Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
File: _tdzOdk4vvCHWZKTwgGzufgiNiM.mft (raw, json)
Hash identifier: 5/qpBwgjhKjGwb4UHndaGmHlmV1DoeN2YiQbE2zJn+w=
Subject key identifier: 9E:0E:6F:0C:A5:05:1E:89:C4:72:53:56:8E:34:9B:25:E6:4A:5B:21
Authority key identifier: FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23
Certificate issuer: /CN=fed77339d938bef087599293c201b3b9f8223623
Certificate serial: 019CA9B367570D54A3B91008879CF1C8A9D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
Manifest number: 17D7
Signing time: Sun 01 Mar 2026 14:00:32 +0000
Manifest this update: Sun 01 Mar 2026 14:00:32 +0000
Manifest next update: Mon 02 Mar 2026 14:00:32 +0000
Files and hashes: 1: _tdzOdk4vvCHWZKTwgGzufgiNiM.crl (hash: 2RQgNmfDwmtEJFaEKXZZoZabwuRzNrXUCVK0ym96tJ8=)
2: dVMqcvXursPYfDYSCDAE4DhRFlc.roa (hash: Yq3X9779TMJZn56pp7FdF+bqg71vRgvQymxrtb6IBFY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:b3:67:57:0d:54:a3:b9:10:08:87:9c:f1:c8:a9:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fed77339d938bef087599293c201b3b9f8223623
Validity
Not Before: Mar 1 14:00:32 2026 GMT
Not After : Mar 2 14:00:32 2026 GMT
Subject: CN=9e0e6f0ca5051e89c47253568e349b25e64a5b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4a:29:b0:02:b9:68:d5:5d:21:a2:5b:0a:61:
21:e0:b5:5b:f7:73:5e:02:1b:bc:12:89:9e:b8:f4:
8d:22:a8:04:6a:45:14:8e:3e:74:e9:c4:76:49:3a:
73:4a:ee:d1:75:37:17:c8:fa:4d:12:ab:57:0d:ab:
36:04:bb:87:a8:c8:a4:68:46:b7:8d:ba:68:eb:53:
5a:15:5f:8e:47:5a:55:c4:ea:4e:06:29:f9:45:1d:
af:69:be:16:5b:7b:a2:b8:7d:70:83:e1:03:12:2f:
07:2a:86:2f:26:16:6b:64:37:88:33:7b:70:06:4b:
b5:20:38:db:c7:ac:e9:2d:bb:4c:05:a6:c5:50:1a:
b3:f3:67:58:05:cd:72:b8:59:2b:ff:7d:f7:35:aa:
59:c5:8c:77:c0:ae:8b:cd:a1:71:32:65:7b:f8:e7:
88:5b:d4:5e:63:9e:b7:cd:cc:76:78:64:02:07:6e:
34:bc:db:09:5a:5d:d9:72:7f:e3:f9:da:05:2e:d4:
79:a4:c8:a9:85:8b:ab:83:6a:be:eb:64:2a:19:dc:
0b:0a:2c:dd:7e:1f:e2:c6:5a:71:31:0b:5f:07:b3:
7d:a1:99:0d:fe:39:62:17:6f:a0:41:0f:f5:81:83:
57:4c:f4:bd:da:66:c1:31:d7:d9:eb:2e:c3:14:3a:
11:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:0E:6F:0C:A5:05:1E:89:C4:72:53:56:8E:34:9B:25:E6:4A:5B:21
X509v3 Authority Key Identifier:
keyid:FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:e5:7e:13:3e:ce:eb:ac:7a:18:a8:2c:81:d1:99:99:ef:3c:
63:f3:46:ac:84:9c:a6:a6:ff:a9:71:79:a3:06:74:f4:2b:13:
05:09:af:d3:90:f9:54:4b:2d:8f:e8:52:1d:a8:72:33:18:92:
26:b1:0a:e7:f7:54:fb:2a:05:61:37:54:2b:b0:e9:28:84:53:
13:d6:65:d0:88:d9:22:ce:ad:ac:5f:a0:8f:55:ab:dc:f7:0d:
f1:99:4d:f3:02:fa:8c:65:a2:3b:dd:1f:a8:10:3b:b7:f6:39:
7a:8e:12:2f:0e:c3:b6:c4:2d:8b:c8:1e:09:7f:18:c0:47:d5:
e6:fb:7b:d1:9a:ba:cd:ec:a0:2f:c7:b7:28:44:99:43:b2:dc:
62:89:bc:02:25:ac:6d:3a:38:dc:80:34:04:ad:1d:a3:97:a0:
f9:c9:35:23:60:d7:c6:0f:0f:16:82:10:74:8e:43:7e:ff:6b:
08:5e:0c:e6:1d:43:87:7a:a0:bc:d5:59:cd:90:85:30:5f:81:
27:fd:b2:7c:23:cd:51:a5:4d:5a:b8:14:03:d2:c1:b1:98:4e:
a9:41:30:45:d3:e2:c0:c9:b2:26:71:8e:4f:64:6e:2e:61:bf:
cf:1c:7a:e2:67:f0:bc:23:31:5b:ec:8f:cc:e5:2a:9f:bc:c3:
b7:3b:c5:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyps2dXDVSjuRAIh5zxyKnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDc3MzM5ZDkzOGJlZjA4NzU5OTI5M2MyMDFiM2I5Zjgy
MjM2MjMwHhcNMjYwMzAxMTQwMDMyWhcNMjYwMzAyMTQwMDMyWjAzMTEwLwYDVQQD
Eyg5ZTBlNmYwY2E1MDUxZTg5YzQ3MjUzNTY4ZTM0OWIyNWU2NGE1YjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEopsAK5aNVdIaJbCmEh4LVb93Ne
Ahu8EomeuPSNIqgEakUUjj506cR2STpzSu7RdTcXyPpNEqtXDas2BLuHqMikaEa3
jbpo61NaFV+OR1pVxOpOBin5RR2vab4WW3uiuH1wg+EDEi8HKoYvJhZrZDeIM3tw
Bku1IDjbx6zpLbtMBabFUBqz82dYBc1yuFkr/333NapZxYx3wK6LzaFxMmV7+OeI
W9ReY563zcx2eGQCB240vNsJWl3Zcn/j+doFLtR5pMiphYurg2q+62QqGdwLCizd
fh/ixlpxMQtfB7N9oZkN/jliF2+gQQ/1gYNXTPS92mbBMdfZ6y7DFDoRmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ4ObwylBR6JxHJTVo40myXmSlshMB8GA1UdIwQY
MBaAFP7XcznZOL7wh1mSk8IBs7n4IjYjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEt
ZDE3NTAwMjBjYWY1LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEtZDE3NTAwMjBjYWY1
LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGOV+Ez7O
66x6GKgsgdGZme88Y/NGrIScpqb/qXF5owZ09CsTBQmv05D5VEstj+hSHahyMxiS
JrEK5/dU+yoFYTdUK7DpKIRTE9Zl0IjZIs6trF+gj1Wr3PcN8ZlN8wL6jGWiO90f
qBA7t/Y5eo4SLw7DtsQti8geCX8YwEfV5vt70Zq6zeygL8e3KESZQ7LcYom8AiWs
bTo43IA0BK0do5eg+ck1I2DXxg8PFoIQdI5Dfv9rCF4M5h1Dh3qgvNVZzZCFMF+B
J/2yfCPNUaVNWrgUA9LBsZhOqUEwRdPiwMmyJnGOT2RuLmG/zxx64mfwvCMxW+yP
zOUqn7zDtzvFoQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:44:54 2026 by rpki-client