Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
File: TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft (raw, json)
Hash identifier: vURYSInvOT5+yhxa7N7sjIiMsfFCTLOyRVAHV3VQFvU=
Subject key identifier: 28:5C:91:92:35:4A:C3:5E:48:2A:8D:F2:F5:5D:54:8C:C8:07:1C:E4
Authority key identifier: 4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35
Certificate issuer: /CN=4ce90379bd8d04374b3adef060d51ae215710935
Certificate serial: 019D9C99E52A511FDBC58E4B85ACC785F969
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
Manifest number: 02AB
Signing time: Fri 17 Apr 2026 18:00:24 +0000
Manifest this update: Fri 17 Apr 2026 18:00:24 +0000
Manifest next update: Sat 18 Apr 2026 18:00:24 +0000
Files and hashes: 1: EjuIE4enXZzinM4ZfgsSD3gwxuY.roa (hash: VmAOnFMFZNZ7v7h3b1tL7nh4Drf7aU0G1qxfw7anYLc=)
2: TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl (hash: HK/vM64l3LHWFnQ0CtevPWmUI2P1Syvfst2buC6lvg0=)
3: ksdLr_cpg0SNdbhzGPEUMaDjaa0.roa (hash: aWZAiEXDI8uHWbww+kMMTpEPGkhJJ3i3CwUVKl+KHtA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 18:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:99:e5:2a:51:1f:db:c5:8e:4b:85:ac:c7:85:f9:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ce90379bd8d04374b3adef060d51ae215710935
Validity
Not Before: Apr 17 18:00:24 2026 GMT
Not After : Apr 18 18:00:24 2026 GMT
Subject: CN=285c9192354ac35e482a8df2f55d548cc8071ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:dd:44:23:f5:38:05:91:a3:cd:99:1c:90:9d:
a5:7d:59:ce:53:3e:04:9d:78:fb:66:fa:95:06:6e:
cd:66:dd:b3:0c:1f:e3:79:21:6a:f0:31:ff:d0:56:
2a:48:f5:b3:7d:9e:b2:83:af:6e:0e:27:ae:37:e6:
42:9a:e7:fc:33:04:61:b0:03:48:08:b4:eb:7e:4d:
3b:85:17:77:e6:c0:b0:77:e5:81:2d:26:af:e9:3c:
cc:01:c9:78:91:cc:92:76:f8:34:70:c9:b9:9e:f8:
0e:2d:6d:87:22:00:bf:18:ac:1f:95:34:4d:16:12:
4a:12:53:fc:94:b7:ae:c6:0f:7f:50:ed:e2:a0:2c:
fd:c8:6b:03:b6:f3:3a:0b:b2:c3:6d:40:0a:72:92:
49:23:e7:ca:57:d7:a6:54:86:aa:51:fd:ec:89:04:
79:2d:4b:84:44:fc:98:d1:ed:b8:52:fb:fc:4e:36:
e3:eb:75:d7:46:9e:a0:ef:23:2d:76:ed:52:a4:40:
f9:b8:cd:b6:2c:33:df:3d:f8:c0:05:62:03:28:fb:
2c:42:a2:cb:b8:79:b2:c9:1d:4a:0f:75:00:a0:f7:
3e:65:f5:f7:a2:77:af:bf:33:d3:75:27:ed:52:2b:
23:38:77:6f:36:18:b8:b3:25:92:ba:6e:b0:47:85:
3a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:5C:91:92:35:4A:C3:5E:48:2A:8D:F2:F5:5D:54:8C:C8:07:1C:E4
X509v3 Authority Key Identifier:
keyid:4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:a8:08:92:3d:0b:2b:cc:11:d5:88:a4:bc:00:51:51:45:66:
44:ae:ef:3d:05:d5:b3:21:97:e5:7b:9e:24:c9:58:f4:70:12:
18:a6:bd:09:35:d8:c5:7d:8f:08:6b:82:76:9f:72:c3:b1:c2:
ac:52:6f:60:97:49:15:82:64:02:5d:6e:cd:b5:f4:33:bc:a8:
5d:86:31:70:64:59:2b:7c:90:72:21:e1:27:3c:42:3a:de:e3:
31:bf:13:f6:c0:d7:7c:ef:cb:c9:ce:c4:0a:50:a7:2c:7e:9a:
08:a8:84:fb:59:9f:3a:92:17:61:55:42:1d:6b:42:a5:5e:15:
52:4a:b5:c7:7b:dc:4d:f2:35:c4:a9:cb:d4:c8:a6:7c:01:aa:
7c:24:d5:97:bf:fa:6a:a1:b6:49:26:a5:3e:43:76:ec:91:92:
ea:b1:15:cb:f6:c9:7f:04:41:a3:37:b1:6f:62:7a:20:61:ec:
0a:8b:86:76:1d:42:cc:a0:4c:ff:e3:df:48:dd:5b:d1:e7:25:
ed:65:0c:ec:2e:f7:35:19:2d:e0:2b:57:5f:2b:89:55:68:70:
c1:54:57:6b:57:7c:d3:03:07:b9:bf:2d:fe:54:dd:36:35:19:
a0:3a:99:40:b2:a0:ef:d7:2b:9c:83:c6:bb:a2:ad:24:c1:8a:
bf:0b:dc:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cmeUqUR/bxY5LhazHhflpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTkwMzc5YmQ4ZDA0Mzc0YjNhZGVmMDYwZDUxYWUyMTU3
MTA5MzUwHhcNMjYwNDE3MTgwMDI0WhcNMjYwNDE4MTgwMDI0WjAzMTEwLwYDVQQD
EygyODVjOTE5MjM1NGFjMzVlNDgyYThkZjJmNTVkNTQ4Y2M4MDcxY2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwt1EI/U4BZGjzZkckJ2lfVnOUz4E
nXj7ZvqVBm7NZt2zDB/jeSFq8DH/0FYqSPWzfZ6yg69uDieuN+ZCmuf8MwRhsANI
CLTrfk07hRd35sCwd+WBLSav6TzMAcl4kcySdvg0cMm5nvgOLW2HIgC/GKwflTRN
FhJKElP8lLeuxg9/UO3ioCz9yGsDtvM6C7LDbUAKcpJJI+fKV9emVIaqUf3siQR5
LUuERPyY0e24Uvv8Tjbj63XXRp6g7yMtdu1SpED5uM22LDPfPfjABWIDKPssQqLL
uHmyyR1KD3UAoPc+ZfX3onevvzPTdSftUisjOHdvNhi4syWSum6wR4U6iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChckZI1SsNeSCqN8vVdVIzIBxzkMB8GA1UdIwQY
MBaAFEzpA3m9jQQ3Szre8GDVGuIVcQk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYt
ODIwMGI4NjYwM2IxLzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYtODIwMGI4NjYwM2Ix
LzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKqgIkj0L
K8wR1YikvABRUUVmRK7vPQXVsyGX5XueJMlY9HASGKa9CTXYxX2PCGuCdp9yw7HC
rFJvYJdJFYJkAl1uzbX0M7yoXYYxcGRZK3yQciHhJzxCOt7jMb8T9sDXfO/Lyc7E
ClCnLH6aCKiE+1mfOpIXYVVCHWtCpV4VUkq1x3vcTfI1xKnL1MimfAGqfCTVl7/6
aqG2SSalPkN27JGS6rEVy/bJfwRBozexb2J6IGHsCouGdh1CzKBM/+PfSN1b0ecl
7WUM7C73NRkt4CtXXyuJVWhwwVRXa1d80wMHub8t/lTdNjUZoDqZQLKg79crnIPG
u6KtJMGKvwvcEg==
-----END CERTIFICATE-----
Generated at Sat Apr 18 03:59:23 2026 by rpki-client