Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
File: 1TVDIcElQ2AUXq8l9pk4uN80ezE.mft (raw, json)
Hash identifier: 3k74+e/KIEX2Y6TfQB+NQ7IgQIOa90vPfv+dUA7oU7g=
Subject key identifier: 3A:09:5D:6A:52:5D:23:0A:69:96:1E:CB:6B:DD:38:44:B3:55:40:01
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial: 019D27726ACF7330F6747D2917E16F28BC13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
Manifest number: 0D88
Signing time: Thu 26 Mar 2026 00:01:43 +0000
Manifest this update: Thu 26 Mar 2026 00:01:43 +0000
Manifest next update: Fri 27 Mar 2026 00:01:43 +0000
Files and hashes: 1: 1TVDIcElQ2AUXq8l9pk4uN80ezE.crl (hash: UGMOSlLQgau6MQiCnz5ZNutWZ1GL+WsysGL7T8HbWOo=)
2: yqbwyn5sfCL6hbkLZAJdRWAyPBM.roa (hash: ZWKRKB/jnik25oPS/+Y2ymZERk+OEa7DBYYnhwqGBQc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:6a:cf:73:30:f6:74:7d:29:17:e1:6f:28:bc:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
Validity
Not Before: Mar 26 00:01:43 2026 GMT
Not After : Mar 27 00:01:43 2026 GMT
Subject: CN=3a095d6a525d230a69961ecb6bdd3844b3554001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ba:c3:a8:5d:56:45:00:17:2d:16:11:9a:0c:
67:f3:84:c8:03:7e:04:00:0a:79:c9:2d:96:bb:f0:
9a:72:49:3b:3d:50:61:cb:8d:02:09:fe:75:4a:c7:
2a:73:df:82:9c:5d:f6:6e:d2:1b:8a:2e:d3:94:de:
17:98:17:ec:ae:a1:00:ff:f9:49:e6:33:b0:f6:06:
c4:6d:61:c0:c5:e7:89:16:94:c0:61:7b:f1:e4:ec:
a5:aa:4b:56:90:a5:c8:5c:92:a3:2d:0b:10:14:a8:
d4:c7:a6:b7:04:bb:c6:d9:db:70:a8:fe:ae:d8:bc:
98:ab:f8:57:94:bf:c2:e6:6b:9d:2d:fa:42:af:d2:
44:53:27:5c:8f:c2:c1:70:fa:09:95:39:3f:98:f3:
47:60:4e:11:8f:95:c8:16:7e:98:80:ad:30:81:0f:
cd:57:be:33:9b:42:f2:6f:3b:fb:9d:38:08:9f:a9:
bd:16:22:2a:23:27:8a:3b:7c:5b:cc:9a:98:b1:5b:
98:5e:40:30:18:04:d9:31:15:ca:d5:3c:ad:5e:6a:
fa:80:40:8f:81:c8:7c:cf:06:ed:94:3d:d9:4a:59:
1c:54:cb:ef:3e:99:f7:39:bf:69:be:d9:71:b0:2d:
fe:0c:dd:b5:93:50:f8:66:8d:1b:c3:93:33:e7:f2:
25:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:09:5D:6A:52:5D:23:0A:69:96:1E:CB:6B:DD:38:44:B3:55:40:01
X509v3 Authority Key Identifier:
keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:34:ef:66:e3:53:1a:d7:6b:23:94:eb:ce:5b:b2:c5:82:9d:
44:e5:53:e0:76:ce:44:0d:6b:8d:1e:71:6d:93:ad:fe:28:b3:
84:1d:08:8d:a0:90:10:a1:39:90:af:e9:9e:98:a4:08:b4:80:
65:b1:ed:20:3e:e5:49:17:ea:9b:fd:bf:a8:97:05:8f:d3:1a:
36:1c:41:a2:1b:4c:8e:8f:1d:65:84:28:f3:9a:21:4c:4f:a0:
ec:33:31:c7:72:59:e0:2e:44:d9:75:35:53:74:99:c7:bf:68:
fa:79:42:d6:ff:05:fa:f6:3e:df:3e:6f:ef:c3:1e:ba:f4:64:
ca:4a:87:6d:6f:34:3d:d1:1d:54:28:1b:67:22:b6:ad:b1:5e:
1b:dd:74:7f:d0:2e:bb:76:09:85:3a:52:90:2d:60:32:7d:c0:
b7:9a:00:9f:66:d0:52:e4:75:55:5d:36:99:16:42:2b:df:de:
77:45:a4:fb:14:8f:06:fe:90:00:a2:55:31:18:6b:46:96:4a:
88:57:64:3c:4e:cd:a7:b6:b0:11:c0:3b:7c:61:8f:21:fa:2b:
d2:10:5c:37:5b:68:6a:22:f5:ef:e0:1d:06:67:a0:d4:1a:11:
f4:4d:e7:e7:74:dd:84:00:bb:b0:14:f6:ab:bd:b8:65:b0:22:
ed:ea:27:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncmrPczD2dH0pF+FvKLwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjYwMzI2MDAwMTQzWhcNMjYwMzI3MDAwMTQzWjAzMTEwLwYDVQQD
EygzYTA5NWQ2YTUyNWQyMzBhNjk5NjFlY2I2YmRkMzg0NGIzNTU0MDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrrDqF1WRQAXLRYRmgxn84TIA34E
AAp5yS2Wu/Cackk7PVBhy40CCf51Sscqc9+CnF32btIbii7TlN4XmBfsrqEA//lJ
5jOw9gbEbWHAxeeJFpTAYXvx5OylqktWkKXIXJKjLQsQFKjUx6a3BLvG2dtwqP6u
2LyYq/hXlL/C5mudLfpCr9JEUydcj8LBcPoJlTk/mPNHYE4Rj5XIFn6YgK0wgQ/N
V74zm0Lybzv7nTgIn6m9FiIqIyeKO3xbzJqYsVuYXkAwGATZMRXK1TytXmr6gECP
gch8zwbtlD3ZSlkcVMvvPpn3Ob9pvtlxsC3+DN21k1D4Zo0bw5Mz5/IlbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDoJXWpSXSMKaZYey2vdOESzVUABMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4
LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEzTvZuNT
GtdrI5TrzluyxYKdROVT4HbORA1rjR5xbZOt/iizhB0IjaCQEKE5kK/pnpikCLSA
ZbHtID7lSRfqm/2/qJcFj9MaNhxBohtMjo8dZYQo85ohTE+g7DMxx3JZ4C5E2XU1
U3SZx79o+nlC1v8F+vY+3z5v78MeuvRkykqHbW80PdEdVCgbZyK2rbFeG910f9Au
u3YJhTpSkC1gMn3At5oAn2bQUuR1VV02mRZCK9/ed0Wk+xSPBv6QAKJVMRhrRpZK
iFdkPE7Np7awEcA7fGGPIfor0hBcN1toaiL17+AdBmeg1BoR9E3n53TdhAC7sBT2
q724ZbAi7eonlg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:18:09 2026 by rpki-client