Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/tDJYoYz00SKOXHkHDfpjMRaDIMU.mft
File: tDJYoYz00SKOXHkHDfpjMRaDIMU.mft (raw, json)
Hash identifier: PiuM1LVWBIT+x60rH557kFgyHHb6dVDOWmcOqAAuMRg=
Subject key identifier: CA:3A:1E:86:FC:FF:9B:1A:8A:17:F7:01:E2:3F:91:1D:BF:04:7F:3C
Authority key identifier: B4:32:58:A1:8C:F4:D1:22:8E:5C:79:07:0D:FA:63:31:16:83:20:C5
Certificate issuer: /CN=b43258a18cf4d1228e5c79070dfa6331168320c5
Certificate serial: 019D27A93C3A146A09A1C7110DB3B8D3A4DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDJYoYz00SKOXHkHDfpjMRaDIMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/tDJYoYz00SKOXHkHDfpjMRaDIMU.mft
Manifest number: 16CA
Signing time: Thu 26 Mar 2026 01:01:35 +0000
Manifest this update: Thu 26 Mar 2026 01:01:35 +0000
Manifest next update: Fri 27 Mar 2026 01:01:35 +0000
Files and hashes: 1: LBEwWg6NXwV0Qivix1KpxT3aiNU.roa (hash: NAmrPdbUkUwZLyDdKu29iu1NmoDceqKiDehZJJ6AYqk=)
2: tDJYoYz00SKOXHkHDfpjMRaDIMU.crl (hash: jyGmIEzMX6tKGMMs7oBwrLWrGF0Q2ga48sUj/ZWBR0Q=)
3: u3rQ39mTeV2kE1STzKrih9_L758.roa (hash: KWfkHmC+Pf41EAOenIiA1l0ufOFeet991JgGZvHoQlg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/tDJYoYz00SKOXHkHDfpjMRaDIMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/tDJYoYz00SKOXHkHDfpjMRaDIMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDJYoYz00SKOXHkHDfpjMRaDIMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a9:3c:3a:14:6a:09:a1:c7:11:0d:b3:b8:d3:a4:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43258a18cf4d1228e5c79070dfa6331168320c5
Validity
Not Before: Mar 26 01:01:35 2026 GMT
Not After : Mar 27 01:01:35 2026 GMT
Subject: CN=ca3a1e86fcff9b1a8a17f701e23f911dbf047f3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f3:99:40:16:a2:6f:24:7c:e7:be:cb:b0:85:
91:d6:05:ec:aa:d1:1c:47:c8:45:50:b8:36:46:3b:
ed:a0:ab:fa:ae:25:d8:3e:2b:09:88:c2:94:d5:5f:
0e:ed:0a:12:ab:b1:24:1a:2d:f5:6c:88:42:dc:24:
e7:21:8e:13:fb:84:f9:95:c6:4a:43:7e:e4:c8:d3:
0e:aa:39:f0:4e:f7:fc:4b:60:17:cc:99:81:5b:54:
76:0e:8d:08:a1:2d:43:c5:6e:67:d8:52:f0:44:99:
8f:c1:9e:38:e0:04:02:69:d0:d9:c3:a1:ee:b5:bc:
89:a5:35:a6:6e:02:69:7a:88:26:a8:2c:38:ef:2b:
d2:89:6f:e0:0e:de:39:30:60:6b:53:4e:6f:40:85:
4a:35:84:22:26:60:54:42:57:4a:4f:e3:52:a8:23:
0e:3c:c9:41:64:16:7e:c1:8b:8c:1b:fb:f5:1c:d0:
7d:c7:d5:72:d9:0d:0e:df:8a:ab:8f:d6:46:09:84:
fb:ca:19:49:c1:68:b1:6c:ad:99:ea:47:97:b5:15:
d3:ce:26:35:0c:ef:2d:7d:2a:e0:a4:04:61:2e:b2:
fe:30:c2:ae:ff:d1:ca:f2:49:2b:b3:c0:2e:b2:5d:
ec:b3:b9:a3:08:38:33:89:32:ca:13:10:ca:c9:0d:
ba:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:3A:1E:86:FC:FF:9B:1A:8A:17:F7:01:E2:3F:91:1D:BF:04:7F:3C
X509v3 Authority Key Identifier:
keyid:B4:32:58:A1:8C:F4:D1:22:8E:5C:79:07:0D:FA:63:31:16:83:20:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDJYoYz00SKOXHkHDfpjMRaDIMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/tDJYoYz00SKOXHkHDfpjMRaDIMU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/tDJYoYz00SKOXHkHDfpjMRaDIMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:39:c2:44:e2:0f:23:21:b0:69:a3:49:97:49:2b:85:a4:c8:
d5:6e:d1:9d:c4:9b:9d:ab:e2:8f:f6:b7:12:9d:42:8e:20:f0:
82:65:04:17:04:ff:07:98:9d:d2:23:2e:9a:1e:02:72:df:16:
4a:ff:fa:27:61:18:b0:96:57:5f:68:3d:ad:d1:68:96:c0:bc:
b2:1c:39:73:be:49:a1:98:d8:04:39:bc:d9:86:34:d3:04:bc:
06:f7:dd:77:2d:fa:6b:68:e0:40:90:9c:58:71:34:32:af:9b:
07:1e:1c:eb:38:1a:d8:53:eb:47:a3:06:6e:61:ff:0b:b2:6f:
54:c0:4c:bc:5a:32:6d:e7:f4:f3:e8:be:c9:0c:fc:33:20:59:
24:b3:a8:68:4a:63:10:e6:f8:b0:a9:eb:31:ef:b9:91:a4:ca:
b9:6c:dd:4a:d5:98:38:d2:ec:ef:45:b2:a9:40:62:84:bb:81:
39:1d:6c:d8:b4:e6:b8:70:e9:41:12:04:3b:dd:40:ce:db:e4:
83:0a:66:d4:25:0d:b2:c6:f8:79:96:43:8d:81:c9:23:a3:db:
5f:d8:35:c3:e7:a8:12:eb:a0:c7:43:09:07:89:97:90:c1:b5:
97:f0:d5:50:93:de:24:47:04:14:fa:8c:77:92:34:dd:34:c4:
94:21:2f:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqTw6FGoJoccRDbO406TbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzI1OGExOGNmNGQxMjI4ZTVjNzkwNzBkZmE2MzMxMTY4
MzIwYzUwHhcNMjYwMzI2MDEwMTM1WhcNMjYwMzI3MDEwMTM1WjAzMTEwLwYDVQQD
EyhjYTNhMWU4NmZjZmY5YjFhOGExN2Y3MDFlMjNmOTExZGJmMDQ3ZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfOZQBaibyR8577LsIWR1gXsqtEc
R8hFULg2RjvtoKv6riXYPisJiMKU1V8O7QoSq7EkGi31bIhC3CTnIY4T+4T5lcZK
Q37kyNMOqjnwTvf8S2AXzJmBW1R2Do0IoS1DxW5n2FLwRJmPwZ444AQCadDZw6Hu
tbyJpTWmbgJpeogmqCw47yvSiW/gDt45MGBrU05vQIVKNYQiJmBUQldKT+NSqCMO
PMlBZBZ+wYuMG/v1HNB9x9Vy2Q0O34qrj9ZGCYT7yhlJwWixbK2Z6keXtRXTziY1
DO8tfSrgpARhLrL+MMKu/9HK8kkrs8Ausl3ss7mjCDgziTLKExDKyQ26eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMo6Hob8/5saihf3AeI/kR2/BH88MB8GA1UdIwQY
MBaAFLQyWKGM9NEijlx5Bw36YzEWgyDFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERKWW9ZejAwU0tPWEhrSERmcGpNUmFESU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8wM2EzMjUtYTE2OS00NGNlLTg0ZWMt
NTcyOGZiMjRiZjBlLzEvdERKWW9ZejAwU0tPWEhrSERmcGpNUmFESU1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8wM2EzMjUtYTE2OS00NGNlLTg0ZWMtNTcyOGZiMjRiZjBl
LzEvdERKWW9ZejAwU0tPWEhrSERmcGpNUmFESU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPTnCROIP
IyGwaaNJl0krhaTI1W7RncSbnavij/a3Ep1CjiDwgmUEFwT/B5id0iMumh4Cct8W
Sv/6J2EYsJZXX2g9rdFolsC8shw5c75JoZjYBDm82YY00wS8Bvfddy36a2jgQJCc
WHE0Mq+bBx4c6zga2FPrR6MGbmH/C7JvVMBMvFoybef08+i+yQz8MyBZJLOoaEpj
EOb4sKnrMe+5kaTKuWzdStWYONLs70WyqUBihLuBOR1s2LTmuHDpQRIEO91Aztvk
gwpm1CUNssb4eZZDjYHJI6PbX9g1w+eoEuugx0MJB4mXkMG1l/DVUJPeJEcEFPqM
d5I03TTElCEvYQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:36:35 2026 by rpki-client