Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
File: TQiJTKQFMefSApQJEojnetEsKXk.mft (raw, json)
Hash identifier: TbK8Oy30jonZMdYrtPbAz/RWvsELOhe0Hxzu+RzjgNA=
Subject key identifier: 72:C6:01:85:9B:99:54:80:7B:99:C5:45:C6:C9:9D:20:D5:6A:35:15
Authority key identifier: 4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
Certificate issuer: /CN=4d08894ca40531e7d20294091288e77ad12c2979
Certificate serial: 019D98BD19FF1622633CF0CC9B3A0F46EE09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
Manifest number: 0988
Signing time: Fri 17 Apr 2026 00:00:22 +0000
Manifest this update: Fri 17 Apr 2026 00:00:22 +0000
Manifest next update: Sat 18 Apr 2026 00:00:22 +0000
Files and hashes: 1: 1SYQW-AytRFT8X7H178C63GJxjA.roa (hash: ZzI22LUMgcKDVR6FP27XHCqtHrqNmJBOs8nOGmHXP4g=)
2: TQiJTKQFMefSApQJEojnetEsKXk.crl (hash: 3q9MblyB39I+uZTI742pukyFt6v13IrGVrn1v2qrNrg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:bd:19:ff:16:22:63:3c:f0:cc:9b:3a:0f:46:ee:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d08894ca40531e7d20294091288e77ad12c2979
Validity
Not Before: Apr 17 00:00:22 2026 GMT
Not After : Apr 18 00:00:22 2026 GMT
Subject: CN=72c601859b9954807b99c545c6c99d20d56a3515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7f:2b:8d:e1:c9:0b:b6:f1:7c:c6:3e:f4:fa:
b2:94:fe:33:27:f2:b6:6b:21:83:ac:08:7b:83:28:
e0:f2:cf:d3:61:16:be:c2:1b:99:96:72:39:47:b8:
b1:97:86:95:cb:f6:15:ed:71:89:9f:69:4d:c7:1d:
97:0a:c1:75:77:e1:ce:29:c1:8f:83:48:04:65:b2:
ab:e2:50:f5:5d:d4:54:79:8c:db:40:8d:54:ec:2a:
63:56:bf:a5:31:a7:a5:15:99:ad:5d:a7:53:eb:f6:
0a:67:4f:8d:64:80:bb:64:f8:b1:a0:49:26:1d:c5:
05:82:c4:4e:c8:77:7a:3b:9d:42:3c:7f:f7:65:ea:
ca:14:d3:36:f7:2f:bc:0f:bd:09:e3:2a:6d:c0:07:
5b:1c:b8:1e:49:5c:81:db:be:46:9f:1e:6c:fc:83:
33:53:6f:83:f9:c7:73:e7:fc:54:fc:8e:d2:e7:62:
ab:b8:ca:48:24:f6:50:3f:38:dd:37:ed:75:8b:b0:
bf:0b:58:ce:3c:12:9d:f6:ec:72:40:d8:f5:c6:ec:
66:2f:a9:f8:51:ef:9a:3e:56:93:7f:88:1a:5d:94:
eb:31:05:e1:28:bc:28:59:e1:59:6d:b0:69:15:3a:
8e:47:55:3c:40:7d:01:46:9b:93:9d:6f:9c:03:0c:
92:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C6:01:85:9B:99:54:80:7B:99:C5:45:C6:C9:9D:20:D5:6A:35:15
X509v3 Authority Key Identifier:
keyid:4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:d0:7c:59:a4:6c:98:15:11:ff:10:f7:08:9c:5c:de:7f:54:
35:5b:f3:4f:20:3e:57:fa:9b:de:46:b8:ae:e8:de:76:42:10:
34:2a:bf:6e:d6:52:3d:36:ac:fc:b0:ee:1a:6e:31:b4:d1:86:
b9:0d:21:dc:c1:dc:b4:84:0a:dd:e5:ef:00:38:50:fd:74:f4:
d2:66:10:f9:b6:36:d5:34:a5:52:6e:11:d1:01:99:3c:2a:40:
2f:f7:42:0a:ec:64:f9:48:01:f9:90:48:20:bc:a0:a5:a8:d1:
c4:d7:e8:f0:65:01:20:29:30:0e:f4:eb:dd:aa:76:2e:16:f2:
0c:23:e1:70:85:99:14:8e:f8:6c:15:6a:d9:3a:47:2e:41:4c:
c9:6f:d3:d4:af:49:8c:e1:45:ca:fa:70:81:65:90:2b:3f:ef:
61:44:ce:f0:92:03:a1:58:17:84:f6:be:2d:6e:4f:aa:5c:60:
0f:5a:9b:22:32:b0:c9:08:12:1e:26:43:20:b8:8d:47:06:56:
77:e6:7d:e4:63:20:a1:3d:e6:06:1b:15:8d:8e:1c:8a:03:21:
39:66:68:02:03:9f:cc:0f:20:2a:4b:d8:16:c7:4f:d2:87:35:
d7:5b:bb:fe:f5:e4:8a:47:a4:2c:fd:ab:90:e2:9e:95:60:7b:
3e:7c:2d:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YvRn/FiJjPPDMmzoPRu4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMDg4OTRjYTQwNTMxZTdkMjAyOTQwOTEyODhlNzdhZDEy
YzI5NzkwHhcNMjYwNDE3MDAwMDIyWhcNMjYwNDE4MDAwMDIyWjAzMTEwLwYDVQQD
Eyg3MmM2MDE4NTliOTk1NDgwN2I5OWM1NDVjNmM5OWQyMGQ1NmEzNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX8rjeHJC7bxfMY+9PqylP4zJ/K2
ayGDrAh7gyjg8s/TYRa+whuZlnI5R7ixl4aVy/YV7XGJn2lNxx2XCsF1d+HOKcGP
g0gEZbKr4lD1XdRUeYzbQI1U7CpjVr+lMaelFZmtXadT6/YKZ0+NZIC7ZPixoEkm
HcUFgsROyHd6O51CPH/3ZerKFNM29y+8D70J4yptwAdbHLgeSVyB275Gnx5s/IMz
U2+D+cdz5/xU/I7S52KruMpIJPZQPzjdN+11i7C/C1jOPBKd9uxyQNj1xuxmL6n4
Ue+aPlaTf4gaXZTrMQXhKLwoWeFZbbBpFTqOR1U8QH0BRpuTnW+cAwyS5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLGAYWbmVSAe5nFRcbJnSDVajUVMB8GA1UdIwQY
MBaAFE0IiUykBTHn0gKUCRKI53rRLCl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWIt
NGFiYWRiNWFlYTlhLzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWItNGFiYWRiNWFlYTlh
LzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANNB8WaRs
mBUR/xD3CJxc3n9UNVvzTyA+V/qb3ka4rujedkIQNCq/btZSPTas/LDuGm4xtNGG
uQ0h3MHctIQK3eXvADhQ/XT00mYQ+bY21TSlUm4R0QGZPCpAL/dCCuxk+UgB+ZBI
ILygpajRxNfo8GUBICkwDvTr3ap2LhbyDCPhcIWZFI74bBVq2TpHLkFMyW/T1K9J
jOFFyvpwgWWQKz/vYUTO8JIDoVgXhPa+LW5PqlxgD1qbIjKwyQgSHiZDILiNRwZW
d+Z95GMgoT3mBhsVjY4cigMhOWZoAgOfzA8gKkvYFsdP0oc111u7/vXkikekLP2r
kOKelWB7Pnwtxg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:09:47 2026 by rpki-client