Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
File: TNkIkaeTL3NWqAMznaDM32OtLTU.mft (raw, json)
Hash identifier: ymeYu5uZaeRMLcDSdT4XpxBy4hbYrwubvgK3BbL575E=
Subject key identifier: 3B:97:09:AB:0D:B9:4D:70:C7:36:4C:7E:1E:C5:28:C4:59:10:0B:8C
Authority key identifier: 4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35
Certificate issuer: /CN=4cd90891a7932f7356a803339da0ccdf63ad2d35
Certificate serial: 019E1E36031C82F4DF42DCEA880DA4262DBF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
Manifest number: 03F1
Signing time: Tue 12 May 2026 22:01:56 +0000
Manifest this update: Tue 12 May 2026 22:01:56 +0000
Manifest next update: Wed 13 May 2026 22:01:56 +0000
Files and hashes: 1: SyOMrq9ZPqa-CxddJFs4EYM4Fbg.roa (hash: wy5+/o73Vk3SAFiCb5cli4N7qOzZBJq1Ya6ET4kdAcw=)
2: TNkIkaeTL3NWqAMznaDM32OtLTU.crl (hash: hNd6+4slTmKVwLadrNqm7K63ne9KzK48oPZARMHy17M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:36:03:1c:82:f4:df:42:dc:ea:88:0d:a4:26:2d:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cd90891a7932f7356a803339da0ccdf63ad2d35
Validity
Not Before: May 12 22:01:56 2026 GMT
Not After : May 13 22:01:56 2026 GMT
Subject: CN=3b9709ab0db94d70c7364c7e1ec528c459100b8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:99:be:bb:77:ad:71:63:86:e7:02:4f:c8:c9:
78:9e:ab:15:f2:33:ca:ea:6b:a0:6f:02:14:9f:f8:
fe:14:2e:e6:f4:f4:b9:a7:3c:78:14:fd:03:94:2c:
06:0e:ac:23:f6:40:82:a1:dd:5a:56:e6:95:65:be:
40:68:de:66:b8:ed:83:a8:4f:b5:53:a4:38:df:5e:
fa:64:67:af:22:67:f0:c6:27:1a:1e:a5:ee:e4:c0:
27:b4:b2:61:3a:40:96:a9:bd:3f:6d:b6:49:ac:1a:
44:41:05:9c:8c:8b:87:60:64:04:32:ff:3d:af:df:
a9:ba:6c:b0:7e:6b:e9:43:41:34:bb:8c:d5:99:4b:
ac:2c:03:62:f1:3b:16:80:33:fe:b9:07:18:c0:52:
b1:ac:7e:45:48:1a:fc:cc:83:81:3b:04:35:4c:48:
24:37:35:20:5f:15:e0:99:90:25:c1:65:68:f7:e5:
f5:70:17:29:c2:88:bb:5f:54:e3:58:73:53:5e:1b:
33:f4:f6:45:42:69:ee:82:5c:59:2e:18:7c:d8:f9:
aa:db:ae:a4:9f:30:2c:39:53:4c:96:23:d3:e0:f7:
a4:06:7d:cb:0b:b7:ea:3a:73:09:3d:ff:d0:01:8c:
44:9a:ba:2b:d5:3e:32:85:22:d9:c6:fc:e9:ee:eb:
b9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:97:09:AB:0D:B9:4D:70:C7:36:4C:7E:1E:C5:28:C4:59:10:0B:8C
X509v3 Authority Key Identifier:
keyid:4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:dd:0b:8a:4a:61:96:3f:69:2b:df:5f:84:57:a1:02:fc:f0:
fd:64:63:d6:55:f3:36:76:cc:10:1f:22:35:81:d0:2c:8d:5b:
72:55:45:83:28:6f:e4:e8:d4:c3:c9:77:0d:2e:8f:98:e1:2a:
eb:84:4e:13:26:3a:ae:0b:58:e9:b8:3d:d8:dd:eb:0c:8f:1a:
10:55:43:20:49:66:9d:44:af:60:b2:9b:3d:da:23:0f:3d:1c:
75:31:0e:81:ab:36:2f:bd:97:74:d8:f6:6a:67:4c:48:b2:b2:
72:fe:09:24:a8:a3:de:91:7e:9c:bd:69:a7:26:a8:94:91:13:
79:05:1e:aa:d3:e5:d3:9c:06:fc:0b:ed:57:90:6f:21:36:65:
4f:97:95:84:2d:9d:1e:1d:3f:44:8c:5e:68:f9:e2:c4:a9:4b:
9f:54:8c:40:bf:68:da:2e:92:41:31:c5:5b:06:e6:0b:02:be:
36:c4:2c:e6:1a:52:59:51:f3:a8:cd:3f:87:f8:0e:f7:1e:21:
a6:24:58:75:2f:9c:07:ba:6e:8a:3b:8a:48:fe:94:d3:dc:7e:
4e:19:92:bf:7e:91:34:69:84:9c:9a:44:41:4e:a4:b4:85:47:
fe:63:9b:87:3a:f7:3b:5b:3f:cb:a6:2d:e3:fd:58:4c:ea:4d:
45:e3:d0:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNgMcgvTfQtzqiA2kJi2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZDkwODkxYTc5MzJmNzM1NmE4MDMzMzlkYTBjY2RmNjNh
ZDJkMzUwHhcNMjYwNTEyMjIwMTU2WhcNMjYwNTEzMjIwMTU2WjAzMTEwLwYDVQQD
EygzYjk3MDlhYjBkYjk0ZDcwYzczNjRjN2UxZWM1MjhjNDU5MTAwYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZm+u3etcWOG5wJPyMl4nqsV8jPK
6mugbwIUn/j+FC7m9PS5pzx4FP0DlCwGDqwj9kCCod1aVuaVZb5AaN5muO2DqE+1
U6Q43176ZGevImfwxicaHqXu5MAntLJhOkCWqb0/bbZJrBpEQQWcjIuHYGQEMv89
r9+pumywfmvpQ0E0u4zVmUusLANi8TsWgDP+uQcYwFKxrH5FSBr8zIOBOwQ1TEgk
NzUgXxXgmZAlwWVo9+X1cBcpwoi7X1TjWHNTXhsz9PZFQmnuglxZLhh82Pmq266k
nzAsOVNMliPT4PekBn3LC7fqOnMJPf/QAYxEmror1T4yhSLZxvzp7uu5CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDuXCasNuU1wxzZMfh7FKMRZEAuMMB8GA1UdIwQY
MBaAFEzZCJGnky9zVqgDM52gzN9jrS01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2Mt
NjljYTRjYjY1Zjk3LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2MtNjljYTRjYjY1Zjk3
LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnN0Likph
lj9pK99fhFehAvzw/WRj1lXzNnbMEB8iNYHQLI1bclVFgyhv5OjUw8l3DS6PmOEq
64ROEyY6rgtY6bg92N3rDI8aEFVDIElmnUSvYLKbPdojDz0cdTEOgas2L72XdNj2
amdMSLKycv4JJKij3pF+nL1ppyaolJETeQUeqtPl05wG/AvtV5BvITZlT5eVhC2d
Hh0/RIxeaPnixKlLn1SMQL9o2i6SQTHFWwbmCwK+NsQs5hpSWVHzqM0/h/gO9x4h
piRYdS+cB7puijuKSP6U09x+ThmSv36RNGmEnJpEQU6ktIVH/mObhzr3O1s/y6Yt
4/1YTOpNRePQxw==
-----END CERTIFICATE-----
Generated at Wed May 13 01:09:35 2026 by rpki-client