Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.mft
File: tYUi2sa83oxIEzNZkTKhYgDmpb4.mft (raw, json)
Hash identifier: xisyHM+xGjPGfr/nmAIb5SvzlfBL/cbErJUYySYP/os=
Subject key identifier: 80:2A:6A:B5:AD:BB:AA:7D:C8:81:88:DB:AE:C9:1D:3E:BD:3D:D0:2B
Authority key identifier: B5:85:22:DA:C6:BC:DE:8C:48:13:33:59:91:32:A1:62:00:E6:A5:BE
Certificate issuer: /CN=b58522dac6bcde8c481333599132a16200e6a5be
Certificate serial: 019D27A93FE63E6A8098408E167EA8C710C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tYUi2sa83oxIEzNZkTKhYgDmpb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.mft
Manifest number: 0BE1
Signing time: Thu 26 Mar 2026 01:01:36 +0000
Manifest this update: Thu 26 Mar 2026 01:01:36 +0000
Manifest next update: Fri 27 Mar 2026 01:01:36 +0000
Files and hashes: 1: 18A7L44_0ILwZodGFUSDQ2eubuc.roa (hash: TWAVfWQBRDutGoFMNTBpWa6veuSEAlw+UuaoPc+ikg4=)
2: 2BnXbJN0-tuiSw2yPhv5M-hIP_g.roa (hash: 7StJAAew0duMZOz948e0I6qxBTgJCwCzq3+RHVzjmKc=)
3: tYUi2sa83oxIEzNZkTKhYgDmpb4.crl (hash: Y0IsUad5oLfioy34tpJ/+NEjV2GrRRiQQHSJFOVBIro=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tYUi2sa83oxIEzNZkTKhYgDmpb4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a9:3f:e6:3e:6a:80:98:40:8e:16:7e:a8:c7:10:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b58522dac6bcde8c481333599132a16200e6a5be
Validity
Not Before: Mar 26 01:01:36 2026 GMT
Not After : Mar 27 01:01:36 2026 GMT
Subject: CN=802a6ab5adbbaa7dc88188dbaec91d3ebd3dd02b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f6:a9:0d:38:74:be:33:d7:70:06:47:6a:91:
7d:c3:db:71:c4:99:0c:1f:c1:ec:15:c0:0b:b8:98:
ec:a6:06:d0:5a:40:7c:96:01:24:13:9e:50:ef:4c:
ab:41:e8:f0:6e:43:8e:6e:0e:57:a2:dc:8a:78:9b:
d6:4d:b6:ff:2d:ef:58:52:78:95:9f:3e:c5:0d:b3:
83:36:83:74:bb:5c:2f:34:6a:88:74:cf:ad:8c:b7:
c7:d4:91:5d:b6:df:19:25:17:e8:d9:69:e5:4d:29:
cd:a7:1a:0f:cb:a2:de:e4:0b:5d:1b:cc:44:da:6b:
dd:dd:44:14:76:09:84:d4:a5:3a:f1:25:a0:69:d9:
f9:2c:22:a5:2c:4d:ab:bc:fd:37:7f:1d:70:4f:99:
79:fb:d6:a5:60:9c:88:1f:5a:0a:3b:85:a7:16:eb:
50:5e:a3:35:29:11:ed:7a:d5:84:cc:b9:c3:91:04:
a2:66:12:15:3f:05:fb:17:f1:c0:21:1f:ad:26:23:
4a:42:a1:ef:3a:90:39:ce:8b:00:a4:bd:74:c7:e1:
20:ec:b9:74:55:5f:d6:73:30:92:0c:5b:8f:22:df:
59:72:41:9b:0e:9e:50:de:29:e4:d1:2d:71:8b:89:
cd:11:f4:52:4a:37:83:a1:42:6d:b0:63:24:61:ad:
05:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:2A:6A:B5:AD:BB:AA:7D:C8:81:88:DB:AE:C9:1D:3E:BD:3D:D0:2B
X509v3 Authority Key Identifier:
keyid:B5:85:22:DA:C6:BC:DE:8C:48:13:33:59:91:32:A1:62:00:E6:A5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tYUi2sa83oxIEzNZkTKhYgDmpb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:90:fa:11:04:b3:df:5b:33:6f:1f:a0:6a:b8:8e:d8:bc:82:
d4:6f:ae:99:2e:a5:cb:61:af:c5:a4:38:8b:e4:94:aa:d8:bc:
bb:a0:07:ce:93:27:6d:7a:1d:a9:20:88:dd:49:fa:21:40:a0:
f1:d7:91:1e:f4:7d:f0:53:eb:df:fc:52:6a:aa:50:4e:8c:b4:
6b:2a:b6:8b:1b:cd:79:ba:a9:b8:a3:65:19:bc:95:21:be:a3:
ac:4c:dd:88:c3:3d:e5:f0:a5:8e:fc:25:bc:96:6b:02:2c:d6:
81:c9:3e:3b:bd:0c:5f:97:7a:09:80:56:5c:10:54:a2:b6:e0:
02:85:23:04:8d:d4:b3:2d:8d:13:8b:c7:42:8a:9f:84:06:ee:
7c:e8:88:76:dd:b0:0a:1e:bf:d3:94:43:84:32:87:68:4b:96:
fb:c2:36:c1:d9:05:cc:fd:90:9e:9f:35:f7:df:17:b0:2b:4d:
42:f7:e9:a6:20:b6:50:90:4e:d9:44:a7:0c:8e:9c:8d:58:f9:
2d:d9:d5:a3:0b:83:66:6b:7b:de:9a:f1:41:fe:e7:cd:8e:36:
3c:3a:5c:2b:32:f2:35:a4:f1:a5:29:69:79:92:b5:c4:de:1c:
66:70:b9:f1:08:0f:41:6f:d6:9b:54:2a:5b:7e:82:06:d6:c3:
69:0c:56:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqT/mPmqAmECOFn6oxxDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ODUyMmRhYzZiY2RlOGM0ODEzMzM1OTkxMzJhMTYyMDBl
NmE1YmUwHhcNMjYwMzI2MDEwMTM2WhcNMjYwMzI3MDEwMTM2WjAzMTEwLwYDVQQD
Eyg4MDJhNmFiNWFkYmJhYTdkYzg4MTg4ZGJhZWM5MWQzZWJkM2RkMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofapDTh0vjPXcAZHapF9w9txxJkM
H8HsFcALuJjspgbQWkB8lgEkE55Q70yrQejwbkOObg5XotyKeJvWTbb/Le9YUniV
nz7FDbODNoN0u1wvNGqIdM+tjLfH1JFdtt8ZJRfo2WnlTSnNpxoPy6Le5AtdG8xE
2mvd3UQUdgmE1KU68SWgadn5LCKlLE2rvP03fx1wT5l5+9alYJyIH1oKO4WnFutQ
XqM1KRHtetWEzLnDkQSiZhIVPwX7F/HAIR+tJiNKQqHvOpA5zosApL10x+Eg7Ll0
VV/WczCSDFuPIt9ZckGbDp5Q3ink0S1xi4nNEfRSSjeDoUJtsGMkYa0FNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIAqarWtu6p9yIGI267JHT69PdArMB8GA1UdIwQY
MBaAFLWFItrGvN6MSBMzWZEyoWIA5qW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFlVaTJzYTgzb3hJRXpOWmtUS2hZZ0RtcGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84YjVkMmEtNGJjNC00MDZmLTk3ZDUt
YmEzOTQ3YzliMjJiLzEvdFlVaTJzYTgzb3hJRXpOWmtUS2hZZ0RtcGI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84YjVkMmEtNGJjNC00MDZmLTk3ZDUtYmEzOTQ3YzliMjJi
LzEvdFlVaTJzYTgzb3hJRXpOWmtUS2hZZ0RtcGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKpD6EQSz
31szbx+gariO2LyC1G+umS6ly2GvxaQ4i+SUqti8u6AHzpMnbXodqSCI3Un6IUCg
8deRHvR98FPr3/xSaqpQToy0ayq2ixvNebqpuKNlGbyVIb6jrEzdiMM95fCljvwl
vJZrAizWgck+O70MX5d6CYBWXBBUorbgAoUjBI3Usy2NE4vHQoqfhAbufOiIdt2w
Ch6/05RDhDKHaEuW+8I2wdkFzP2Qnp81998XsCtNQvfppiC2UJBO2USnDI6cjVj5
LdnVowuDZmt73prxQf7nzY42PDpcKzLyNaTxpSlpeZK1xN4cZnC58QgPQW/Wm1Qq
W36CBtbDaQxWeQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:19:52 2026 by rpki-client