Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
File: TQiJTKQFMefSApQJEojnetEsKXk.mft (raw, json)
Hash identifier: +N/zYwPeerfKWogfJiIaa9pdq9vryDFplIa8t2/DwdA=
Subject key identifier: DF:35:62:E3:EB:A3:99:96:EE:2F:A6:61:E0:7F:22:33:5C:82:D4:65
Authority key identifier: 4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
Certificate issuer: /CN=4d08894ca40531e7d20294091288e77ad12c2979
Certificate serial: 019D382DC864497F3B8A056C6B205020A348
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
Manifest number: 0956
Signing time: Sun 29 Mar 2026 06:00:17 +0000
Manifest this update: Sun 29 Mar 2026 06:00:17 +0000
Manifest next update: Mon 30 Mar 2026 06:00:17 +0000
Files and hashes: 1: 1SYQW-AytRFT8X7H178C63GJxjA.roa (hash: ZzI22LUMgcKDVR6FP27XHCqtHrqNmJBOs8nOGmHXP4g=)
2: TQiJTKQFMefSApQJEojnetEsKXk.crl (hash: mziG4Dyevbnx3hTVr8FEbWlUFEXb1Hhh+WBvOAt2kA4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:c8:64:49:7f:3b:8a:05:6c:6b:20:50:20:a3:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d08894ca40531e7d20294091288e77ad12c2979
Validity
Not Before: Mar 29 06:00:17 2026 GMT
Not After : Mar 30 06:00:17 2026 GMT
Subject: CN=df3562e3eba39996ee2fa661e07f22335c82d465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e9:dc:ba:b7:01:72:e7:67:10:9f:75:ab:85:
0e:72:ff:ea:31:6e:e2:a4:48:9e:31:7b:b9:c1:0b:
0a:e0:61:29:7a:f3:ba:be:7a:00:1a:99:8b:20:f1:
59:42:d2:8d:13:f8:55:8e:bf:3f:b7:d5:0e:3b:f1:
d5:b4:13:a6:a2:b8:38:e2:7a:db:45:f3:e9:5a:66:
06:9b:2a:1c:86:5a:cc:d5:84:06:14:6d:7d:31:20:
62:cf:8e:39:10:46:59:ea:c2:aa:73:95:fd:b7:7c:
11:60:4b:f7:b8:aa:54:57:6f:da:d1:2c:84:f1:99:
bb:08:3a:21:9f:e9:28:a8:8f:70:92:b6:56:34:31:
0d:2b:28:fb:ac:1b:49:d4:7b:ed:9e:1d:e5:ed:3c:
93:c1:43:92:8e:71:ad:9b:c6:79:0c:39:86:d4:f8:
23:37:92:f1:26:b4:40:ea:55:71:06:5b:0a:84:6b:
26:bd:f4:ec:fa:de:6f:7a:14:d6:0c:c0:f5:9e:5a:
95:08:79:2d:bd:34:11:58:55:70:5f:af:05:47:81:
f4:6d:c0:57:bf:41:84:dd:e6:f6:9a:c2:33:5a:2d:
ce:1f:e5:88:59:65:94:df:50:c4:b6:2c:72:0a:db:
54:50:af:f6:98:84:01:c0:a0:7b:7f:17:aa:dd:df:
36:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:35:62:E3:EB:A3:99:96:EE:2F:A6:61:E0:7F:22:33:5C:82:D4:65
X509v3 Authority Key Identifier:
keyid:4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:90:1c:2d:4d:6a:5b:dc:70:17:9e:f4:a4:75:31:6c:a9:18:
27:0d:94:97:6c:ae:51:b3:19:06:63:2e:9d:6c:3f:f3:72:a6:
75:14:b7:bf:cb:7d:8a:33:04:a2:4e:e9:be:64:e0:3e:2e:c7:
a4:0b:2b:1c:30:6b:cb:bd:25:09:d0:dc:9f:33:81:3a:c5:20:
f2:79:34:58:29:db:8d:de:a3:30:c7:db:ad:e1:82:60:6c:61:
72:d3:4a:20:17:0d:ce:e9:de:e4:00:9a:fc:03:c7:4b:58:e7:
81:12:cc:62:67:f0:e7:17:7e:35:be:3d:8d:e8:4b:4b:86:62:
e2:a9:db:30:82:ca:13:56:16:25:64:33:1f:92:1d:4a:d2:f4:
ec:c6:33:7d:e2:74:50:d6:ce:00:22:d1:46:ac:73:96:04:b4:
5d:fc:01:1d:c0:40:1d:ac:31:fa:d6:8e:26:35:31:9b:76:16:
5f:20:12:37:ca:e2:49:8e:3c:2e:1e:5f:a6:d5:50:7e:5c:df:
00:16:e9:2e:fd:c5:2f:9e:2c:a5:d8:46:ca:83:3f:30:f0:88:
8d:46:9c:3c:c3:26:c2:cb:74:0c:8a:a7:66:98:5c:7d:d1:50:
60:6c:05:df:8c:57:8c:f0:02:37:da:e3:2a:84:46:2b:19:fc:
1c:e1:2b:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LchkSX87igVsayBQIKNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMDg4OTRjYTQwNTMxZTdkMjAyOTQwOTEyODhlNzdhZDEy
YzI5NzkwHhcNMjYwMzI5MDYwMDE3WhcNMjYwMzMwMDYwMDE3WjAzMTEwLwYDVQQD
EyhkZjM1NjJlM2ViYTM5OTk2ZWUyZmE2NjFlMDdmMjIzMzVjODJkNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+ncurcBcudnEJ91q4UOcv/qMW7i
pEieMXu5wQsK4GEpevO6vnoAGpmLIPFZQtKNE/hVjr8/t9UOO/HVtBOmorg44nrb
RfPpWmYGmyochlrM1YQGFG19MSBiz445EEZZ6sKqc5X9t3wRYEv3uKpUV2/a0SyE
8Zm7CDohn+koqI9wkrZWNDENKyj7rBtJ1Hvtnh3l7TyTwUOSjnGtm8Z5DDmG1Pgj
N5LxJrRA6lVxBlsKhGsmvfTs+t5vehTWDMD1nlqVCHktvTQRWFVwX68FR4H0bcBX
v0GE3eb2msIzWi3OH+WIWWWU31DEtixyCttUUK/2mIQBwKB7fxeq3d824wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN81YuPro5mW7i+mYeB/IjNcgtRlMB8GA1UdIwQY
MBaAFE0IiUykBTHn0gKUCRKI53rRLCl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWIt
NGFiYWRiNWFlYTlhLzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWItNGFiYWRiNWFlYTlh
LzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb5AcLU1q
W9xwF570pHUxbKkYJw2Ul2yuUbMZBmMunWw/83KmdRS3v8t9ijMEok7pvmTgPi7H
pAsrHDBry70lCdDcnzOBOsUg8nk0WCnbjd6jMMfbreGCYGxhctNKIBcNzune5ACa
/APHS1jngRLMYmfw5xd+Nb49jehLS4Zi4qnbMILKE1YWJWQzH5IdStL07MYzfeJ0
UNbOACLRRqxzlgS0XfwBHcBAHawx+taOJjUxm3YWXyASN8riSY48Lh5fptVQflzf
ABbpLv3FL54spdhGyoM/MPCIjUacPMMmwst0DIqnZphcfdFQYGwF34xXjPACN9rj
KoRGKxn8HOEryw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:14:01 2026 by rpki-client