Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
File: TKha1Dt7R-dSh4MHGEeU1woCdmw.mft (raw, json)
Hash identifier: IIvPN2WA7saxpk3vYHVzcjWk5gJnTnfmKzOL/LVYVug=
Subject key identifier: C7:13:70:7D:AC:3F:43:EE:B3:63:68:8B:FB:A7:24:90:F4:A8:FD:B7
Authority key identifier: 4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
Certificate issuer: /CN=4ca85ad43b7b47e752878307184794d70a02766c
Certificate serial: 019D137D4A15AA40001160B0385069F85DC6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
Manifest number: 0402
Signing time: Sun 22 Mar 2026 03:01:11 +0000
Manifest this update: Sun 22 Mar 2026 03:01:11 +0000
Manifest next update: Mon 23 Mar 2026 03:01:11 +0000
Files and hashes: 1: 1-w3-HT-b4gN55Ez02d0Ltxhd_18.roa (hash: SZE3EWQBz3QYJjq31FoNPzS9VUyILcF5vCKxR6HmvGg=)
2: TKha1Dt7R-dSh4MHGEeU1woCdmw.crl (hash: ax2IT7OJjCql3np36P97618pjBMMeNLee7F0vS5vIh4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 23:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:13:7d:4a:15:aa:40:00:11:60:b0:38:50:69:f8:5d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca85ad43b7b47e752878307184794d70a02766c
Validity
Not Before: Mar 22 03:01:11 2026 GMT
Not After : Mar 23 03:01:11 2026 GMT
Subject: CN=c713707dac3f43eeb363688bfba72490f4a8fdb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b5:14:e2:66:8a:49:41:ca:03:7e:d3:59:ea:
14:47:d0:96:16:a3:b0:8b:de:d2:54:ab:f0:27:94:
0a:ff:45:17:64:63:07:d6:ac:e4:7b:f2:91:96:2e:
b2:3b:ff:75:57:a3:c6:78:5e:35:c9:4c:16:00:0c:
2a:b4:49:b9:dc:a1:b7:a5:26:47:6e:db:cf:67:8b:
e0:52:80:d6:f0:2b:5f:53:7a:20:ae:71:ef:7c:2e:
0f:52:d2:40:b9:8d:e2:b5:fd:33:71:c3:9c:2e:a5:
44:05:ec:4c:91:cf:18:96:fc:1d:43:ce:03:5d:05:
12:76:ba:77:e8:c5:58:58:fd:8b:5d:20:2c:bf:0d:
10:33:03:98:88:59:6f:ab:41:5a:aa:00:9e:46:8d:
08:a4:a6:b5:ed:a0:21:f7:c0:0c:80:fc:d4:95:e3:
c6:5a:ab:64:db:2b:bb:cd:c7:b9:85:98:16:e5:a1:
00:84:f8:ec:16:4b:a5:77:f6:5c:e1:06:45:cb:e1:
42:80:b6:6a:13:8c:bd:3e:09:23:7d:d9:50:57:84:
b5:9b:81:cb:93:13:72:90:83:f8:18:2f:bc:e9:2f:
45:6f:85:1f:8d:ed:d1:64:ef:4b:48:8e:3f:01:5d:
c5:ec:88:00:8a:dd:20:43:94:eb:d5:b0:a4:b8:40:
64:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:13:70:7D:AC:3F:43:EE:B3:63:68:8B:FB:A7:24:90:F4:A8:FD:B7
X509v3 Authority Key Identifier:
keyid:4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:11:aa:55:78:92:09:1a:a7:f7:58:9d:80:a6:29:b5:91:d9:
68:12:42:0f:5f:66:9a:9e:aa:b6:6a:c7:4b:df:22:c6:5d:2e:
b6:35:dc:94:36:f4:76:67:ea:ed:18:65:eb:72:60:35:42:b4:
18:6a:e7:6c:47:2f:0a:db:1e:1d:c8:d3:6b:9a:45:fe:4f:f2:
07:e5:a4:22:43:64:13:c0:2f:30:8c:f9:bf:fc:28:36:8e:43:
f0:3c:e5:14:20:0b:66:74:06:e8:65:36:25:d1:60:09:9e:5e:
ea:36:76:64:8e:46:f7:8f:05:1d:47:30:f3:46:a3:08:57:e8:
14:20:de:30:e9:f5:36:a9:5b:8a:66:db:31:d3:a2:b3:fc:30:
e7:6a:d0:17:c4:93:3d:98:b5:b5:f7:6d:68:e3:bf:e9:a6:83:
6f:d9:cd:6a:5c:37:30:78:b5:6b:c3:66:3f:da:dc:e6:52:3b:
f4:3b:53:17:c8:0e:df:ac:d2:f7:4f:c3:7e:85:89:6a:54:62:
6a:ca:65:fe:71:2e:ef:67:50:0b:26:5a:e1:34:39:cc:2b:c5:
23:73:ee:e5:f8:63:b3:7a:c9:21:bd:47:5b:7b:22:bc:4e:aa:
1b:26:1b:18:84:7a:fc:66:ab:d0:7d:d3:74:cc:74:a3:b3:76:
c3:98:44:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0TfUoVqkAAEWCwOFBp+F3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTg1YWQ0M2I3YjQ3ZTc1Mjg3ODMwNzE4NDc5NGQ3MGEw
Mjc2NmMwHhcNMjYwMzIyMDMwMTExWhcNMjYwMzIzMDMwMTExWjAzMTEwLwYDVQQD
EyhjNzEzNzA3ZGFjM2Y0M2VlYjM2MzY4OGJmYmE3MjQ5MGY0YThmZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLUU4maKSUHKA37TWeoUR9CWFqOw
i97SVKvwJ5QK/0UXZGMH1qzke/KRli6yO/91V6PGeF41yUwWAAwqtEm53KG3pSZH
btvPZ4vgUoDW8CtfU3ogrnHvfC4PUtJAuY3itf0zccOcLqVEBexMkc8YlvwdQ84D
XQUSdrp36MVYWP2LXSAsvw0QMwOYiFlvq0FaqgCeRo0IpKa17aAh98AMgPzUlePG
Wqtk2yu7zce5hZgW5aEAhPjsFkuld/Zc4QZFy+FCgLZqE4y9PgkjfdlQV4S1m4HL
kxNykIP4GC+86S9Fb4Ufje3RZO9LSI4/AV3F7IgAit0gQ5Tr1bCkuEBkMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcTcH2sP0Pus2Noi/unJJD0qP23MB8GA1UdIwQY
MBaAFEyoWtQ7e0fnUoeDBxhHlNcKAnZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMt
MjIyMjUyOTI5ODczLzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMtMjIyMjUyOTI5ODcz
LzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQRGqVXiS
CRqn91idgKYptZHZaBJCD19mmp6qtmrHS98ixl0utjXclDb0dmfq7Rhl63JgNUK0
GGrnbEcvCtseHcjTa5pF/k/yB+WkIkNkE8AvMIz5v/woNo5D8DzlFCALZnQG6GU2
JdFgCZ5e6jZ2ZI5G948FHUcw80ajCFfoFCDeMOn1NqlbimbbMdOis/ww52rQF8ST
PZi1tfdtaOO/6aaDb9nNalw3MHi1a8NmP9rc5lI79DtTF8gO36zS90/DfoWJalRi
aspl/nEu72dQCyZa4TQ5zCvFI3Pu5fhjs3rJIb1HW3sivE6qGyYbGIR6/Gar0H3T
dMx0o7N2w5hEjg==
-----END CERTIFICATE-----
Generated at Sun Mar 22 05:51:24 2026 by rpki-client