Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/800eb6-868b-4a30-b402-4bce424723d9/1/tBSwm-6rkF_0HmgTJWBUsYIpQpc.mft
File: tBSwm-6rkF_0HmgTJWBUsYIpQpc.mft (raw, json)
Hash identifier: 0N2fTLLoyavCIWEvYxWnJCRL1J057/fnZn6LgiuxdOg=
Subject key identifier: AA:1E:9D:2F:2E:AD:63:DF:12:63:AC:36:0F:B3:EA:94:A1:97:77:91
Authority key identifier: B4:14:B0:9B:EE:AB:90:5F:F4:1E:68:13:25:60:54:B1:82:29:42:97
Certificate issuer: /CN=b414b09beeab905ff41e6813256054b182294297
Certificate serial: 019CAE35A45C832FC22B1FC64A5552ABFBD3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tBSwm-6rkF_0HmgTJWBUsYIpQpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/800eb6-868b-4a30-b402-4bce424723d9/1/tBSwm-6rkF_0HmgTJWBUsYIpQpc.mft
Manifest number: 0DA9
Signing time: Mon 02 Mar 2026 11:01:16 +0000
Manifest this update: Mon 02 Mar 2026 11:01:16 +0000
Manifest next update: Tue 03 Mar 2026 11:01:16 +0000
Files and hashes: 1: PryhJuPWT5nqb9oyXQgOBbIOUUk.roa (hash: cS2lZTx5DGqFrOEx5ExlTcVafDaIZ/DGkeU2FaJuTW0=)
2: UBFh1GOJKwfHfVNROX0pySkrhLg.roa (hash: 9aS+pDbF/kRsEGF17ZAi+LnIZ4KLD6/VT70cttfQen8=)
3: tBSwm-6rkF_0HmgTJWBUsYIpQpc.crl (hash: TKQyLIPCmSLL92VRiGISWKqUAGuv93NOydaml5or1G4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/800eb6-868b-4a30-b402-4bce424723d9/1/tBSwm-6rkF_0HmgTJWBUsYIpQpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/800eb6-868b-4a30-b402-4bce424723d9/1/tBSwm-6rkF_0HmgTJWBUsYIpQpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/tBSwm-6rkF_0HmgTJWBUsYIpQpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:35:a4:5c:83:2f:c2:2b:1f:c6:4a:55:52:ab:fb:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b414b09beeab905ff41e6813256054b182294297
Validity
Not Before: Mar 2 11:01:16 2026 GMT
Not After : Mar 3 11:01:16 2026 GMT
Subject: CN=aa1e9d2f2ead63df1263ac360fb3ea94a1977791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f1:54:cd:6a:c0:f5:ae:72:b3:42:36:5f:d7:
9b:b9:e8:47:27:94:c2:4d:bf:55:c7:1f:27:00:1e:
32:b8:bd:0a:85:2e:bb:56:1c:86:b6:a0:f5:dc:51:
f1:94:1d:4e:af:51:3e:de:05:3b:b8:1d:4f:03:36:
86:d9:e7:69:05:e7:6d:93:77:f3:be:34:7d:c6:ff:
8d:9e:33:6d:6b:bf:16:57:0a:59:6e:7b:91:6b:2f:
dc:d5:8d:99:78:c5:41:9a:73:6e:85:31:b8:df:d6:
cc:e7:57:9c:46:87:d2:e3:b5:99:3e:32:0e:f0:54:
81:71:63:03:b6:97:d4:0f:ae:ea:e7:10:4e:ee:21:
73:95:d4:1a:ff:f1:27:c4:ef:8d:5c:7d:55:c8:18:
30:1f:8f:81:90:d4:a1:7e:da:a8:f3:91:32:72:c9:
1c:30:9e:b9:23:c1:03:db:e8:c2:cb:e9:79:9d:61:
a7:56:08:ed:97:41:63:aa:a9:2b:f9:e3:24:0b:c3:
23:34:69:81:0a:5c:2f:2d:a5:31:ea:bd:0d:c7:c8:
59:47:4c:67:2d:eb:3d:bf:a9:5c:67:8f:52:0a:19:
48:e2:40:86:57:b5:08:69:31:42:7d:57:c7:60:61:
c6:e7:50:6a:6d:de:a9:fa:c2:c8:b7:11:e3:6f:0b:
60:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1E:9D:2F:2E:AD:63:DF:12:63:AC:36:0F:B3:EA:94:A1:97:77:91
X509v3 Authority Key Identifier:
keyid:B4:14:B0:9B:EE:AB:90:5F:F4:1E:68:13:25:60:54:B1:82:29:42:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tBSwm-6rkF_0HmgTJWBUsYIpQpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/800eb6-868b-4a30-b402-4bce424723d9/1/tBSwm-6rkF_0HmgTJWBUsYIpQpc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/800eb6-868b-4a30-b402-4bce424723d9/1/tBSwm-6rkF_0HmgTJWBUsYIpQpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:2e:fd:0b:28:3b:a3:9b:90:32:86:c7:df:77:5f:c3:d5:6f:
8b:3b:6c:b2:ff:76:25:b5:fe:25:3a:01:c8:b5:d9:4e:09:1a:
85:f7:c8:70:64:48:f2:f2:d0:18:64:70:ad:d0:f5:89:e0:ae:
8f:64:d0:52:2f:fa:ce:18:45:0e:d7:f9:e6:7f:65:4f:73:07:
f1:4f:a9:b3:8a:b6:d2:2f:de:55:40:ce:96:d9:d2:62:68:05:
cf:2f:39:e5:73:17:0b:7a:9d:87:75:49:bc:02:31:b7:d7:69:
1e:7f:6d:75:ba:21:63:94:87:ff:b3:01:f7:4f:52:54:3a:e6:
7b:7e:d2:c7:6f:b6:d6:c8:0f:8c:ca:4a:af:3a:d8:bf:3d:10:
55:a1:db:e5:d9:3a:4e:46:a7:1d:01:45:61:7a:53:91:e9:5f:
ca:af:4a:20:53:2e:3a:ee:92:b5:b2:8a:21:bd:a3:00:26:42:
c0:e2:04:1e:3a:90:9c:b9:b3:3c:cd:e7:c6:fd:37:dd:73:cf:
64:ce:c5:c7:45:5b:16:5c:e9:77:86:95:a1:82:77:12:6c:99:
88:d4:7f:87:96:ec:ba:89:59:a2:49:dc:18:89:0a:c5:4f:84:
7f:04:46:cd:3e:9f:f7:c7:43:4f:d3:23:7c:a4:5d:0f:22:ad:
6a:d0:09:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNaRcgy/CKx/GSlVSq/vTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MTRiMDliZWVhYjkwNWZmNDFlNjgxMzI1NjA1NGIxODIy
OTQyOTcwHhcNMjYwMzAyMTEwMTE2WhcNMjYwMzAzMTEwMTE2WjAzMTEwLwYDVQQD
EyhhYTFlOWQyZjJlYWQ2M2RmMTI2M2FjMzYwZmIzZWE5NGExOTc3NzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPFUzWrA9a5ys0I2X9ebuehHJ5TC
Tb9Vxx8nAB4yuL0KhS67VhyGtqD13FHxlB1Or1E+3gU7uB1PAzaG2edpBedtk3fz
vjR9xv+NnjNta78WVwpZbnuRay/c1Y2ZeMVBmnNuhTG439bM51ecRofS47WZPjIO
8FSBcWMDtpfUD67q5xBO7iFzldQa//EnxO+NXH1VyBgwH4+BkNShftqo85Eycskc
MJ65I8ED2+jCy+l5nWGnVgjtl0Fjqqkr+eMkC8MjNGmBClwvLaUx6r0Nx8hZR0xn
Les9v6lcZ49SChlI4kCGV7UIaTFCfVfHYGHG51Bqbd6p+sLItxHjbwtgmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKoenS8urWPfEmOsNg+z6pShl3eRMB8GA1UdIwQY
MBaAFLQUsJvuq5Bf9B5oEyVgVLGCKUKXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEJTd20tNnJrRl8wSG1nVEpXQlVzWUlwUXBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84MDBlYjYtODY4Yi00YTMwLWI0MDIt
NGJjZTQyNDcyM2Q5LzEvdEJTd20tNnJrRl8wSG1nVEpXQlVzWUlwUXBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84MDBlYjYtODY4Yi00YTMwLWI0MDItNGJjZTQyNDcyM2Q5
LzEvdEJTd20tNnJrRl8wSG1nVEpXQlVzWUlwUXBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhC79Cyg7
o5uQMobH33dfw9Vviztssv92JbX+JToByLXZTgkahffIcGRI8vLQGGRwrdD1ieCu
j2TQUi/6zhhFDtf55n9lT3MH8U+ps4q20i/eVUDOltnSYmgFzy855XMXC3qdh3VJ
vAIxt9dpHn9tdbohY5SH/7MB909SVDrme37Sx2+21sgPjMpKrzrYvz0QVaHb5dk6
TkanHQFFYXpTkelfyq9KIFMuOu6StbKKIb2jACZCwOIEHjqQnLmzPM3nxv033XPP
ZM7Fx0VbFlzpd4aVoYJ3EmyZiNR/h5bsuolZokncGIkKxU+EfwRGzT6f98dDT9Mj
fKRdDyKtatAJEA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:02:26 2026 by rpki-client