Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
File: TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft (raw, json)
Hash identifier: BwmZMwckpESHDAXrugCk26giwJZ51D7MO+Tn5LWmY38=
Subject key identifier: B4:7C:71:3C:93:7F:FD:A4:0B:31:8B:66:B1:24:41:0E:9E:6B:FF:27
Authority key identifier: 4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35
Certificate issuer: /CN=4ce90379bd8d04374b3adef060d51ae215710935
Certificate serial: 019D28BB56BFC0A6F06D82F2632432E3FF3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
Manifest number: 026F
Signing time: Thu 26 Mar 2026 06:00:59 +0000
Manifest this update: Thu 26 Mar 2026 06:00:59 +0000
Manifest next update: Fri 27 Mar 2026 06:00:59 +0000
Files and hashes: 1: EjuIE4enXZzinM4ZfgsSD3gwxuY.roa (hash: VmAOnFMFZNZ7v7h3b1tL7nh4Drf7aU0G1qxfw7anYLc=)
2: TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl (hash: Tda1Vt9LMxCipcWUqRcskzWjFQ7/e/bWdj0KcCJoVsU=)
3: ksdLr_cpg0SNdbhzGPEUMaDjaa0.roa (hash: aWZAiEXDI8uHWbww+kMMTpEPGkhJJ3i3CwUVKl+KHtA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:56:bf:c0:a6:f0:6d:82:f2:63:24:32:e3:ff:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ce90379bd8d04374b3adef060d51ae215710935
Validity
Not Before: Mar 26 06:00:59 2026 GMT
Not After : Mar 27 06:00:59 2026 GMT
Subject: CN=b47c713c937ffda40b318b66b124410e9e6bff27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d9:1a:95:04:bc:36:69:45:cc:9c:0f:6f:ca:
7e:69:40:f6:4b:11:0f:52:45:63:6c:f7:b7:fd:b4:
23:79:e8:78:ce:5a:c3:c1:22:18:fa:13:b6:9f:a8:
70:ea:89:08:85:03:35:47:3e:38:91:1f:7b:b4:be:
8f:c4:5c:5b:60:2c:8f:00:c0:a0:13:a5:57:80:69:
0d:47:a4:ad:e4:73:5a:df:2b:4e:7b:a1:a0:b2:da:
91:5a:d2:ca:4a:19:5e:c0:13:06:4a:51:bb:4d:4f:
b6:9e:8b:11:4f:36:50:b5:50:cf:e4:d6:b0:6d:d8:
8a:11:72:57:6d:b2:7b:3a:a3:f1:e8:86:eb:d6:a5:
49:be:9d:25:15:e1:c8:49:a2:8c:7b:9d:fa:40:91:
13:e6:c9:4d:9c:13:e2:37:55:a2:7e:49:ac:f2:6f:
87:8c:92:0e:ee:ae:5d:cd:88:8a:a4:73:ce:fd:bd:
9c:15:a6:9b:62:ed:bc:3c:6f:f8:03:e2:4f:3b:14:
3b:12:73:da:64:ca:69:f0:69:cb:e5:21:83:f0:09:
81:1c:da:3c:98:01:8c:c7:63:31:13:8d:11:7b:78:
db:63:67:6c:a5:d7:de:6b:56:51:97:0c:77:a1:0a:
fa:3b:77:d6:80:88:8b:04:39:db:9c:5b:51:4d:b5:
ed:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:7C:71:3C:93:7F:FD:A4:0B:31:8B:66:B1:24:41:0E:9E:6B:FF:27
X509v3 Authority Key Identifier:
keyid:4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
88:8a:4c:a5:94:fe:a6:9a:90:d6:99:2d:62:b7:2e:7d:d7:80:
6a:51:64:a0:d0:b9:9b:3d:ea:28:71:6f:b4:ae:c1:25:8b:0f:
69:43:52:4f:f4:7a:7e:3d:f2:0b:d2:5f:25:37:c5:03:2f:e5:
25:88:55:46:2d:f4:b7:6f:fb:95:47:9b:45:6b:84:ab:9e:18:
13:45:04:03:2a:eb:b1:46:00:ed:a2:ae:b1:af:fb:b9:20:20:
1a:2c:40:60:dc:bb:da:96:32:56:0b:10:00:fc:a4:51:e0:a0:
4b:4d:26:c1:85:5c:20:d4:4d:0c:d5:89:db:3f:9c:83:be:2f:
0e:68:ca:27:3a:3f:2f:1c:15:3c:94:29:7d:70:55:9f:56:19:
6a:ca:74:ed:dc:9d:23:63:1e:6b:f5:63:c8:73:a7:61:40:63:
0e:bf:25:d8:a1:90:c3:57:00:06:c8:f0:6e:a0:df:62:64:84:
b4:ff:20:9b:99:95:15:6e:38:75:de:42:06:20:c5:79:69:4b:
55:d6:51:ab:3c:29:73:82:05:b4:9c:a3:52:0b:48:e7:e2:dc:
1e:94:16:f3:b4:5b:14:78:f8:a3:c3:cb:d4:3c:3d:8e:95:55:
f3:03:44:65:94:7e:d8:2c:c7:47:48:1d:1c:fc:82:bd:66:1c:
ca:8a:eb:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou1a/wKbwbYLyYyQy4/87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTkwMzc5YmQ4ZDA0Mzc0YjNhZGVmMDYwZDUxYWUyMTU3
MTA5MzUwHhcNMjYwMzI2MDYwMDU5WhcNMjYwMzI3MDYwMDU5WjAzMTEwLwYDVQQD
EyhiNDdjNzEzYzkzN2ZmZGE0MGIzMThiNjZiMTI0NDEwZTllNmJmZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptkalQS8NmlFzJwPb8p+aUD2SxEP
UkVjbPe3/bQjeeh4zlrDwSIY+hO2n6hw6okIhQM1Rz44kR97tL6PxFxbYCyPAMCg
E6VXgGkNR6St5HNa3ytOe6GgstqRWtLKShlewBMGSlG7TU+2nosRTzZQtVDP5Naw
bdiKEXJXbbJ7OqPx6Ibr1qVJvp0lFeHISaKMe536QJET5slNnBPiN1Wifkms8m+H
jJIO7q5dzYiKpHPO/b2cFaabYu28PG/4A+JPOxQ7EnPaZMpp8GnL5SGD8AmBHNo8
mAGMx2MxE40Re3jbY2dspdfea1ZRlwx3oQr6O3fWgIiLBDnbnFtRTbXtiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLR8cTyTf/2kCzGLZrEkQQ6ea/8nMB8GA1UdIwQY
MBaAFEzpA3m9jQQ3Szre8GDVGuIVcQk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYt
ODIwMGI4NjYwM2IxLzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYtODIwMGI4NjYwM2Ix
LzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiIpMpZT+
ppqQ1pktYrcufdeAalFkoNC5mz3qKHFvtK7BJYsPaUNST/R6fj3yC9JfJTfFAy/l
JYhVRi30t2/7lUebRWuEq54YE0UEAyrrsUYA7aKusa/7uSAgGixAYNy72pYyVgsQ
APykUeCgS00mwYVcINRNDNWJ2z+cg74vDmjKJzo/LxwVPJQpfXBVn1YZasp07dyd
I2Mea/VjyHOnYUBjDr8l2KGQw1cABsjwbqDfYmSEtP8gm5mVFW44dd5CBiDFeWlL
VdZRqzwpc4IFtJyjUgtI5+LcHpQW87RbFHj4o8PL1Dw9jpVV8wNEZZR+2CzHR0gd
HPyCvWYcyorrCA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:51:48 2026 by rpki-client