Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/b8bf28-b410-4f33-a2e8-c29497291171/1/nsQ-CkGrttFUutw3FiO00U2RhnU.mft
File: nsQ-CkGrttFUutw3FiO00U2RhnU.mft (raw, json)
Hash identifier: eP8M86Cg3S4D+kMePQYHdV0QJPsWFYTz6RffAjxRBOY=
Subject key identifier: 2E:D7:73:4C:55:13:C8:A6:B8:4D:B4:6E:54:F2:5C:68:24:7C:06:2B
Authority key identifier: 9E:C4:3E:0A:41:AB:B6:D1:54:BA:DC:37:16:23:B4:D1:4D:91:86:75
Certificate issuer: /CN=9ec43e0a41abb6d154badc371623b4d14d918675
Certificate serial: 019D273AB5662F08D2AD736FE52437B50E54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nsQ-CkGrttFUutw3FiO00U2RhnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/b8bf28-b410-4f33-a2e8-c29497291171/1/nsQ-CkGrttFUutw3FiO00U2RhnU.mft
Manifest number: 2B
Signing time: Wed 25 Mar 2026 23:00:52 +0000
Manifest this update: Wed 25 Mar 2026 23:00:52 +0000
Manifest next update: Thu 26 Mar 2026 23:00:52 +0000
Files and hashes: 1: W41jkoCNrZpVvdG8bkCBNW5R_4k.roa (hash: qtGUsRmtlWOqnoQ+8yxZfu8EirwF0nT2QjPAHj2PBw0=)
2: nsQ-CkGrttFUutw3FiO00U2RhnU.crl (hash: f/IzZnO3WeWMGMS/mFWNufeJlG3auK/MzcMLvh10F3c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/b8bf28-b410-4f33-a2e8-c29497291171/1/nsQ-CkGrttFUutw3FiO00U2RhnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/b8bf28-b410-4f33-a2e8-c29497291171/1/nsQ-CkGrttFUutw3FiO00U2RhnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/nsQ-CkGrttFUutw3FiO00U2RhnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3a:b5:66:2f:08:d2:ad:73:6f:e5:24:37:b5:0e:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ec43e0a41abb6d154badc371623b4d14d918675
Validity
Not Before: Mar 25 23:00:52 2026 GMT
Not After : Mar 26 23:00:52 2026 GMT
Subject: CN=2ed7734c5513c8a6b84db46e54f25c68247c062b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c8:55:fd:f5:03:40:5f:6a:83:5d:30:bb:ec:
0e:7a:df:18:88:2a:1f:eb:7b:67:d7:d3:42:ba:aa:
d1:30:99:f9:2b:6f:c2:21:9a:1d:53:81:27:02:08:
14:1c:5e:ba:dd:d1:07:7c:94:b7:ab:c8:02:4b:b5:
1c:64:c4:2d:32:49:b6:62:a2:96:ef:ac:bf:f1:96:
d9:9a:38:c6:9c:cd:81:47:95:fa:7f:ca:a8:ba:ea:
77:d2:b0:d9:94:c4:95:1d:d3:7f:92:7d:5e:65:f0:
76:49:0e:ee:88:e0:8a:bc:3d:99:fd:1b:ac:d0:c5:
05:42:26:69:de:07:93:62:88:93:00:21:cd:e9:22:
a3:22:da:28:18:5a:a0:a8:fd:eb:59:da:d5:21:8a:
8f:cf:a4:0f:35:66:24:c4:e9:7c:c9:44:5f:c7:06:
41:ad:ac:f7:4c:f4:2f:18:4b:bf:e5:ee:8a:56:9f:
98:f2:57:ca:0e:88:92:e6:fb:69:97:e2:ac:5a:0d:
33:2d:4d:dc:85:cc:f0:7d:9f:54:d1:4c:9f:43:f5:
67:01:c5:a7:ab:f6:b3:c2:76:c4:e5:1d:dc:89:a6:
c4:d0:86:b0:f9:85:70:74:b3:9c:e5:3e:3e:8d:09:
ff:c7:00:42:ad:e3:ae:75:1c:d6:20:ff:ec:c9:d5:
7f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D7:73:4C:55:13:C8:A6:B8:4D:B4:6E:54:F2:5C:68:24:7C:06:2B
X509v3 Authority Key Identifier:
keyid:9E:C4:3E:0A:41:AB:B6:D1:54:BA:DC:37:16:23:B4:D1:4D:91:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nsQ-CkGrttFUutw3FiO00U2RhnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/b8bf28-b410-4f33-a2e8-c29497291171/1/nsQ-CkGrttFUutw3FiO00U2RhnU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/b8bf28-b410-4f33-a2e8-c29497291171/1/nsQ-CkGrttFUutw3FiO00U2RhnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:38:31:b4:d3:6f:57:0e:94:9c:0f:fb:db:48:2d:8b:b0:8d:
71:6c:78:e8:6a:bb:b9:c7:bc:c5:e6:9d:2c:58:12:81:d6:41:
45:33:e5:f9:58:5e:3a:a8:ad:37:5d:d9:b1:b3:27:b6:71:82:
ed:9c:b0:56:0d:3e:37:a5:0f:a4:67:f4:9b:67:4b:7d:8f:44:
78:40:94:5e:77:5e:65:51:51:da:6a:ca:e8:b1:18:38:06:d4:
df:99:da:75:e7:04:8a:79:75:46:89:31:65:61:d3:13:7b:c3:
1f:7b:d4:40:a0:fd:7e:5d:2a:dd:c0:cb:10:59:6a:bd:e7:ff:
df:4e:38:fd:26:21:8f:47:1f:dc:96:51:c5:85:d3:d9:18:63:
e9:28:e6:46:6a:47:87:f1:9f:ab:80:ad:8c:67:9f:b4:62:10:
e5:cf:73:bf:9d:96:a6:56:ca:d8:19:c7:47:98:91:3f:6e:15:
00:98:a0:5a:2e:70:be:c4:ae:8e:c7:1a:48:3e:1a:9e:1e:22:
de:07:5b:d9:2d:a1:dd:93:6a:dc:f3:f8:fa:a5:6e:a8:04:05:
b3:22:61:67:fb:0e:c4:25:a1:47:f4:ab:cc:2d:53:7d:66:d3:
fc:b3:73:d9:ea:0f:4a:cd:63:0b:f5:92:41:02:9c:78:d4:17:
cd:f9:0f:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOrVmLwjSrXNv5SQ3tQ5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzQzZTBhNDFhYmI2ZDE1NGJhZGMzNzE2MjNiNGQxNGQ5
MTg2NzUwHhcNMjYwMzI1MjMwMDUyWhcNMjYwMzI2MjMwMDUyWjAzMTEwLwYDVQQD
EygyZWQ3NzM0YzU1MTNjOGE2Yjg0ZGI0NmU1NGYyNWM2ODI0N2MwNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwshV/fUDQF9qg10wu+wOet8YiCof
63tn19NCuqrRMJn5K2/CIZodU4EnAggUHF663dEHfJS3q8gCS7UcZMQtMkm2YqKW
76y/8ZbZmjjGnM2BR5X6f8qouup30rDZlMSVHdN/kn1eZfB2SQ7uiOCKvD2Z/Rus
0MUFQiZp3geTYoiTACHN6SKjItooGFqgqP3rWdrVIYqPz6QPNWYkxOl8yURfxwZB
raz3TPQvGEu/5e6KVp+Y8lfKDoiS5vtpl+KsWg0zLU3chczwfZ9U0UyfQ/VnAcWn
q/azwnbE5R3ciabE0Iaw+YVwdLOc5T4+jQn/xwBCreOudRzWIP/sydV/7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7Xc0xVE8imuE20blTyXGgkfAYrMB8GA1UdIwQY
MBaAFJ7EPgpBq7bRVLrcNxYjtNFNkYZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNRLUNrR3J0dEZVdXR3M0ZpTzAwVTJSaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9iOGJmMjgtYjQxMC00ZjMzLWEyZTgt
YzI5NDk3MjkxMTcxLzEvbnNRLUNrR3J0dEZVdXR3M0ZpTzAwVTJSaG5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9iOGJmMjgtYjQxMC00ZjMzLWEyZTgtYzI5NDk3MjkxMTcx
LzEvbnNRLUNrR3J0dEZVdXR3M0ZpTzAwVTJSaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASDgxtNNv
Vw6UnA/720gti7CNcWx46Gq7uce8xeadLFgSgdZBRTPl+VheOqitN13ZsbMntnGC
7ZywVg0+N6UPpGf0m2dLfY9EeECUXndeZVFR2mrK6LEYOAbU35nadecEinl1Rokx
ZWHTE3vDH3vUQKD9fl0q3cDLEFlqvef/3044/SYhj0cf3JZRxYXT2Rhj6SjmRmpH
h/Gfq4CtjGeftGIQ5c9zv52WplbK2BnHR5iRP24VAJigWi5wvsSujscaSD4anh4i
3gdb2S2h3ZNq3PP4+qVuqAQFsyJhZ/sOxCWhR/SrzC1TfWbT/LNz2eoPSs1jC/WS
QQKceNQXzfkPYg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:48:11 2026 by rpki-client