88DOshmy5W8ZDP44XmSsfi6OTI
N3LD+E0vNavK+PT8Gp5vXSvC4bl5AMZdZEttlpYIwgZfwryKFbpyj/k0Q3HI5KQS
I6kHhQj1ESrkA6/WW8XD1rME9kmBlanrLd0ibKU/u5DlGBGIx0o2sRID7pXdAOtn
pOx2yHmwK5v9gEM64OuIpa4Oo82c4qfCY0VntdzVQBNsInNkqlOBsLJ0xy9hioXX
Z/6GYt7ZxzmlvqFKD/maKObHktybOfai59znyoW8vHqLXXYyXp9oWjgO7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwbSxueKs+Oh6wiWZ1r0gaQKOnZMB8GA1UdIwQY
MBaAFDWsMIyU9XsRzuG6hO8SeER8Z4XrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmF3d2pKVDFleEhPNGJxRTd4SjRSSHhuaGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8yYjMyMTgtNTQyYy00ZDk1LWFjMDct
NjBkMzU1NTRjZTY0LzEvTmF3d2pKVDFleEhPNGJxRTd4SjRSSHhuaGVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8yYjMyMTgtNTQyYy00ZDk1LWFjMDctNjBkMzU1NTRjZTY0
LzEvTmF3d2pKVDFleEhPNGJxRTd4SjRSSHhuaGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeoGIImDW
c0R/miiqZqeIJ/z05ghwkbZeBHHx5d8W2bvouNOI8wNUydZ9pPSUybxWoQOp8rzS
NSh6b6MvyHSxl3ypJ1yUJsLhnE402V5gogxXVEzfLFKC0AlphFX5++vwYGxRtV4V
rZp3tQn/pbKHkUAg2bQCTcMONb8wXeH9EIeq7/mHrJn9SffDeE0K5U90QtXx1DR6
pNCpv4x4fSOYZXkiUelnf4ushgnxZEZL+d5Sz82irP44P7lqUciQlInYuw4Y/IIY
1O8pG+Fv/Aei62RUQn0pUQ0RN185opvybJXxqYgwPjOIzNTZY5pQCeKm3KafPPFZ
+nOz2qyI8Y3zYw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:22:04 2026 by rpki-client