Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
File: NVyaW8uDQBCKQchiduHLlKYefak.mft (raw, json)
Hash identifier: LYtRZNNfGxLGFNysq9z804rer4/ErV9rrsv1smf9pzE=
Subject key identifier: 82:A0:4D:B7:46:45:D6:57:48:1B:F7:EA:10:99:BA:2E:97:BC:EC:93
Authority key identifier: 35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
Certificate issuer: /CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Certificate serial: 019D2A0452EB21627E2C9CE1ED163ABF506E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
Manifest number: 1121
Signing time: Thu 26 Mar 2026 12:00:19 +0000
Manifest this update: Thu 26 Mar 2026 12:00:19 +0000
Manifest next update: Fri 27 Mar 2026 12:00:19 +0000
Files and hashes: 1: NVyaW8uDQBCKQchiduHLlKYefak.crl (hash: kspe868DAMDj9JHcZLCjLwhZKWsY7JohhRpdYNqOlpk=)
2: wvN6kWBv9-WIzYsvm-bSWdFrGOY.roa (hash: CKPOzucBQdx5H4UpPqvBTwUGJcxs2W6ttGR5J1M+c5s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:04:52:eb:21:62:7e:2c:9c:e1:ed:16:3a:bf:50:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Validity
Not Before: Mar 26 12:00:19 2026 GMT
Not After : Mar 27 12:00:19 2026 GMT
Subject: CN=82a04db74645d657481bf7ea1099ba2e97bcec93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:de:64:6c:49:eb:60:eb:02:a4:12:91:9c:34:
0a:a7:2e:b8:22:3b:3e:7f:92:9f:8b:c7:ad:88:fe:
81:04:85:e6:07:3f:83:c6:2b:f5:05:65:a8:d8:78:
12:b2:e2:a3:2a:74:77:2d:b3:f0:01:f0:0d:38:c4:
52:f8:5d:9d:f3:28:ad:c8:9a:ac:b7:1c:de:e2:e2:
07:a1:8c:51:ce:ed:54:19:03:84:eb:dc:c8:da:c7:
cf:95:6d:58:c2:41:ae:57:17:77:fa:a3:79:dc:04:
f9:30:79:35:10:9c:1b:90:c2:6a:29:d3:64:a8:37:
63:11:64:70:12:cb:76:06:20:75:6d:54:4e:02:f9:
93:2f:f6:54:d9:e7:79:99:30:36:c4:2f:3e:9a:e2:
77:51:80:41:66:e9:90:bb:2b:f6:8a:cf:96:d8:81:
de:1c:4b:57:dc:1a:70:3c:6b:e8:f1:b6:1f:45:4f:
0d:e0:65:8e:08:bf:ab:8d:d0:a7:b4:45:71:5c:6c:
b3:0d:09:cc:08:9f:31:8f:0e:3c:69:05:54:7a:d0:
7e:87:2e:51:6a:27:3f:1a:0b:58:a1:1a:33:52:56:
19:6e:17:9f:2a:48:4a:03:4e:79:8f:7f:ad:7e:db:
de:9c:d4:89:a6:50:59:ea:32:3c:97:4c:cc:db:90:
4a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A0:4D:B7:46:45:D6:57:48:1B:F7:EA:10:99:BA:2E:97:BC:EC:93
X509v3 Authority Key Identifier:
keyid:35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:ce:f3:c1:a0:de:b6:5e:bf:5e:94:9c:77:c1:b1:82:71:f5:
5b:a1:65:30:7e:41:c2:f9:17:7f:be:16:fc:95:d5:a4:9c:18:
e9:ef:ee:ee:0f:ac:ed:a3:55:05:0e:cc:62:c8:9c:8c:fa:03:
25:d8:22:79:78:07:44:38:81:95:31:27:96:99:df:01:04:19:
e2:ce:06:0e:4a:4c:a9:ea:c1:b1:f8:0d:bc:15:d6:0e:c1:d6:
51:0d:ce:b2:b8:ba:79:dc:e5:6f:ce:0d:55:2d:49:66:de:92:
2f:08:24:98:55:d7:b8:6b:36:08:29:38:61:1f:82:f9:55:8b:
68:e9:70:12:e1:b0:45:ab:81:90:fc:c8:cc:d1:b4:aa:17:52:
50:c6:14:ff:00:8c:51:d1:01:bb:97:aa:07:96:26:b8:54:43:
f7:6b:f9:34:d9:0a:40:85:a2:d0:c4:61:63:d2:e8:f5:5f:cc:
77:46:d2:54:ad:8b:33:c0:2e:09:40:9a:45:0d:89:c6:c2:43:
0e:ea:7f:bd:fc:51:d7:ec:c1:9c:fe:78:5e:b4:92:0d:7e:9c:
4d:27:b7:35:39:3f:f5:1d:8e:d5:f0:28:e0:b3:08:d6:f8:88:
ce:c1:9c:b1:b7:32:34:0e:4c:ae:9f:27:88:e3:0c:97:c5:f2:
04:6f:e3:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBFLrIWJ+LJzh7RY6v1BuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NWM5YTViY2I4MzQwMTA4YTQxYzg2Mjc2ZTFjYjk0YTYx
ZTdkYTkwHhcNMjYwMzI2MTIwMDE5WhcNMjYwMzI3MTIwMDE5WjAzMTEwLwYDVQQD
Eyg4MmEwNGRiNzQ2NDVkNjU3NDgxYmY3ZWExMDk5YmEyZTk3YmNlYzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr95kbEnrYOsCpBKRnDQKpy64Ijs+
f5Kfi8etiP6BBIXmBz+Dxiv1BWWo2HgSsuKjKnR3LbPwAfANOMRS+F2d8yityJqs
txze4uIHoYxRzu1UGQOE69zI2sfPlW1YwkGuVxd3+qN53AT5MHk1EJwbkMJqKdNk
qDdjEWRwEst2BiB1bVROAvmTL/ZU2ed5mTA2xC8+muJ3UYBBZumQuyv2is+W2IHe
HEtX3BpwPGvo8bYfRU8N4GWOCL+rjdCntEVxXGyzDQnMCJ8xjw48aQVUetB+hy5R
aic/GgtYoRozUlYZbhefKkhKA055j3+tftvenNSJplBZ6jI8l0zM25BKWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIKgTbdGRdZXSBv36hCZui6XvOyTMB8GA1UdIwQY
MBaAFDVcmlvLg0AQikHIYnbhy5SmHn2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTct
MzBkNjRmZjcwYjkwLzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTctMzBkNjRmZjcwYjkw
LzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAas7zwaDe
tl6/XpScd8GxgnH1W6FlMH5BwvkXf74W/JXVpJwY6e/u7g+s7aNVBQ7MYsicjPoD
JdgieXgHRDiBlTEnlpnfAQQZ4s4GDkpMqerBsfgNvBXWDsHWUQ3Osri6edzlb84N
VS1JZt6SLwgkmFXXuGs2CCk4YR+C+VWLaOlwEuGwRauBkPzIzNG0qhdSUMYU/wCM
UdEBu5eqB5YmuFRD92v5NNkKQIWi0MRhY9Lo9V/Md0bSVK2LM8AuCUCaRQ2JxsJD
Dup/vfxR1+zBnP54XrSSDX6cTSe3NTk/9R2O1fAo4LMI1viIzsGcsbcyNA5Mrp8n
iOMMl8XyBG/jkg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:48:33 2026 by rpki-client