Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft
File: TyKDTEeXR7CovQphKfn-ZfgwJtA.mft (raw, json)
Hash identifier: oPr5hXS9vPOXxeRJvWK4n2MEgFGQ6pRQ5YRps/NZ2Ws=
Subject key identifier: A3:88:51:64:FF:5E:84:DA:E0:64:9D:88:AB:D1:DD:9A:C3:33:09:CA
Authority key identifier: 4F:22:83:4C:47:97:47:B0:A8:BD:0A:61:29:F9:FE:65:F8:30:26:D0
Certificate issuer: /CN=4f22834c479747b0a8bd0a6129f9fe65f83026d0
Certificate serial: 019D2AA9BDBCB1114621D7D93CC9EE625EED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft
Manifest number: 0673
Signing time: Thu 26 Mar 2026 15:01:00 +0000
Manifest this update: Thu 26 Mar 2026 15:01:00 +0000
Manifest next update: Fri 27 Mar 2026 15:01:00 +0000
Files and hashes: 1: 1-cEaaO_Ysid8Br5DRVo96OE6Rw0.roa (hash: fjeWtz//51nB13NzQwtc912b3agAHVfHErKRO/L6d0o=)
2: TyKDTEeXR7CovQphKfn-ZfgwJtA.crl (hash: 00xdoMqrmL5h8gfj7tAYMZLHWkXsvRqDVQWjwXqi+Q0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft
rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 15:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:a9:bd:bc:b1:11:46:21:d7:d9:3c:c9:ee:62:5e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f22834c479747b0a8bd0a6129f9fe65f83026d0
Validity
Not Before: Mar 26 15:01:00 2026 GMT
Not After : Mar 27 15:01:00 2026 GMT
Subject: CN=a3885164ff5e84dae0649d88abd1dd9ac33309ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ad:4f:ca:06:f0:64:c2:e5:ed:cc:6f:a7:d6:
c3:e8:61:95:a6:19:7d:bf:b6:ca:7e:b4:f8:86:63:
de:76:f5:db:c9:35:85:51:c8:30:73:7e:44:e9:8d:
77:c8:58:6e:39:53:be:0d:be:fd:8f:c2:60:e8:92:
b7:99:79:1b:a0:47:91:f2:9f:8b:31:06:64:be:c1:
40:c5:4c:94:b6:ff:20:6c:48:29:a4:c5:a5:95:19:
5e:c8:2c:d4:f7:09:ca:22:00:1e:49:1d:c8:b4:11:
7a:95:90:af:97:58:76:20:b8:5b:b7:8b:ed:02:aa:
6f:3f:60:ba:af:32:ed:d0:81:23:11:fd:d9:a5:88:
0f:b6:1a:08:5f:a8:c4:0f:7a:8c:20:61:1e:09:28:
ed:d1:0e:e1:3a:d9:18:f4:c5:6d:4b:60:73:88:9e:
23:ed:74:83:6b:a3:ff:35:c2:a7:67:e2:6e:2b:32:
1b:e0:9f:3c:0f:4a:6f:09:11:9b:30:2c:24:ee:a7:
38:c5:5f:bb:87:9d:1b:f8:66:c3:59:cf:15:dc:af:
1b:63:21:b7:04:4e:78:06:a8:6f:07:ed:e2:e7:f4:
1b:d1:d3:7e:0f:21:33:e2:23:b3:2e:6c:05:6e:a7:
f9:35:6f:29:03:56:80:6e:ed:00:ba:24:f8:db:f7:
c8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:88:51:64:FF:5E:84:DA:E0:64:9D:88:AB:D1:DD:9A:C3:33:09:CA
X509v3 Authority Key Identifier:
keyid:4F:22:83:4C:47:97:47:B0:A8:BD:0A:61:29:F9:FE:65:F8:30:26:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:30:f8:d0:7d:cf:04:65:b1:50:fd:5d:a9:bd:48:70:8e:ec:
01:55:e7:55:a3:52:99:a7:1b:44:3a:2e:46:c9:79:93:7c:00:
08:cd:9b:ed:b8:62:19:e3:3a:3d:39:b1:21:84:cf:23:b1:79:
94:2b:86:f2:68:81:71:73:b2:86:20:d7:57:a3:08:80:50:03:
7d:08:31:8e:46:23:31:33:cb:0e:77:91:d0:01:16:3b:f6:12:
ba:e5:a7:33:a9:2e:8b:f3:96:b5:92:ea:4b:f4:d5:26:20:04:
8f:a5:fd:2f:bf:da:bf:f0:6c:51:18:01:26:46:6b:2d:35:6e:
61:1d:52:9c:e8:b2:7b:a3:bb:71:eb:21:a8:02:05:71:74:a5:
57:79:8c:cf:e2:8c:b7:2b:7e:f1:07:ff:fa:d6:21:78:5f:0d:
ff:af:5f:89:6a:75:61:75:19:f1:e1:a0:cd:4c:b4:06:85:33:
23:24:d7:69:7b:97:aa:a5:5d:42:af:78:f0:94:21:8a:39:b4:
f4:e4:ef:2a:9f:63:77:69:b3:0e:70:4c:a5:fb:84:6f:51:dd:
fa:37:88:6e:ad:d7:0f:6a:29:29:48:4b:ee:a6:36:3f:85:e6:
c5:35:d6:8a:0f:4f:c5:a8:b2:94:aa:2d:6f:3c:5b:88:43:b9:
21:f9:ec:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qqb28sRFGIdfZPMnuYl7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMjI4MzRjNDc5NzQ3YjBhOGJkMGE2MTI5ZjlmZTY1Zjgz
MDI2ZDAwHhcNMjYwMzI2MTUwMTAwWhcNMjYwMzI3MTUwMTAwWjAzMTEwLwYDVQQD
EyhhMzg4NTE2NGZmNWU4NGRhZTA2NDlkODhhYmQxZGQ5YWMzMzMwOWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK1PygbwZMLl7cxvp9bD6GGVphl9
v7bKfrT4hmPedvXbyTWFUcgwc35E6Y13yFhuOVO+Db79j8Jg6JK3mXkboEeR8p+L
MQZkvsFAxUyUtv8gbEgppMWllRleyCzU9wnKIgAeSR3ItBF6lZCvl1h2ILhbt4vt
AqpvP2C6rzLt0IEjEf3ZpYgPthoIX6jED3qMIGEeCSjt0Q7hOtkY9MVtS2BziJ4j
7XSDa6P/NcKnZ+JuKzIb4J88D0pvCRGbMCwk7qc4xV+7h50b+GbDWc8V3K8bYyG3
BE54BqhvB+3i5/Qb0dN+DyEz4iOzLmwFbqf5NW8pA1aAbu0AuiT42/fIswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOIUWT/XoTa4GSdiKvR3ZrDMwnKMB8GA1UdIwQY
MBaAFE8ig0xHl0ewqL0KYSn5/mX4MCbQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iOWEwNTAtNzcyNi00ZWI1LWI0MDMt
N2JmNzI0MDU2MTUzLzEvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9iOWEwNTAtNzcyNi00ZWI1LWI0MDMtN2JmNzI0MDU2MTUz
LzEvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMzD40H3P
BGWxUP1dqb1IcI7sAVXnVaNSmacbRDouRsl5k3wACM2b7bhiGeM6PTmxIYTPI7F5
lCuG8miBcXOyhiDXV6MIgFADfQgxjkYjMTPLDneR0AEWO/YSuuWnM6kui/OWtZLq
S/TVJiAEj6X9L7/av/BsURgBJkZrLTVuYR1SnOiye6O7ceshqAIFcXSlV3mMz+KM
tyt+8Qf/+tYheF8N/69fiWp1YXUZ8eGgzUy0BoUzIyTXaXuXqqVdQq948JQhijm0
9OTvKp9jd2mzDnBMpfuEb1Hd+jeIbq3XD2opKUhL7qY2P4XmxTXWig9PxaiylKot
bzxbiEO5IfnsNA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:12:59 2026 by rpki-client