Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.mft
File: TDxmXlHMTLXK8FuClIQ-JzOhPe4.mft (raw, json)
Hash identifier: eAMAPmqPgKR9NH2T7xuey3S/lFDABMuzhwrq9t3GxjQ=
Subject key identifier: B3:3F:A8:7E:CC:C2:A3:48:8B:A4:83:6C:C6:F1:DD:8D:31:99:80:CC
Authority key identifier: 4C:3C:66:5E:51:CC:4C:B5:CA:F0:5B:82:94:84:3E:27:33:A1:3D:EE
Certificate issuer: /CN=4c3c665e51cc4cb5caf05b8294843e2733a13dee
Certificate serial: 019CAFEC7A9E16EC065C5A6FA04560DA5000
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDxmXlHMTLXK8FuClIQ-JzOhPe4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.mft
Manifest number: 0291
Signing time: Mon 02 Mar 2026 19:00:36 +0000
Manifest this update: Mon 02 Mar 2026 19:00:36 +0000
Manifest next update: Tue 03 Mar 2026 19:00:36 +0000
Files and hashes: 1: TDxmXlHMTLXK8FuClIQ-JzOhPe4.crl (hash: xqdvk3wz9GzND0FSnxRQeWesZq0fDh0vG6NRa9xy6q4=)
2: an0UggxMVOLMbfkQRZg-oFGpksM.roa (hash: RrOytt0pmrmZwpnV5VgzGRGQLeTwpMRDbcMRpSijJI4=)
3: frya0jA5P_fi8uygo2aIO2RW1ZQ.roa (hash: V1yhc9udgYV2uaOOmzTxwzsxFa2raTN+Q6jBXM4XvRY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.mft
rsync://rpki.ripe.net/repository/DEFAULT/TDxmXlHMTLXK8FuClIQ-JzOhPe4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:ec:7a:9e:16:ec:06:5c:5a:6f:a0:45:60:da:50:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c3c665e51cc4cb5caf05b8294843e2733a13dee
Validity
Not Before: Mar 2 19:00:36 2026 GMT
Not After : Mar 3 19:00:36 2026 GMT
Subject: CN=b33fa87eccc2a3488ba4836cc6f1dd8d319980cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2b:19:03:2b:3b:6a:26:c0:4d:82:0f:47:1e:
4f:4c:c3:f4:d3:ae:eb:ac:01:e1:9f:1a:1f:d9:06:
8c:4c:4b:ed:83:5c:15:b9:8e:39:d3:04:1d:40:0d:
4f:a7:fe:89:b1:65:b0:d6:02:20:a2:20:96:37:13:
4a:ce:8d:5c:34:84:bb:84:26:96:c5:b5:44:59:70:
0d:1b:db:61:31:c1:81:e9:ff:87:08:71:89:b1:ea:
05:ef:ed:8f:c1:df:34:52:c3:eb:fa:77:dd:08:8c:
3f:f5:77:9f:f6:3c:f6:07:15:b0:6c:48:f7:f1:e1:
e5:24:61:cd:6f:6f:05:1a:40:f9:37:b6:4c:f9:94:
b2:42:8a:be:20:6b:be:e3:4c:0e:5d:e4:8c:0c:32:
5c:65:f0:de:93:ce:08:ec:2e:8d:25:87:c2:72:aa:
60:2a:93:f0:2b:ef:11:3a:8f:49:dc:fc:31:f4:b0:
84:c0:0f:bd:6a:11:08:73:38:be:45:f8:fe:eb:e0:
fc:87:f7:6a:92:38:fd:ad:10:73:f3:4b:28:59:d1:
ef:fe:22:92:56:83:7c:80:f4:7e:00:39:4d:8d:8f:
ce:31:63:4a:52:74:a3:95:97:92:9f:d7:73:48:99:
f9:d5:ca:61:ae:57:54:ff:09:4e:75:6c:3e:ec:26:
6e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3F:A8:7E:CC:C2:A3:48:8B:A4:83:6C:C6:F1:DD:8D:31:99:80:CC
X509v3 Authority Key Identifier:
keyid:4C:3C:66:5E:51:CC:4C:B5:CA:F0:5B:82:94:84:3E:27:33:A1:3D:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDxmXlHMTLXK8FuClIQ-JzOhPe4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:e8:de:aa:4d:cf:3e:6f:4e:e3:ae:36:15:49:bb:16:79:66:
d7:0d:c8:14:b3:01:ef:88:84:81:86:5f:5b:9e:c0:6f:48:b2:
50:ad:e1:1d:01:bf:d7:f3:a1:b3:2f:90:45:5a:fa:a2:66:e1:
c2:d8:29:a6:30:b7:16:30:46:7e:4c:a4:d0:b5:8e:ac:75:44:
1e:d9:63:54:b0:72:4e:c4:c6:4a:4e:d6:5e:bb:71:6a:a6:c7:
e2:37:bf:d4:51:fc:a4:fd:cf:cd:dd:98:8a:15:9e:b7:06:ea:
30:b1:65:1b:c4:eb:07:36:76:c6:0c:70:8b:eb:ee:86:cf:2a:
42:8d:fd:3a:90:0d:33:73:df:c6:4c:37:fb:6a:37:ed:54:c7:
98:04:b2:12:33:46:17:83:b5:09:88:b5:fb:37:c8:52:74:ec:
d6:58:1e:f6:14:6f:f9:9a:ee:48:a5:0b:d7:fb:45:5a:7b:2f:
16:6c:16:48:13:64:21:40:02:d3:cb:b9:96:3b:9a:e5:9d:2c:
17:57:09:db:d8:2a:48:47:fd:4b:5a:60:3f:56:91:b9:4c:f0:
65:bf:35:8b:da:8d:f2:9c:46:d8:a6:46:ff:8e:f6:4e:67:a1:
7e:1b:76:b3:87:5e:33:08:f8:a0:35:c7:dc:1f:90:17:ba:d8:
8b:11:c8:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyv7HqeFuwGXFpvoEVg2lAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjM2M2NjVlNTFjYzRjYjVjYWYwNWI4Mjk0ODQzZTI3MzNh
MTNkZWUwHhcNMjYwMzAyMTkwMDM2WhcNMjYwMzAzMTkwMDM2WjAzMTEwLwYDVQQD
EyhiMzNmYTg3ZWNjYzJhMzQ4OGJhNDgzNmNjNmYxZGQ4ZDMxOTk4MGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnysZAys7aibATYIPRx5PTMP0067r
rAHhnxof2QaMTEvtg1wVuY450wQdQA1Pp/6JsWWw1gIgoiCWNxNKzo1cNIS7hCaW
xbVEWXANG9thMcGB6f+HCHGJseoF7+2Pwd80UsPr+nfdCIw/9Xef9jz2BxWwbEj3
8eHlJGHNb28FGkD5N7ZM+ZSyQoq+IGu+40wOXeSMDDJcZfDek84I7C6NJYfCcqpg
KpPwK+8ROo9J3Pwx9LCEwA+9ahEIczi+Rfj+6+D8h/dqkjj9rRBz80soWdHv/iKS
VoN8gPR+ADlNjY/OMWNKUnSjlZeSn9dzSJn51cphrldU/wlOdWw+7CZuHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLM/qH7MwqNIi6SDbMbx3Y0xmYDMMB8GA1UdIwQY
MBaAFEw8Zl5RzEy1yvBbgpSEPiczoT3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVER4bVhsSE1UTFhLOEZ1Q2xJUS1Kek9oUGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS82YjY2YjQtMDY0Yy00MmVlLWE1ZWUt
MWE2NWI5MWJlZTU4LzEvVER4bVhsSE1UTFhLOEZ1Q2xJUS1Kek9oUGU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS82YjY2YjQtMDY0Yy00MmVlLWE1ZWUtMWE2NWI5MWJlZTU4
LzEvVER4bVhsSE1UTFhLOEZ1Q2xJUS1Kek9oUGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZejeqk3P
Pm9O4642FUm7Fnlm1w3IFLMB74iEgYZfW57Ab0iyUK3hHQG/1/Ohsy+QRVr6ombh
wtgppjC3FjBGfkyk0LWOrHVEHtljVLByTsTGSk7WXrtxaqbH4je/1FH8pP3Pzd2Y
ihWetwbqMLFlG8TrBzZ2xgxwi+vuhs8qQo39OpANM3Pfxkw3+2o37VTHmASyEjNG
F4O1CYi1+zfIUnTs1lge9hRv+ZruSKUL1/tFWnsvFmwWSBNkIUAC08u5ljua5Z0s
F1cJ29gqSEf9S1pgP1aRuUzwZb81i9qN8pxG2KZG/472Tmehfht2s4deMwj4oDXH
3B+QF7rYixHI9A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:10:43 2026 by rpki-client