Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft
File: tRFbXBJF3DDhIwQHnslKNe1SfGY.mft (raw, json)
Hash identifier: VUTw43vmcRC/GbO0QKnZ9jtdUnt6GTIc5KhRJGdgNZc=
Subject key identifier: 2E:B6:2B:60:DA:D1:02:DC:84:C9:7A:3F:00:1D:7E:5C:66:20:7C:B5
Authority key identifier: B5:11:5B:5C:12:45:DC:30:E1:23:04:07:9E:C9:4A:35:ED:52:7C:66
Certificate issuer: /CN=b5115b5c1245dc30e12304079ec94a35ed527c66
Certificate serial: 019D38D34ED64F724D62D18D0BC8577AED08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tRFbXBJF3DDhIwQHnslKNe1SfGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft
Manifest number: 0251
Signing time: Sun 29 Mar 2026 09:01:05 +0000
Manifest this update: Sun 29 Mar 2026 09:01:05 +0000
Manifest next update: Mon 30 Mar 2026 09:01:05 +0000
Files and hashes: 1: VwLAIV5D66a6FPS07LFDWIQS-_0.roa (hash: T9H++z3WO1CHzgCbp0BP6ZLUx+OwVcmGlNY7g9M8Uf4=)
2: tRFbXBJF3DDhIwQHnslKNe1SfGY.crl (hash: KS6JDybWJYdFJ5kyAuBjpVdY8WvSEtV8O1DT4W++A2s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/tRFbXBJF3DDhIwQHnslKNe1SfGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:4e:d6:4f:72:4d:62:d1:8d:0b:c8:57:7a:ed:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5115b5c1245dc30e12304079ec94a35ed527c66
Validity
Not Before: Mar 29 09:01:05 2026 GMT
Not After : Mar 30 09:01:05 2026 GMT
Subject: CN=2eb62b60dad102dc84c97a3f001d7e5c66207cb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:be:bb:04:71:5b:75:61:60:30:3e:2d:2e:f7:
d4:7f:2b:f6:7a:2b:a1:20:13:6e:62:4a:08:ed:24:
19:93:1a:28:6c:b6:41:0c:e6:b9:49:70:4d:af:5b:
bf:5b:d3:e7:b1:f2:26:5c:db:d3:65:a0:60:33:1a:
71:dc:31:fd:a0:6a:13:13:cf:f7:95:66:26:c6:2d:
75:fe:2c:87:8f:e1:28:5b:8c:8c:25:17:d4:5a:89:
6a:45:1e:3e:ba:fc:da:79:de:37:80:68:5c:86:1f:
55:d4:10:69:0b:ef:b9:34:7d:0e:ae:5f:53:e3:68:
97:ee:2c:01:8a:03:65:a6:7e:9e:dd:42:91:3b:b8:
ce:8e:c1:21:f9:d5:42:07:4d:3d:c0:ea:34:0a:35:
66:84:cc:dd:4d:04:fb:4a:64:eb:85:af:54:ca:9d:
50:b0:73:bb:7f:57:27:c0:69:28:80:6a:ac:eb:dd:
00:8d:19:e5:7f:68:05:85:af:41:b7:4d:00:1f:73:
53:0f:c6:c6:d3:d2:d0:fb:bc:6f:3a:66:8d:4c:b3:
88:e3:3a:7e:74:34:db:38:42:e2:fd:84:ca:de:89:
e3:95:91:ba:38:7a:a4:d5:e6:0e:28:94:f0:09:7d:
ce:b4:d4:c7:ae:5c:00:e3:6d:c9:26:2d:bc:e9:2d:
44:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B6:2B:60:DA:D1:02:DC:84:C9:7A:3F:00:1D:7E:5C:66:20:7C:B5
X509v3 Authority Key Identifier:
keyid:B5:11:5B:5C:12:45:DC:30:E1:23:04:07:9E:C9:4A:35:ED:52:7C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRFbXBJF3DDhIwQHnslKNe1SfGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:ce:52:8b:72:81:0a:5a:89:8a:6d:1b:31:fa:0c:4e:8f:bb:
02:e6:ca:6f:c7:74:85:36:23:f9:d9:65:58:d6:44:e8:52:e8:
4e:78:41:73:75:76:02:cf:92:00:5f:99:ac:b7:ee:96:3d:9d:
64:8a:e7:f2:79:dd:74:e3:eb:01:86:94:7f:51:92:65:eb:70:
d0:47:2b:7f:c3:51:c5:2d:c7:6d:ee:c7:dc:72:5b:55:ce:3c:
57:34:6a:ae:66:32:c1:6c:87:2c:db:46:10:c0:15:63:14:57:
a5:89:ec:e5:ba:b4:39:3f:07:14:16:04:29:46:02:01:71:87:
9e:24:1d:c1:38:49:29:31:2c:6c:10:13:06:be:f4:7d:91:cb:
7a:f5:66:15:e8:e5:eb:42:22:09:68:45:5d:b9:49:dc:1c:45:
60:aa:4b:14:cc:71:6f:47:58:98:6d:e3:9c:2b:4a:af:50:1a:
e3:4a:9c:44:87:36:43:b6:2e:fa:59:cb:c9:b9:6e:84:db:97:
b7:b0:fb:84:2a:76:72:20:2e:d4:6d:75:0d:71:0e:06:64:ba:
4a:f4:a1:27:13:84:ec:ff:9e:f2:1c:43:74:77:c3:ce:24:b5:
1c:40:b7:46:fd:f7:81:10:87:e9:1b:88:9b:c8:d2:9b:26:4a:
a7:6c:b7:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04007WT3JNYtGNC8hXeu0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTE1YjVjMTI0NWRjMzBlMTIzMDQwNzllYzk0YTM1ZWQ1
MjdjNjYwHhcNMjYwMzI5MDkwMTA1WhcNMjYwMzMwMDkwMTA1WjAzMTEwLwYDVQQD
EygyZWI2MmI2MGRhZDEwMmRjODRjOTdhM2YwMDFkN2U1YzY2MjA3Y2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub67BHFbdWFgMD4tLvfUfyv2eiuh
IBNuYkoI7SQZkxoobLZBDOa5SXBNr1u/W9PnsfImXNvTZaBgMxpx3DH9oGoTE8/3
lWYmxi11/iyHj+EoW4yMJRfUWolqRR4+uvzaed43gGhchh9V1BBpC++5NH0Orl9T
42iX7iwBigNlpn6e3UKRO7jOjsEh+dVCB009wOo0CjVmhMzdTQT7SmTrha9Uyp1Q
sHO7f1cnwGkogGqs690AjRnlf2gFha9Bt00AH3NTD8bG09LQ+7xvOmaNTLOI4zp+
dDTbOELi/YTK3onjlZG6OHqk1eYOKJTwCX3OtNTHrlwA423JJi286S1EpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC62K2Da0QLchMl6PwAdflxmIHy1MB8GA1UdIwQY
MBaAFLURW1wSRdww4SMEB57JSjXtUnxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJGYlhCSkYzRERoSXdRSG5zbEtOZTFTZkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hMzZhNjctNTQyYi00ZjhlLTgxZjAt
NmUyZGE2MGUyODM0LzEvdFJGYlhCSkYzRERoSXdRSG5zbEtOZTFTZkdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hMzZhNjctNTQyYi00ZjhlLTgxZjAtNmUyZGE2MGUyODM0
LzEvdFJGYlhCSkYzRERoSXdRSG5zbEtOZTFTZkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN85Si3KB
ClqJim0bMfoMTo+7AubKb8d0hTYj+dllWNZE6FLoTnhBc3V2As+SAF+ZrLfulj2d
ZIrn8nnddOPrAYaUf1GSZetw0Ecrf8NRxS3Hbe7H3HJbVc48VzRqrmYywWyHLNtG
EMAVYxRXpYns5bq0OT8HFBYEKUYCAXGHniQdwThJKTEsbBATBr70fZHLevVmFejl
60IiCWhFXblJ3BxFYKpLFMxxb0dYmG3jnCtKr1Aa40qcRIc2Q7Yu+lnLybluhNuX
t7D7hCp2ciAu1G11DXEOBmS6SvShJxOE7P+e8hxDdHfDziS1HEC3Rv33gRCH6RuI
m8jSmyZKp2y3QA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:31:00 2026 by rpki-client