Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
File: TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft (raw, json)
Hash identifier: pcTTucIRapeTJ2imLOGgAPnfQGTC9CYp5fHZ+Wch9zw=
Subject key identifier: 0A:18:B4:AC:02:53:C2:43:2D:E5:FC:01:97:E1:42:8E:CD:84:69:3B
Authority key identifier: 4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB
Certificate issuer: /CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
Certificate serial: 019DA30B03FFDC9EC277401CE9CCB6CABDBB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
Manifest number: 16FF
Signing time: Sun 19 Apr 2026 00:01:41 +0000
Manifest this update: Sun 19 Apr 2026 00:01:41 +0000
Manifest next update: Mon 20 Apr 2026 00:01:41 +0000
Files and hashes: 1: TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl (hash: 97q+Qarz/C7vGgwjryFlnfITafX1tzaY/RMBv/ECGkI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a3:0b:03:ff:dc:9e:c2:77:40:1c:e9:cc:b6:ca:bd:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
Validity
Not Before: Apr 19 00:01:41 2026 GMT
Not After : Apr 20 00:01:41 2026 GMT
Subject: CN=0a18b4ac0253c2432de5fc0197e1428ecd84693b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:39:b6:ca:46:d9:63:23:7b:9a:6e:b8:b9:0f:
ea:a0:cf:fc:e1:c7:e9:85:56:18:f3:e7:17:42:e2:
6f:d9:9e:3d:db:0c:0b:5b:cd:6a:2e:e3:97:63:78:
ac:02:dd:34:34:37:4f:8f:a1:a0:a2:e6:6a:92:0d:
90:fd:09:2b:d1:72:75:7e:2d:fd:7c:70:fa:4c:af:
b6:f7:9e:7a:f6:ea:46:f7:ef:ed:34:a3:3c:f2:f4:
63:da:6f:93:db:1b:33:f6:b9:7b:d8:3c:47:43:ad:
7a:f8:f5:19:ee:54:f2:1e:17:38:dc:9d:1d:51:15:
7d:5d:2e:e4:5d:2a:d7:cd:f2:7b:2a:78:7a:f8:e8:
d5:66:a4:46:e5:da:cd:89:ca:3f:3e:ab:bd:4d:3f:
26:39:04:79:6e:39:2c:c3:4c:13:05:e8:44:e2:d6:
9a:e4:18:d4:37:21:e5:b0:c3:96:ce:9e:d9:7f:62:
d6:74:00:3b:f7:51:24:f7:02:bf:fb:76:bb:b8:e5:
e8:13:69:82:14:10:ee:d5:b4:ce:fe:b4:7d:55:5d:
8f:f0:e0:83:34:10:4c:04:8b:2a:a6:08:dd:93:ca:
67:8f:18:cd:f4:ed:da:77:1d:bb:1a:ad:87:52:b9:
73:73:f5:ba:c6:14:80:1c:ff:f2:a9:48:05:f6:03:
48:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:18:B4:AC:02:53:C2:43:2D:E5:FC:01:97:E1:42:8E:CD:84:69:3B
X509v3 Authority Key Identifier:
keyid:4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:55:cb:8e:e3:d5:c3:d4:99:83:79:6e:e8:3e:a3:a9:2f:02:
6f:2c:79:ca:30:67:c0:0c:35:fd:94:a1:43:c5:59:cb:ce:31:
c9:99:bb:f7:f1:15:93:4c:93:43:21:67:3e:2f:62:b2:6c:df:
37:6a:45:a8:4d:e9:18:72:04:ee:b4:e7:84:9e:00:8a:46:7e:
18:73:35:78:71:5c:0f:63:44:ca:2d:92:9d:b0:1a:4d:56:f0:
b6:f4:50:8d:be:fa:9b:f8:38:4b:05:14:06:7a:8e:57:e4:ca:
e4:6d:a8:a1:c9:10:54:fe:f7:6a:d1:25:18:f1:62:0e:3d:7e:
bf:fa:24:02:16:4e:cc:47:91:10:9a:5c:5f:2d:5a:ed:f3:c6:
94:d8:62:2a:71:15:22:cd:1a:42:a1:cc:bb:56:6a:be:cc:1c:
40:47:33:26:bc:35:03:3d:8f:99:e9:38:53:fb:1e:e9:d3:0a:
fd:03:92:20:97:1e:6a:69:5d:04:7a:20:31:e9:d7:d0:4f:f8:
fc:c4:ca:8e:55:e3:3e:83:02:2d:77:87:2c:6c:5c:c0:05:42:
97:59:ea:c1:c4:6b:74:9a:a7:43:1a:44:68:64:77:79:84:0c:
4d:0c:89:a7:fb:d4:13:9c:e2:57:67:50:de:fd:50:48:96:e3:
06:29:07:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCwP/3J7Cd0Ac6cy2yr27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGYyNTdmMzM5Y2ZiOWUyNzU0YjZjYzI0MzY0ZjBmMTI5
MDU4ZGIwHhcNMjYwNDE5MDAwMTQxWhcNMjYwNDIwMDAwMTQxWjAzMTEwLwYDVQQD
EygwYTE4YjRhYzAyNTNjMjQzMmRlNWZjMDE5N2UxNDI4ZWNkODQ2OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzm2ykbZYyN7mm64uQ/qoM/84cfp
hVYY8+cXQuJv2Z492wwLW81qLuOXY3isAt00NDdPj6GgouZqkg2Q/Qkr0XJ1fi39
fHD6TK+295569upG9+/tNKM88vRj2m+T2xsz9rl72DxHQ616+PUZ7lTyHhc43J0d
URV9XS7kXSrXzfJ7Knh6+OjVZqRG5drNico/Pqu9TT8mOQR5bjksw0wTBehE4taa
5BjUNyHlsMOWzp7Zf2LWdAA791Ek9wK/+3a7uOXoE2mCFBDu1bTO/rR9VV2P8OCD
NBBMBIsqpgjdk8pnjxjN9O3adx27Gq2HUrlzc/W6xhSAHP/yqUgF9gNITwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAoYtKwCU8JDLeX8AZfhQo7NhGk7MB8GA1UdIwQY
MBaAFE0PJX8znPueJ1S2zCQ2Tw8SkFjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUt
ZjNmNTgxZGZjNjQ4LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUtZjNmNTgxZGZjNjQ4
LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhFXLjuPV
w9SZg3lu6D6jqS8Cbyx5yjBnwAw1/ZShQ8VZy84xyZm79/EVk0yTQyFnPi9ismzf
N2pFqE3pGHIE7rTnhJ4AikZ+GHM1eHFcD2NEyi2SnbAaTVbwtvRQjb76m/g4SwUU
BnqOV+TK5G2oockQVP73atElGPFiDj1+v/okAhZOzEeREJpcXy1a7fPGlNhiKnEV
Is0aQqHMu1ZqvswcQEczJrw1Az2Pmek4U/se6dMK/QOSIJceamldBHogMenX0E/4
/MTKjlXjPoMCLXeHLGxcwAVCl1nqwcRrdJqnQxpEaGR3eYQMTQyJp/vUE5ziV2dQ
3v1QSJbjBikHtA==
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:22:54 2026 by rpki-client