Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.mft
File: Tm32g40DOAFB635O5V3AXYcGHck.mft (raw, json)
Hash identifier: VcxbXWiVFpRDqNYWLE8n/krrmBVxpixDNeYY6SCWZhk=
Subject key identifier: 90:69:39:79:13:FE:52:4B:6E:B7:00:99:F0:22:F6:6D:28:25:54:DA
Authority key identifier: 4E:6D:F6:83:8D:03:38:01:41:EB:7E:4E:E5:5D:C0:5D:87:06:1D:C9
Certificate issuer: /CN=4e6df6838d03380141eb7e4ee55dc05d87061dc9
Certificate serial: 019D389BF4BC955BF944C82740FAEFF95C06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tm32g40DOAFB635O5V3AXYcGHck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.mft
Manifest number: 12DD
Signing time: Sun 29 Mar 2026 08:00:37 +0000
Manifest this update: Sun 29 Mar 2026 08:00:37 +0000
Manifest next update: Mon 30 Mar 2026 08:00:37 +0000
Files and hashes: 1: Tm32g40DOAFB635O5V3AXYcGHck.crl (hash: yeqy4RDpQZEOH1DnBRl7Ov4qKdpno4e/lo+N4tzBXZ8=)
2: xdrQzD8F-W74pVt7R0a-P7c9upU.roa (hash: abblQYTkxZVFW1Ns3PROXNnoRQdUS1zz9CUYdEet9Bc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tm32g40DOAFB635O5V3AXYcGHck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:f4:bc:95:5b:f9:44:c8:27:40:fa:ef:f9:5c:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e6df6838d03380141eb7e4ee55dc05d87061dc9
Validity
Not Before: Mar 29 08:00:37 2026 GMT
Not After : Mar 30 08:00:37 2026 GMT
Subject: CN=9069397913fe524b6eb70099f022f66d282554da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fc:f8:3d:ec:95:9f:75:68:52:8b:ec:3e:77:
b5:aa:d2:19:29:c9:ec:ac:ee:51:f3:d2:e8:34:45:
f6:42:48:27:34:0e:ce:3c:1d:ca:85:9b:32:ac:51:
8c:d3:4c:eb:05:02:c0:8b:e7:25:e8:de:3a:e5:00:
9b:e2:01:b2:6d:cf:f1:6e:c0:c8:cf:07:25:6d:10:
c5:1b:e7:e4:03:71:40:83:d5:f4:85:90:16:83:70:
7f:d3:ef:eb:49:35:f8:57:1c:c5:3d:82:0b:20:01:
2b:5f:41:48:74:c6:bd:b3:f5:0f:c2:4a:40:98:7c:
13:a5:05:8d:2c:8b:56:ec:c9:f0:33:91:2a:48:b1:
08:44:60:fb:ec:1e:83:94:3d:df:51:56:07:f6:19:
e4:bb:15:23:d2:6f:88:77:fd:d0:27:95:c5:de:4d:
0b:7c:b5:3d:6b:61:f4:dd:78:a8:d0:b0:1e:e6:ad:
06:fb:b6:dd:de:99:64:82:bf:6b:e7:a2:db:4c:a1:
71:59:d7:10:c5:f8:9d:c8:bf:e5:a2:f8:60:ec:6e:
ef:1e:1b:f7:27:39:a1:07:37:b8:78:c2:27:08:5b:
c6:02:64:62:a8:19:64:2e:e2:17:4d:67:04:35:5e:
19:26:75:47:dc:84:33:8c:13:8f:41:2a:3a:69:2d:
eb:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:69:39:79:13:FE:52:4B:6E:B7:00:99:F0:22:F6:6D:28:25:54:DA
X509v3 Authority Key Identifier:
keyid:4E:6D:F6:83:8D:03:38:01:41:EB:7E:4E:E5:5D:C0:5D:87:06:1D:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tm32g40DOAFB635O5V3AXYcGHck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c2:d8:27:9c:25:6e:7a:3d:29:a4:09:8d:b9:ae:1c:da:b2:fa:
54:4d:44:ce:d8:f5:1b:e5:5b:40:3f:1e:69:16:17:54:ed:1d:
11:08:49:71:91:5b:b0:aa:7c:f6:3d:5d:a8:14:e8:3c:29:64:
8d:9e:67:19:b6:79:40:1b:7b:dd:62:a2:83:a5:d6:b8:eb:b3:
96:03:6d:e3:32:8a:b6:71:ae:79:35:9e:af:ac:c4:9b:2a:82:
ac:87:f5:dc:ae:6f:db:24:a6:ab:6c:14:9e:0f:a6:34:2a:70:
23:cc:e8:25:2a:7a:2e:03:8c:a2:62:5b:84:bc:ee:42:7a:30:
b2:68:b8:3c:60:d3:83:7a:19:26:e2:63:18:3a:38:55:7c:54:
53:26:d0:1b:c8:e9:60:fe:8e:c2:17:7a:b3:a7:e6:9a:59:f8:
56:15:33:16:78:67:c7:6e:44:1f:55:6e:59:fa:2c:ba:65:22:
46:88:c0:f0:be:f6:8a:a4:3a:18:8c:c8:19:b8:2c:b6:3b:72:
fe:46:e9:58:32:68:e4:3c:4a:9d:e6:30:57:f4:b6:8c:26:90:
e9:5f:5e:27:33:a2:44:f7:fc:71:88:c2:de:39:60:ed:ca:c4:
b8:30:a2:bf:31:52:5b:8f:bb:ec:b3:b2:64:8f:99:98:c3:c9:
0c:56:d1:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m/S8lVv5RMgnQPrv+VwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNmRmNjgzOGQwMzM4MDE0MWViN2U0ZWU1NWRjMDVkODcw
NjFkYzkwHhcNMjYwMzI5MDgwMDM3WhcNMjYwMzMwMDgwMDM3WjAzMTEwLwYDVQQD
Eyg5MDY5Mzk3OTEzZmU1MjRiNmViNzAwOTlmMDIyZjY2ZDI4MjU1NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/z4PeyVn3VoUovsPne1qtIZKcns
rO5R89LoNEX2QkgnNA7OPB3KhZsyrFGM00zrBQLAi+cl6N465QCb4gGybc/xbsDI
zwclbRDFG+fkA3FAg9X0hZAWg3B/0+/rSTX4VxzFPYILIAErX0FIdMa9s/UPwkpA
mHwTpQWNLItW7MnwM5EqSLEIRGD77B6DlD3fUVYH9hnkuxUj0m+Id/3QJ5XF3k0L
fLU9a2H03Xio0LAe5q0G+7bd3plkgr9r56LbTKFxWdcQxfidyL/lovhg7G7vHhv3
JzmhBze4eMInCFvGAmRiqBlkLuIXTWcENV4ZJnVH3IQzjBOPQSo6aS3rLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJBpOXkT/lJLbrcAmfAi9m0oJVTaMB8GA1UdIwQY
MBaAFE5t9oONAzgBQet+TuVdwF2HBh3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG0zMmc0MERPQUZCNjM1TzVWM0FYWWNHSGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi82ZWViNWMtZDI1MS00NzBhLWE3Y2Qt
MzE4MzYyMDA0ZThhLzEvVG0zMmc0MERPQUZCNjM1TzVWM0FYWWNHSGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi82ZWViNWMtZDI1MS00NzBhLWE3Y2QtMzE4MzYyMDA0ZThh
LzEvVG0zMmc0MERPQUZCNjM1TzVWM0FYWWNHSGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwtgnnCVu
ej0ppAmNua4c2rL6VE1Eztj1G+VbQD8eaRYXVO0dEQhJcZFbsKp89j1dqBToPClk
jZ5nGbZ5QBt73WKig6XWuOuzlgNt4zKKtnGueTWer6zEmyqCrIf13K5v2ySmq2wU
ng+mNCpwI8zoJSp6LgOMomJbhLzuQnowsmi4PGDTg3oZJuJjGDo4VXxUUybQG8jp
YP6Owhd6s6fmmln4VhUzFnhnx25EH1VuWfosumUiRojA8L72iqQ6GIzIGbgstjty
/kbpWDJo5DxKneYwV/S2jCaQ6V9eJzOiRPf8cYjC3jlg7crEuDCivzFSW4+77LOy
ZI+ZmMPJDFbRng==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:30:10 2026 by rpki-client