Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/d885bb-a3dc-4390-bf24-103b17d3eb45/1/TTaHdCvs89CAgu0S6fNHC4LafP8.mft
File: TTaHdCvs89CAgu0S6fNHC4LafP8.mft (raw, json)
Hash identifier: 4WdddJQfZKHHEuYWHJmaJT61EDheYBedE0zFCLnpkWE=
Subject key identifier: DB:80:3E:48:E6:67:9B:FC:9F:8C:F7:09:60:AF:43:32:1D:B9:BF:BF
Authority key identifier: 4D:36:87:74:2B:EC:F3:D0:80:82:ED:12:E9:F3:47:0B:82:DA:7C:FF
Certificate issuer: /CN=4d3687742becf3d08082ed12e9f3470b82da7cff
Certificate serial: 019D3940B1100DA67F43CE75639CD46DBFCC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TTaHdCvs89CAgu0S6fNHC4LafP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/d885bb-a3dc-4390-bf24-103b17d3eb45/1/TTaHdCvs89CAgu0S6fNHC4LafP8.mft
Manifest number: 0F72
Signing time: Sun 29 Mar 2026 11:00:33 +0000
Manifest this update: Sun 29 Mar 2026 11:00:33 +0000
Manifest next update: Mon 30 Mar 2026 11:00:33 +0000
Files and hashes: 1: DR-3C6YEtKMcL_5es4EXU7AZkNI.roa (hash: OUT6KMW2KBguWe74r4/N3KwEXWVjz7ZfPOq1uxqbzVY=)
2: TTaHdCvs89CAgu0S6fNHC4LafP8.crl (hash: Ya93lTrwIxwsss1J3JqkJiLZdJ4WyfykBu3cu8xJx4Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/d885bb-a3dc-4390-bf24-103b17d3eb45/1/TTaHdCvs89CAgu0S6fNHC4LafP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/d885bb-a3dc-4390-bf24-103b17d3eb45/1/TTaHdCvs89CAgu0S6fNHC4LafP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/TTaHdCvs89CAgu0S6fNHC4LafP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:b1:10:0d:a6:7f:43:ce:75:63:9c:d4:6d:bf:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d3687742becf3d08082ed12e9f3470b82da7cff
Validity
Not Before: Mar 29 11:00:33 2026 GMT
Not After : Mar 30 11:00:33 2026 GMT
Subject: CN=db803e48e6679bfc9f8cf70960af43321db9bfbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b3:bd:53:28:88:90:a4:4e:e1:7d:90:14:47:
d5:4f:cb:bb:80:04:ff:80:be:c7:88:6d:33:a2:62:
c9:5f:a7:5b:d0:03:3c:51:55:45:aa:f5:56:37:48:
b5:95:5e:14:dd:b0:71:5d:36:00:3a:bd:85:b7:e9:
26:0a:42:50:5d:5b:cf:81:dc:6e:cd:26:d0:ec:52:
70:50:36:1b:ea:02:bf:e1:1a:d7:39:91:46:38:ce:
06:ee:63:f1:42:11:fc:ed:eb:f6:4a:30:e5:d2:f6:
1d:91:91:8d:10:e1:61:90:83:d3:2f:86:a8:db:5e:
c7:39:54:1c:11:e6:b1:25:d7:61:a4:a3:1e:6b:7c:
77:21:51:5d:48:7e:fa:d4:21:67:91:71:53:51:20:
83:0b:23:0a:55:ee:3e:c4:b4:58:fd:ef:f2:45:3c:
e3:f8:2f:c7:e3:d6:de:ad:21:98:48:79:1b:94:16:
99:61:e1:a0:39:84:9d:a3:c3:fa:5e:c9:ce:63:78:
03:25:e9:65:7f:9c:62:63:7b:9f:08:41:77:fa:35:
6f:e4:51:5d:ff:8b:47:d9:3f:f5:41:9e:e2:5f:e4:
df:fe:ed:7b:a7:bb:44:95:d3:d3:84:d7:05:45:78:
bd:e2:a6:9a:a1:3d:ee:5e:5a:09:e7:19:8c:8e:49:
9c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:80:3E:48:E6:67:9B:FC:9F:8C:F7:09:60:AF:43:32:1D:B9:BF:BF
X509v3 Authority Key Identifier:
keyid:4D:36:87:74:2B:EC:F3:D0:80:82:ED:12:E9:F3:47:0B:82:DA:7C:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TTaHdCvs89CAgu0S6fNHC4LafP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/d885bb-a3dc-4390-bf24-103b17d3eb45/1/TTaHdCvs89CAgu0S6fNHC4LafP8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/d885bb-a3dc-4390-bf24-103b17d3eb45/1/TTaHdCvs89CAgu0S6fNHC4LafP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:06:ca:23:54:04:1a:4d:ac:6a:b9:a3:99:8c:01:e6:cc:2e:
a7:75:15:da:1c:41:2b:90:12:f0:6e:e8:0a:9c:47:46:59:4b:
12:0c:68:8c:71:3c:91:18:34:d2:97:28:5c:eb:d4:7d:82:15:
7b:59:e7:a0:5d:94:c6:db:94:7a:a6:bd:27:85:5b:27:12:3a:
b3:39:b1:64:9b:89:dc:5c:a7:c4:4a:f7:9f:90:09:22:9a:ba:
7a:cd:eb:bd:b3:a9:6c:b2:99:64:35:91:f6:99:82:94:f2:e2:
b7:4a:1c:a2:a0:1f:91:26:78:31:51:0b:58:c2:44:13:f3:9b:
da:67:c7:80:38:05:4a:b3:5d:17:a5:87:2d:a7:01:93:bd:c8:
0f:95:0d:61:a8:9a:1b:a7:b1:0f:ff:5d:6e:a3:ca:e6:a9:67:
3b:d1:97:29:0b:25:98:7e:b5:57:24:43:1a:26:94:d9:a8:89:
e1:d1:f7:9b:ff:bb:81:9f:9c:9e:e6:d2:29:8a:33:4a:ed:45:
8a:e5:56:bf:52:0d:a3:d1:11:0a:d9:e7:46:f1:64:9e:a4:e7:
7f:3f:8c:15:df:3f:db:51:0a:32:a5:67:c5:99:1d:a0:01:c0:
0d:2f:84:83:c5:6c:96:35:0c:35:f9:3e:1b:00:d2:40:74:74:
26:b3:f5:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QLEQDaZ/Q851Y5zUbb/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMzY4Nzc0MmJlY2YzZDA4MDgyZWQxMmU5ZjM0NzBiODJk
YTdjZmYwHhcNMjYwMzI5MTEwMDMzWhcNMjYwMzMwMTEwMDMzWjAzMTEwLwYDVQQD
EyhkYjgwM2U0OGU2Njc5YmZjOWY4Y2Y3MDk2MGFmNDMzMjFkYjliZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbO9UyiIkKRO4X2QFEfVT8u7gAT/
gL7HiG0zomLJX6db0AM8UVVFqvVWN0i1lV4U3bBxXTYAOr2Ft+kmCkJQXVvPgdxu
zSbQ7FJwUDYb6gK/4RrXOZFGOM4G7mPxQhH87ev2SjDl0vYdkZGNEOFhkIPTL4ao
217HOVQcEeaxJddhpKMea3x3IVFdSH761CFnkXFTUSCDCyMKVe4+xLRY/e/yRTzj
+C/H49berSGYSHkblBaZYeGgOYSdo8P6XsnOY3gDJellf5xiY3ufCEF3+jVv5FFd
/4tH2T/1QZ7iX+Tf/u17p7tEldPThNcFRXi94qaaoT3uXloJ5xmMjkmccQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNuAPkjmZ5v8n4z3CWCvQzIdub+/MB8GA1UdIwQY
MBaAFE02h3Qr7PPQgILtEunzRwuC2nz/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFRhSGRDdnM4OUNBZ3UwUzZmTkhDNExhZlA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kODg1YmItYTNkYy00MzkwLWJmMjQt
MTAzYjE3ZDNlYjQ1LzEvVFRhSGRDdnM4OUNBZ3UwUzZmTkhDNExhZlA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kODg1YmItYTNkYy00MzkwLWJmMjQtMTAzYjE3ZDNlYjQ1
LzEvVFRhSGRDdnM4OUNBZ3UwUzZmTkhDNExhZlA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADQbKI1QE
Gk2sarmjmYwB5swup3UV2hxBK5AS8G7oCpxHRllLEgxojHE8kRg00pcoXOvUfYIV
e1nnoF2UxtuUeqa9J4VbJxI6szmxZJuJ3FynxEr3n5AJIpq6es3rvbOpbLKZZDWR
9pmClPLit0ocoqAfkSZ4MVELWMJEE/Ob2mfHgDgFSrNdF6WHLacBk73ID5UNYaia
G6exD/9dbqPK5qlnO9GXKQslmH61VyRDGiaU2aiJ4dH3m/+7gZ+cnubSKYozSu1F
iuVWv1INo9ERCtnnRvFknqTnfz+MFd8/21EKMqVnxZkdoAHADS+Eg8VsljUMNfk+
GwDSQHR0JrP1lg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:09 2026 by rpki-client