Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
File: TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft (raw, json)
Hash identifier: 136AfT8uAzp2HV1jJezlVcf21xrYjForI11z5ivcEkA=
Subject key identifier: E1:AE:BF:27:79:81:4F:50:15:50:C1:D5:F0:2C:02:67:25:E4:4E:02
Authority key identifier: 4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35
Certificate issuer: /CN=4ce90379bd8d04374b3adef060d51ae215710935
Certificate serial: 019CAF114F25830F333748BAF109FE138FD6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
Manifest number: 0230
Signing time: Mon 02 Mar 2026 15:01:12 +0000
Manifest this update: Mon 02 Mar 2026 15:01:12 +0000
Manifest next update: Tue 03 Mar 2026 15:01:12 +0000
Files and hashes: 1: EjuIE4enXZzinM4ZfgsSD3gwxuY.roa (hash: VmAOnFMFZNZ7v7h3b1tL7nh4Drf7aU0G1qxfw7anYLc=)
2: TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl (hash: BhVHMYerJ3tTNdcgCG2CJAJXiMqOdKY5fp+tUqyvacs=)
3: ksdLr_cpg0SNdbhzGPEUMaDjaa0.roa (hash: aWZAiEXDI8uHWbww+kMMTpEPGkhJJ3i3CwUVKl+KHtA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:11:4f:25:83:0f:33:37:48:ba:f1:09:fe:13:8f:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ce90379bd8d04374b3adef060d51ae215710935
Validity
Not Before: Mar 2 15:01:12 2026 GMT
Not After : Mar 3 15:01:12 2026 GMT
Subject: CN=e1aebf2779814f501550c1d5f02c026725e44e02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:96:de:42:cc:36:99:77:b6:44:5b:3d:88:f8:
b8:23:48:60:c3:1c:75:30:03:69:37:c7:83:be:04:
b6:33:05:68:74:03:df:21:b1:67:ba:6a:38:83:32:
99:45:49:68:af:03:34:a5:03:84:c5:49:7b:00:60:
9a:f9:c5:f6:2d:bd:12:e6:e8:9c:69:b7:f5:08:12:
3d:db:1b:37:23:70:b1:75:b7:ca:87:b8:ad:1b:82:
fa:f3:2f:f4:1c:57:e1:de:3a:63:f2:fc:68:ab:04:
08:af:1c:d0:a3:44:85:11:ef:02:72:f8:a1:a3:9c:
21:67:4a:c9:e0:30:d9:40:02:47:07:ae:37:9b:e6:
48:46:f4:40:f7:c6:9e:36:01:ac:c2:96:c2:4b:ee:
c3:eb:55:29:fb:bf:4b:b8:61:79:99:aa:90:f9:2d:
a3:e6:2d:5d:85:50:17:cd:fd:96:60:e4:7c:b0:c8:
6d:c7:fa:2a:19:03:67:5f:32:08:b5:b6:6c:de:9a:
6e:63:b1:a2:46:8f:21:27:16:31:8d:b9:81:87:cb:
2e:46:dd:a4:4a:38:be:d7:52:37:73:4d:36:c7:eb:
8e:59:80:13:02:80:00:17:57:73:7a:a9:a8:2c:f9:
bd:55:13:ee:41:8a:08:e4:5a:84:2a:e3:db:8c:bb:
e9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:AE:BF:27:79:81:4F:50:15:50:C1:D5:F0:2C:02:67:25:E4:4E:02
X509v3 Authority Key Identifier:
keyid:4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:57:48:f6:50:66:07:8e:44:3a:07:79:1f:a4:ec:c3:2a:e3:
54:5f:c4:45:17:91:53:3a:5f:b1:d7:27:f7:ae:c8:f9:f5:47:
3d:f5:da:e6:35:3a:dd:be:7b:4b:e7:bf:9f:ad:a8:2b:f1:83:
1a:f2:5a:41:53:b0:d1:8c:8e:e5:c7:c8:61:f7:2f:a4:3f:b8:
53:3d:4c:61:dd:d2:31:9b:b6:bb:d5:a8:1d:3e:18:86:70:a7:
e9:52:ed:14:af:9e:4f:18:86:b2:80:51:f9:94:0d:93:2e:8c:
71:f2:ae:63:b2:3a:c3:9f:a9:2a:6c:8b:c2:b6:2f:bc:07:78:
6b:a2:a6:23:c2:5a:52:52:e1:de:8e:ed:f1:e8:8f:45:95:c5:
17:f1:5f:fc:c9:59:7a:df:88:08:e3:23:10:18:72:78:d6:0e:
33:46:94:d1:1a:7d:b7:41:13:58:8c:c8:1b:de:ae:f0:69:64:
03:8c:50:a9:f2:47:93:b0:9a:5d:63:cd:0e:3a:be:64:90:07:
8d:d0:b8:cb:66:3e:af:61:48:53:4f:b7:3a:6a:1f:fe:2d:10:
04:05:d8:03:85:56:28:c1:3f:e0:64:b5:43:f4:56:f1:6a:ed:
5b:8a:9a:4e:bb:5d:68:23:ec:2a:3e:a6:11:bc:1b:00:cc:b3:
5a:1f:06:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvEU8lgw8zN0i68Qn+E4/WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTkwMzc5YmQ4ZDA0Mzc0YjNhZGVmMDYwZDUxYWUyMTU3
MTA5MzUwHhcNMjYwMzAyMTUwMTEyWhcNMjYwMzAzMTUwMTEyWjAzMTEwLwYDVQQD
EyhlMWFlYmYyNzc5ODE0ZjUwMTU1MGMxZDVmMDJjMDI2NzI1ZTQ0ZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75beQsw2mXe2RFs9iPi4I0hgwxx1
MANpN8eDvgS2MwVodAPfIbFnumo4gzKZRUlorwM0pQOExUl7AGCa+cX2Lb0S5uic
abf1CBI92xs3I3CxdbfKh7itG4L68y/0HFfh3jpj8vxoqwQIrxzQo0SFEe8Ccvih
o5whZ0rJ4DDZQAJHB643m+ZIRvRA98aeNgGswpbCS+7D61Up+79LuGF5maqQ+S2j
5i1dhVAXzf2WYOR8sMhtx/oqGQNnXzIItbZs3ppuY7GiRo8hJxYxjbmBh8suRt2k
Sji+11I3c002x+uOWYATAoAAF1dzeqmoLPm9VRPuQYoI5FqEKuPbjLvplwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOGuvyd5gU9QFVDB1fAsAmcl5E4CMB8GA1UdIwQY
MBaAFEzpA3m9jQQ3Szre8GDVGuIVcQk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYt
ODIwMGI4NjYwM2IxLzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYtODIwMGI4NjYwM2Ix
LzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh1dI9lBm
B45EOgd5H6TswyrjVF/ERReRUzpfsdcn967I+fVHPfXa5jU63b57S+e/n62oK/GD
GvJaQVOw0YyO5cfIYfcvpD+4Uz1MYd3SMZu2u9WoHT4YhnCn6VLtFK+eTxiGsoBR
+ZQNky6McfKuY7I6w5+pKmyLwrYvvAd4a6KmI8JaUlLh3o7t8eiPRZXFF/Ff/MlZ
et+ICOMjEBhyeNYOM0aU0Rp9t0ETWIzIG96u8GlkA4xQqfJHk7CaXWPNDjq+ZJAH
jdC4y2Y+r2FIU0+3Omof/i0QBAXYA4VWKME/4GS1Q/RW8WrtW4qaTrtdaCPsKj6m
EbwbAMyzWh8Gqg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:25:26 2026 by rpki-client