Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
File: tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft (raw, json)
Hash identifier: bC8fVgYxnqHrg14zpRDnHmhrnXvwJENLLaQJN4bwhdM=
Subject key identifier: AD:F8:CE:04:4B:12:82:6B:18:A6:B0:4E:FB:1E:3D:99:D1:87:D3:E6
Authority key identifier: B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8
Certificate issuer: /CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
Certificate serial: 019D38D2DC7C0ED980946B240D7A4DDB331A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
Manifest number: 0AA4
Signing time: Sun 29 Mar 2026 09:00:36 +0000
Manifest this update: Sun 29 Mar 2026 09:00:36 +0000
Manifest next update: Mon 30 Mar 2026 09:00:36 +0000
Files and hashes: 1: tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl (hash: kPCrBMJMZrnr/vq3Td3Zra5EflhrTVPk5jOcosDorFE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:dc:7c:0e:d9:80:94:6b:24:0d:7a:4d:db:33:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
Validity
Not Before: Mar 29 09:00:36 2026 GMT
Not After : Mar 30 09:00:36 2026 GMT
Subject: CN=adf8ce044b12826b18a6b04efb1e3d99d187d3e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e9:dd:59:27:b7:8a:f9:bf:47:1d:2b:69:ee:
7d:62:82:bb:86:e3:3c:a9:87:c7:42:21:e2:5f:2e:
af:3b:a0:9f:9f:d3:66:4f:e6:be:62:ee:6c:1d:bb:
2c:c4:e4:7e:16:13:1a:91:52:5a:2a:71:c5:b5:77:
27:20:e8:74:f3:d4:0b:7b:b4:67:f2:6e:02:e2:da:
4d:5a:cf:e4:37:c8:3b:04:55:52:3e:2c:6b:3b:c1:
75:61:8d:9f:ab:e2:b7:d7:85:a7:e3:73:cb:14:a3:
9a:c4:a4:af:b8:9d:0c:42:b4:78:14:6e:e7:ca:e5:
cd:d8:bd:dd:3d:ca:3a:88:4c:44:8c:d1:31:21:90:
20:86:9b:91:a1:09:ae:e2:7a:90:7b:8d:5f:80:6c:
91:00:c4:44:d7:29:d0:f0:a7:86:43:9d:26:0f:07:
a6:4d:67:5b:b7:91:94:02:e8:e9:3e:c2:01:f7:ea:
9f:2c:6b:67:3f:89:95:28:bc:cf:bd:34:1d:ca:26:
26:03:6b:75:65:f8:20:ef:94:80:f8:44:68:a2:52:
ee:72:a4:4d:8d:c7:ff:3e:87:0d:9f:b5:7b:a7:28:
67:3c:30:5b:49:2e:4c:3f:e9:d8:e8:21:f9:c3:39:
c6:32:a8:7f:9e:af:54:b5:df:1b:46:0c:e3:4f:43:
06:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F8:CE:04:4B:12:82:6B:18:A6:B0:4E:FB:1E:3D:99:D1:87:D3:E6
X509v3 Authority Key Identifier:
keyid:B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:74:f4:1b:e5:35:a3:00:8e:1b:70:bb:39:a4:0a:cf:79:ca:
16:f5:aa:09:36:a0:bb:db:6b:9c:1d:f5:bf:4f:64:b9:b9:bd:
4e:34:a9:43:02:dc:65:36:ed:b2:4b:07:7f:1e:78:95:5b:62:
0f:a4:3c:44:e6:59:83:6e:4e:a9:cc:6e:1d:29:f3:84:cd:7b:
a1:0b:70:da:b8:20:67:22:3a:95:88:8a:b8:2d:36:06:78:7f:
fa:c8:f5:9c:74:d6:25:de:dc:10:7a:ad:59:3e:d7:7c:d8:db:
06:a5:d8:df:04:0b:f4:5b:ab:52:23:c8:f0:dd:bd:08:16:1e:
86:b1:fd:08:0c:42:81:e9:d6:9a:3e:72:7b:40:1a:78:0b:13:
50:10:a7:57:a6:f5:c9:e9:f2:a9:20:c1:2b:c0:8b:a8:b2:9a:
90:f0:dd:47:5a:e8:35:7e:6e:5a:e5:30:30:d4:62:e1:5c:16:
08:74:06:5f:c6:cd:43:47:e9:c2:0c:25:15:85:e9:a2:2b:97:
46:85:7b:8a:0e:91:fa:dd:7b:a5:01:bf:45:7f:3b:da:86:2e:
fb:fc:0b:a0:f3:e0:f4:5e:66:88:16:50:26:68:9e:d1:d9:57:
9e:79:40:c7:43:ba:0a:94:95:d5:47:f8:43:1f:59:20:15:db:
d8:e5:f2:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040tx8DtmAlGskDXpN2zMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTNhOWJlNzdlMmQ5ZmRlN2ZmZTFmNTE2MjlmOTRlOThl
YTNjZDgwHhcNMjYwMzI5MDkwMDM2WhcNMjYwMzMwMDkwMDM2WjAzMTEwLwYDVQQD
EyhhZGY4Y2UwNDRiMTI4MjZiMThhNmIwNGVmYjFlM2Q5OWQxODdkM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OndWSe3ivm/Rx0rae59YoK7huM8
qYfHQiHiXy6vO6Cfn9NmT+a+Yu5sHbssxOR+FhMakVJaKnHFtXcnIOh089QLe7Rn
8m4C4tpNWs/kN8g7BFVSPixrO8F1YY2fq+K314Wn43PLFKOaxKSvuJ0MQrR4FG7n
yuXN2L3dPco6iExEjNExIZAghpuRoQmu4nqQe41fgGyRAMRE1ynQ8KeGQ50mDwem
TWdbt5GUAujpPsIB9+qfLGtnP4mVKLzPvTQdyiYmA2t1Zfgg75SA+ERoolLucqRN
jcf/PocNn7V7pyhnPDBbSS5MP+nY6CH5wznGMqh/nq9Utd8bRgzjT0MGkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK34zgRLEoJrGKawTvsePZnRh9PmMB8GA1UdIwQY
MBaAFLSjqb534tn95//h9RYp+U6Y6jzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYt
MzNjZmE1MTFiMGM3LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYtMzNjZmE1MTFiMGM3
LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKnT0G+U1
owCOG3C7OaQKz3nKFvWqCTagu9trnB31v09kubm9TjSpQwLcZTbtsksHfx54lVti
D6Q8ROZZg25OqcxuHSnzhM17oQtw2rggZyI6lYiKuC02Bnh/+sj1nHTWJd7cEHqt
WT7XfNjbBqXY3wQL9FurUiPI8N29CBYehrH9CAxCgenWmj5ye0AaeAsTUBCnV6b1
yenyqSDBK8CLqLKakPDdR1roNX5uWuUwMNRi4VwWCHQGX8bNQ0fpwgwlFYXpoiuX
RoV7ig6R+t17pQG/RX872oYu+/wLoPPg9F5miBZQJmie0dlXnnlAx0O6CpSV1Uf4
Qx9ZIBXb2OXy0g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:35:49 2026 by rpki-client