Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
File: TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft (raw, json)
Hash identifier: 9SPofm28/ANPngQink7ajjkjSiaE3mooEbSlL2TKO/I=
Subject key identifier: D6:1B:02:DC:82:35:59:B0:7D:47:99:06:BB:C3:EA:6D:4E:BA:B0:C5
Authority key identifier: 4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35
Certificate issuer: /CN=4ce90379bd8d04374b3adef060d51ae215710935
Certificate serial: 019EC22431E34A8716647B0E7FD575C9ADDB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
Manifest number: 0343
Signing time: Sat 13 Jun 2026 18:00:12 +0000
Manifest this update: Sat 13 Jun 2026 18:00:12 +0000
Manifest next update: Sun 14 Jun 2026 18:00:12 +0000
Files and hashes: 1: EjuIE4enXZzinM4ZfgsSD3gwxuY.roa (hash: VmAOnFMFZNZ7v7h3b1tL7nh4Drf7aU0G1qxfw7anYLc=)
2: TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl (hash: ZLcxnqiS3BQjjOrbJN6GrHuki4u/ZMOjBrjUJG9bJ3E=)
3: ksdLr_cpg0SNdbhzGPEUMaDjaa0.roa (hash: aWZAiEXDI8uHWbww+kMMTpEPGkhJJ3i3CwUVKl+KHtA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c2:24:31:e3:4a:87:16:64:7b:0e:7f:d5:75:c9:ad:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ce90379bd8d04374b3adef060d51ae215710935
Validity
Not Before: Jun 13 18:00:12 2026 GMT
Not After : Jun 14 18:00:12 2026 GMT
Subject: CN=d61b02dc823559b07d479906bbc3ea6d4ebab0c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:52:57:10:63:27:06:9d:db:e8:ca:74:31:6b:
a0:b1:f6:e6:cd:b3:55:ae:1d:54:5e:d8:8b:0e:05:
d9:10:74:b6:2d:b6:c9:5b:a3:10:61:87:b5:1e:e6:
6b:f1:6f:78:30:e1:81:47:9a:06:fe:0b:65:02:22:
ff:c5:cb:28:8f:ff:7f:fc:3b:af:6b:15:1a:8b:34:
73:72:29:38:c7:c4:b1:1d:f0:f0:de:dc:d3:ff:86:
dd:c3:fb:23:ad:87:aa:67:3e:9c:b2:ce:c1:ba:f0:
dd:04:3a:d4:29:ed:e5:ca:bd:e3:af:11:90:bd:43:
69:ae:26:ae:c9:4f:59:5c:17:bf:ce:08:10:7d:0f:
25:70:bb:22:51:24:b9:13:35:e7:1c:c5:6d:d5:9d:
21:ea:07:c7:d0:ec:56:cd:63:90:f0:b9:77:11:62:
86:e6:84:f0:ff:6c:23:8e:2e:89:55:c2:02:01:0f:
66:31:02:cb:49:2a:e8:7a:2b:38:f3:76:d2:8b:25:
1f:58:9e:24:06:9b:84:b0:a7:a6:48:08:59:19:65:
f6:fe:e2:c3:1e:37:24:91:7a:e9:ee:69:ef:ea:a3:
c7:50:6a:19:bc:ab:c4:ae:97:82:a9:3d:dc:19:0b:
cb:fb:2c:3e:cf:2d:84:86:13:77:98:82:bf:94:e8:
b5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:1B:02:DC:82:35:59:B0:7D:47:99:06:BB:C3:EA:6D:4E:BA:B0:C5
X509v3 Authority Key Identifier:
keyid:4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:36:66:b2:8d:c5:17:d2:8c:63:e5:3c:26:4d:fb:40:f5:99:
92:bb:5f:2a:43:91:2f:19:77:ce:84:75:cc:ad:1d:58:05:79:
dd:be:10:17:cb:01:ac:8d:a4:eb:1d:56:bc:01:d7:07:75:c8:
d5:0c:30:2a:11:e9:57:31:58:05:39:cd:a8:a5:7a:be:c4:1a:
3a:d8:bb:7b:84:45:8c:81:2a:c5:3a:26:f8:f1:af:c0:a8:c4:
94:e6:ba:dd:50:d6:3b:a0:75:ce:e9:b3:0a:0a:f0:29:e6:2e:
12:87:ad:41:c6:67:c0:0d:86:f2:23:1c:22:b0:48:34:9b:2e:
a5:46:6a:b1:65:79:5a:63:d5:8e:7a:56:8b:7c:56:3b:dc:94:
a8:d6:93:59:a2:8a:2e:87:ab:6c:ea:c9:19:2a:3c:d5:ea:1a:
fe:42:4b:73:e6:4c:65:c3:db:8a:53:4c:d8:e5:0f:69:aa:90:
82:7c:dc:df:74:c2:03:e1:49:6d:f8:20:ec:62:5f:44:2e:15:
0e:b9:d9:c0:60:2e:3a:01:01:fb:af:d5:db:00:5b:7f:bd:f8:
7a:73:e1:a7:1f:3c:da:4b:46:6a:69:08:2d:e3:74:18:01:8c:
80:b6:69:85:4a:a2:78:05:c4:b7:16:c2:8a:66:d6:98:b8:01:
66:22:18:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7CJDHjSocWZHsOf9V1ya3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTkwMzc5YmQ4ZDA0Mzc0YjNhZGVmMDYwZDUxYWUyMTU3
MTA5MzUwHhcNMjYwNjEzMTgwMDEyWhcNMjYwNjE0MTgwMDEyWjAzMTEwLwYDVQQD
EyhkNjFiMDJkYzgyMzU1OWIwN2Q0Nzk5MDZiYmMzZWE2ZDRlYmFiMGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21JXEGMnBp3b6Mp0MWugsfbmzbNV
rh1UXtiLDgXZEHS2LbbJW6MQYYe1HuZr8W94MOGBR5oG/gtlAiL/xcsoj/9//Duv
axUaizRzcik4x8SxHfDw3tzT/4bdw/sjrYeqZz6css7BuvDdBDrUKe3lyr3jrxGQ
vUNpriauyU9ZXBe/zggQfQ8lcLsiUSS5EzXnHMVt1Z0h6gfH0OxWzWOQ8Ll3EWKG
5oTw/2wjji6JVcICAQ9mMQLLSSroeis483bSiyUfWJ4kBpuEsKemSAhZGWX2/uLD
HjckkXrp7mnv6qPHUGoZvKvErpeCqT3cGQvL+yw+zy2EhhN3mIK/lOi1DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYbAtyCNVmwfUeZBrvD6m1OurDFMB8GA1UdIwQY
MBaAFEzpA3m9jQQ3Szre8GDVGuIVcQk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYt
ODIwMGI4NjYwM2IxLzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYtODIwMGI4NjYwM2Ix
LzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWjZmso3F
F9KMY+U8Jk37QPWZkrtfKkORLxl3zoR1zK0dWAV53b4QF8sBrI2k6x1WvAHXB3XI
1QwwKhHpVzFYBTnNqKV6vsQaOti7e4RFjIEqxTom+PGvwKjElOa63VDWO6B1zumz
CgrwKeYuEoetQcZnwA2G8iMcIrBINJsupUZqsWV5WmPVjnpWi3xWO9yUqNaTWaKK
LoerbOrJGSo81eoa/kJLc+ZMZcPbilNM2OUPaaqQgnzc33TCA+FJbfgg7GJfRC4V
DrnZwGAuOgEB+6/V2wBbf734enPhpx882ktGamkILeN0GAGMgLZphUqieAXEtxbC
imbWmLgBZiIYXQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:45:19 2026 by rpki-client