Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.mft
File: tKfQVIK4TTu2BPCZvK-eftNGiJo.mft (raw, json)
Hash identifier: 8s5WF1e8MZSZ+DlSDL11ddCvC4bs6D44ntYD+D9a/nc=
Subject key identifier: DB:6D:42:E1:14:D7:D3:B5:A9:20:DC:D0:8E:7B:71:04:29:65:1B:80
Authority key identifier: B4:A7:D0:54:82:B8:4D:3B:B6:04:F0:99:BC:AF:9E:7E:D3:46:88:9A
Certificate issuer: /CN=b4a7d05482b84d3bb604f099bcaf9e7ed346889a
Certificate serial: 019CA9B3E09E246CC15B3AED05CFE84CFF59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKfQVIK4TTu2BPCZvK-eftNGiJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.mft
Manifest number: 1843
Signing time: Sun 01 Mar 2026 14:01:03 +0000
Manifest this update: Sun 01 Mar 2026 14:01:03 +0000
Manifest next update: Mon 02 Mar 2026 14:01:03 +0000
Files and hashes: 1: awToJLBsyk0T4IcWFD08IQBrMn8.roa (hash: D6jszyrJ34yNygrEuO9QJPaleqlFTsrRTxhepr3reTI=)
2: tKfQVIK4TTu2BPCZvK-eftNGiJo.crl (hash: aI1jBJSLqovRleIJvz07rEEe7znUr0/98CjSmkk45lA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tKfQVIK4TTu2BPCZvK-eftNGiJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:b3:e0:9e:24:6c:c1:5b:3a:ed:05:cf:e8:4c:ff:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a7d05482b84d3bb604f099bcaf9e7ed346889a
Validity
Not Before: Mar 1 14:01:03 2026 GMT
Not After : Mar 2 14:01:03 2026 GMT
Subject: CN=db6d42e114d7d3b5a920dcd08e7b710429651b80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ab:e0:e4:e6:62:5b:42:aa:29:b2:2d:08:9d:
95:0f:b8:f2:ff:ee:6a:92:c5:dd:62:ff:5f:1a:9b:
a8:de:55:33:c3:d6:9b:af:be:26:6e:07:16:42:86:
2a:a0:88:c2:ac:e0:c1:18:26:b9:bb:85:64:99:ec:
6d:f2:99:43:18:72:00:0e:97:66:12:5e:2e:92:fb:
4c:87:b0:14:ec:8c:5e:3d:4e:fb:b7:44:6e:68:b2:
72:8a:29:bd:93:e6:cb:1f:d8:fd:a1:13:56:e8:93:
d3:df:13:12:8d:1c:7c:57:a6:c4:c6:7a:e1:ea:bf:
f2:3f:51:c0:33:cc:57:13:ef:c3:a3:5b:33:55:14:
d9:77:6b:fa:0c:c4:54:e5:3d:a5:48:cd:17:50:3a:
e7:43:4c:4a:78:87:96:d1:cd:8c:65:18:45:c5:a6:
16:af:97:56:14:aa:99:dd:c8:12:c0:5a:4d:03:3e:
bf:2d:24:aa:0d:79:81:6e:2d:21:1c:8e:f5:8c:77:
0d:53:e3:72:9f:89:09:ba:c6:88:0f:97:6e:28:65:
72:81:f6:50:fc:21:b3:d1:95:cc:6e:5c:f6:fb:11:
15:a9:db:89:06:b1:b0:25:37:20:f9:ca:a8:26:cb:
55:62:b9:1f:de:57:b2:33:5a:4a:c4:cd:53:dc:91:
53:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:6D:42:E1:14:D7:D3:B5:A9:20:DC:D0:8E:7B:71:04:29:65:1B:80
X509v3 Authority Key Identifier:
keyid:B4:A7:D0:54:82:B8:4D:3B:B6:04:F0:99:BC:AF:9E:7E:D3:46:88:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKfQVIK4TTu2BPCZvK-eftNGiJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:97:ee:bd:44:52:7d:f8:f6:03:01:42:19:ca:02:77:68:36:
e9:30:17:ee:b5:7e:6a:cb:a4:b8:38:c2:9a:e6:6f:0e:e2:15:
c4:ab:45:96:eb:65:7d:e1:fc:52:c8:ce:28:d7:fc:9a:3a:1b:
16:06:a9:24:c2:f8:31:17:bd:50:4e:1d:1c:85:58:07:9d:a5:
72:bd:9e:e7:63:5d:e8:a8:54:55:f5:25:27:23:4f:21:07:ba:
4c:8b:32:25:10:23:d0:bd:32:55:aa:76:4a:95:4a:b8:ff:0f:
27:49:c8:92:2a:cf:5b:bc:4b:29:e8:d8:3f:8d:53:b3:57:ca:
08:36:ea:4c:71:e6:6f:d3:a9:95:69:8a:b4:4e:11:cb:8d:53:
f4:8f:53:be:b9:64:11:93:da:44:57:f8:2c:e3:5b:ee:4e:ce:
35:4c:3f:64:d2:33:8b:ed:02:e2:77:e0:8a:9c:56:ac:92:48:
e4:3e:9f:9f:68:f8:2b:f7:22:f3:61:0a:2d:08:43:9d:77:ce:
3f:15:a2:2b:1d:2f:6d:dd:08:83:8a:65:58:52:82:ea:7b:62:
8c:a2:4f:f9:e3:a9:c3:7c:27:74:f1:ba:00:5a:d9:4a:25:c9:
ae:68:64:71:f4:0b:0c:cf:6e:61:c1:d2:70:d1:cb:23:11:8d:
4c:92:4e:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyps+CeJGzBWzrtBc/oTP9ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTdkMDU0ODJiODRkM2JiNjA0ZjA5OWJjYWY5ZTdlZDM0
Njg4OWEwHhcNMjYwMzAxMTQwMTAzWhcNMjYwMzAyMTQwMTAzWjAzMTEwLwYDVQQD
EyhkYjZkNDJlMTE0ZDdkM2I1YTkyMGRjZDA4ZTdiNzEwNDI5NjUxYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKvg5OZiW0KqKbItCJ2VD7jy/+5q
ksXdYv9fGpuo3lUzw9abr74mbgcWQoYqoIjCrODBGCa5u4Vkmext8plDGHIADpdm
El4ukvtMh7AU7IxePU77t0RuaLJyiim9k+bLH9j9oRNW6JPT3xMSjRx8V6bExnrh
6r/yP1HAM8xXE+/Do1szVRTZd2v6DMRU5T2lSM0XUDrnQ0xKeIeW0c2MZRhFxaYW
r5dWFKqZ3cgSwFpNAz6/LSSqDXmBbi0hHI71jHcNU+Nyn4kJusaID5duKGVygfZQ
/CGz0ZXMblz2+xEVqduJBrGwJTcg+cqoJstVYrkf3leyM1pKxM1T3JFTPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNttQuEU19O1qSDc0I57cQQpZRuAMB8GA1UdIwQY
MBaAFLSn0FSCuE07tgTwmbyvnn7TRoiaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtmUVZJSzRUVHUyQlBDWnZLLWVmdE5HaUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC85ZGQ4YWUtNGFmYy00NGMxLTliZDAt
YzUzMjE5NWVlZjQ5LzEvdEtmUVZJSzRUVHUyQlBDWnZLLWVmdE5HaUpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC85ZGQ4YWUtNGFmYy00NGMxLTliZDAtYzUzMjE5NWVlZjQ5
LzEvdEtmUVZJSzRUVHUyQlBDWnZLLWVmdE5HaUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfJfuvURS
ffj2AwFCGcoCd2g26TAX7rV+asukuDjCmuZvDuIVxKtFlutlfeH8UsjOKNf8mjob
FgapJML4MRe9UE4dHIVYB52lcr2e52Nd6KhUVfUlJyNPIQe6TIsyJRAj0L0yVap2
SpVKuP8PJ0nIkirPW7xLKejYP41Ts1fKCDbqTHHmb9OplWmKtE4Ry41T9I9Tvrlk
EZPaRFf4LONb7k7ONUw/ZNIzi+0C4nfgipxWrJJI5D6fn2j4K/ci82EKLQhDnXfO
PxWiKx0vbd0Ig4plWFKC6ntijKJP+eOpw3wndPG6AFrZSiXJrmhkcfQLDM9uYcHS
cNHLIxGNTJJOGg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:04:17 2026 by rpki-client