Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.mft
File: tF5iJw0g-UZ6avx4lj28-4D79So.mft (raw, json)
Hash identifier: En5ECF07s99zBHj1PG31Y4fFmvguGNEdytRzpnb41tU=
Subject key identifier: 20:09:0D:B1:7E:2E:CF:F0:E4:5A:7C:B1:9D:79:F1:BE:5A:AA:60:26
Authority key identifier: B4:5E:62:27:0D:20:F9:46:7A:6A:FC:78:96:3D:BC:FB:80:FB:F5:2A
Certificate issuer: /CN=b45e62270d20f9467a6afc78963dbcfb80fbf52a
Certificate serial: 019D29297B33E80DEFDE4934DB900650C076
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tF5iJw0g-UZ6avx4lj28-4D79So.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.mft
Manifest number: 1007
Signing time: Thu 26 Mar 2026 08:01:17 +0000
Manifest this update: Thu 26 Mar 2026 08:01:17 +0000
Manifest next update: Fri 27 Mar 2026 08:01:17 +0000
Files and hashes: 1: OaFZLyzit9aeE8Q-rZBaTKGo_VE.roa (hash: Z2wq4t88shsGbAykTeNAzXxxEV7hDGsKc3AYjBfbT+k=)
2: tF5iJw0g-UZ6avx4lj28-4D79So.crl (hash: uj2mrDTtzatM0wmprhVV3JSuyuPgrvcFpa9HgGFeraI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.mft
rsync://rpki.ripe.net/repository/DEFAULT/tF5iJw0g-UZ6avx4lj28-4D79So.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:7b:33:e8:0d:ef:de:49:34:db:90:06:50:c0:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45e62270d20f9467a6afc78963dbcfb80fbf52a
Validity
Not Before: Mar 26 08:01:17 2026 GMT
Not After : Mar 27 08:01:17 2026 GMT
Subject: CN=20090db17e2ecff0e45a7cb19d79f1be5aaa6026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3d:54:f9:25:69:e8:79:7d:26:b7:d6:00:73:
b0:a5:f7:3b:62:8e:9c:63:01:d7:c3:64:95:67:0a:
cb:e1:c8:da:68:a6:7d:cc:65:f1:40:8b:7c:e8:ab:
f9:4d:ed:13:d0:d3:ce:9a:1c:15:f2:7b:1b:a2:05:
a4:10:a4:8f:a9:66:c1:cd:be:e7:81:26:d3:fa:1f:
0b:51:b0:68:60:31:c4:99:8a:af:82:f0:d5:1d:b9:
d0:01:2b:39:d4:c8:a6:87:42:d0:6f:e8:16:0e:8c:
3c:79:bb:d7:04:cc:02:0e:c5:43:ac:44:6d:40:1e:
0d:4b:43:95:8b:8e:e8:99:7a:d6:a4:42:aa:38:10:
e9:68:fd:02:95:37:05:1f:37:1b:3a:2d:42:87:ff:
92:c5:d7:a7:71:08:7f:5a:61:1b:26:09:4e:43:e1:
25:98:ad:45:d1:9b:06:7d:9d:80:a7:ea:44:8b:d9:
f3:ee:60:1c:ea:89:9a:26:59:84:ee:22:49:62:7e:
ac:b3:56:5a:f7:f4:69:7b:f6:c5:da:c7:87:a0:94:
af:c8:c6:ae:c2:73:9f:9a:e4:7d:b9:51:e1:78:c4:
76:42:cb:95:56:a2:7a:ce:3d:a6:9e:19:3c:e0:9f:
65:8f:ab:52:18:b6:a1:1f:e6:8f:01:af:a9:d1:14:
35:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:09:0D:B1:7E:2E:CF:F0:E4:5A:7C:B1:9D:79:F1:BE:5A:AA:60:26
X509v3 Authority Key Identifier:
keyid:B4:5E:62:27:0D:20:F9:46:7A:6A:FC:78:96:3D:BC:FB:80:FB:F5:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tF5iJw0g-UZ6avx4lj28-4D79So.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:d5:d5:6c:6b:8d:22:2f:e7:2d:29:42:e8:a4:5b:9f:5a:cd:
38:80:34:24:e8:2f:ae:ab:43:57:8d:69:2b:8a:d0:3b:11:66:
c2:2b:c5:75:44:c0:47:2d:49:71:1b:e2:1c:f1:8d:65:66:2e:
d4:60:1b:a6:cc:28:b4:07:a4:bc:32:b7:fe:d2:ca:d7:4c:65:
f5:9c:dc:4d:86:47:a6:74:93:25:f1:cb:11:2e:5b:d7:44:51:
7d:b3:73:37:a1:1c:b6:07:12:a2:81:e3:10:e0:e9:5a:46:5e:
cb:1f:e0:5a:f1:b8:94:8d:7b:93:6e:28:63:b4:60:3d:ab:84:
86:e6:1d:e2:36:c6:e6:93:c1:ab:13:9c:5a:17:8f:68:3c:75:
ba:bc:21:e6:ac:d2:d5:be:b1:0a:d1:8e:d4:e5:23:9a:88:f9:
44:56:90:08:27:d7:e9:2f:fb:7d:e5:8f:9f:bf:cc:cf:57:6c:
0f:4c:f7:cc:aa:d7:6d:1e:ca:f4:12:10:9c:31:1f:91:c0:2a:
46:3d:e4:0e:3c:67:1d:22:42:07:82:ae:12:3f:d7:65:8b:f9:
4a:cf:43:1d:6d:c6:66:e8:5d:ca:d7:0d:f6:a6:ac:56:b2:e4:
d2:83:7a:bd:69:8a:94:1c:b2:dd:b8:59:29:1a:7e:80:9d:7b:
ff:f6:c9:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKXsz6A3v3kk025AGUMB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NWU2MjI3MGQyMGY5NDY3YTZhZmM3ODk2M2RiY2ZiODBm
YmY1MmEwHhcNMjYwMzI2MDgwMTE3WhcNMjYwMzI3MDgwMTE3WjAzMTEwLwYDVQQD
EygyMDA5MGRiMTdlMmVjZmYwZTQ1YTdjYjE5ZDc5ZjFiZTVhYWE2MDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD1U+SVp6Hl9JrfWAHOwpfc7Yo6c
YwHXw2SVZwrL4cjaaKZ9zGXxQIt86Kv5Te0T0NPOmhwV8nsbogWkEKSPqWbBzb7n
gSbT+h8LUbBoYDHEmYqvgvDVHbnQASs51Mimh0LQb+gWDow8ebvXBMwCDsVDrERt
QB4NS0OVi47omXrWpEKqOBDpaP0ClTcFHzcbOi1Ch/+SxdencQh/WmEbJglOQ+El
mK1F0ZsGfZ2Ap+pEi9nz7mAc6omaJlmE7iJJYn6ss1Za9/Rpe/bF2seHoJSvyMau
wnOfmuR9uVHheMR2QsuVVqJ6zj2mnhk84J9lj6tSGLahH+aPAa+p0RQ1JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAJDbF+Ls/w5Fp8sZ158b5aqmAmMB8GA1UdIwQY
MBaAFLReYicNIPlGemr8eJY9vPuA+/UqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEY1aUp3MGctVVo2YXZ4NGxqMjgtNEQ3OVNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9lY2I0NWUtMmRiNi00YjU0LWJjOTEt
MDU5NjI5NmYxMmRlLzEvdEY1aUp3MGctVVo2YXZ4NGxqMjgtNEQ3OVNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9lY2I0NWUtMmRiNi00YjU0LWJjOTEtMDU5NjI5NmYxMmRl
LzEvdEY1aUp3MGctVVo2YXZ4NGxqMjgtNEQ3OVNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJtXVbGuN
Ii/nLSlC6KRbn1rNOIA0JOgvrqtDV41pK4rQOxFmwivFdUTARy1JcRviHPGNZWYu
1GAbpswotAekvDK3/tLK10xl9ZzcTYZHpnSTJfHLES5b10RRfbNzN6EctgcSooHj
EODpWkZeyx/gWvG4lI17k24oY7RgPauEhuYd4jbG5pPBqxOcWhePaDx1urwh5qzS
1b6xCtGO1OUjmoj5RFaQCCfX6S/7feWPn7/Mz1dsD0z3zKrXbR7K9BIQnDEfkcAq
Rj3kDjxnHSJCB4KuEj/XZYv5Ss9DHW3GZuhdytcN9qasVrLk0oN6vWmKlByy3bhZ
KRp+gJ17//bJ9Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:06:05 2026 by rpki-client