Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft
File: nDKfMzH1ND8pDrSkHxbENjooLJA.mft (raw, json)
Hash identifier: b88+K4zIFBfZJrPm1VYpyYSMHS0Ce7LqT2AsEyxVNmw=
Subject key identifier: 60:33:5A:E4:BB:A8:C7:06:29:F9:76:83:41:B8:5F:A5:29:AA:29:23
Authority key identifier: 9C:32:9F:33:31:F5:34:3F:29:0E:B4:A4:1F:16:C4:36:3A:28:2C:90
Certificate issuer: /CN=9c329f3331f5343f290eb4a41f16c4363a282c90
Certificate serial: 019D2A049B028242A3B3C5E3628883C6B4A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft
Manifest number: 1889
Signing time: Thu 26 Mar 2026 12:00:37 +0000
Manifest this update: Thu 26 Mar 2026 12:00:37 +0000
Manifest next update: Fri 27 Mar 2026 12:00:37 +0000
Files and hashes: 1: eypzd6poG3jDCG2V-Hkvi0h-uqk.roa (hash: a6MGVLLBIxQKSFoYyBfEEcE09ol5itCNEXdRhC5N+Ao=)
2: nDKfMzH1ND8pDrSkHxbENjooLJA.crl (hash: npwm91ZueAT8J2eMosVGET++0xEZHno3Z2nWn18YD4c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:04:9b:02:82:42:a3:b3:c5:e3:62:88:83:c6:b4:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c329f3331f5343f290eb4a41f16c4363a282c90
Validity
Not Before: Mar 26 12:00:37 2026 GMT
Not After : Mar 27 12:00:37 2026 GMT
Subject: CN=60335ae4bba8c70629f9768341b85fa529aa2923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:f1:5b:55:67:aa:d7:bf:9f:f4:96:c2:70:7a:
85:8c:96:8b:ed:d3:92:69:b4:b5:b8:50:1a:8b:8f:
e9:71:b3:05:b7:a6:f1:26:64:78:50:b5:0a:ef:fc:
91:79:6d:99:2f:20:4a:ca:8a:8f:20:50:22:5b:aa:
af:4a:16:24:64:e2:ff:33:86:41:56:5c:96:e7:1d:
e4:52:16:3e:30:ec:be:31:2d:39:32:84:40:a7:79:
34:cc:9f:53:43:1b:44:0a:12:7f:1d:ca:8b:da:1e:
fb:dc:15:11:6b:fc:ae:1b:47:0e:f1:d3:bc:f4:c1:
1d:25:84:92:98:9f:9b:73:85:d5:c4:85:0e:3a:7a:
70:2b:85:bc:47:a1:1f:59:c1:c7:61:0a:3f:7a:a4:
0f:d8:bb:03:c5:d3:d0:4c:41:5d:96:23:cc:61:50:
55:cb:eb:b5:c6:9b:dc:37:bf:7a:a2:c7:ff:70:db:
a9:21:af:4c:97:e2:8c:d0:2b:0c:00:28:49:5f:28:
41:db:9a:e6:63:bd:de:15:21:0e:3b:1c:d1:2c:1a:
20:32:b5:63:34:23:91:d8:c2:d7:25:63:3e:77:61:
06:e9:8a:4f:e5:20:4f:26:35:7f:34:98:4f:ee:09:
7c:d5:0d:f9:f1:68:b9:97:aa:be:a2:d8:e5:ef:09:
da:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:33:5A:E4:BB:A8:C7:06:29:F9:76:83:41:B8:5F:A5:29:AA:29:23
X509v3 Authority Key Identifier:
keyid:9C:32:9F:33:31:F5:34:3F:29:0E:B4:A4:1F:16:C4:36:3A:28:2C:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:11:29:38:84:1a:98:af:2f:59:8f:02:01:fa:8a:57:a0:13:
08:16:66:f3:4b:b6:f9:13:b8:18:43:d3:aa:4e:e6:11:aa:51:
f3:8a:aa:e8:f4:f8:62:ee:23:36:93:9a:40:85:76:32:cf:cd:
3d:cf:94:97:c9:f7:23:e3:79:11:9c:91:fa:91:72:0f:c1:52:
44:f0:cf:4d:ef:23:47:fc:76:20:ed:69:6c:5d:ac:95:6e:ea:
e3:68:32:cc:99:0d:38:3c:bd:bf:36:82:a0:f4:bf:3b:c5:12:
2e:38:e7:4b:5f:88:21:d2:8a:b3:33:97:a1:89:08:37:d5:72:
82:1e:ca:ef:0f:94:e3:3e:f9:16:f8:6b:13:82:0d:75:23:bf:
e5:99:e4:9f:f7:d6:c9:af:e6:f6:e2:f2:64:4b:75:99:dc:2f:
ca:a4:a5:2c:c7:44:b6:40:a3:40:68:66:c0:24:fc:c1:bc:80:
32:ac:2f:34:ed:2a:da:b6:d5:dd:9d:c8:83:94:a6:aa:48:96:
7b:78:2c:b0:cf:92:b0:0c:e4:c4:42:a0:b1:1b:d3:71:06:33:
09:f1:18:26:ed:58:34:58:b7:84:29:24:2d:94:d1:cd:ba:ff:
04:f2:1f:6c:a2:a6:b8:ea:9c:1c:07:48:07:b4:f8:52:be:b4:
06:53:bc:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBJsCgkKjs8XjYoiDxrShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMzI5ZjMzMzFmNTM0M2YyOTBlYjRhNDFmMTZjNDM2M2Ey
ODJjOTAwHhcNMjYwMzI2MTIwMDM3WhcNMjYwMzI3MTIwMDM3WjAzMTEwLwYDVQQD
Eyg2MDMzNWFlNGJiYThjNzA2MjlmOTc2ODM0MWI4NWZhNTI5YWEyOTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7PFbVWeq17+f9JbCcHqFjJaL7dOS
abS1uFAai4/pcbMFt6bxJmR4ULUK7/yReW2ZLyBKyoqPIFAiW6qvShYkZOL/M4ZB
VlyW5x3kUhY+MOy+MS05MoRAp3k0zJ9TQxtEChJ/HcqL2h773BURa/yuG0cO8dO8
9MEdJYSSmJ+bc4XVxIUOOnpwK4W8R6EfWcHHYQo/eqQP2LsDxdPQTEFdliPMYVBV
y+u1xpvcN796osf/cNupIa9Ml+KM0CsMAChJXyhB25rmY73eFSEOOxzRLBogMrVj
NCOR2MLXJWM+d2EG6YpP5SBPJjV/NJhP7gl81Q358Wi5l6q+otjl7wnaCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGAzWuS7qMcGKfl2g0G4X6UpqikjMB8GA1UdIwQY
MBaAFJwynzMx9TQ/KQ60pB8WxDY6KCyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82MjQyMjAtYzA3Ni00YTFkLWFlZmIt
YjdmNWQ0Mzk1Y2MwLzEvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82MjQyMjAtYzA3Ni00YTFkLWFlZmItYjdmNWQ0Mzk1Y2Mw
LzEvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZBEpOIQa
mK8vWY8CAfqKV6ATCBZm80u2+RO4GEPTqk7mEapR84qq6PT4Yu4jNpOaQIV2Ms/N
Pc+Ul8n3I+N5EZyR+pFyD8FSRPDPTe8jR/x2IO1pbF2slW7q42gyzJkNODy9vzaC
oPS/O8USLjjnS1+IIdKKszOXoYkIN9Vygh7K7w+U4z75FvhrE4INdSO/5Znkn/fW
ya/m9uLyZEt1mdwvyqSlLMdEtkCjQGhmwCT8wbyAMqwvNO0q2rbV3Z3Ig5SmqkiW
e3gssM+SsAzkxEKgsRvTcQYzCfEYJu1YNFi3hCkkLZTRzbr/BPIfbKKmuOqcHAdI
B7T4Ur60BlO8dA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:44:48 2026 by rpki-client