Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
File: TKha1Dt7R-dSh4MHGEeU1woCdmw.mft (raw, json)
Hash identifier: GSF+t2owB94LHD41KjT72chHdTN6hsJBHgGPJSC1TzE=
Subject key identifier: 7C:95:82:65:38:A4:C8:61:58:E2:45:F2:6A:F4:93:B7:CF:A0:AF:C4
Authority key identifier: 4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
Certificate issuer: /CN=4ca85ad43b7b47e752878307184794d70a02766c
Certificate serial: 019CAF1103DE03FFE8DD766657E489DB3174
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
Manifest number: 03CE
Signing time: Mon 02 Mar 2026 15:00:53 +0000
Manifest this update: Mon 02 Mar 2026 15:00:53 +0000
Manifest next update: Tue 03 Mar 2026 15:00:53 +0000
Files and hashes: 1: 1-w3-HT-b4gN55Ez02d0Ltxhd_18.roa (hash: SZE3EWQBz3QYJjq31FoNPzS9VUyILcF5vCKxR6HmvGg=)
2: TKha1Dt7R-dSh4MHGEeU1woCdmw.crl (hash: 3n5tIhjjkTWOlg0/y7KAKZSeY/a5+3VZcW7aK87THU4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:50:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:11:03:de:03:ff:e8:dd:76:66:57:e4:89:db:31:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca85ad43b7b47e752878307184794d70a02766c
Validity
Not Before: Mar 2 15:00:53 2026 GMT
Not After : Mar 3 15:00:53 2026 GMT
Subject: CN=7c95826538a4c86158e245f26af493b7cfa0afc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c0:2a:c3:0a:64:07:a3:d6:e2:53:22:21:23:
0d:a6:42:8c:37:0c:ad:59:fa:6e:b1:87:36:04:85:
7e:95:a9:f2:b2:e3:a5:11:db:52:61:c8:42:fb:f8:
14:18:f9:b6:a4:cd:f9:91:93:7c:a2:05:32:94:f4:
22:33:86:f5:fb:9c:a5:f6:da:db:4e:fd:c1:0d:7f:
5a:f4:82:4e:89:16:95:78:9d:ee:c5:bb:d6:94:aa:
7e:8e:93:5e:c8:21:40:a4:31:66:a8:40:00:9c:d5:
42:31:81:71:a1:fa:43:89:3e:53:88:2b:e1:bb:98:
e5:4b:46:d9:19:b0:98:ad:6c:40:2c:52:23:1e:5f:
da:02:f9:93:1b:64:e7:a2:6d:1e:25:13:a3:01:66:
ea:9d:9c:4f:a7:37:56:6f:34:2c:07:b6:1b:3a:6f:
48:17:93:49:64:31:12:b1:ac:48:95:8e:09:5a:03:
4e:83:d7:eb:4a:d5:18:0e:db:bd:df:4b:96:aa:2a:
1c:aa:2f:ff:2f:b3:0b:e9:99:1c:c7:5c:03:c7:11:
db:ca:c2:66:52:6a:1f:bc:41:68:ae:2b:3d:c3:de:
33:a7:59:da:5d:72:c9:b5:dd:00:60:24:db:b5:b8:
b8:08:9f:e3:b2:91:ea:82:4b:c4:36:7f:1d:97:e4:
93:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:95:82:65:38:A4:C8:61:58:E2:45:F2:6A:F4:93:B7:CF:A0:AF:C4
X509v3 Authority Key Identifier:
keyid:4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:00:0d:05:5a:5a:5e:38:e7:d3:6b:ff:a3:58:7f:5b:d8:ff:
14:d0:92:0e:83:97:6b:a5:dc:1d:69:a0:91:68:8d:6b:69:83:
80:d6:d5:6a:a4:a3:a4:fb:71:c3:10:69:db:b2:3b:6b:a6:6e:
e3:46:5f:24:86:8c:a8:a0:98:7a:57:42:91:38:0b:02:45:72:
f1:15:c3:79:75:6e:e0:e5:df:9b:d0:87:d0:d7:60:9a:8b:9d:
eb:a4:9b:c2:7b:7c:ad:2f:91:6e:42:62:7e:c7:f6:95:25:82:
6e:92:b6:f4:b1:af:67:4a:31:ba:cf:ef:00:af:59:7c:1d:8b:
81:9e:3e:c7:d0:f7:c0:ed:ec:b7:72:4c:3c:28:b2:51:6f:11:
32:77:34:d5:06:58:1c:e2:d1:45:b9:0a:3c:6a:16:c5:20:54:
be:55:44:49:34:40:3a:4e:82:29:da:63:3e:26:81:6e:f6:dc:
7b:43:41:00:09:9b:09:fc:9a:96:3a:36:f4:48:6e:67:eb:5f:
a0:4b:22:62:5c:5b:a0:c8:b2:31:fd:49:1d:6e:da:6c:38:28:
d4:c7:b6:0d:09:49:66:6f:c2:9c:2d:5a:ce:e1:28:37:0f:1f:
10:42:56:33:d1:28:85:fe:56:47:bd:2b:c4:0c:a9:a3:b7:c4:
1b:e9:b9:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvEQPeA//o3XZmV+SJ2zF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTg1YWQ0M2I3YjQ3ZTc1Mjg3ODMwNzE4NDc5NGQ3MGEw
Mjc2NmMwHhcNMjYwMzAyMTUwMDUzWhcNMjYwMzAzMTUwMDUzWjAzMTEwLwYDVQQD
Eyg3Yzk1ODI2NTM4YTRjODYxNThlMjQ1ZjI2YWY0OTNiN2NmYTBhZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sAqwwpkB6PW4lMiISMNpkKMNwyt
WfpusYc2BIV+lanysuOlEdtSYchC+/gUGPm2pM35kZN8ogUylPQiM4b1+5yl9trb
Tv3BDX9a9IJOiRaVeJ3uxbvWlKp+jpNeyCFApDFmqEAAnNVCMYFxofpDiT5TiCvh
u5jlS0bZGbCYrWxALFIjHl/aAvmTG2Tnom0eJROjAWbqnZxPpzdWbzQsB7YbOm9I
F5NJZDESsaxIlY4JWgNOg9frStUYDtu930uWqiocqi//L7ML6Zkcx1wDxxHbysJm
UmofvEForis9w94zp1naXXLJtd0AYCTbtbi4CJ/jspHqgkvENn8dl+STMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHyVgmU4pMhhWOJF8mr0k7fPoK/EMB8GA1UdIwQY
MBaAFEyoWtQ7e0fnUoeDBxhHlNcKAnZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMt
MjIyMjUyOTI5ODczLzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMtMjIyMjUyOTI5ODcz
LzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmAANBVpa
Xjjn02v/o1h/W9j/FNCSDoOXa6XcHWmgkWiNa2mDgNbVaqSjpPtxwxBp27I7a6Zu
40ZfJIaMqKCYeldCkTgLAkVy8RXDeXVu4OXfm9CH0Ndgmoud66Sbwnt8rS+RbkJi
fsf2lSWCbpK29LGvZ0oxus/vAK9ZfB2LgZ4+x9D3wO3st3JMPCiyUW8RMnc01QZY
HOLRRbkKPGoWxSBUvlVESTRAOk6CKdpjPiaBbvbce0NBAAmbCfyaljo29EhuZ+tf
oEsiYlxboMiyMf1JHW7abDgo1Me2DQlJZm/CnC1azuEoNw8fEEJWM9Eohf5WR70r
xAypo7fEG+m5Xg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:41:07 2026 by rpki-client