Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.mft
File: TKUJs1AR7XFmOVK6Dgw8OEV_nQc.mft (raw, json)
Hash identifier: 8nQm3c9d9LIEGV/EkysH73BQBQM9614fM3lAfcBPXmc=
Subject key identifier: 0F:81:94:D8:87:3D:B4:40:71:6C:58:98:80:B8:8B:6D:C7:A6:C7:BC
Authority key identifier: 4C:A5:09:B3:50:11:ED:71:66:39:52:BA:0E:0C:3C:38:45:7F:9D:07
Certificate issuer: /CN=4ca509b35011ed71663952ba0e0c3c38457f9d07
Certificate serial: 019CAA58DEC979CC5A56DBDCCEE0B73BF4D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.mft
Manifest number: 17D8
Signing time: Sun 01 Mar 2026 17:01:16 +0000
Manifest this update: Sun 01 Mar 2026 17:01:16 +0000
Manifest next update: Mon 02 Mar 2026 17:01:16 +0000
Files and hashes: 1: 6Ph7OTwTn7R5BOZ8XlW_NErMT_M.roa (hash: Xi80ayzCKRN90pBTc/TWfWw+UkNkUlSPBpPp4lAP3a8=)
2: TKUJs1AR7XFmOVK6Dgw8OEV_nQc.crl (hash: 2xglCrZrhrWtO3NnHFd41xmIoeoOD6ZL1jpigw1JVes=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:de:c9:79:cc:5a:56:db:dc:ce:e0:b7:3b:f4:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca509b35011ed71663952ba0e0c3c38457f9d07
Validity
Not Before: Mar 1 17:01:16 2026 GMT
Not After : Mar 2 17:01:16 2026 GMT
Subject: CN=0f8194d8873db440716c589880b88b6dc7a6c7bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bb:c7:a5:d2:3a:08:c4:3a:2c:7b:ca:85:72:
59:3f:da:ae:93:67:0e:34:71:cb:bd:25:ac:d9:8b:
6a:28:6d:bf:88:3f:57:3b:0d:d3:5e:50:d5:ba:bb:
d9:24:af:0c:78:f5:71:fa:6e:d1:57:1a:df:a3:23:
ee:91:53:b4:e2:b7:66:05:ad:e6:fc:eb:b0:6b:70:
b7:f0:54:01:e0:40:4d:95:21:a7:52:7e:12:2c:12:
8d:51:67:70:58:c3:7a:5a:56:7e:be:56:65:b3:0f:
69:e4:6b:d0:0c:ec:90:93:d7:c3:3d:03:42:ee:61:
d8:24:7d:31:4a:54:97:5e:2d:44:d1:2f:0d:ec:2f:
5c:45:f8:90:87:fb:f7:86:74:be:53:2f:51:c0:c9:
5d:5b:0a:7a:06:75:44:03:5a:81:8f:34:b9:27:22:
e2:80:74:05:f2:bc:21:aa:1b:d9:59:69:9a:b3:d3:
3c:da:ff:96:50:59:4e:6a:1c:7d:04:3e:e7:b0:d3:
98:a7:82:c6:49:e2:b4:4b:a1:8a:4e:e2:86:05:dd:
48:85:62:12:56:4a:1a:f1:91:be:f9:43:c3:28:67:
97:c5:b8:97:54:84:2c:9e:52:b7:d1:49:39:46:10:
09:1c:7e:b0:c7:c5:ca:e2:dd:c2:d6:ca:7c:3e:1b:
1c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:81:94:D8:87:3D:B4:40:71:6C:58:98:80:B8:8B:6D:C7:A6:C7:BC
X509v3 Authority Key Identifier:
keyid:4C:A5:09:B3:50:11:ED:71:66:39:52:BA:0E:0C:3C:38:45:7F:9D:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:6e:71:76:ae:12:c1:3d:df:2f:d8:15:98:39:8e:fa:f8:ef:
de:6c:d3:f8:1a:0e:e2:ac:83:49:0f:48:7f:9c:65:1f:f2:fb:
b7:43:c1:b9:fe:0a:31:d0:4f:0f:a8:a6:6f:94:16:97:83:6b:
44:e1:0b:18:0e:38:28:35:e3:c7:20:c3:3e:21:c1:35:3e:1f:
33:30:6e:5c:0f:6e:e9:b7:6b:ea:8d:2f:cb:32:fd:fb:92:7d:
b1:3b:bd:66:36:9b:47:e2:85:9a:3d:70:00:d0:6e:d2:73:e3:
1b:33:ca:42:57:0a:a8:63:ee:d6:59:9f:c0:dc:e5:bb:89:b5:
60:4b:33:a1:97:86:ee:e3:54:a9:03:fe:57:ed:26:d3:2c:00:
b8:4d:b4:ad:db:06:8d:66:13:c5:fd:76:19:e8:39:65:15:f1:
eb:37:c6:0e:79:ea:f6:7b:43:68:bc:81:c1:50:12:8b:4e:66:
da:d6:e3:75:70:2f:df:9d:f8:3d:b6:18:f6:8e:3b:1b:62:60:
7b:48:a7:82:0a:24:49:5a:0d:14:9d:98:da:0f:f8:22:16:60:
97:0a:f6:e5:cf:80:15:f0:6e:a4:c4:11:57:73:b7:1f:d8:01:
4d:b0:41:82:c1:76:da:e0:3c:9d:d6:f4:7d:13:c6:66:d0:36:
03:ca:5b:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWN7JecxaVtvczuC3O/TUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTUwOWIzNTAxMWVkNzE2NjM5NTJiYTBlMGMzYzM4NDU3
ZjlkMDcwHhcNMjYwMzAxMTcwMTE2WhcNMjYwMzAyMTcwMTE2WjAzMTEwLwYDVQQD
EygwZjgxOTRkODg3M2RiNDQwNzE2YzU4OTg4MGI4OGI2ZGM3YTZjN2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLvHpdI6CMQ6LHvKhXJZP9quk2cO
NHHLvSWs2YtqKG2/iD9XOw3TXlDVurvZJK8MePVx+m7RVxrfoyPukVO04rdmBa3m
/Ouwa3C38FQB4EBNlSGnUn4SLBKNUWdwWMN6WlZ+vlZlsw9p5GvQDOyQk9fDPQNC
7mHYJH0xSlSXXi1E0S8N7C9cRfiQh/v3hnS+Uy9RwMldWwp6BnVEA1qBjzS5JyLi
gHQF8rwhqhvZWWmas9M82v+WUFlOahx9BD7nsNOYp4LGSeK0S6GKTuKGBd1IhWIS
Vkoa8ZG++UPDKGeXxbiXVIQsnlK30Uk5RhAJHH6wx8XK4t3C1sp8PhscYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+BlNiHPbRAcWxYmIC4i23Hpse8MB8GA1UdIwQY
MBaAFEylCbNQEe1xZjlSug4MPDhFf50HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtVSnMxQVI3WEZtT1ZLNkRndzhPRVZfblFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wYTEzMWUtMzdjNi00NWNiLTk2ODIt
MGIwYzEyYjIyYmY5LzEvVEtVSnMxQVI3WEZtT1ZLNkRndzhPRVZfblFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wYTEzMWUtMzdjNi00NWNiLTk2ODItMGIwYzEyYjIyYmY5
LzEvVEtVSnMxQVI3WEZtT1ZLNkRndzhPRVZfblFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ25xdq4S
wT3fL9gVmDmO+vjv3mzT+BoO4qyDSQ9If5xlH/L7t0PBuf4KMdBPD6imb5QWl4Nr
ROELGA44KDXjxyDDPiHBNT4fMzBuXA9u6bdr6o0vyzL9+5J9sTu9ZjabR+KFmj1w
ANBu0nPjGzPKQlcKqGPu1lmfwNzlu4m1YEszoZeG7uNUqQP+V+0m0ywAuE20rdsG
jWYTxf12Geg5ZRXx6zfGDnnq9ntDaLyBwVASi05m2tbjdXAv3534PbYY9o47G2Jg
e0inggokSVoNFJ2Y2g/4IhZglwr25c+AFfBupMQRV3O3H9gBTbBBgsF22uA8ndb0
fRPGZtA2A8pbGw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:27:17 2026 by rpki-client