Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
File: TvMzZvDPXk-oBO730eKSlO6lFIw.mft (raw, json)
Hash identifier: HP/viTnYbzyd8TszNpP7ZEW2llsCqZyl7Ri5AFm4zI4=
Subject key identifier: AA:57:D3:6E:86:EC:A3:28:B5:F0:8F:DC:D9:72:CD:EE:1A:7C:C6:60
Authority key identifier: 4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C
Certificate issuer: /CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
Certificate serial: 019CAEDA4B5A1F675CC7A0312EE2828D12BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
Manifest number: 04E1
Signing time: Mon 02 Mar 2026 14:01:07 +0000
Manifest this update: Mon 02 Mar 2026 14:01:07 +0000
Manifest next update: Tue 03 Mar 2026 14:01:07 +0000
Files and hashes: 1: TvMzZvDPXk-oBO730eKSlO6lFIw.crl (hash: ej1nPYYa/Qdz1sM5FI/ez+C8uOkYugAuKkccfvb6tfI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 14:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:da:4b:5a:1f:67:5c:c7:a0:31:2e:e2:82:8d:12:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
Validity
Not Before: Mar 2 14:01:07 2026 GMT
Not After : Mar 3 14:01:07 2026 GMT
Subject: CN=aa57d36e86eca328b5f08fdcd972cdee1a7cc660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:78:45:03:2a:e0:73:a4:22:a0:f2:d1:6b:9f:
ed:f6:0e:39:05:f9:dc:08:3e:1c:bf:46:4c:fa:6e:
e2:87:26:75:ad:43:91:b0:cc:c8:7b:79:23:d7:3a:
16:c8:38:a7:60:33:eb:6f:51:65:53:e8:e0:61:5d:
ba:e7:7c:55:12:5c:b4:77:c1:6c:e0:7c:84:b0:20:
72:13:ce:e9:37:49:99:b4:84:85:f9:51:86:58:1a:
dd:2a:ef:f2:8f:c1:98:42:2a:c6:18:a2:66:24:9a:
82:a0:1a:26:a9:b7:10:95:ee:2d:14:b2:a1:9e:ab:
64:7a:6b:c7:11:ea:b8:f0:d9:10:87:3a:28:5d:18:
de:dd:c6:9e:69:8a:90:20:4d:2c:a8:32:00:29:57:
9d:6b:4b:40:50:8d:70:b3:f3:aa:d7:90:43:ea:c8:
a9:16:62:92:74:61:26:1c:51:07:b4:ae:63:cb:f4:
32:c9:e9:55:44:83:61:ec:3c:e2:d1:9d:4d:55:1b:
ef:87:64:48:61:36:97:2b:83:db:7d:fc:c8:78:0c:
aa:69:ed:f4:44:85:8a:fd:24:35:4b:80:91:9e:95:
65:fe:aa:91:88:dc:4c:dd:9d:30:a4:33:e3:b6:68:
47:9e:13:cf:85:d3:32:66:44:ca:44:a0:59:20:e9:
09:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:57:D3:6E:86:EC:A3:28:B5:F0:8F:DC:D9:72:CD:EE:1A:7C:C6:60
X509v3 Authority Key Identifier:
keyid:4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:7e:e6:4d:fe:41:12:c4:94:d3:98:82:1a:3a:62:53:49:44:
a3:d7:4c:5f:77:a7:40:d8:28:c9:60:86:2f:d2:1d:0c:7b:9f:
be:62:a3:c3:a0:49:a7:3d:90:eb:98:7e:c3:10:ea:ee:d2:5d:
37:3b:11:e8:ad:73:8e:53:cf:00:cc:42:ae:1c:21:b0:1c:a4:
29:41:e7:22:42:35:26:d8:c5:fe:5d:f0:d3:cb:69:e6:87:75:
61:3a:4e:ef:1e:2f:d6:e0:41:14:26:d2:db:e3:f9:a4:66:60:
a7:0f:1b:25:27:90:a8:36:b3:dc:a7:d0:9b:9c:a9:67:a2:22:
19:58:40:ad:91:55:13:7a:76:82:c4:8e:97:86:5c:1c:90:11:
2f:bc:02:f5:0c:cf:b9:05:df:10:64:00:76:a4:23:2f:f3:83:
9b:97:e9:cc:4c:b6:a2:e7:33:b8:b4:77:f8:0d:7b:de:19:57:
35:be:3b:55:79:42:b8:a7:4c:42:e8:df:6a:c6:e8:83:7b:25:
c2:cd:17:57:1f:51:30:b0:5a:ab:6b:a9:90:fa:f3:1d:ef:3d:
b3:6c:a6:85:b3:f9:21:9c:57:b5:c6:b6:7a:8d:1f:b8:10:ac:
18:db:06:e4:43:b9:bd:77:30:28:12:3f:11:3b:f3:d2:92:06:
a8:65:7c:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyu2ktaH2dcx6AxLuKCjRK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZjMzMzY2ZjBjZjVlNGZhODA0ZWVmN2QxZTI5Mjk0ZWVh
NTE0OGMwHhcNMjYwMzAyMTQwMTA3WhcNMjYwMzAzMTQwMTA3WjAzMTEwLwYDVQQD
EyhhYTU3ZDM2ZTg2ZWNhMzI4YjVmMDhmZGNkOTcyY2RlZTFhN2NjNjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXhFAyrgc6QioPLRa5/t9g45Bfnc
CD4cv0ZM+m7ihyZ1rUORsMzIe3kj1zoWyDinYDPrb1FlU+jgYV2653xVEly0d8Fs
4HyEsCByE87pN0mZtISF+VGGWBrdKu/yj8GYQirGGKJmJJqCoBomqbcQle4tFLKh
nqtkemvHEeq48NkQhzooXRje3caeaYqQIE0sqDIAKVeda0tAUI1ws/Oq15BD6sip
FmKSdGEmHFEHtK5jy/QyyelVRINh7Dzi0Z1NVRvvh2RIYTaXK4PbffzIeAyqae30
RIWK/SQ1S4CRnpVl/qqRiNxM3Z0wpDPjtmhHnhPPhdMyZkTKRKBZIOkJowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpX026G7KMotfCP3Nlyze4afMZgMB8GA1UdIwQY
MBaAFE7zM2bwz15PqATu99HikpTupRSMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3Zjct
NmQ5ZjM4NGQyYmMzLzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3ZjctNmQ5ZjM4NGQyYmMz
LzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZn7mTf5B
EsSU05iCGjpiU0lEo9dMX3enQNgoyWCGL9IdDHufvmKjw6BJpz2Q65h+wxDq7tJd
NzsR6K1zjlPPAMxCrhwhsBykKUHnIkI1JtjF/l3w08tp5od1YTpO7x4v1uBBFCbS
2+P5pGZgpw8bJSeQqDaz3KfQm5ypZ6IiGVhArZFVE3p2gsSOl4ZcHJARL7wC9QzP
uQXfEGQAdqQjL/ODm5fpzEy2ouczuLR3+A173hlXNb47VXlCuKdMQujfasbog3sl
ws0XVx9RMLBaq2upkPrzHe89s2ymhbP5IZxXtca2eo0fuBCsGNsG5EO5vXcwKBI/
ETvz0pIGqGV8pQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:42:17 2026 by rpki-client