Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
File: NADZSQmD598yx88Xyh6tTwX3lkY.mft (raw, json)
Hash identifier: C+1nOvTXZxGxOjZzalmwB0VILYJb0X/7dlkK/12nFJQ=
Subject key identifier: 05:84:87:2D:A5:DD:1A:3C:99:63:C5:C7:7F:BE:B2:A6:EC:DD:48:20
Authority key identifier: 34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
Certificate issuer: /CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Certificate serial: 019D25F18967AE2F445D2C0DAEEF0EA495C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
Manifest number: 09F8
Signing time: Wed 25 Mar 2026 17:01:19 +0000
Manifest this update: Wed 25 Mar 2026 17:01:19 +0000
Manifest next update: Thu 26 Mar 2026 17:01:19 +0000
Files and hashes: 1: NADZSQmD598yx88Xyh6tTwX3lkY.crl (hash: UT3H0KY0Ji444YnA2cfPL41VXJb5K+T/HgWSyX8b+Pk=)
2: uaapElHUAVaZCvTQWY96RRO1BmE.roa (hash: YoDD+GqIi7yXJNJvp1uQ/eykR6jqDrzcDx3qks2vpKk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:f1:89:67:ae:2f:44:5d:2c:0d:ae:ef:0e:a4:95:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Validity
Not Before: Mar 25 17:01:19 2026 GMT
Not After : Mar 26 17:01:19 2026 GMT
Subject: CN=0584872da5dd1a3c9963c5c77fbeb2a6ecdd4820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:df:62:1a:cb:06:b1:a5:8c:31:a3:5b:e2:90:
15:83:1a:3b:24:61:74:7e:3e:97:99:0d:1d:6a:69:
90:19:68:11:21:ac:76:fb:fb:c0:5f:bb:18:1f:3d:
8c:7e:a2:5e:a7:24:17:ce:06:a0:82:f2:36:07:79:
e6:a4:b6:a6:e6:c3:36:04:52:cb:af:6f:b0:df:c0:
dd:5d:77:05:df:91:a6:46:89:f6:e8:7e:32:a0:3e:
b0:24:00:b8:8d:cc:29:f3:b3:7f:7e:6f:81:79:e2:
65:a6:8c:74:21:71:7c:ed:87:2d:b7:85:7c:8d:f9:
ce:2c:9e:7b:9b:59:d0:00:7d:75:73:1f:22:eb:75:
4d:f6:be:82:68:e0:a2:f3:0d:3e:b4:44:d9:82:16:
c7:f4:2a:95:58:51:4a:76:fb:b6:12:8a:59:c5:27:
60:4d:14:d1:40:9a:93:78:f8:34:ee:83:c4:5c:e8:
6b:29:f3:90:9a:93:97:ed:83:2a:79:47:cb:95:3b:
5b:cd:bf:c7:83:2a:2c:50:2d:d5:77:13:54:a7:5d:
48:0a:54:43:74:5e:fa:10:32:d8:27:04:3f:46:97:
46:7d:84:87:db:e0:bb:01:d1:c0:da:f0:d4:a7:46:
be:2e:ce:93:6d:9b:a6:3d:5c:13:1c:c6:52:98:b9:
f3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:84:87:2D:A5:DD:1A:3C:99:63:C5:C7:7F:BE:B2:A6:EC:DD:48:20
X509v3 Authority Key Identifier:
keyid:34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:6d:8e:77:74:a2:2e:ed:b5:b0:11:73:61:13:82:1a:53:c8:
11:4b:05:1d:a6:74:71:27:51:ce:30:69:9b:4c:ef:99:72:3a:
d3:8d:2f:b5:b3:54:f6:d8:0e:6f:e7:0d:43:3b:50:2b:31:5d:
03:72:70:a3:94:02:ad:0b:ed:62:3f:c4:9a:65:e4:60:02:be:
eb:3d:70:6c:4e:ce:95:fb:39:f8:13:0d:54:56:8e:05:a7:3b:
50:b1:1a:cf:16:ce:7d:8b:8c:05:da:e3:5e:21:ad:90:b4:a0:
3d:f7:50:98:b0:05:2a:17:0a:10:ae:22:11:ec:1d:78:51:70:
f6:fd:1d:17:f0:88:d0:1a:90:46:63:da:46:4a:df:4b:ae:6b:
53:c7:64:1a:21:a1:ec:21:cf:43:c4:06:64:05:e8:04:ca:b1:
58:aa:54:53:92:8d:65:b5:6f:3a:ae:66:c0:32:05:c6:91:02:
6a:b5:e3:d0:57:0b:9b:48:39:37:67:88:ad:87:60:a0:3d:12:
1e:0f:5f:a0:fd:a7:85:1e:3e:c2:41:79:92:75:46:ce:37:da:
0f:b8:97:f9:91:5a:8e:f6:38:de:fb:95:dd:10:7c:f6:0b:e7:
5a:92:6d:9f:6a:d3:d3:69:6e:65:2e:8a:52:bc:21:48:a1:35:
6b:ef:d1:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8Ylnri9EXSwNru8OpJXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDBkOTQ5MDk4M2U3ZGYzMmM3Y2YxN2NhMWVhZDRmMDVm
Nzk2NDYwHhcNMjYwMzI1MTcwMTE5WhcNMjYwMzI2MTcwMTE5WjAzMTEwLwYDVQQD
EygwNTg0ODcyZGE1ZGQxYTNjOTk2M2M1Yzc3ZmJlYjJhNmVjZGQ0ODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyd9iGssGsaWMMaNb4pAVgxo7JGF0
fj6XmQ0dammQGWgRIax2+/vAX7sYHz2MfqJepyQXzgaggvI2B3nmpLam5sM2BFLL
r2+w38DdXXcF35GmRon26H4yoD6wJAC4jcwp87N/fm+BeeJlpox0IXF87Yctt4V8
jfnOLJ57m1nQAH11cx8i63VN9r6CaOCi8w0+tETZghbH9CqVWFFKdvu2EopZxSdg
TRTRQJqTePg07oPEXOhrKfOQmpOX7YMqeUfLlTtbzb/HgyosUC3VdxNUp11IClRD
dF76EDLYJwQ/RpdGfYSH2+C7AdHA2vDUp0a+Ls6TbZumPVwTHMZSmLnz2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAWEhy2l3Ro8mWPFx3++sqbs3UggMB8GA1UdIwQY
MBaAFDQA2UkJg+ffMsfPF8oerU8F95ZGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYt
ZjQ5NDZmMDNmNTQyLzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYtZjQ5NDZmMDNmNTQy
LzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKW2Od3Si
Lu21sBFzYROCGlPIEUsFHaZ0cSdRzjBpm0zvmXI6040vtbNU9tgOb+cNQztQKzFd
A3Jwo5QCrQvtYj/EmmXkYAK+6z1wbE7Olfs5+BMNVFaOBac7ULEazxbOfYuMBdrj
XiGtkLSgPfdQmLAFKhcKEK4iEewdeFFw9v0dF/CI0BqQRmPaRkrfS65rU8dkGiGh
7CHPQ8QGZAXoBMqxWKpUU5KNZbVvOq5mwDIFxpECarXj0FcLm0g5N2eIrYdgoD0S
Hg9foP2nhR4+wkF5knVGzjfaD7iX+ZFajvY43vuV3RB89gvnWpJtn2rT02luZS6K
UrwhSKE1a+/RMQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:53:29 2026 by rpki-client