Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File: tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier: mINBd+oZ75Co8VeiA4FRL2YZE1ZEAA2cNunK+kp0bQc=
Subject key identifier: 6A:5F:C8:E2:4E:22:CA:07:D1:6D:6C:22:64:27:24:12:48:EC:80:F3
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer: /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial: 019CABA1DABE859AECDFE74EC3D3EF17DEE7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number: 0ACD
Signing time: Sun 01 Mar 2026 23:00:37 +0000
Manifest this update: Sun 01 Mar 2026 23:00:37 +0000
Manifest next update: Mon 02 Mar 2026 23:00:37 +0000
Files and hashes: 1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: MjJPtgukJz3k6QnlI5cv1U6QASfi7l8mPuH8k2DsfyM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a1:da:be:85:9a:ec:df:e7:4e:c3:d3:ef:17:de:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Validity
Not Before: Mar 1 23:00:37 2026 GMT
Not After : Mar 2 23:00:37 2026 GMT
Subject: CN=6a5fc8e24e22ca07d16d6c226427241248ec80f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dc:bd:ff:b4:99:fd:42:fd:bc:6e:73:ea:96:
9c:7e:17:da:07:34:f0:46:4f:e2:e9:12:6c:33:5a:
30:95:90:a2:f2:90:45:1e:76:f6:79:89:16:e8:29:
c9:65:57:b3:06:53:c7:47:81:53:a6:76:30:58:47:
9f:aa:33:97:e0:59:d3:b5:97:67:b3:ab:e5:23:9a:
2f:c3:b1:d5:6a:ea:67:00:a8:d2:10:59:2b:3c:7a:
9e:8f:6c:50:48:39:32:68:73:38:df:5a:19:62:94:
f0:1c:2f:0b:c4:98:cb:4f:6f:15:c2:71:ab:bb:a2:
44:cd:74:c7:34:be:a8:bc:55:93:2a:32:23:41:63:
94:98:6d:7e:86:44:77:e5:9d:b4:41:0b:8f:11:4c:
10:05:86:e2:d4:0e:35:c6:e4:29:ed:2a:e8:19:01:
50:f4:5b:47:d4:14:a1:5d:45:9a:49:f6:4f:a7:1e:
f9:9f:d5:63:cf:22:8e:23:f9:af:ee:43:14:a4:6a:
7e:3d:fa:80:62:f7:1e:70:6d:21:5a:3d:2b:02:b7:
fc:5d:c3:26:06:77:f3:8d:a7:10:db:d1:e1:64:7f:
94:57:2e:31:fe:41:c6:66:53:02:4c:9d:d4:e9:ab:
bb:98:c8:1a:26:02:35:59:7d:0e:ec:50:9b:73:35:
21:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5F:C8:E2:4E:22:CA:07:D1:6D:6C:22:64:27:24:12:48:EC:80:F3
X509v3 Authority Key Identifier:
keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:ef:cc:c2:0e:b2:38:b5:9a:ee:61:e3:de:c9:04:20:65:74:
a2:1a:0e:ee:9c:2c:c8:9d:96:23:b4:a2:50:bb:f6:9f:e1:45:
37:c8:73:3a:bf:79:5f:34:fd:f2:82:40:d7:54:68:b4:8e:4e:
72:38:5a:c0:9e:1f:36:a3:22:4b:df:d5:1d:6f:4e:80:c0:7d:
d0:0b:af:7a:26:b6:8f:36:4a:96:1a:50:0a:da:5d:b5:a5:8f:
01:3f:5d:04:bc:13:b0:73:f9:74:b4:75:31:5c:14:72:8f:a3:
ee:8a:80:69:35:6c:80:c7:1c:04:f8:8e:26:15:2f:2a:7b:b0:
37:79:32:37:50:44:78:af:70:32:db:e7:16:13:8b:31:68:22:
dc:a2:9d:5a:79:9d:6e:d8:97:39:53:5c:af:25:05:a8:af:c6:
49:f7:50:2e:f9:c9:69:0e:1d:9d:0f:1d:87:25:da:3d:7e:3b:
2b:d0:d0:91:15:aa:f3:4c:c7:d9:f9:f6:73:41:f5:a8:d9:84:
40:18:bc:96:86:93:5d:09:d7:6f:b2:d4:42:9d:16:98:05:65:
21:46:0f:de:69:da:26:14:4a:5a:df:af:71:9b:80:82:45:51:
8e:0d:c2:13:69:20:ae:11:d6:c2:29:41:aa:08:3d:0b:0b:99:
15:f8:68:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrodq+hZrs3+dOw9PvF97nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjYwMzAxMjMwMDM3WhcNMjYwMzAyMjMwMDM3WjAzMTEwLwYDVQQD
Eyg2YTVmYzhlMjRlMjJjYTA3ZDE2ZDZjMjI2NDI3MjQxMjQ4ZWM4MGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9y9/7SZ/UL9vG5z6pacfhfaBzTw
Rk/i6RJsM1owlZCi8pBFHnb2eYkW6CnJZVezBlPHR4FTpnYwWEefqjOX4FnTtZdn
s6vlI5ovw7HVaupnAKjSEFkrPHqej2xQSDkyaHM431oZYpTwHC8LxJjLT28VwnGr
u6JEzXTHNL6ovFWTKjIjQWOUmG1+hkR35Z20QQuPEUwQBYbi1A41xuQp7SroGQFQ
9FtH1BShXUWaSfZPpx75n9VjzyKOI/mv7kMUpGp+PfqAYvcecG0hWj0rArf8XcMm
BnfzjacQ29HhZH+UVy4x/kHGZlMCTJ3U6au7mMgaJgI1WX0O7FCbczUhJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGpfyOJOIsoH0W1sImQnJBJI7IDzMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUu/Mwg6y
OLWa7mHj3skEIGV0ohoO7pwsyJ2WI7SiULv2n+FFN8hzOr95XzT98oJA11RotI5O
cjhawJ4fNqMiS9/VHW9OgMB90Auveia2jzZKlhpQCtpdtaWPAT9dBLwTsHP5dLR1
MVwUco+j7oqAaTVsgMccBPiOJhUvKnuwN3kyN1BEeK9wMtvnFhOLMWgi3KKdWnmd
btiXOVNcryUFqK/GSfdQLvnJaQ4dnQ8dhyXaPX47K9DQkRWq80zH2fn2c0H1qNmE
QBi8loaTXQnXb7LUQp0WmAVlIUYP3mnaJhRKWt+vcZuAgkVRjg3CE2kgrhHWwilB
qgg9CwuZFfho6A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:22:01 2026 by rpki-client