Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft
File: NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft (raw, json)
Hash identifier: C49TpVGIHNkr3pWIEFvPv9ia5V2v9IkfMn3z2rGcj70=
Subject key identifier: A3:B9:88:E5:96:B9:06:3D:65:DA:54:2C:99:E2:E1:58:F0:0F:E2:1C
Authority key identifier: 35:14:FF:67:F3:B8:D4:F6:F6:BD:A2:3E:CB:BC:7B:0F:09:FE:60:80
Certificate issuer: /CN=3514ff67f3b8d4f6f6bda23ecbbc7b0f09fe6080
Certificate serial: 019D284E07E823A374C7ABD360476C0FB83E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft
Manifest number: 11EC
Signing time: Thu 26 Mar 2026 04:01:35 +0000
Manifest this update: Thu 26 Mar 2026 04:01:35 +0000
Manifest next update: Fri 27 Mar 2026 04:01:35 +0000
Files and hashes: 1: 0KXcrZCfQQCMUJ-Oh6SKIaYBOxQ.roa (hash: gzxW7vQjQaL5VdH2MwBQ91tWqChVH7iFvHzc5ySCf74=)
2: NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.crl (hash: St4cixIHH2CGpzdq0OsOBabuclBGy1y2eW6Y3Snen8Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4e:07:e8:23:a3:74:c7:ab:d3:60:47:6c:0f:b8:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3514ff67f3b8d4f6f6bda23ecbbc7b0f09fe6080
Validity
Not Before: Mar 26 04:01:35 2026 GMT
Not After : Mar 27 04:01:35 2026 GMT
Subject: CN=a3b988e596b9063d65da542c99e2e158f00fe21c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2d:4e:c6:1a:06:82:9e:59:e8:ff:dd:da:6b:
45:d0:26:66:d7:8b:53:bc:8c:d7:e8:85:77:28:d9:
02:4d:b3:74:e1:23:83:a8:40:f7:78:4f:67:d0:12:
ed:bc:34:12:3d:33:b5:ab:92:a8:b7:ac:cf:e2:fa:
4a:3b:21:18:1c:fb:f3:72:47:c5:0a:3d:44:38:b0:
93:cc:bd:0b:29:3e:0e:4a:0c:a8:4d:ca:14:6e:dc:
c2:31:61:3f:3d:36:87:fd:62:2a:bd:01:e8:0f:40:
f5:49:a5:a9:67:1d:2d:53:ec:a6:48:0a:40:19:d4:
92:28:f1:fa:02:52:36:bc:5a:21:d7:ff:85:fe:08:
6d:3e:9f:7e:33:6d:48:97:a0:52:4e:14:b4:ba:95:
24:83:cc:3c:73:39:a0:fc:e4:48:3a:fd:18:ce:8a:
ed:cd:51:50:4a:99:f5:9d:bb:3a:6a:f1:1c:36:a7:
93:11:19:34:3c:09:c7:5a:06:96:00:1c:8f:4c:40:
4e:00:57:cc:9f:8e:b9:1f:65:f2:e8:b8:22:26:0a:
b6:47:e3:e7:91:19:38:81:8a:76:55:e4:dc:91:e8:
84:b3:a4:1c:46:c6:3a:54:a6:50:f7:68:87:2a:2a:
ca:2f:c2:4e:af:8d:c9:63:64:a4:7d:b2:82:93:e9:
51:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B9:88:E5:96:B9:06:3D:65:DA:54:2C:99:E2:E1:58:F0:0F:E2:1C
X509v3 Authority Key Identifier:
keyid:35:14:FF:67:F3:B8:D4:F6:F6:BD:A2:3E:CB:BC:7B:0F:09:FE:60:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bd:2b:30:f8:7c:4e:b1:c5:ec:12:c3:4c:3b:cd:19:d4:bc:a6:
1c:9a:a7:5e:a7:e7:c4:d2:98:4e:05:0c:10:86:fa:1d:9a:23:
50:36:da:0e:ba:3b:8b:93:de:e3:c0:7e:7d:be:9a:01:3a:87:
95:1b:95:e5:e3:95:b1:38:19:45:84:aa:c7:b2:a2:e2:78:ea:
3b:f7:1b:78:f4:b9:12:a3:18:56:08:ee:8d:10:3a:fd:1f:49:
23:a6:cd:4d:b4:f7:90:5b:63:ff:59:1a:3a:ea:25:3e:d5:5a:
ab:80:bc:93:4d:d0:74:9a:61:29:cd:0e:a2:d9:9b:e0:0b:5f:
c4:a9:45:7e:0b:17:f5:7d:d3:52:f2:55:60:ec:80:0b:aa:2f:
f6:81:05:f2:7f:9a:ec:4d:50:72:d3:3a:5c:07:c7:a7:a7:d6:
b8:48:41:5c:1e:ea:d7:5d:5b:f6:15:9e:9b:22:ce:57:26:a8:
f5:c8:5d:e0:08:bf:e8:e6:b6:b1:d6:3e:66:47:2f:01:2c:0d:
02:e7:bb:8e:4a:80:71:a2:08:2a:37:8a:71:00:bb:ed:37:a9:
ee:c9:23:ab:07:80:09:44:f1:98:e5:d3:ee:30:01:e1:02:29:
2f:37:d9:79:25:15:06:f4:f6:b5:88:a5:10:c0:57:87:bb:13:
c7:62:b6:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTgfoI6N0x6vTYEdsD7g+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTRmZjY3ZjNiOGQ0ZjZmNmJkYTIzZWNiYmM3YjBmMDlm
ZTYwODAwHhcNMjYwMzI2MDQwMTM1WhcNMjYwMzI3MDQwMTM1WjAzMTEwLwYDVQQD
EyhhM2I5ODhlNTk2YjkwNjNkNjVkYTU0MmM5OWUyZTE1OGYwMGZlMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoi1OxhoGgp5Z6P/d2mtF0CZm14tT
vIzX6IV3KNkCTbN04SODqED3eE9n0BLtvDQSPTO1q5Kot6zP4vpKOyEYHPvzckfF
Cj1EOLCTzL0LKT4OSgyoTcoUbtzCMWE/PTaH/WIqvQHoD0D1SaWpZx0tU+ymSApA
GdSSKPH6AlI2vFoh1/+F/ghtPp9+M21Il6BSThS0upUkg8w8czmg/ORIOv0Yzort
zVFQSpn1nbs6avEcNqeTERk0PAnHWgaWAByPTEBOAFfMn465H2Xy6LgiJgq2R+Pn
kRk4gYp2VeTckeiEs6QcRsY6VKZQ92iHKirKL8JOr43JY2SkfbKCk+lR2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKO5iOWWuQY9ZdpULJni4VjwD+IcMB8GA1UdIwQY
MBaAFDUU/2fzuNT29r2iPsu8ew8J/mCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJUX1pfTzQxUGIydmFJLXk3eDdEd24tWUlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hODE1YjMtYzQ4Yy00ZmY5LTk4OWQt
ODg1NGM5MmQ0N2IxLzEvTlJUX1pfTzQxUGIydmFJLXk3eDdEd24tWUlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hODE1YjMtYzQ4Yy00ZmY5LTk4OWQtODg1NGM5MmQ0N2Ix
LzEvTlJUX1pfTzQxUGIydmFJLXk3eDdEd24tWUlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvSsw+HxO
scXsEsNMO80Z1LymHJqnXqfnxNKYTgUMEIb6HZojUDbaDro7i5Pe48B+fb6aATqH
lRuV5eOVsTgZRYSqx7Ki4njqO/cbePS5EqMYVgjujRA6/R9JI6bNTbT3kFtj/1ka
OuolPtVaq4C8k03QdJphKc0Ootmb4AtfxKlFfgsX9X3TUvJVYOyAC6ov9oEF8n+a
7E1QctM6XAfHp6fWuEhBXB7q111b9hWemyLOVyao9chd4Ai/6Oa2sdY+ZkcvASwN
Aue7jkqAcaIIKjeKcQC77Tep7skjqweACUTxmOXT7jAB4QIpLzfZeSUVBvT2tYil
EMBXh7sTx2K2AQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:34:46 2026 by rpki-client