Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft
File: NYzSZ8VKP8IovKHe43LZbGA3PCc.mft (raw, json)
Hash identifier: ecFcBJaXrtvHp5Y4QEBsUxX3Hq/Qv7shbyuxJQYuOf0=
Subject key identifier: A8:48:2E:C5:96:51:E1:85:81:F1:FD:99:9C:4D:6D:92:61:6F:80:AB
Authority key identifier: 35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27
Certificate issuer: /CN=358cd267c54a3fc228bca1dee372d96c60373c27
Certificate serial: 019D299726425CC6D809BD69F6B3CFEE2D2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft
Manifest number: 0168
Signing time: Thu 26 Mar 2026 10:01:04 +0000
Manifest this update: Thu 26 Mar 2026 10:01:04 +0000
Manifest next update: Fri 27 Mar 2026 10:01:04 +0000
Files and hashes: 1: 5AyUcUP8UFa03d6jQItDEbWXyi0.roa (hash: ZjaIy+ybGhKGWcrRG6dw/kl40YV5Z1/+6QWlVZn1AoA=)
2: NYzSZ8VKP8IovKHe43LZbGA3PCc.crl (hash: h0L8EPKztxHuCAZdp9GthVbgv6YCzJWJDkouKMfZsbg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:97:26:42:5c:c6:d8:09:bd:69:f6:b3:cf:ee:2d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=358cd267c54a3fc228bca1dee372d96c60373c27
Validity
Not Before: Mar 26 10:01:04 2026 GMT
Not After : Mar 27 10:01:04 2026 GMT
Subject: CN=a8482ec59651e18581f1fd999c4d6d92616f80ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b5:db:3f:33:d2:69:4c:04:0f:f6:d5:e2:e6:
df:7d:51:65:ed:66:b1:3c:2d:3c:35:63:22:14:36:
30:8a:69:94:32:c7:b1:55:46:33:29:45:1a:95:79:
e7:d0:c1:e7:88:25:8c:8c:86:4d:f5:e2:5a:06:2d:
80:50:47:e7:a6:55:1c:54:d0:b0:09:14:67:7d:97:
a4:be:67:07:dd:6c:ed:63:aa:89:47:af:6e:f8:89:
4a:fe:40:bf:f7:a3:99:d9:6a:d1:a6:ac:1e:d8:c6:
df:4b:ad:db:8e:d9:4e:7e:22:7b:e1:44:c7:5d:ff:
16:b6:9e:0c:84:a4:c1:05:8d:91:bd:8f:2c:c8:03:
42:de:91:09:cf:2c:5a:4f:06:02:0b:f3:85:62:ea:
8a:d8:05:45:8e:ed:aa:30:04:af:a1:ea:16:75:dd:
68:59:5b:a1:9c:97:8f:04:5b:e1:65:d8:56:97:00:
58:1d:6d:28:de:f1:b9:d9:8f:39:03:fc:b2:2a:36:
1a:9c:7b:70:b3:a3:a0:5a:dd:2f:0e:90:60:fc:92:
bb:07:82:17:d6:f2:e6:c1:b5:de:6f:23:de:f6:ff:
ea:81:c9:92:f6:06:9a:08:95:0f:2c:3d:b1:64:7d:
2c:33:e6:78:50:1b:0f:4e:9d:9e:16:f6:47:5d:93:
2a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:48:2E:C5:96:51:E1:85:81:F1:FD:99:9C:4D:6D:92:61:6F:80:AB
X509v3 Authority Key Identifier:
keyid:35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:f3:57:2f:c0:93:7f:dd:13:04:12:9c:3b:7b:0d:8c:6a:7d:
65:8a:68:f1:b2:26:65:5a:15:cc:d1:5b:6f:24:58:e3:56:c7:
25:6e:10:10:18:48:c6:c8:1a:b6:c8:d5:85:0a:a8:15:ff:2a:
c9:5d:62:cb:b3:2f:e7:68:e0:71:55:b9:76:97:13:0a:bc:fa:
67:89:f4:57:ae:cb:d6:12:3a:4a:ac:cc:cc:65:50:56:d8:a6:
52:d0:9f:0d:35:05:50:2a:0b:2c:d1:1b:43:21:63:1d:b0:30:
ec:2f:03:c1:86:26:6c:54:50:0a:44:1c:00:22:9e:27:e0:fc:
a0:9c:98:44:8c:ae:56:45:92:2f:5a:29:7f:ee:29:d5:72:d6:
65:1b:56:5e:11:7c:3e:e1:f3:d7:2f:a6:ac:e7:07:e4:34:cc:
41:3a:c9:0b:64:af:21:a7:54:ba:49:53:36:b0:3b:bd:74:1e:
08:07:b0:a3:51:47:67:85:9e:cc:cd:3e:89:6a:fe:66:b7:0d:
3e:98:90:0b:d1:bb:b3:aa:dd:11:0c:1c:cb:d2:a8:29:2b:42:
67:4a:26:e9:f4:fa:19:65:3a:0c:f8:62:21:7b:44:2a:41:79:
e9:81:9b:a4:de:2d:86:2e:32:ac:63:bd:e5:d4:d5:3e:bf:24:
04:ea:a8:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plyZCXMbYCb1p9rPP7i0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OGNkMjY3YzU0YTNmYzIyOGJjYTFkZWUzNzJkOTZjNjAz
NzNjMjcwHhcNMjYwMzI2MTAwMTA0WhcNMjYwMzI3MTAwMTA0WjAzMTEwLwYDVQQD
EyhhODQ4MmVjNTk2NTFlMTg1ODFmMWZkOTk5YzRkNmQ5MjYxNmY4MGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbXbPzPSaUwED/bV4ubffVFl7Wax
PC08NWMiFDYwimmUMsexVUYzKUUalXnn0MHniCWMjIZN9eJaBi2AUEfnplUcVNCw
CRRnfZekvmcH3WztY6qJR69u+IlK/kC/96OZ2WrRpqwe2MbfS63bjtlOfiJ74UTH
Xf8Wtp4MhKTBBY2RvY8syANC3pEJzyxaTwYCC/OFYuqK2AVFju2qMASvoeoWdd1o
WVuhnJePBFvhZdhWlwBYHW0o3vG52Y85A/yyKjYanHtws6OgWt0vDpBg/JK7B4IX
1vLmwbXebyPe9v/qgcmS9gaaCJUPLD2xZH0sM+Z4UBsPTp2eFvZHXZMqiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKhILsWWUeGFgfH9mZxNbZJhb4CrMB8GA1UdIwQY
MBaAFDWM0mfFSj/CKLyh3uNy2WxgNzwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWIt
OGEyZTlhNDY4MTliLzEvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWItOGEyZTlhNDY4MTli
LzEvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlvNXL8CT
f90TBBKcO3sNjGp9ZYpo8bImZVoVzNFbbyRY41bHJW4QEBhIxsgatsjVhQqoFf8q
yV1iy7Mv52jgcVW5dpcTCrz6Z4n0V67L1hI6SqzMzGVQVtimUtCfDTUFUCoLLNEb
QyFjHbAw7C8DwYYmbFRQCkQcACKeJ+D8oJyYRIyuVkWSL1opf+4p1XLWZRtWXhF8
PuHz1y+mrOcH5DTMQTrJC2SvIadUuklTNrA7vXQeCAewo1FHZ4WezM0+iWr+ZrcN
PpiQC9G7s6rdEQwcy9KoKStCZ0om6fT6GWU6DPhiIXtEKkF56YGbpN4thi4yrGO9
5dTVPr8kBOqo3Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:54:48 2026 by rpki-client