Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
File: tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft (raw, json)
Hash identifier: KzbYNXCD7748w02165djNf/FQZqV+uwlwYWTvuCbvRc=
Subject key identifier: 4B:DB:E2:3B:3D:57:7B:46:E8:85:B7:C6:74:FB:14:2E:49:79:1C:68
Authority key identifier: B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
Certificate issuer: /CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Certificate serial: 019D9961E70E1739274F82FB60182D4C6E2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
Manifest number: 05F2
Signing time: Fri 17 Apr 2026 03:00:23 +0000
Manifest this update: Fri 17 Apr 2026 03:00:23 +0000
Manifest next update: Sat 18 Apr 2026 03:00:23 +0000
Files and hashes: 1: 0lwIzPsGn14owxvXy7_61u8zBPk.roa (hash: RHYNuusrfwoS7Vg7kp1EMywIH/hGj3OELuZX6uFgB7Q=)
2: tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl (hash: /4yWq3q4Qz+tKyIAEwLupk3drcbUON55l0B3uaW26GA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 03:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:61:e7:0e:17:39:27:4f:82:fb:60:18:2d:4c:6e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Validity
Not Before: Apr 17 03:00:23 2026 GMT
Not After : Apr 18 03:00:23 2026 GMT
Subject: CN=4bdbe23b3d577b46e885b7c674fb142e49791c68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e1:cb:81:a6:a6:83:f2:6b:ba:7a:9c:09:7f:
e9:f3:fc:e5:a0:1d:6b:c1:73:d6:29:64:d0:f4:d3:
a9:6f:cc:04:df:28:4f:38:8d:62:68:d9:89:1e:ef:
42:46:59:2a:1b:73:81:3a:c6:b7:0f:ec:01:2f:8b:
8d:3f:f5:ca:b8:5e:36:a8:48:19:26:e2:27:df:24:
56:6a:b1:d4:dd:27:9f:ea:1b:ad:3a:c7:9e:a4:99:
13:9b:b0:dd:a9:39:90:ce:f9:7a:b7:07:d7:cc:a4:
47:b3:4b:d8:68:2b:d3:06:32:05:0e:5d:c5:4a:03:
f2:95:1c:2e:0e:73:c1:79:79:25:51:dd:f8:dc:04:
12:79:0d:d5:55:23:fa:03:c7:52:0b:c8:83:c5:1b:
74:77:13:98:93:a8:d7:62:e1:b8:f3:92:05:93:3b:
49:06:e6:14:65:88:9b:0f:4b:4d:80:e2:1f:ea:4e:
7c:97:ec:95:cb:75:be:0f:0b:d5:8f:0b:66:1a:35:
9c:a0:73:60:49:1c:ce:19:45:14:94:01:d9:a7:c0:
cd:e6:08:19:aa:1b:01:28:ee:94:1b:7b:32:3c:44:
b1:44:26:a1:9e:87:2f:47:53:04:28:fd:5e:5f:11:
85:5c:9f:3d:0c:ce:fd:3b:47:a2:c8:01:32:62:8c:
08:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DB:E2:3B:3D:57:7B:46:E8:85:B7:C6:74:FB:14:2E:49:79:1C:68
X509v3 Authority Key Identifier:
keyid:B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:d0:81:bc:1b:f1:2f:da:3a:b9:dc:58:c6:fd:41:8b:17:5b:
77:49:e8:4b:b4:45:7e:90:23:f4:53:c9:3c:99:98:c6:97:b4:
c4:ab:bc:23:d5:38:47:06:49:4a:b6:da:c0:a1:7d:91:48:c9:
10:35:c0:61:e7:a9:c3:6f:ef:fd:d3:d1:f6:63:aa:2e:af:0f:
c7:03:78:f9:2d:05:86:13:e7:b7:7f:66:9f:25:7d:d3:68:26:
59:4e:bc:90:56:f7:9f:26:6a:10:ce:8b:4b:bb:0d:cd:e3:70:
c5:b4:89:36:51:a6:cd:99:87:bc:53:85:13:0a:e5:9b:f2:01:
57:b6:ff:8c:bd:ca:40:ad:13:27:4a:3a:92:6f:dd:40:54:73:
5f:55:26:da:56:69:31:93:a1:be:3c:a4:14:3c:61:98:67:5b:
15:2d:89:87:a3:c9:a8:aa:be:6c:a5:a8:53:df:a4:51:4c:5f:
4d:de:bc:98:2b:31:85:bc:05:9d:1b:4a:e9:50:0e:a2:a3:32:
31:a7:4e:9c:f4:45:3f:40:54:c0:f1:02:18:99:c7:0c:8b:da:
87:73:90:6f:61:60:84:17:c7:6c:bf:32:82:c7:b0:34:c2:19:
19:5b:2a:be:76:ee:74:20:04:72:80:ec:5e:12:8e:31:c5:6e:
08:c0:f2:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYecOFzknT4L7YBgtTG4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzZjMGYwZWM4YmJlZGYwZjYwODQ0ZGZlNGZlOTM5MzY5
YTRiNDAwHhcNMjYwNDE3MDMwMDIzWhcNMjYwNDE4MDMwMDIzWjAzMTEwLwYDVQQD
Eyg0YmRiZTIzYjNkNTc3YjQ2ZTg4NWI3YzY3NGZiMTQyZTQ5NzkxYzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOHLgaamg/JrunqcCX/p8/zloB1r
wXPWKWTQ9NOpb8wE3yhPOI1iaNmJHu9CRlkqG3OBOsa3D+wBL4uNP/XKuF42qEgZ
JuIn3yRWarHU3Sef6hutOseepJkTm7DdqTmQzvl6twfXzKRHs0vYaCvTBjIFDl3F
SgPylRwuDnPBeXklUd343AQSeQ3VVSP6A8dSC8iDxRt0dxOYk6jXYuG485IFkztJ
BuYUZYibD0tNgOIf6k58l+yVy3W+DwvVjwtmGjWcoHNgSRzOGUUUlAHZp8DN5ggZ
qhsBKO6UG3syPESxRCahnocvR1MEKP1eXxGFXJ89DM79O0eiyAEyYowI3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEvb4js9V3tG6IW3xnT7FC5JeRxoMB8GA1UdIwQY
MBaAFLQ2wPDsi77fD2CETf5P6Tk2mktAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgt
ZGQ4YjVhZmNlZTNiLzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgtZGQ4YjVhZmNlZTNi
LzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZNCBvBvx
L9o6udxYxv1Bixdbd0noS7RFfpAj9FPJPJmYxpe0xKu8I9U4RwZJSrbawKF9kUjJ
EDXAYeepw2/v/dPR9mOqLq8PxwN4+S0FhhPnt39mnyV902gmWU68kFb3nyZqEM6L
S7sNzeNwxbSJNlGmzZmHvFOFEwrlm/IBV7b/jL3KQK0TJ0o6km/dQFRzX1Um2lZp
MZOhvjykFDxhmGdbFS2Jh6PJqKq+bKWoU9+kUUxfTd68mCsxhbwFnRtK6VAOoqMy
MadOnPRFP0BUwPECGJnHDIvah3OQb2FghBfHbL8ygsewNMIZGVsqvnbudCAEcoDs
XhKOMcVuCMDy0A==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:47:08 2026 by rpki-client