Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
File: TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft (raw, json)
Hash identifier: 2jBE3TX89Vkh+e7Sj+i/EInAVAIPwh+t2nzKPYci9Gw=
Subject key identifier: 86:A0:45:D1:72:17:E0:29:1D:70:A4:51:E7:B8:34:3A:2B:FA:4F:BF
Authority key identifier: 4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35
Certificate issuer: /CN=4ce90379bd8d04374b3adef060d51ae215710935
Certificate serial: 019E1DFE5EFF48578AC4C0454D17BFDA3E99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
Manifest number: 02EE
Signing time: Tue 12 May 2026 21:01:10 +0000
Manifest this update: Tue 12 May 2026 21:01:10 +0000
Manifest next update: Wed 13 May 2026 21:01:10 +0000
Files and hashes: 1: EjuIE4enXZzinM4ZfgsSD3gwxuY.roa (hash: VmAOnFMFZNZ7v7h3b1tL7nh4Drf7aU0G1qxfw7anYLc=)
2: TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl (hash: +mbs9/SSVGqLpUPkWg9Ozelp99Hs9Tytd4P1vBVA1v4=)
3: ksdLr_cpg0SNdbhzGPEUMaDjaa0.roa (hash: aWZAiEXDI8uHWbww+kMMTpEPGkhJJ3i3CwUVKl+KHtA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1d:fe:5e:ff:48:57:8a:c4:c0:45:4d:17:bf:da:3e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ce90379bd8d04374b3adef060d51ae215710935
Validity
Not Before: May 12 21:01:10 2026 GMT
Not After : May 13 21:01:10 2026 GMT
Subject: CN=86a045d17217e0291d70a451e7b8343a2bfa4fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:18:54:24:76:45:84:7e:c4:22:46:7c:f6:2b:
d2:66:bf:9a:c3:bf:17:61:55:45:9e:4a:d1:a4:d1:
02:85:06:50:24:0a:f4:78:3d:85:6a:39:fc:db:45:
57:bc:cf:f5:cb:78:b8:d3:d9:20:98:2b:ac:e7:51:
63:5b:23:da:aa:01:18:6b:c5:ed:22:89:3c:f7:f1:
c9:11:74:0e:17:b8:de:0b:34:fa:e2:23:ca:6d:33:
1d:20:3b:17:b4:d1:43:4b:2e:74:48:c9:5a:88:f2:
5c:c2:20:78:0c:0e:82:b0:e6:a7:c0:90:c3:d0:24:
3d:91:4e:fa:40:bd:4f:be:94:9f:1f:55:c4:40:a9:
be:4d:45:19:e8:24:08:6b:26:74:98:d5:91:ae:e8:
df:73:32:d4:16:d2:d0:45:77:a4:ef:88:fe:66:73:
c4:9f:62:a9:bb:7e:d1:1a:25:8d:26:85:30:2d:2e:
62:9e:42:19:62:27:26:0a:46:d8:03:76:32:2a:29:
3c:56:cd:9e:b1:fb:73:38:f3:e9:f1:87:35:9d:61:
ff:18:a2:42:4a:d2:d1:1e:72:61:73:ce:02:8b:c7:
09:28:5b:b1:ab:8f:9c:25:9c:57:a8:18:08:27:96:
be:f1:21:1a:b8:4f:24:61:89:23:92:33:5f:e8:e8:
ed:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A0:45:D1:72:17:E0:29:1D:70:A4:51:E7:B8:34:3A:2B:FA:4F:BF
X509v3 Authority Key Identifier:
keyid:4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:4c:49:cc:82:58:a4:d9:9a:3d:8c:38:65:22:5e:f3:90:da:
18:da:4a:67:e4:63:d6:43:49:9b:7c:eb:51:34:9f:d0:69:f2:
4e:6c:4f:8e:2b:35:fa:e2:ba:9c:98:bb:ac:6f:1e:b0:d2:11:
81:88:83:0e:1d:14:ba:f6:d2:25:a2:17:b2:e6:c3:32:f2:c7:
0d:a0:c3:9e:c2:f8:cc:5b:d7:4d:cc:a3:12:e3:f6:ed:8b:ad:
5f:db:ae:f3:4a:4d:6f:9b:33:c0:9e:88:9b:9e:1d:75:a4:a4:
9d:ba:45:6c:e1:02:b4:ae:36:e5:c0:60:d0:61:b7:b0:3d:0c:
fc:66:1c:d0:55:27:97:78:51:18:d1:f9:f6:8b:a6:d4:78:7a:
36:da:ba:15:41:98:9e:eb:4c:7e:41:a7:23:76:ff:c8:72:73:
e1:c7:12:30:3c:00:1c:9f:87:c5:70:23:1b:29:f3:05:f3:61:
c8:93:09:1f:55:1e:e5:1f:0d:e7:5d:b9:46:5f:d6:84:9e:66:
a3:16:5b:8a:f3:e4:b3:d6:dd:2b:59:24:f9:77:e6:ae:cf:14:
92:91:e8:14:37:a2:21:a5:b4:d9:4a:7b:8c:0f:b8:c8:7f:e3:
88:9c:8e:0f:05:a0:7a:c2:41:62:ce:b6:5a:54:48:66:7b:ac:
54:3a:51:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4d/l7/SFeKxMBFTRe/2j6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTkwMzc5YmQ4ZDA0Mzc0YjNhZGVmMDYwZDUxYWUyMTU3
MTA5MzUwHhcNMjYwNTEyMjEwMTEwWhcNMjYwNTEzMjEwMTEwWjAzMTEwLwYDVQQD
Eyg4NmEwNDVkMTcyMTdlMDI5MWQ3MGE0NTFlN2I4MzQzYTJiZmE0ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixhUJHZFhH7EIkZ89ivSZr+aw78X
YVVFnkrRpNEChQZQJAr0eD2Fajn820VXvM/1y3i409kgmCus51FjWyPaqgEYa8Xt
Iok89/HJEXQOF7jeCzT64iPKbTMdIDsXtNFDSy50SMlaiPJcwiB4DA6CsOanwJDD
0CQ9kU76QL1PvpSfH1XEQKm+TUUZ6CQIayZ0mNWRrujfczLUFtLQRXek74j+ZnPE
n2Kpu37RGiWNJoUwLS5inkIZYicmCkbYA3YyKik8Vs2esftzOPPp8Yc1nWH/GKJC
StLRHnJhc84Ci8cJKFuxq4+cJZxXqBgIJ5a+8SEauE8kYYkjkjNf6OjtwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIagRdFyF+ApHXCkUee4NDor+k+/MB8GA1UdIwQY
MBaAFEzpA3m9jQQ3Szre8GDVGuIVcQk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYt
ODIwMGI4NjYwM2IxLzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYtODIwMGI4NjYwM2Ix
LzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEExJzIJY
pNmaPYw4ZSJe85DaGNpKZ+Rj1kNJm3zrUTSf0GnyTmxPjis1+uK6nJi7rG8esNIR
gYiDDh0UuvbSJaIXsubDMvLHDaDDnsL4zFvXTcyjEuP27YutX9uu80pNb5szwJ6I
m54ddaSknbpFbOECtK425cBg0GG3sD0M/GYc0FUnl3hRGNH59oum1Hh6Ntq6FUGY
nutMfkGnI3b/yHJz4ccSMDwAHJ+HxXAjGynzBfNhyJMJH1Ue5R8N5125Rl/WhJ5m
oxZbivPks9bdK1kk+Xfmrs8UkpHoFDeiIaW02Up7jA+4yH/jiJyODwWgesJBYs62
WlRIZnusVDpRgA==
-----END CERTIFICATE-----
Generated at Wed May 13 07:22:53 2026 by rpki-client