Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
File: Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json)
Hash identifier: MAVRrIihMVdnCTrr/w20dtx8HzFKj5ii0LazetQbNd4=
Subject key identifier: 9E:1F:EB:D0:30:B9:EE:39:1B:83:96:C8:D8:76:C0:C2:19:9E:3F:3C
Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
Certificate issuer: /CN=362af487954c9b96a6e75c258d0437a38449ba90
Certificate serial: 019D3307FD19A094D6E45A116834962BFFB9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
Manifest number: 1738
Signing time: Sat 28 Mar 2026 06:00:54 +0000
Manifest this update: Sat 28 Mar 2026 06:00:54 +0000
Manifest next update: Sun 29 Mar 2026 06:00:54 +0000
Files and hashes: 1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: J4sPYYFDes8fYTI8gdtxVtUI95UJyKGSlsABDo6R2u8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 06:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:07:fd:19:a0:94:d6:e4:5a:11:68:34:96:2b:ff:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90
Validity
Not Before: Mar 28 06:00:54 2026 GMT
Not After : Mar 29 06:00:54 2026 GMT
Subject: CN=9e1febd030b9ee391b8396c8d876c0c2199e3f3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ac:0e:4b:08:f3:d5:00:76:50:e4:6c:af:33:
db:0e:53:e2:59:2b:ca:03:7c:6b:47:ba:09:8c:be:
1d:93:14:a5:91:d8:ec:24:a0:1e:35:44:33:ad:31:
54:95:5c:3c:73:98:3b:aa:93:4f:11:5e:23:71:d8:
b9:6a:ca:80:ee:c2:f9:1c:95:c8:62:7c:0e:d6:df:
59:f6:4f:74:b8:8c:3b:21:b0:94:25:14:13:06:4e:
36:08:72:b9:b9:ca:10:10:b5:c7:1b:68:2b:ec:82:
16:b8:d2:77:5d:0d:d6:57:3d:87:4d:38:43:99:9a:
53:75:f7:e6:6f:10:99:81:c9:04:e9:f8:a9:41:92:
d4:f6:45:6c:b5:ef:d7:8e:0c:74:d1:c8:c5:28:ea:
c4:dd:0f:27:d8:76:4b:42:d0:d0:da:d2:97:ec:83:
79:f5:ae:d6:ad:d2:fe:97:23:99:3e:3b:c8:63:25:
18:6a:4e:b8:68:4b:f1:eb:54:7f:49:f8:61:24:0b:
9f:48:54:d3:4f:8e:c0:15:ea:3c:f1:3b:2f:09:81:
48:70:3e:f8:7b:ba:f2:c2:6a:70:41:f7:1f:d4:56:
05:cc:f1:22:8e:fd:76:8f:38:7c:17:cb:6b:01:66:
36:7f:76:2c:5d:d3:38:ad:46:be:03:04:bb:ca:ee:
d4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1F:EB:D0:30:B9:EE:39:1B:83:96:C8:D8:76:C0:C2:19:9E:3F:3C
X509v3 Authority Key Identifier:
keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:da:7b:43:09:b6:9d:cd:01:f4:ef:5e:7c:84:da:27:0c:51:
1b:bd:c0:c3:4c:04:6f:62:c6:db:20:7e:33:b9:44:c2:66:69:
d4:b1:ac:c7:a3:06:28:c7:38:ba:14:ec:39:4b:62:67:3f:31:
dc:6f:75:ad:ba:e7:17:a3:e4:c0:77:db:0d:47:f8:d6:98:33:
87:da:8a:ca:89:a6:e7:bb:80:ba:1e:60:33:ae:9d:7a:c9:48:
b1:a5:ee:84:42:37:35:5d:a5:63:72:ac:7d:10:38:d1:7c:d0:
15:00:7f:aa:29:b3:8a:48:c1:76:49:0c:e3:66:a1:d2:e2:39:
61:3b:b8:fd:fb:62:60:8c:44:2b:04:96:e0:aa:63:c6:6f:9d:
a1:14:89:0b:f6:42:dc:da:0f:2b:56:5d:22:d9:1f:0b:01:a7:
52:98:f7:d8:bf:ba:d7:49:d6:4e:13:95:0d:c4:3a:a4:68:4a:
8c:d9:66:df:06:ca:47:b7:14:8d:9e:79:7e:f0:57:e9:cb:ba:
84:2d:21:bd:9d:09:7a:0a:0a:22:17:bb:b7:6b:70:f9:29:8f:
50:a2:e9:4b:26:f5:5b:6a:1f:1c:bc:f1:6c:a7:5a:3f:f3:44:
c2:21:16:85:ca:de:b2:f9:45:ac:9a:59:12:cf:78:8f:e0:ca:
d6:33:02:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zB/0ZoJTW5FoRaDSWK/+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0
OWJhOTAwHhcNMjYwMzI4MDYwMDU0WhcNMjYwMzI5MDYwMDU0WjAzMTEwLwYDVQQD
Eyg5ZTFmZWJkMDMwYjllZTM5MWI4Mzk2YzhkODc2YzBjMjE5OWUzZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KwOSwjz1QB2UORsrzPbDlPiWSvK
A3xrR7oJjL4dkxSlkdjsJKAeNUQzrTFUlVw8c5g7qpNPEV4jcdi5asqA7sL5HJXI
YnwO1t9Z9k90uIw7IbCUJRQTBk42CHK5ucoQELXHG2gr7IIWuNJ3XQ3WVz2HTThD
mZpTdffmbxCZgckE6fipQZLU9kVste/Xjgx00cjFKOrE3Q8n2HZLQtDQ2tKX7IN5
9a7WrdL+lyOZPjvIYyUYak64aEvx61R/SfhhJAufSFTTT47AFeo88TsvCYFIcD74
e7rywmpwQfcf1FYFzPEijv12jzh8F8trAWY2f3YsXdM4rUa+AwS7yu7UywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ4f69Awue45G4OWyNh2wMIZnj88MB8GA1UdIwQY
MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt
NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2
LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS9p7Qwm2
nc0B9O9efITaJwxRG73Aw0wEb2LG2yB+M7lEwmZp1LGsx6MGKMc4uhTsOUtiZz8x
3G91rbrnF6PkwHfbDUf41pgzh9qKyomm57uAuh5gM66deslIsaXuhEI3NV2lY3Ks
fRA40XzQFQB/qimzikjBdkkM42ah0uI5YTu4/ftiYIxEKwSW4Kpjxm+doRSJC/ZC
3NoPK1ZdItkfCwGnUpj32L+610nWThOVDcQ6pGhKjNlm3wbKR7cUjZ55fvBX6cu6
hC0hvZ0JegoKIhe7t2tw+SmPUKLpSyb1W2ofHLzxbKdaP/NEwiEWhcresvlFrJpZ
Es94j+DK1jMCrg==
-----END CERTIFICATE-----
Generated at Sat Mar 28 15:56:06 2026 by rpki-client