Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
File: TKha1Dt7R-dSh4MHGEeU1woCdmw.mft (raw, json)
Hash identifier: ljfbD1yUXJ5eFIFH3uE+n+LC1Zl5xavlQmS3R3+ckdk=
Subject key identifier: 37:E5:E3:FE:35:5A:67:C0:56:7E:85:E9:F2:F7:CD:33:30:35:EF:2F
Authority key identifier: 4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
Certificate issuer: /CN=4ca85ad43b7b47e752878307184794d70a02766c
Certificate serial: 019EE6D61EF5B13A80F621611CF53FF7D62C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
Manifest number: 04F4
Signing time: Sat 20 Jun 2026 21:00:52 +0000
Manifest this update: Sat 20 Jun 2026 21:00:52 +0000
Manifest next update: Sun 21 Jun 2026 21:00:52 +0000
Files and hashes: 1: 1-w3-HT-b4gN55Ez02d0Ltxhd_18.roa (hash: SZE3EWQBz3QYJjq31FoNPzS9VUyILcF5vCKxR6HmvGg=)
2: TKha1Dt7R-dSh4MHGEeU1woCdmw.crl (hash: lE7LeDbyZyYTA1/tao1+eb1gEQ6xF6+dkqo1Z38hhTw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Jun 2026 21:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e6:d6:1e:f5:b1:3a:80:f6:21:61:1c:f5:3f:f7:d6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca85ad43b7b47e752878307184794d70a02766c
Validity
Not Before: Jun 20 21:00:52 2026 GMT
Not After : Jun 21 21:00:52 2026 GMT
Subject: CN=37e5e3fe355a67c0567e85e9f2f7cd333035ef2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0d:56:b7:fa:d8:e7:cb:a0:d6:01:9d:9d:96:
cb:6c:51:e6:b0:a5:6c:1d:f2:52:ff:7d:63:c8:1d:
8c:e9:44:eb:4a:b3:cf:52:95:8d:2d:7f:9c:4c:be:
52:73:45:c1:8f:24:f7:92:ed:c7:92:b1:c3:fc:d1:
fc:29:7c:ec:a1:64:21:a1:eb:6f:a7:31:dc:9b:fa:
dc:a6:c3:ec:7e:f0:20:05:8a:46:7c:0d:0c:a3:4e:
27:21:7d:75:03:a0:ac:e4:93:e1:3b:0c:75:fb:d5:
0d:b9:4f:0e:70:b6:89:c0:76:24:a9:70:d5:de:3f:
e3:7d:2d:d2:86:8b:4c:83:ff:15:da:33:8d:a7:07:
c1:00:8f:1a:6b:3d:51:f1:08:9d:54:76:43:b2:c5:
bd:42:cf:c4:43:c6:01:07:30:c8:a7:6a:68:8a:3d:
27:0c:c4:0b:76:10:c8:2f:8a:fe:73:8e:c2:bf:d4:
cd:0b:96:60:75:fc:4a:fb:0b:53:12:ff:53:a6:86:
ba:e6:5a:7a:a1:55:94:d2:69:c0:2a:96:81:9f:d8:
7e:ad:ca:82:a0:c7:d5:ed:f4:e7:e6:6b:d6:50:f6:
75:ce:02:26:3a:bc:2c:d4:72:e7:6e:e4:ee:d0:c4:
6d:ea:81:be:b3:86:0a:58:a1:79:4a:55:97:5e:ca:
30:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:E5:E3:FE:35:5A:67:C0:56:7E:85:E9:F2:F7:CD:33:30:35:EF:2F
X509v3 Authority Key Identifier:
keyid:4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:3b:9f:63:0a:08:fe:2a:53:c1:70:a5:99:93:a1:07:36:ab:
88:e7:e0:37:21:58:8d:fc:fa:c8:74:b2:c1:ff:55:f8:74:10:
84:3c:7f:f4:3a:95:ae:9a:00:a2:e9:66:8a:e5:6e:50:7e:fb:
04:7d:e1:e8:08:dd:45:40:b4:4a:f4:15:c5:ab:1d:32:e3:ad:
47:b1:8d:40:5c:e5:ac:2a:3b:e5:7a:17:f2:1d:34:40:cd:4a:
71:01:eb:12:58:d1:0c:f0:56:ec:a2:a0:df:bc:37:d9:73:c4:
36:c0:a4:a3:bd:d1:34:54:63:70:21:6a:88:fb:bf:25:df:31:
50:5d:f5:75:b7:25:7f:c6:39:9d:12:59:e4:ec:de:31:88:80:
08:bd:0f:2c:b3:e7:7f:12:ca:18:d5:ac:71:12:9d:cd:6e:27:
0a:30:3c:c6:e8:c9:75:39:30:07:e5:a1:1b:8c:66:14:76:2a:
93:81:88:f5:81:1e:37:50:30:81:7d:18:ae:c2:c9:a4:b3:6d:
45:99:56:a5:73:ad:d1:78:1a:90:04:51:11:29:ee:d4:74:03:
a7:83:37:09:a3:f0:ff:78:bc:ed:79:f8:8e:49:87:e2:5b:66:
18:e2:c6:9c:7e:38:37:49:3b:ad:c1:f3:06:27:32:fa:68:87:
11:f6:33:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7m1h71sTqA9iFhHPU/99YsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTg1YWQ0M2I3YjQ3ZTc1Mjg3ODMwNzE4NDc5NGQ3MGEw
Mjc2NmMwHhcNMjYwNjIwMjEwMDUyWhcNMjYwNjIxMjEwMDUyWjAzMTEwLwYDVQQD
EygzN2U1ZTNmZTM1NWE2N2MwNTY3ZTg1ZTlmMmY3Y2QzMzMwMzVlZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA1Wt/rY58ug1gGdnZbLbFHmsKVs
HfJS/31jyB2M6UTrSrPPUpWNLX+cTL5Sc0XBjyT3ku3HkrHD/NH8KXzsoWQhoetv
pzHcm/rcpsPsfvAgBYpGfA0Mo04nIX11A6Cs5JPhOwx1+9UNuU8OcLaJwHYkqXDV
3j/jfS3ShotMg/8V2jONpwfBAI8aaz1R8QidVHZDssW9Qs/EQ8YBBzDIp2poij0n
DMQLdhDIL4r+c47Cv9TNC5ZgdfxK+wtTEv9Tpoa65lp6oVWU0mnAKpaBn9h+rcqC
oMfV7fTn5mvWUPZ1zgImOrws1HLnbuTu0MRt6oG+s4YKWKF5SlWXXsowkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfl4/41WmfAVn6F6fL3zTMwNe8vMB8GA1UdIwQY
MBaAFEyoWtQ7e0fnUoeDBxhHlNcKAnZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMt
MjIyMjUyOTI5ODczLzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMtMjIyMjUyOTI5ODcz
LzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQzufYwoI
/ipTwXClmZOhBzariOfgNyFYjfz6yHSywf9V+HQQhDx/9DqVrpoAoulmiuVuUH77
BH3h6AjdRUC0SvQVxasdMuOtR7GNQFzlrCo75XoX8h00QM1KcQHrEljRDPBW7KKg
37w32XPENsCko73RNFRjcCFqiPu/Jd8xUF31dbclf8Y5nRJZ5OzeMYiACL0PLLPn
fxLKGNWscRKdzW4nCjA8xujJdTkwB+WhG4xmFHYqk4GI9YEeN1AwgX0YrsLJpLNt
RZlWpXOt0XgakARRESnu1HQDp4M3CaPw/3i87Xn4jkmH4ltmGOLGnH44N0k7rcHz
Bicy+miHEfYz/w==
-----END CERTIFICATE-----
Generated at Sun Jun 21 07:16:24 2026 by rpki-client