Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
File: TQiJTKQFMefSApQJEojnetEsKXk.mft (raw, json)
Hash identifier: xhX1/8jKwHAVFU93NWsVxDW+DLkIJu3HaWIqxL63JzM=
Subject key identifier: 3C:23:98:C6:7C:9D:AF:A1:86:05:B6:8A:20:D6:0E:7C:3A:F2:6E:10
Authority key identifier: 4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
Certificate issuer: /CN=4d08894ca40531e7d20294091288e77ad12c2979
Certificate serial: 019CA946284C4B97DC4F7D76F88158CA00A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
Manifest number: 090C
Signing time: Sun 01 Mar 2026 12:01:13 +0000
Manifest this update: Sun 01 Mar 2026 12:01:13 +0000
Manifest next update: Mon 02 Mar 2026 12:01:13 +0000
Files and hashes: 1: 1SYQW-AytRFT8X7H178C63GJxjA.roa (hash: ZzI22LUMgcKDVR6FP27XHCqtHrqNmJBOs8nOGmHXP4g=)
2: TQiJTKQFMefSApQJEojnetEsKXk.crl (hash: stv4QoEo8U/cpPnPOJ+U0nbuew848ojhNhDXiGv3+Q4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:46:28:4c:4b:97:dc:4f:7d:76:f8:81:58:ca:00:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d08894ca40531e7d20294091288e77ad12c2979
Validity
Not Before: Mar 1 12:01:13 2026 GMT
Not After : Mar 2 12:01:13 2026 GMT
Subject: CN=3c2398c67c9dafa18605b68a20d60e7c3af26e10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:35:0a:d4:fe:42:28:92:06:be:34:7c:92:f1:
aa:4c:38:c9:90:63:e1:d8:4f:6c:89:35:b3:fd:af:
d7:c6:97:75:a2:56:ec:2a:e8:c3:ae:a5:76:c6:f8:
d4:5c:97:19:7d:e7:ed:7c:4d:50:e1:36:8f:e4:4b:
cf:20:47:f4:9a:11:62:25:5b:90:6d:ae:eb:6b:57:
08:74:91:2c:19:f5:e5:55:9a:98:d5:6d:70:f1:74:
68:93:6f:0e:09:5d:28:50:2c:be:61:4b:18:08:8e:
aa:2b:e5:f9:fb:37:d5:ae:6a:0b:77:23:02:4e:99:
b6:a6:f9:fa:f7:be:41:da:c3:a9:e9:60:ce:86:ab:
f3:6f:7a:fc:dd:e0:01:15:b7:15:cb:a4:3c:a1:1c:
17:c0:e3:09:d3:1a:15:ca:d2:2e:c6:7e:35:26:a4:
fb:57:5e:14:cd:71:2f:53:19:de:61:bc:e1:e9:e8:
95:31:7f:47:c9:8a:15:af:17:1b:1d:06:8a:50:b9:
69:99:6c:54:32:c3:f3:05:6c:e9:65:e7:29:19:cb:
6e:b7:0e:55:32:25:2c:22:db:99:73:68:cb:c1:dd:
ae:a1:74:46:93:62:3e:72:9c:68:e7:e7:37:d3:d6:
b5:ca:6a:08:02:17:79:65:3b:ca:35:8d:33:44:6c:
c9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:23:98:C6:7C:9D:AF:A1:86:05:B6:8A:20:D6:0E:7C:3A:F2:6E:10
X509v3 Authority Key Identifier:
keyid:4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:05:01:77:da:44:58:b0:32:78:a3:0b:46:72:52:94:9e:52:
b5:b2:cc:f7:1a:a0:e1:95:72:e3:e1:30:42:a3:b7:b2:cc:b4:
09:f2:23:c2:63:bd:eb:d8:a4:24:cd:d8:eb:c8:ad:9f:84:c4:
05:84:55:e6:5f:01:60:8d:df:6f:67:5a:ef:bf:7c:63:57:d7:
3c:69:b1:0e:e5:c7:d5:55:5a:54:c5:0b:6d:a9:05:06:07:51:
a2:89:dc:1a:8f:2c:63:7a:94:55:d9:99:ed:35:1d:37:cc:d4:
82:76:ab:18:9c:fd:6c:e7:64:9e:4d:7c:82:7f:05:4f:78:29:
15:91:9e:50:99:ff:23:67:fc:33:c6:c0:18:f0:f7:54:2f:fc:
65:d1:6c:c6:ae:bf:51:31:48:9e:55:bc:77:0e:1a:bf:66:13:
27:81:21:f3:9a:64:1c:9e:ac:ad:a1:a5:89:b7:c2:38:c4:fb:
b2:f1:f1:63:42:14:c1:4c:54:32:60:0d:89:ae:fe:11:cc:6a:
33:43:be:0c:a8:d9:10:d9:ac:12:13:58:c4:8a:28:4f:0b:3e:
fc:6b:f1:34:4b:da:eb:e5:1d:e3:cd:f6:87:77:3c:6c:f7:b0:
04:8e:46:95:e6:58:9f:13:41:0e:71:eb:93:95:67:21:eb:46:
68:09:37:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypRihMS5fcT312+IFYygCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMDg4OTRjYTQwNTMxZTdkMjAyOTQwOTEyODhlNzdhZDEy
YzI5NzkwHhcNMjYwMzAxMTIwMTEzWhcNMjYwMzAyMTIwMTEzWjAzMTEwLwYDVQQD
EygzYzIzOThjNjdjOWRhZmExODYwNWI2OGEyMGQ2MGU3YzNhZjI2ZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jUK1P5CKJIGvjR8kvGqTDjJkGPh
2E9siTWz/a/Xxpd1olbsKujDrqV2xvjUXJcZfeftfE1Q4TaP5EvPIEf0mhFiJVuQ
ba7ra1cIdJEsGfXlVZqY1W1w8XRok28OCV0oUCy+YUsYCI6qK+X5+zfVrmoLdyMC
Tpm2pvn6975B2sOp6WDOhqvzb3r83eABFbcVy6Q8oRwXwOMJ0xoVytIuxn41JqT7
V14UzXEvUxneYbzh6eiVMX9HyYoVrxcbHQaKULlpmWxUMsPzBWzpZecpGctutw5V
MiUsItuZc2jLwd2uoXRGk2I+cpxo5+c309a1ymoIAhd5ZTvKNY0zRGzJ5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDwjmMZ8na+hhgW2iiDWDnw68m4QMB8GA1UdIwQY
MBaAFE0IiUykBTHn0gKUCRKI53rRLCl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWIt
NGFiYWRiNWFlYTlhLzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWItNGFiYWRiNWFlYTlh
LzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGAUBd9pE
WLAyeKMLRnJSlJ5StbLM9xqg4ZVy4+EwQqO3ssy0CfIjwmO969ikJM3Y68itn4TE
BYRV5l8BYI3fb2da7798Y1fXPGmxDuXH1VVaVMULbakFBgdRooncGo8sY3qUVdmZ
7TUdN8zUgnarGJz9bOdknk18gn8FT3gpFZGeUJn/I2f8M8bAGPD3VC/8ZdFsxq6/
UTFInlW8dw4av2YTJ4Eh85pkHJ6sraGlibfCOMT7svHxY0IUwUxUMmANia7+Ecxq
M0O+DKjZENmsEhNYxIooTws+/GvxNEva6+Ud4832h3c8bPewBI5GleZYnxNBDnHr
k5VnIetGaAk3AQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:44:22 2026 by rpki-client