Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft
File: tu2bXLS2SGbDg97kV2v_P_h1JC0.mft (raw, json)
Hash identifier: KPruZcJU2zYVB+xkr9PNeBf1R+yPPnr9znomfsbHjJg=
Subject key identifier: 76:06:E5:D3:39:86:5D:47:A5:66:4F:0E:3A:F7:E5:65:CC:F6:9C:D5
Authority key identifier: B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D
Certificate issuer: /CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
Certificate serial: 019CA945BB1AB1C67B50ED6C30E6E86BB77D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft
Manifest number: 0FBD
Signing time: Sun 01 Mar 2026 12:00:45 +0000
Manifest this update: Sun 01 Mar 2026 12:00:45 +0000
Manifest next update: Mon 02 Mar 2026 12:00:45 +0000
Files and hashes: 1: qnjLVFZSC8QuCgUVZZ1JmtnnXaw.roa (hash: lrJX4lxCpvRoWetP9MnMhWnZa9fTVg282FGtglUa7z4=)
2: tu2bXLS2SGbDg97kV2v_P_h1JC0.crl (hash: 52wsEB3zv7Mtt2NqWUIxeoL6tRDCnihVwJb+jq9EsVI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:45:bb:1a:b1:c6:7b:50:ed:6c:30:e6:e8:6b:b7:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
Validity
Not Before: Mar 1 12:00:45 2026 GMT
Not After : Mar 2 12:00:45 2026 GMT
Subject: CN=7606e5d339865d47a5664f0e3af7e565ccf69cd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fb:69:94:06:00:9c:4f:d0:18:3b:c3:70:73:
0e:38:23:03:52:5c:53:91:a5:0a:96:c1:72:9f:27:
ef:e3:25:8a:f6:55:50:11:88:a7:fe:c3:1f:a7:ad:
a8:ff:e4:25:cb:03:ea:5d:83:6e:44:2d:00:ca:4e:
2e:d8:8c:08:5f:4f:fb:99:24:07:30:89:89:19:89:
90:7b:b5:32:e0:b8:19:9c:74:21:d9:9a:78:80:0a:
cc:b5:5f:72:88:a9:9a:d9:e7:5e:cf:04:b4:e9:1f:
7d:08:89:96:30:67:58:00:22:45:45:91:8a:32:a6:
b8:a3:c0:3d:e5:c7:49:0c:24:9c:5f:51:95:87:aa:
1a:ec:27:4d:c5:e5:e5:6a:6d:ce:e1:a2:f4:b3:42:
ef:62:b8:e0:57:4d:fd:9d:86:ea:c5:68:c0:c9:d5:
f3:5f:b8:57:a0:47:2c:3b:a6:88:37:e2:97:59:c6:
b9:b2:89:e5:65:fa:80:2d:b6:f4:53:70:fc:80:6b:
82:1d:a1:2f:f1:e1:a6:6d:a3:69:93:3e:7e:38:3c:
98:a7:b5:3d:db:42:31:d1:03:47:94:54:c2:a0:54:
74:82:c9:ff:78:88:87:26:f9:ea:8f:b7:44:54:6d:
77:03:b3:99:a5:3b:ac:94:ae:d4:b1:ce:35:e3:f8:
c3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:06:E5:D3:39:86:5D:47:A5:66:4F:0E:3A:F7:E5:65:CC:F6:9C:D5
X509v3 Authority Key Identifier:
keyid:B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:3b:fa:95:c1:94:60:f7:94:04:6f:68:89:3b:9d:11:90:b6:
f6:e8:de:ea:aa:89:28:cc:77:ba:b5:61:11:02:75:ac:73:d5:
ea:4d:00:49:06:49:2e:61:1f:25:4e:38:68:c0:b0:8c:f5:8b:
c5:7b:93:fb:ea:40:41:b5:7b:42:28:95:15:fa:f7:86:9a:01:
c2:3f:4f:3f:60:8b:49:33:27:4b:d5:2d:df:7c:a2:8a:ca:d8:
74:08:8b:b9:61:68:a6:ca:97:8e:33:ae:29:a3:e6:52:f6:c6:
40:44:27:13:0b:65:e7:4b:33:dc:75:ce:cb:15:07:28:24:8a:
fb:8b:49:bb:98:0c:b6:68:f9:7b:17:ed:13:1c:d8:d7:5b:7c:
9c:2f:fd:f3:54:ed:e6:a1:f9:0e:c9:17:3e:5a:08:ce:33:79:
be:ae:3b:fd:33:d0:c2:2d:67:11:9d:03:ef:75:d6:30:ca:07:
b2:8a:2e:2b:99:ef:d0:d5:bf:ab:dd:0f:39:43:77:3e:9f:cb:
6f:12:38:ec:bc:56:bd:eb:3f:2f:91:4f:78:e8:b8:34:55:77:
1c:6d:40:eb:77:01:47:14:c1:cb:05:2b:b7:a8:06:f5:43:40:
03:9b:9b:af:87:e0:6f:c2:92:e1:82:cc:87:65:75:ba:bd:b5:
87:ab:4d:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypRbsascZ7UO1sMOboa7d9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZWQ5YjVjYjRiNjQ4NjZjMzgzZGVlNDU3NmJmZjNmZjg3
NTI0MmQwHhcNMjYwMzAxMTIwMDQ1WhcNMjYwMzAyMTIwMDQ1WjAzMTEwLwYDVQQD
Eyg3NjA2ZTVkMzM5ODY1ZDQ3YTU2NjRmMGUzYWY3ZTU2NWNjZjY5Y2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vtplAYAnE/QGDvDcHMOOCMDUlxT
kaUKlsFynyfv4yWK9lVQEYin/sMfp62o/+QlywPqXYNuRC0Ayk4u2IwIX0/7mSQH
MImJGYmQe7Uy4LgZnHQh2Zp4gArMtV9yiKma2edezwS06R99CImWMGdYACJFRZGK
Mqa4o8A95cdJDCScX1GVh6oa7CdNxeXlam3O4aL0s0LvYrjgV039nYbqxWjAydXz
X7hXoEcsO6aIN+KXWca5sonlZfqALbb0U3D8gGuCHaEv8eGmbaNpkz5+ODyYp7U9
20Ix0QNHlFTCoFR0gsn/eIiHJvnqj7dEVG13A7OZpTuslK7Usc414/jDQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHYG5dM5hl1HpWZPDjr35WXM9pzVMB8GA1UdIwQY
MBaAFLbtm1y0tkhmw4Pe5Fdr/z/4dSQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDkt
NWE5MDVhZjUwN2MzLzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDktNWE5MDVhZjUwN2Mz
LzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQjv6lcGU
YPeUBG9oiTudEZC29uje6qqJKMx3urVhEQJ1rHPV6k0ASQZJLmEfJU44aMCwjPWL
xXuT++pAQbV7QiiVFfr3hpoBwj9PP2CLSTMnS9Ut33yiisrYdAiLuWFopsqXjjOu
KaPmUvbGQEQnEwtl50sz3HXOyxUHKCSK+4tJu5gMtmj5exftExzY11t8nC/981Tt
5qH5DskXPloIzjN5vq47/TPQwi1nEZ0D73XWMMoHsoouK5nv0NW/q90POUN3Pp/L
bxI47LxWves/L5FPeOi4NFV3HG1A63cBRxTBywUrt6gG9UNAA5ubr4fgb8KS4YLM
h2V1ur21h6tNew==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:43:43 2026 by rpki-client