Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
File: TKha1Dt7R-dSh4MHGEeU1woCdmw.mft (raw, json)
Hash identifier: 16UYbHOIVh0DI2zf7WHzomf1SLz+2avUG+j2WZ9zQHI=
Subject key identifier: 5B:57:2F:0B:9F:28:9B:E5:7F:44:AB:19:F4:EA:B3:80:7B:21:13:A3
Authority key identifier: 4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
Certificate issuer: /CN=4ca85ad43b7b47e752878307184794d70a02766c
Certificate serial: 019D28BB69EA37BF218E1E6C2AAEFE6A4B20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
Manifest number: 040D
Signing time: Thu 26 Mar 2026 06:01:03 +0000
Manifest this update: Thu 26 Mar 2026 06:01:03 +0000
Manifest next update: Fri 27 Mar 2026 06:01:03 +0000
Files and hashes: 1: 1-w3-HT-b4gN55Ez02d0Ltxhd_18.roa (hash: SZE3EWQBz3QYJjq31FoNPzS9VUyILcF5vCKxR6HmvGg=)
2: TKha1Dt7R-dSh4MHGEeU1woCdmw.crl (hash: H9/A2Jtl7er2U5OQchEMYC0ErF0OZPgtNo/N1aCrjuE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:69:ea:37:bf:21:8e:1e:6c:2a:ae:fe:6a:4b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca85ad43b7b47e752878307184794d70a02766c
Validity
Not Before: Mar 26 06:01:03 2026 GMT
Not After : Mar 27 06:01:03 2026 GMT
Subject: CN=5b572f0b9f289be57f44ab19f4eab3807b2113a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bc:83:ad:d7:fb:61:6e:7c:b6:18:6c:a0:65:
05:04:28:07:4c:6d:a2:c2:b0:91:91:64:c9:e2:2d:
32:71:42:1c:40:e0:41:eb:cb:57:e5:1a:20:37:86:
f7:7e:72:b8:24:87:ec:e2:90:c5:12:f7:fb:e6:d9:
08:f1:d8:8f:12:ea:ad:48:90:76:d2:cd:a9:ee:39:
cd:a4:69:0e:91:04:77:03:ca:af:a2:c0:1a:b4:b6:
de:6e:1a:de:88:b1:ec:62:58:a0:1c:48:ef:ff:a1:
23:d7:8a:86:16:8f:57:f5:06:1b:5b:40:16:29:99:
c4:48:74:a4:73:1d:56:15:81:98:51:7c:17:a7:a8:
ef:d7:ae:04:52:8b:12:a1:36:1a:2b:de:82:3f:04:
4d:01:82:76:da:0c:f3:67:f3:20:9c:3c:71:b0:7e:
9b:04:84:ce:b8:af:02:12:3f:42:a2:f0:f8:8c:59:
ae:f8:a5:f0:dc:dc:57:4b:4a:e2:ef:be:d0:ba:91:
15:a2:6e:17:da:1d:4c:22:99:ae:4d:5b:64:73:6e:
6a:88:e9:6d:fd:f3:c3:0b:3d:a1:c2:82:7a:68:b9:
63:d9:dc:35:5a:e1:f7:5f:38:e6:ae:59:5f:79:35:
66:0a:25:b9:2b:5f:b5:7a:25:6b:0b:ff:e6:7a:89:
79:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:57:2F:0B:9F:28:9B:E5:7F:44:AB:19:F4:EA:B3:80:7B:21:13:A3
X509v3 Authority Key Identifier:
keyid:4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:e2:82:0d:8c:95:8f:0a:28:7a:e2:c4:a3:fe:d2:44:09:7d:
30:f9:a1:20:e0:4f:9e:59:fb:64:cf:dc:b2:30:ce:a8:86:bd:
6f:c6:0b:e8:0d:a9:5b:db:7b:0e:5d:0a:2b:e6:83:86:81:87:
b2:71:bb:62:09:7d:32:9d:77:71:c2:64:0d:f4:36:cb:6e:2b:
e7:02:e1:1d:00:ea:54:59:de:fa:6f:93:85:0c:75:b0:2c:5d:
30:0b:d0:92:ec:d2:9a:88:af:60:7f:2a:cb:34:b1:d8:e7:71:
d9:dd:d6:bb:c3:fe:bb:de:bb:ad:f7:f8:cd:f6:29:22:56:dc:
d8:8c:63:be:06:12:fd:a1:4f:cf:18:76:f2:96:9b:80:31:59:
a2:85:45:a1:44:6a:5a:1a:d7:99:e5:db:d7:24:41:e5:9a:be:
bb:5a:06:15:c3:d4:f4:c6:d2:ad:f8:0e:3c:b4:0e:cd:b9:a2:
df:cc:27:4a:53:57:4b:62:00:56:b2:73:91:13:32:ab:a9:6a:
db:6e:6c:03:18:f0:01:9a:c9:95:f3:49:57:f4:ab:88:12:9c:
31:07:f5:fa:2c:0b:74:11:9f:12:b3:d4:e9:47:aa:74:fa:00:
42:ab:77:37:36:83:43:fc:8b:55:6f:f9:e7:df:e9:c6:24:30:
7a:d6:d4:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou2nqN78hjh5sKq7+aksgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTg1YWQ0M2I3YjQ3ZTc1Mjg3ODMwNzE4NDc5NGQ3MGEw
Mjc2NmMwHhcNMjYwMzI2MDYwMTAzWhcNMjYwMzI3MDYwMTAzWjAzMTEwLwYDVQQD
Eyg1YjU3MmYwYjlmMjg5YmU1N2Y0NGFiMTlmNGVhYjM4MDdiMjExM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobyDrdf7YW58thhsoGUFBCgHTG2i
wrCRkWTJ4i0ycUIcQOBB68tX5RogN4b3fnK4JIfs4pDFEvf75tkI8diPEuqtSJB2
0s2p7jnNpGkOkQR3A8qvosAatLbebhreiLHsYligHEjv/6Ej14qGFo9X9QYbW0AW
KZnESHSkcx1WFYGYUXwXp6jv164EUosSoTYaK96CPwRNAYJ22gzzZ/MgnDxxsH6b
BITOuK8CEj9CovD4jFmu+KXw3NxXS0ri777QupEVom4X2h1MIpmuTVtkc25qiOlt
/fPDCz2hwoJ6aLlj2dw1WuH3XzjmrllfeTVmCiW5K1+1eiVrC//meol5VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFtXLwufKJvlf0SrGfTqs4B7IROjMB8GA1UdIwQY
MBaAFEyoWtQ7e0fnUoeDBxhHlNcKAnZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMt
MjIyMjUyOTI5ODczLzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMtMjIyMjUyOTI5ODcz
LzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf+KCDYyV
jwooeuLEo/7SRAl9MPmhIOBPnln7ZM/csjDOqIa9b8YL6A2pW9t7Dl0KK+aDhoGH
snG7Ygl9Mp13ccJkDfQ2y24r5wLhHQDqVFne+m+ThQx1sCxdMAvQkuzSmoivYH8q
yzSx2Odx2d3Wu8P+u967rff4zfYpIlbc2IxjvgYS/aFPzxh28pabgDFZooVFoURq
WhrXmeXb1yRB5Zq+u1oGFcPU9MbSrfgOPLQOzbmi38wnSlNXS2IAVrJzkRMyq6lq
225sAxjwAZrJlfNJV/SriBKcMQf1+iwLdBGfErPU6UeqdPoAQqt3NzaDQ/yLVW/5
59/pxiQwetbUzQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:18:39 2026 by rpki-client