Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.mft
File: tfD4OK-8EyJoBUTtHJxaKwmWXZ8.mft (raw, json)
Hash identifier: 5b67tUIqVUL6PoFy8WNUAY64x/BMv2O74APw4spRAQM=
Subject key identifier: 2A:FC:45:50:A0:3B:66:3F:65:2B:8E:36:74:81:49:7A:60:A3:DF:76
Authority key identifier: B5:F0:F8:38:AF:BC:13:22:68:05:44:ED:1C:9C:5A:2B:09:96:5D:9F
Certificate issuer: /CN=b5f0f838afbc1322680544ed1c9c5a2b09965d9f
Certificate serial: 019DA152ADBA5CB415031781EF66138171CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.mft
Manifest number: 18CA
Signing time: Sat 18 Apr 2026 16:00:43 +0000
Manifest this update: Sat 18 Apr 2026 16:00:43 +0000
Manifest next update: Sun 19 Apr 2026 16:00:43 +0000
Files and hashes: 1: VIjK-dF1RkU8oL9JO5ackgQvQqk.roa (hash: EuZj5CNsImrt381xNpJVt+ICs2RyaQvBUySYpPa5Un8=)
2: tBz0by2NzKIkh_m261Gzm8WL1fA.roa (hash: HsCmK+FnFFM5EN4UPd625pAFTouSWoOu/R7Evk3aoN0=)
3: tfD4OK-8EyJoBUTtHJxaKwmWXZ8.crl (hash: fH9OjZ225qFObQ1kzoYKCGK0Jc9+EFkm/NmTp7/Ba5k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 16:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a1:52:ad:ba:5c:b4:15:03:17:81:ef:66:13:81:71:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5f0f838afbc1322680544ed1c9c5a2b09965d9f
Validity
Not Before: Apr 18 16:00:43 2026 GMT
Not After : Apr 19 16:00:43 2026 GMT
Subject: CN=2afc4550a03b663f652b8e367481497a60a3df76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d6:c7:6c:f0:8a:af:4b:40:de:29:77:3d:ea:
44:c0:1b:03:4a:c3:c9:06:b5:96:f9:11:65:2a:07:
8a:2d:30:c1:f3:b8:5e:fb:e3:40:d6:56:2f:b1:fa:
3b:9e:92:3f:e8:40:cc:35:7f:f7:af:ef:a2:f3:e4:
ad:da:1f:d5:d3:f3:ee:c2:c2:74:c4:3f:f7:72:d7:
2f:41:8b:9b:87:aa:98:b2:c0:76:6c:ca:1f:c3:dc:
85:00:45:a1:d3:dd:5a:02:2b:02:6f:ce:e7:44:ca:
0d:05:47:0a:af:19:97:66:41:b6:df:f7:a7:4c:ae:
a2:f0:69:10:98:29:52:49:f9:81:50:45:88:e4:40:
ca:7e:d7:bb:01:b2:6d:29:bb:19:cb:47:e4:cc:9c:
3a:c7:c9:cd:9a:d5:d1:93:97:d6:c2:d1:e8:cc:3a:
54:97:f8:b1:64:02:6a:fd:e7:07:14:8f:52:10:42:
21:df:ee:e4:89:3a:5c:6c:ec:39:10:1e:61:37:11:
ba:0f:99:f0:75:89:b3:38:c4:3b:d4:d0:bc:18:3f:
f8:4d:93:c0:58:0e:a9:b1:c7:37:84:69:ad:72:0c:
62:31:e1:12:0f:37:7a:46:70:15:a7:e8:b8:23:d0:
08:f7:36:11:ba:9b:71:d9:c8:52:6b:df:5d:a3:eb:
3a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FC:45:50:A0:3B:66:3F:65:2B:8E:36:74:81:49:7A:60:A3:DF:76
X509v3 Authority Key Identifier:
keyid:B5:F0:F8:38:AF:BC:13:22:68:05:44:ED:1C:9C:5A:2B:09:96:5D:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:0f:04:df:5b:41:07:23:fd:ce:a5:af:75:e6:55:1d:15:8a:
8e:25:b4:c9:57:93:d0:83:96:ab:f1:bd:f5:02:26:6c:0e:72:
32:c4:0a:ed:0c:7b:5d:7e:7b:40:78:0d:75:4a:bd:06:24:2a:
d6:a0:f0:57:b5:46:c6:66:9d:fe:c4:62:ea:fe:d9:7a:ee:72:
1b:71:8e:3c:72:52:52:5d:08:95:ef:e1:0e:fc:be:3e:e5:e5:
6a:f2:2b:2c:7c:12:c9:0f:32:96:3f:64:5d:7b:84:e0:63:9e:
f8:a7:3f:61:04:6c:6f:b4:6c:46:c7:b7:c3:3e:bc:05:e8:9e:
c4:7b:4c:1a:89:63:7f:0d:6d:f1:e3:57:49:a1:e3:12:20:a1:
38:df:33:02:9a:4a:a3:d2:ba:83:90:5b:52:80:56:d9:d9:0d:
c0:f6:d1:72:32:ce:7a:82:0a:ef:6a:9f:04:ae:fd:75:c7:1e:
6b:91:e9:f8:65:4b:11:da:a4:0e:5e:7f:1c:07:98:a3:c0:fd:
35:72:67:5c:ba:26:15:5d:bf:f1:67:7f:5f:05:a1:ab:f7:b3:
3c:0e:16:3c:49:67:2d:87:f4:2c:15:e5:6d:93:52:64:20:76:
20:0d:2c:d3:40:79:58:0e:48:39:05:b8:bd:de:d9:ee:89:85:
87:e8:73:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2hUq26XLQVAxeB72YTgXHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ZjBmODM4YWZiYzEzMjI2ODA1NDRlZDFjOWM1YTJiMDk5
NjVkOWYwHhcNMjYwNDE4MTYwMDQzWhcNMjYwNDE5MTYwMDQzWjAzMTEwLwYDVQQD
EygyYWZjNDU1MGEwM2I2NjNmNjUyYjhlMzY3NDgxNDk3YTYwYTNkZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9bHbPCKr0tA3il3PepEwBsDSsPJ
BrWW+RFlKgeKLTDB87he++NA1lYvsfo7npI/6EDMNX/3r++i8+St2h/V0/PuwsJ0
xD/3ctcvQYubh6qYssB2bMofw9yFAEWh091aAisCb87nRMoNBUcKrxmXZkG23/en
TK6i8GkQmClSSfmBUEWI5EDKfte7AbJtKbsZy0fkzJw6x8nNmtXRk5fWwtHozDpU
l/ixZAJq/ecHFI9SEEIh3+7kiTpcbOw5EB5hNxG6D5nwdYmzOMQ71NC8GD/4TZPA
WA6pscc3hGmtcgxiMeESDzd6RnAVp+i4I9AI9zYRuptx2chSa99do+s6RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCr8RVCgO2Y/ZSuONnSBSXpgo992MB8GA1UdIwQY
MBaAFLXw+DivvBMiaAVE7RycWisJll2fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGZENE9LLThFeUpvQlVUdEhKeGFLd21XWFo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8zMjA1MTItOTFjYi00MzgzLTk3NjEt
YTUyZGM5YzIyMDdjLzEvdGZENE9LLThFeUpvQlVUdEhKeGFLd21XWFo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8zMjA1MTItOTFjYi00MzgzLTk3NjEtYTUyZGM5YzIyMDdj
LzEvdGZENE9LLThFeUpvQlVUdEhKeGFLd21XWFo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATQ8E31tB
ByP9zqWvdeZVHRWKjiW0yVeT0IOWq/G99QImbA5yMsQK7Qx7XX57QHgNdUq9BiQq
1qDwV7VGxmad/sRi6v7Zeu5yG3GOPHJSUl0Ile/hDvy+PuXlavIrLHwSyQ8ylj9k
XXuE4GOe+Kc/YQRsb7RsRse3wz68BeiexHtMGoljfw1t8eNXSaHjEiChON8zAppK
o9K6g5BbUoBW2dkNwPbRcjLOeoIK72qfBK79dccea5Hp+GVLEdqkDl5/HAeYo8D9
NXJnXLomFV2/8Wd/XwWhq/ezPA4WPElnLYf0LBXlbZNSZCB2IA0s00B5WA5IOQW4
vd7Z7omFh+hzwQ==
-----END CERTIFICATE-----
Generated at Sat Apr 18 23:53:16 2026 by rpki-client