Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
File: TNkIkaeTL3NWqAMznaDM32OtLTU.mft (raw, json)
Hash identifier: wZqKXAK1NPmCM/hCueTtX2/oSO+S+/nOP4hC9bON7Qg=
Subject key identifier: 3D:D7:5F:11:1E:39:51:E2:C3:06:6B:1E:75:EA:A4:85:10:C4:73:A9
Authority key identifier: 4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35
Certificate issuer: /CN=4cd90891a7932f7356a803339da0ccdf63ad2d35
Certificate serial: 019D3A54825E1CE43EF3F44B1B8913CDED16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
Manifest number: 037B
Signing time: Sun 29 Mar 2026 16:01:49 +0000
Manifest this update: Sun 29 Mar 2026 16:01:49 +0000
Manifest next update: Mon 30 Mar 2026 16:01:49 +0000
Files and hashes: 1: SyOMrq9ZPqa-CxddJFs4EYM4Fbg.roa (hash: wy5+/o73Vk3SAFiCb5cli4N7qOzZBJq1Ya6ET4kdAcw=)
2: TNkIkaeTL3NWqAMznaDM32OtLTU.crl (hash: NA2lo9Lym+6oAt2Iswr8IznnCictnD4P6x7m7ZkelEI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:54:82:5e:1c:e4:3e:f3:f4:4b:1b:89:13:cd:ed:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cd90891a7932f7356a803339da0ccdf63ad2d35
Validity
Not Before: Mar 29 16:01:49 2026 GMT
Not After : Mar 30 16:01:49 2026 GMT
Subject: CN=3dd75f111e3951e2c3066b1e75eaa48510c473a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9c:ac:ac:03:c9:e7:ac:ab:b6:df:2e:62:89:
3b:f6:57:4a:e8:17:35:1c:8c:dc:d3:3a:e5:27:fb:
e0:2d:3c:f7:d1:36:c4:80:37:d7:63:8f:c5:6b:60:
6a:33:40:c0:a1:5b:00:6c:52:11:52:d2:a9:01:ec:
f9:be:75:14:95:ed:19:40:f9:e9:24:54:2e:0e:a3:
36:41:33:68:12:1a:2b:28:92:81:19:e3:1d:b4:88:
27:6f:18:2b:41:09:cf:6f:52:d7:2d:d6:41:fb:18:
f4:be:7b:7c:39:fb:10:3a:60:39:92:ac:8b:52:d1:
fd:bf:e4:1e:0f:1e:5f:d6:ed:66:4c:24:b7:ea:28:
3f:6e:ca:14:2c:21:27:ad:3e:83:ea:73:87:cb:b4:
3c:0e:19:49:dd:db:03:77:d4:7d:42:fc:d2:f3:f0:
8c:48:c3:1d:bd:05:3a:29:c9:7b:8e:02:28:3e:68:
86:ea:a4:2a:af:2e:53:59:e3:80:b3:30:9a:5a:15:
a0:c7:29:be:8b:f9:eb:01:aa:5e:2f:94:01:1d:02:
70:61:7f:ed:89:06:4f:5c:44:62:a0:d0:46:f2:07:
20:2e:20:67:53:5a:55:ab:a1:3f:25:d0:83:ae:29:
81:30:3e:c1:21:71:b7:df:c7:a6:d0:c2:9c:a4:93:
aa:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D7:5F:11:1E:39:51:E2:C3:06:6B:1E:75:EA:A4:85:10:C4:73:A9
X509v3 Authority Key Identifier:
keyid:4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:77:8f:27:59:60:98:12:c3:c1:83:1f:ab:3a:cd:34:a2:9b:
49:6f:5e:d4:39:44:56:c9:d5:60:b7:39:1b:e1:74:26:68:e4:
21:f2:30:a4:b1:b7:4a:02:0f:a0:b5:50:4b:b3:2e:ef:7d:bb:
f7:d2:b4:f7:67:ac:fb:87:c6:a2:a3:cf:6d:d2:ec:78:b8:9f:
3a:91:26:8e:89:ad:55:02:8d:86:fa:f4:a0:36:30:ea:62:6d:
6c:ff:12:ad:31:98:ca:dc:91:93:79:70:45:6b:a4:a3:d0:95:
87:c5:0a:a2:d4:a3:0c:50:e9:54:cc:3b:42:e7:7e:26:3a:d5:
ae:e1:88:d0:d9:fd:bc:42:bf:a8:1f:53:bd:9a:f1:90:e9:dc:
1f:19:c7:66:88:49:c8:b5:fd:5e:fb:5a:c0:94:05:d0:1d:8f:
0b:15:ea:58:dc:67:29:10:5b:a3:58:48:40:22:86:a6:26:79:
42:2e:08:a9:29:72:59:95:9f:9c:0e:b6:09:56:ed:2e:b2:ba:
61:63:62:6e:b9:26:67:4e:07:ac:0d:27:07:f6:4d:8d:5e:de:
58:7c:0d:a3:15:c3:76:53:5e:1a:ef:57:c9:a6:af:ed:15:c5:
62:a8:a7:fe:24:74:f7:9e:b1:9b:b4:06:cc:76:71:b5:6a:d8:
e9:22:bb:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VIJeHOQ+8/RLG4kTze0WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZDkwODkxYTc5MzJmNzM1NmE4MDMzMzlkYTBjY2RmNjNh
ZDJkMzUwHhcNMjYwMzI5MTYwMTQ5WhcNMjYwMzMwMTYwMTQ5WjAzMTEwLwYDVQQD
EygzZGQ3NWYxMTFlMzk1MWUyYzMwNjZiMWU3NWVhYTQ4NTEwYzQ3M2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5ysrAPJ56yrtt8uYok79ldK6Bc1
HIzc0zrlJ/vgLTz30TbEgDfXY4/Fa2BqM0DAoVsAbFIRUtKpAez5vnUUle0ZQPnp
JFQuDqM2QTNoEhorKJKBGeMdtIgnbxgrQQnPb1LXLdZB+xj0vnt8OfsQOmA5kqyL
UtH9v+QeDx5f1u1mTCS36ig/bsoULCEnrT6D6nOHy7Q8DhlJ3dsDd9R9QvzS8/CM
SMMdvQU6Kcl7jgIoPmiG6qQqry5TWeOAszCaWhWgxym+i/nrAapeL5QBHQJwYX/t
iQZPXERioNBG8gcgLiBnU1pVq6E/JdCDrimBMD7BIXG338em0MKcpJOqdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3XXxEeOVHiwwZrHnXqpIUQxHOpMB8GA1UdIwQY
MBaAFEzZCJGnky9zVqgDM52gzN9jrS01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2Mt
NjljYTRjYjY1Zjk3LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2MtNjljYTRjYjY1Zjk3
LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGnePJ1lg
mBLDwYMfqzrNNKKbSW9e1DlEVsnVYLc5G+F0JmjkIfIwpLG3SgIPoLVQS7Mu7327
99K092es+4fGoqPPbdLseLifOpEmjomtVQKNhvr0oDYw6mJtbP8SrTGYytyRk3lw
RWuko9CVh8UKotSjDFDpVMw7Qud+JjrVruGI0Nn9vEK/qB9TvZrxkOncHxnHZohJ
yLX9XvtawJQF0B2PCxXqWNxnKRBbo1hIQCKGpiZ5Qi4IqSlyWZWfnA62CVbtLrK6
YWNibrkmZ04HrA0nB/ZNjV7eWHwNoxXDdlNeGu9Xyaav7RXFYqin/iR0956xm7QG
zHZxtWrY6SK79Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:23:24 2026 by rpki-client