Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.mft
File: TSPi7bMh4ailzp7j4tlapA8N6KA.mft (raw, json)
Hash identifier: YI/OKMxPJvnb/6rQxEE+INXx8qViQE4Rm88VMCiFIlA=
Subject key identifier: 70:7A:D8:A5:39:93:40:4D:68:03:FF:EC:12:AA:F2:CA:59:C0:9D:97
Authority key identifier: 4D:23:E2:ED:B3:21:E1:A8:A5:CE:9E:E3:E2:D9:5A:A4:0F:0D:E8:A0
Certificate issuer: /CN=4d23e2edb321e1a8a5ce9ee3e2d95aa40f0de8a0
Certificate serial: 019D284E5D833DBDA7EA00A98809D4B0FB32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TSPi7bMh4ailzp7j4tlapA8N6KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.mft
Manifest number: 0D3D
Signing time: Thu 26 Mar 2026 04:01:57 +0000
Manifest this update: Thu 26 Mar 2026 04:01:57 +0000
Manifest next update: Fri 27 Mar 2026 04:01:57 +0000
Files and hashes: 1: JXFUH416zwkJgWarbpHaBu4OjrM.roa (hash: 4a95XnQ0KPTukf9VV0SjrYCDAkfbYBMqoLt/hvW2kls=)
2: Ne3vXvFZfDJtHFxRi2iyMMXZXak.roa (hash: 90S1YKvYb+j9r5QawOi7WPQ7WUn8bPfBJqf4jlJtVS4=)
3: TSPi7bMh4ailzp7j4tlapA8N6KA.crl (hash: EWLbK/ayIlZ/L4mGY8upgUYH4j5H7HRs87E5n0jXogw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.mft
rsync://rpki.ripe.net/repository/DEFAULT/TSPi7bMh4ailzp7j4tlapA8N6KA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4e:5d:83:3d:bd:a7:ea:00:a9:88:09:d4:b0:fb:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d23e2edb321e1a8a5ce9ee3e2d95aa40f0de8a0
Validity
Not Before: Mar 26 04:01:57 2026 GMT
Not After : Mar 27 04:01:57 2026 GMT
Subject: CN=707ad8a53993404d6803ffec12aaf2ca59c09d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:66:42:2d:86:f3:f6:0a:00:8e:a6:65:70:41:
18:29:c8:aa:d0:11:2d:87:dc:d4:2a:1c:21:8e:dd:
71:ed:e2:d7:82:97:d7:c2:63:f0:b5:0c:80:fd:54:
c7:c8:3d:c8:eb:db:a8:2a:a5:bb:42:3c:d0:bd:59:
41:6e:b4:d1:8c:3e:8b:a8:a9:dd:e8:75:ee:46:d5:
51:21:bf:37:6b:0a:f2:e5:2a:de:11:12:44:9a:c8:
cb:1f:c2:c0:ba:fc:68:e4:5d:ef:b6:df:3e:e4:95:
3c:df:0e:fa:76:75:2f:ba:b2:80:91:6d:a7:ff:b0:
15:73:cd:b3:7a:a7:78:c3:a9:8d:07:4b:29:a5:62:
48:4b:62:d6:c9:9a:a6:91:c1:bc:a3:5a:ca:9c:b1:
f3:ef:b6:90:52:ed:49:59:24:af:42:a4:7d:ed:c2:
43:3a:f0:29:e6:f9:ac:9d:cd:41:70:d5:4e:8b:c0:
19:28:a3:89:7e:3d:43:05:d7:ec:c8:10:94:a9:39:
83:19:9a:de:87:fc:ea:f8:ea:da:a0:1c:a3:54:66:
5d:9d:45:54:c7:b2:3d:be:54:ce:3e:f8:f1:74:ce:
48:03:1b:c0:2a:fa:8b:d2:11:b5:2c:a7:2b:a6:68:
f3:00:1f:82:5a:d8:70:7a:e8:ff:73:1b:49:02:fb:
e7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7A:D8:A5:39:93:40:4D:68:03:FF:EC:12:AA:F2:CA:59:C0:9D:97
X509v3 Authority Key Identifier:
keyid:4D:23:E2:ED:B3:21:E1:A8:A5:CE:9E:E3:E2:D9:5A:A4:0F:0D:E8:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TSPi7bMh4ailzp7j4tlapA8N6KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:02:62:44:8d:1f:9b:77:80:90:26:0b:69:1c:c0:e0:02:14:
7c:5c:8a:b2:91:e1:48:3b:4c:77:fb:28:e6:07:4f:a5:55:43:
95:86:a1:3d:cf:06:5f:6b:bc:55:ec:18:3a:1d:22:a3:fd:77:
f5:a8:d8:7e:ba:44:31:97:3e:60:84:98:79:a1:9c:8c:24:2f:
0f:53:20:37:31:2b:37:bc:5c:1e:32:9e:b1:55:a8:b4:d4:1f:
44:a4:c9:0a:c2:aa:c3:0c:a5:ec:1c:9b:a4:dd:6b:c8:0c:0e:
af:fb:80:b5:ab:c3:e2:40:c9:2b:a0:ce:e9:64:61:1d:99:fa:
c9:e2:57:56:ea:ef:82:91:04:e9:42:4f:46:e2:c3:1a:db:ac:
ae:a0:a9:86:92:ab:0e:07:0f:c7:6b:61:0b:d4:b5:32:71:55:
ce:58:5d:c5:bd:18:b8:c9:86:db:73:c2:64:87:47:0c:b0:03:
b6:0a:6d:a9:20:f4:2e:4e:b2:c2:14:f0:97:ce:3d:66:dd:40:
08:0f:e2:d3:aa:2e:a1:19:5e:32:26:db:72:07:2e:a4:7a:e9:
d0:1b:db:3d:80:88:9f:35:60:39:b3:fd:5d:ab:f6:2d:58:75:
d1:5f:91:47:b9:3c:a3:b7:63:b2:a0:fc:e0:cc:c9:32:31:21:
7a:e8:f7:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTl2DPb2n6gCpiAnUsPsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjNlMmVkYjMyMWUxYThhNWNlOWVlM2UyZDk1YWE0MGYw
ZGU4YTAwHhcNMjYwMzI2MDQwMTU3WhcNMjYwMzI3MDQwMTU3WjAzMTEwLwYDVQQD
Eyg3MDdhZDhhNTM5OTM0MDRkNjgwM2ZmZWMxMmFhZjJjYTU5YzA5ZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGZCLYbz9goAjqZlcEEYKciq0BEt
h9zUKhwhjt1x7eLXgpfXwmPwtQyA/VTHyD3I69uoKqW7QjzQvVlBbrTRjD6LqKnd
6HXuRtVRIb83awry5SreERJEmsjLH8LAuvxo5F3vtt8+5JU83w76dnUvurKAkW2n
/7AVc82zeqd4w6mNB0sppWJIS2LWyZqmkcG8o1rKnLHz77aQUu1JWSSvQqR97cJD
OvAp5vmsnc1BcNVOi8AZKKOJfj1DBdfsyBCUqTmDGZreh/zq+OraoByjVGZdnUVU
x7I9vlTOPvjxdM5IAxvAKvqL0hG1LKcrpmjzAB+CWthweuj/cxtJAvvnOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHB62KU5k0BNaAP/7BKq8spZwJ2XMB8GA1UdIwQY
MBaAFE0j4u2zIeGopc6e4+LZWqQPDeigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNQaTdiTWg0YWlsenA3ajR0bGFwQThONktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lNGUwN2UtMTVmYy00OTQyLTg0MmEt
NTM4NTA5ZjNhNzg5LzEvVFNQaTdiTWg0YWlsenA3ajR0bGFwQThONktBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9lNGUwN2UtMTVmYy00OTQyLTg0MmEtNTM4NTA5ZjNhNzg5
LzEvVFNQaTdiTWg0YWlsenA3ajR0bGFwQThONktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAgJiRI0f
m3eAkCYLaRzA4AIUfFyKspHhSDtMd/so5gdPpVVDlYahPc8GX2u8VewYOh0io/13
9ajYfrpEMZc+YISYeaGcjCQvD1MgNzErN7xcHjKesVWotNQfRKTJCsKqwwyl7Byb
pN1ryAwOr/uAtavD4kDJK6DO6WRhHZn6yeJXVurvgpEE6UJPRuLDGtusrqCphpKr
DgcPx2thC9S1MnFVzlhdxb0YuMmG23PCZIdHDLADtgptqSD0Lk6ywhTwl849Zt1A
CA/i06ouoRleMibbcgcupHrp0BvbPYCInzVgObP9Xav2LVh10V+RR7k8o7djsqD8
4MzJMjEheuj3yQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:00:11 2026 by rpki-client