Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/cf4d9e-59c9-4f9f-8f32-a348821ca1e0/1/nQhzWjV9MfqK2jHinxlYam_9lZI.mft
File: nQhzWjV9MfqK2jHinxlYam_9lZI.mft (raw, json)
Hash identifier: JMaNt8/H2w5PumQ/+fHH9/So45H368IGcKknTXTz4gM=
Subject key identifier: 17:04:DE:B0:3F:14:1E:07:80:C5:AE:B3:4D:1C:1A:74:60:CB:F6:39
Authority key identifier: 9D:08:73:5A:35:7D:31:FA:8A:DA:31:E2:9F:19:58:6A:6F:FD:95:92
Certificate issuer: /CN=9d08735a357d31fa8ada31e29f19586a6ffd9592
Certificate serial: 019D28841A3608DB27F49ECF9F732B3572E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQhzWjV9MfqK2jHinxlYam_9lZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/cf4d9e-59c9-4f9f-8f32-a348821ca1e0/1/nQhzWjV9MfqK2jHinxlYam_9lZI.mft
Manifest number: 07D6
Signing time: Thu 26 Mar 2026 05:00:39 +0000
Manifest this update: Thu 26 Mar 2026 05:00:39 +0000
Manifest next update: Fri 27 Mar 2026 05:00:39 +0000
Files and hashes: 1: mNCgVhtdcHk_wU97-Gy3cw-WdNw.roa (hash: mTADEdCwBT4z8h+n4TsVWFX5hSFlb40/mneHRKe61U0=)
2: nQhzWjV9MfqK2jHinxlYam_9lZI.crl (hash: rIyhBojzR7AGtbYFx3MGcoFetmIcXCbnv/hb/4qv4N0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/cf4d9e-59c9-4f9f-8f32-a348821ca1e0/1/nQhzWjV9MfqK2jHinxlYam_9lZI.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/cf4d9e-59c9-4f9f-8f32-a348821ca1e0/1/nQhzWjV9MfqK2jHinxlYam_9lZI.mft
rsync://rpki.ripe.net/repository/DEFAULT/nQhzWjV9MfqK2jHinxlYam_9lZI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:84:1a:36:08:db:27:f4:9e:cf:9f:73:2b:35:72:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d08735a357d31fa8ada31e29f19586a6ffd9592
Validity
Not Before: Mar 26 05:00:39 2026 GMT
Not After : Mar 27 05:00:39 2026 GMT
Subject: CN=1704deb03f141e0780c5aeb34d1c1a7460cbf639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a7:cb:be:8e:83:bf:b1:43:1d:cf:f0:bc:fe:
b7:21:d6:4b:ba:bf:9e:29:52:7d:07:0f:41:67:08:
54:a6:a3:0d:26:6f:b6:d0:c7:9a:57:86:f6:0a:f7:
38:7a:41:85:b9:87:f4:85:8f:60:f3:2e:dc:e2:38:
b8:fb:79:eb:3a:9d:2b:87:95:7a:c4:87:54:1c:52:
b6:2f:df:d8:c0:e3:f0:35:44:0c:4e:0e:12:58:d6:
03:cd:d9:1d:ff:5d:97:47:5e:36:59:39:1c:e7:3c:
6b:8c:03:da:bb:02:cc:ba:da:87:30:fe:1f:26:ae:
b7:0c:89:bf:b6:2a:21:83:1b:5c:b7:8a:f5:e4:67:
ad:db:88:cf:ad:f7:ae:b8:97:ae:36:ab:7a:cb:f7:
25:09:4f:9d:10:be:0c:f8:df:86:3d:23:7f:20:96:
64:ba:5e:9a:bd:e3:a3:51:ba:8a:47:cb:9f:9e:4e:
5a:fb:9a:79:c9:7c:71:a6:24:ed:40:28:7b:44:ad:
d1:2c:cf:1d:58:32:5d:31:ce:29:ca:51:74:48:68:
a3:b7:a7:26:a1:ba:85:38:67:db:1f:7c:7a:f3:c3:
60:32:08:57:02:67:45:9a:a9:2f:f9:67:64:3a:15:
ff:49:e8:be:90:3b:39:07:3c:7a:8b:db:9d:a8:53:
5b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:04:DE:B0:3F:14:1E:07:80:C5:AE:B3:4D:1C:1A:74:60:CB:F6:39
X509v3 Authority Key Identifier:
keyid:9D:08:73:5A:35:7D:31:FA:8A:DA:31:E2:9F:19:58:6A:6F:FD:95:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQhzWjV9MfqK2jHinxlYam_9lZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cf4d9e-59c9-4f9f-8f32-a348821ca1e0/1/nQhzWjV9MfqK2jHinxlYam_9lZI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cf4d9e-59c9-4f9f-8f32-a348821ca1e0/1/nQhzWjV9MfqK2jHinxlYam_9lZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:67:59:8b:2e:64:08:ad:07:1a:54:02:8b:cb:47:6f:c7:26:
8f:c1:4a:bb:31:d8:c6:ca:06:9c:eb:6f:68:17:26:63:42:07:
b2:d8:3e:f8:31:63:92:18:9a:05:60:a0:bf:2a:20:71:eb:38:
4c:b6:08:84:56:ff:61:19:c8:2e:90:4d:38:cc:52:1b:58:26:
7a:96:3e:59:e6:30:b4:4a:f0:15:3d:44:e0:2b:25:ee:b5:71:
0e:7f:23:d4:e4:1b:bd:b2:e2:6d:8f:13:19:38:62:1a:40:c8:
bb:80:5b:81:7d:d2:19:7b:65:d7:4a:52:5d:b0:a2:5b:c1:46:
fc:5a:10:b2:18:39:e1:89:65:bd:d8:38:8c:f1:e3:a5:c3:6f:
10:b2:ec:7e:4d:6e:41:ab:2d:2c:2b:fa:1f:7d:2d:34:b5:3b:
96:f8:7b:e3:d5:65:e2:72:e5:d9:6a:dd:92:a9:29:84:0f:23:
03:cf:11:4c:4c:cc:69:20:33:f6:3b:6c:98:ab:98:af:12:c7:
f6:a3:2e:19:89:6d:ba:8f:ca:f5:b4:b2:24:f4:a7:36:42:21:
9b:23:6c:5d:81:f0:38:a0:84:3e:27:91:a7:b8:8a:bf:69:ef:
16:0f:c4:17:31:99:98:33:08:1c:fe:89:1d:d7:37:28:ca:bd:
83:02:09:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohBo2CNsn9J7Pn3MrNXLkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMDg3MzVhMzU3ZDMxZmE4YWRhMzFlMjlmMTk1ODZhNmZm
ZDk1OTIwHhcNMjYwMzI2MDUwMDM5WhcNMjYwMzI3MDUwMDM5WjAzMTEwLwYDVQQD
EygxNzA0ZGViMDNmMTQxZTA3ODBjNWFlYjM0ZDFjMWE3NDYwY2JmNjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzafLvo6Dv7FDHc/wvP63IdZLur+e
KVJ9Bw9BZwhUpqMNJm+20MeaV4b2Cvc4ekGFuYf0hY9g8y7c4ji4+3nrOp0rh5V6
xIdUHFK2L9/YwOPwNUQMTg4SWNYDzdkd/12XR142WTkc5zxrjAPauwLMutqHMP4f
Jq63DIm/tiohgxtct4r15Get24jPrfeuuJeuNqt6y/clCU+dEL4M+N+GPSN/IJZk
ul6aveOjUbqKR8ufnk5a+5p5yXxxpiTtQCh7RK3RLM8dWDJdMc4pylF0SGijt6cm
obqFOGfbH3x688NgMghXAmdFmqkv+WdkOhX/Sei+kDs5Bzx6i9udqFNb1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBcE3rA/FB4HgMWus00cGnRgy/Y5MB8GA1UdIwQY
MBaAFJ0Ic1o1fTH6itox4p8ZWGpv/ZWSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblFoeldqVjlNZnFLMmpIaW54bFlhbV85bFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9jZjRkOWUtNTljOS00ZjlmLThmMzIt
YTM0ODgyMWNhMWUwLzEvblFoeldqVjlNZnFLMmpIaW54bFlhbV85bFpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9jZjRkOWUtNTljOS00ZjlmLThmMzItYTM0ODgyMWNhMWUw
LzEvblFoeldqVjlNZnFLMmpIaW54bFlhbV85bFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOGdZiy5k
CK0HGlQCi8tHb8cmj8FKuzHYxsoGnOtvaBcmY0IHstg++DFjkhiaBWCgvyogces4
TLYIhFb/YRnILpBNOMxSG1gmepY+WeYwtErwFT1E4Csl7rVxDn8j1OQbvbLibY8T
GThiGkDIu4BbgX3SGXtl10pSXbCiW8FG/FoQshg54Yllvdg4jPHjpcNvELLsfk1u
QastLCv6H30tNLU7lvh749Vl4nLl2WrdkqkphA8jA88RTEzMaSAz9jtsmKuYrxLH
9qMuGYltuo/K9bSyJPSnNkIhmyNsXYHwOKCEPieRp7iKv2nvFg/EFzGZmDMIHP6J
Hdc3KMq9gwIJdQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:29:03 2026 by rpki-client