Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.mft
File: tK4oip3bDvUKKUs8rpY-FHycfck.mft (raw, json)
Hash identifier: UI082XEH8h4jXLIzCRZkZUj37mlUkVIrjKAhKmEEEbw=
Subject key identifier: 11:76:37:E8:05:C4:51:38:4B:6D:7A:DD:6D:29:2F:84:D6:9A:B9:14
Authority key identifier: B4:AE:28:8A:9D:DB:0E:F5:0A:29:4B:3C:AE:96:3E:14:7C:9C:7D:C9
Certificate issuer: /CN=b4ae288a9ddb0ef50a294b3cae963e147c9c7dc9
Certificate serial: 019D296100B1EA8E19E80F09316D79FAF9F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tK4oip3bDvUKKUs8rpY-FHycfck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.mft
Manifest number: 1887
Signing time: Thu 26 Mar 2026 09:01:56 +0000
Manifest this update: Thu 26 Mar 2026 09:01:56 +0000
Manifest next update: Fri 27 Mar 2026 09:01:56 +0000
Files and hashes: 1: TWgMkDcy_HR5XMg6rXv7Ax4ipk8.roa (hash: H/mEg4ne87MR+9DERthNodFmmxJcKV/plF/1hfT1FKo=)
2: XXDs_1WF8xAupVE6WOS_dNf9osM.roa (hash: 20X1/QsaSj3DVDtfhjJ7nUqhCYkTj6/5wZfHSwDpBiU=)
3: tK4oip3bDvUKKUs8rpY-FHycfck.crl (hash: XuEA8jBy6Y3+2T9fgOxUgBQdzG5CZdCUpqDbzfvYOCU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.mft
rsync://rpki.ripe.net/repository/DEFAULT/tK4oip3bDvUKKUs8rpY-FHycfck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:61:00:b1:ea:8e:19:e8:0f:09:31:6d:79:fa:f9:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4ae288a9ddb0ef50a294b3cae963e147c9c7dc9
Validity
Not Before: Mar 26 09:01:56 2026 GMT
Not After : Mar 27 09:01:56 2026 GMT
Subject: CN=117637e805c451384b6d7add6d292f84d69ab914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:db:f6:ae:25:3c:e0:81:e8:63:7d:3c:2b:0c:
c0:69:6a:51:21:e1:6d:68:b9:03:a7:76:43:5e:9e:
e1:9e:78:d4:72:50:40:e3:4f:d9:35:cb:a6:9f:f5:
36:79:46:ca:1f:df:b4:05:46:93:6e:bc:76:46:2f:
e0:33:2f:59:a5:1b:44:25:97:56:57:12:a5:9d:fc:
0c:50:4c:fc:55:21:17:6b:50:78:ff:55:6a:f4:86:
0e:69:c1:ac:10:b1:e2:36:49:95:cb:95:e6:c9:67:
ab:5b:a2:34:19:f2:66:bc:79:6b:0b:36:f7:d7:0c:
00:85:3e:06:e4:b9:2c:69:3b:98:68:f2:ec:01:94:
bf:a2:c1:98:1e:09:9e:8a:b9:6d:05:96:2b:3f:e3:
db:e2:5f:36:bb:01:82:bd:6a:61:7f:f0:ae:c9:c4:
8c:1d:96:14:2b:5d:ba:12:99:32:1a:cd:2b:01:33:
db:ef:52:8e:c8:c8:da:b8:d0:98:ad:68:db:20:8c:
87:31:5c:be:a8:70:0a:d1:b9:51:80:84:d8:4e:ee:
7c:d1:3e:20:63:93:e8:84:d4:ab:50:03:78:10:f4:
a8:d7:52:76:02:f4:ff:63:80:4b:d6:fa:62:74:52:
13:25:62:7b:62:a5:cb:51:2c:b6:3d:bb:55:7c:5b:
a4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:76:37:E8:05:C4:51:38:4B:6D:7A:DD:6D:29:2F:84:D6:9A:B9:14
X509v3 Authority Key Identifier:
keyid:B4:AE:28:8A:9D:DB:0E:F5:0A:29:4B:3C:AE:96:3E:14:7C:9C:7D:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tK4oip3bDvUKKUs8rpY-FHycfck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:ee:10:4a:5e:0f:f3:e4:a5:dc:18:07:d1:ec:ec:c4:5c:40:
c6:8f:78:6a:0d:07:86:4f:b7:68:02:16:18:60:2e:0d:45:67:
59:5d:b8:ba:fd:26:8e:4a:f1:dc:4b:82:30:dd:76:50:1e:a0:
29:fc:58:03:59:e5:1f:2d:f9:c5:2a:ac:88:d6:6b:34:78:c1:
a9:8a:78:70:53:fe:e5:b3:7f:55:30:26:e9:14:9b:e0:d6:5e:
22:13:d7:83:6d:3a:8e:e1:15:fa:da:6c:08:57:fd:3c:b8:85:
4f:ac:4d:5f:d7:63:1d:83:c9:ed:79:46:f0:22:04:09:2d:cb:
79:03:c0:54:f8:53:5a:b6:ec:e9:a3:7a:f9:23:5a:01:fa:15:
d2:87:d1:92:76:62:73:f5:e2:45:f9:fd:ba:9b:31:1f:55:a5:
d4:58:9a:68:34:ee:a4:ad:b8:9c:99:ca:bc:48:6d:49:b6:d1:
7d:fc:96:b5:8d:00:12:29:cb:75:89:99:61:df:ee:33:c8:41:
b9:ba:27:d8:ea:f8:bc:c3:ca:1a:2b:a1:4f:05:dd:b7:3c:e2:
47:f5:85:f6:d5:97:cc:c8:a0:7b:5d:d3:33:e1:1a:97:fd:f1:
62:94:55:5c:ee:b6:ff:11:d3:76:70:61:a0:57:5c:dc:08:0a:
c5:9e:03:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYQCx6o4Z6A8JMW15+vnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YWUyODhhOWRkYjBlZjUwYTI5NGIzY2FlOTYzZTE0N2M5
YzdkYzkwHhcNMjYwMzI2MDkwMTU2WhcNMjYwMzI3MDkwMTU2WjAzMTEwLwYDVQQD
EygxMTc2MzdlODA1YzQ1MTM4NGI2ZDdhZGQ2ZDI5MmY4NGQ2OWFiOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dv2riU84IHoY308KwzAaWpRIeFt
aLkDp3ZDXp7hnnjUclBA40/ZNcumn/U2eUbKH9+0BUaTbrx2Ri/gMy9ZpRtEJZdW
VxKlnfwMUEz8VSEXa1B4/1Vq9IYOacGsELHiNkmVy5XmyWerW6I0GfJmvHlrCzb3
1wwAhT4G5LksaTuYaPLsAZS/osGYHgmeirltBZYrP+Pb4l82uwGCvWphf/CuycSM
HZYUK126EpkyGs0rATPb71KOyMjauNCYrWjbIIyHMVy+qHAK0blRgITYTu580T4g
Y5PohNSrUAN4EPSo11J2AvT/Y4BL1vpidFITJWJ7YqXLUSy2PbtVfFukUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBF2N+gFxFE4S2163W0pL4TWmrkUMB8GA1UdIwQY
MBaAFLSuKIqd2w71CilLPK6WPhR8nH3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEs0b2lwM2JEdlVLS1VzOHJwWS1GSHljZmNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80NTdmMmQtMDEzNy00ZDYxLTg1MDAt
MzAwNDI2Y2UzMmUyLzEvdEs0b2lwM2JEdlVLS1VzOHJwWS1GSHljZmNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80NTdmMmQtMDEzNy00ZDYxLTg1MDAtMzAwNDI2Y2UzMmUy
LzEvdEs0b2lwM2JEdlVLS1VzOHJwWS1GSHljZmNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHe4QSl4P
8+Sl3BgH0ezsxFxAxo94ag0Hhk+3aAIWGGAuDUVnWV24uv0mjkrx3EuCMN12UB6g
KfxYA1nlHy35xSqsiNZrNHjBqYp4cFP+5bN/VTAm6RSb4NZeIhPXg206juEV+tps
CFf9PLiFT6xNX9djHYPJ7XlG8CIECS3LeQPAVPhTWrbs6aN6+SNaAfoV0ofRknZi
c/XiRfn9upsxH1Wl1FiaaDTupK24nJnKvEhtSbbRffyWtY0AEinLdYmZYd/uM8hB
ubon2Or4vMPKGiuhTwXdtzziR/WF9tWXzMige13TM+Eal/3xYpRVXO62/xHTdnBh
oFdc3AgKxZ4DmA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:33:15 2026 by rpki-client