Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft
File: nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft (raw, json)
Hash identifier: oZ95HYu1oicc9hwm+YUNQq0rOVJB6FxnvkQfCV89yRo=
Subject key identifier: 2C:DC:8F:85:B7:DF:B2:EB:31:1E:B8:89:7B:66:73:68:68:07:44:82
Authority key identifier: 9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
Certificate issuer: /CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Certificate serial: 019D29CE2EDF15556CF8F0BCBF4B0FF76035
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft
Manifest number: 188B
Signing time: Thu 26 Mar 2026 11:01:11 +0000
Manifest this update: Thu 26 Mar 2026 11:01:11 +0000
Manifest next update: Fri 27 Mar 2026 11:01:11 +0000
Files and hashes: 1: lS_7ElVJSzohGwkrzoM9Rl9Uaeo.roa (hash: 2GOJmUxu3DZ3m6sSBQN+fyPKa6u0tmi0xc6B6mGHemU=)
2: nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl (hash: V5rVAaJ/IMa5mM6QIu7VE/FvyCjbLy4gm0qC5XcHeps=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft
rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:2e:df:15:55:6c:f8:f0:bc:bf:4b:0f:f7:60:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Validity
Not Before: Mar 26 11:01:11 2026 GMT
Not After : Mar 27 11:01:11 2026 GMT
Subject: CN=2cdc8f85b7dfb2eb311eb8897b66736868074482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:56:79:5b:61:b4:87:ca:cf:10:a6:b1:0a:af:
85:f2:02:08:9d:02:58:7d:df:10:8d:c3:07:21:01:
34:bc:b0:ae:45:67:59:8f:e8:a1:c6:25:f9:09:5f:
3c:f5:03:19:87:f6:dd:e1:df:99:ce:c3:f1:ec:4b:
5e:c9:37:2b:7d:2a:09:14:03:3e:d7:7f:fa:53:b3:
d7:e9:17:09:2c:a9:36:e1:59:6c:89:42:a1:cb:ef:
b1:75:7c:bb:7a:5c:7e:cf:61:5a:2a:df:da:f9:45:
55:e2:3e:ca:bf:06:d7:cb:7a:47:a0:13:e8:92:f2:
41:3b:68:41:a7:ae:6e:c5:71:5c:85:e6:c4:a9:dd:
bf:52:ee:da:d0:a1:1b:1b:09:7e:c8:2c:b5:e2:9f:
67:a1:22:c5:82:b6:c1:e9:fc:81:c7:e9:65:f5:e0:
f3:19:30:a9:cb:45:ed:ac:c3:05:66:b6:72:be:57:
1d:38:a4:0b:7c:74:f4:5d:58:1f:eb:06:dc:71:cb:
a4:ec:75:05:97:91:72:a8:b5:e9:5b:40:ed:54:56:
61:79:0a:b7:27:eb:1b:ff:7f:45:dc:08:05:b8:cb:
48:4f:26:ab:47:22:d8:1f:33:8c:2b:ba:35:89:29:
12:47:d4:3e:db:57:f6:16:fd:e2:a6:04:a4:a3:b5:
64:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:DC:8F:85:B7:DF:B2:EB:31:1E:B8:89:7B:66:73:68:68:07:44:82
X509v3 Authority Key Identifier:
keyid:9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:17:f3:e0:65:6a:fb:76:9e:b3:b5:20:57:ef:cd:46:b4:c6:
57:a3:45:c4:4d:b1:37:a7:39:e0:fd:9a:e5:16:4c:42:b5:ec:
c9:70:03:60:9b:aa:8b:d3:cd:5a:9c:c6:d9:7c:64:e6:fe:c9:
46:1e:6b:2f:a4:88:43:ca:43:67:12:df:e4:7c:7c:84:94:0d:
8c:26:90:28:25:be:b9:4a:f3:d2:18:a8:7a:bb:14:a4:23:fc:
c1:de:85:25:b7:38:f2:9b:54:92:35:5f:aa:4b:a9:84:af:07:
23:9e:8d:2f:a5:b4:40:f5:3c:f7:d1:8b:81:7f:45:0e:7e:81:
4f:56:93:5e:b4:6c:5c:64:c3:bb:ea:4b:3e:b0:93:15:d0:3b:
3e:a1:b8:b8:20:33:32:ed:65:3a:f7:8d:12:e9:c7:94:24:70:
ee:f3:5b:bf:d5:5d:1c:f9:73:93:b8:c5:f4:6c:9b:ef:d9:7e:
d7:a8:aa:fa:a7:83:6b:bf:97:d3:28:84:d9:77:31:fb:a3:06:
40:73:c4:f2:f6:b1:69:ff:4e:14:c8:62:a5:df:3b:f7:94:ba:
a7:3a:42:85:9a:29:17:d0:f2:20:f3:18:4a:65:67:16:bf:58:
49:ca:f5:34:31:a1:bb:77:bc:4c:45:0b:0c:ea:e3:6f:c2:9f:
65:8f:f7:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzi7fFVVs+PC8v0sP92A1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTA1ZjJlNjdhMWU2MDRiM2Y5NjNjZTRjMzY3ZDE5NThi
ZDRiNzgwHhcNMjYwMzI2MTEwMTExWhcNMjYwMzI3MTEwMTExWjAzMTEwLwYDVQQD
EygyY2RjOGY4NWI3ZGZiMmViMzExZWI4ODk3YjY2NzM2ODY4MDc0NDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVZ5W2G0h8rPEKaxCq+F8gIInQJY
fd8QjcMHIQE0vLCuRWdZj+ihxiX5CV889QMZh/bd4d+ZzsPx7EteyTcrfSoJFAM+
13/6U7PX6RcJLKk24VlsiUKhy++xdXy7elx+z2FaKt/a+UVV4j7KvwbXy3pHoBPo
kvJBO2hBp65uxXFchebEqd2/Uu7a0KEbGwl+yCy14p9noSLFgrbB6fyBx+ll9eDz
GTCpy0XtrMMFZrZyvlcdOKQLfHT0XVgf6wbcccuk7HUFl5FyqLXpW0DtVFZheQq3
J+sb/39F3AgFuMtITyarRyLYHzOMK7o1iSkSR9Q+21f2Fv3ipgSko7VkewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzcj4W337LrMR64iXtmc2hoB0SCMB8GA1UdIwQY
MBaAFJ5QXy5noeYEs/ljzkw2fRlYvUt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAt
MDg1NDI0NTRkMTZiLzEvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAtMDg1NDI0NTRkMTZi
LzEvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHhfz4GVq
+3aes7UgV+/NRrTGV6NFxE2xN6c54P2a5RZMQrXsyXADYJuqi9PNWpzG2Xxk5v7J
Rh5rL6SIQ8pDZxLf5Hx8hJQNjCaQKCW+uUrz0hioersUpCP8wd6FJbc48ptUkjVf
qkuphK8HI56NL6W0QPU899GLgX9FDn6BT1aTXrRsXGTDu+pLPrCTFdA7PqG4uCAz
Mu1lOveNEunHlCRw7vNbv9VdHPlzk7jF9Gyb79l+16iq+qeDa7+X0yiE2Xcx+6MG
QHPE8vaxaf9OFMhipd8795S6pzpChZopF9DyIPMYSmVnFr9YScr1NDGhu3e8TEUL
DOrjb8KfZY/3IQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:24:46 2026 by rpki-client