Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.mft
File: tMflb0aH6hstd2PQiI0QUCNbV0s.mft (raw, json)
Hash identifier: K3pLyWpiO3Lx7tcDviJzNpDmoFLk/xZmP7UDodDAfqM=
Subject key identifier: 36:FF:2A:8F:51:C3:79:FF:66:A1:D3:0C:DB:D3:DD:CD:0F:AA:3B:D5
Authority key identifier: B4:C7:E5:6F:46:87:EA:1B:2D:77:63:D0:88:8D:10:50:23:5B:57:4B
Certificate issuer: /CN=b4c7e56f4687ea1b2d7763d0888d1050235b574b
Certificate serial: 019D386560BF04A217F17C00EB84040A5DB7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tMflb0aH6hstd2PQiI0QUCNbV0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.mft
Manifest number: 1821
Signing time: Sun 29 Mar 2026 07:01:01 +0000
Manifest this update: Sun 29 Mar 2026 07:01:01 +0000
Manifest next update: Mon 30 Mar 2026 07:01:01 +0000
Files and hashes: 1: tMflb0aH6hstd2PQiI0QUCNbV0s.crl (hash: 63T1903d5g6oXJb8SZMasD60JY7+BVVXZteI6uYwNBs=)
2: wFX4ltKD_gZlOj3Qf_Lnn0NhN4U.roa (hash: pjVKRqlOO9z+7mcPGp3goRgbyLNPwv20Ps3g73hf4MM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/tMflb0aH6hstd2PQiI0QUCNbV0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:60:bf:04:a2:17:f1:7c:00:eb:84:04:0a:5d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4c7e56f4687ea1b2d7763d0888d1050235b574b
Validity
Not Before: Mar 29 07:01:01 2026 GMT
Not After : Mar 30 07:01:01 2026 GMT
Subject: CN=36ff2a8f51c379ff66a1d30cdbd3ddcd0faa3bd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:24:0a:91:7f:8b:11:37:4f:c7:0e:bf:4a:65:
ec:ed:91:08:8e:2c:0d:ed:36:12:9f:a2:e9:95:77:
e1:fe:0e:f0:4b:06:a5:cd:4e:23:e1:27:2d:79:af:
0b:c2:3f:18:04:cd:99:a4:05:be:17:cf:94:46:2a:
06:1e:db:d6:05:13:0d:d8:c1:08:fd:a9:6f:a4:66:
b1:3d:0b:ad:77:84:03:c2:e0:0e:8d:f7:9e:41:52:
63:17:6a:10:3e:e6:2c:77:2a:fe:ad:fb:e5:49:30:
d0:2b:c0:4c:af:71:ac:5f:b2:b6:d4:f4:7a:6c:bb:
15:b4:fb:b5:fc:b7:1e:a9:a7:3a:f2:04:0d:2e:2a:
34:f2:e5:0a:21:f8:fe:58:88:0b:7a:35:2b:b9:24:
59:62:c6:0b:a2:b2:3e:e0:ef:7c:1b:af:fb:cb:f6:
e3:7e:5a:96:e8:42:69:6b:28:c9:b1:5d:48:4a:d7:
91:ec:34:dc:30:79:f0:1a:7f:12:93:8e:ff:6e:43:
c1:96:f5:0a:8c:1e:eb:0f:97:c2:4d:60:32:6c:33:
84:43:72:c4:05:1a:8a:04:1d:a4:2b:7e:61:90:1a:
5a:7f:0e:d2:2e:cf:36:0d:19:06:e3:4c:44:a2:89:
72:9b:f8:97:fe:99:5b:07:f4:0b:dc:26:c9:c8:36:
6b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:FF:2A:8F:51:C3:79:FF:66:A1:D3:0C:DB:D3:DD:CD:0F:AA:3B:D5
X509v3 Authority Key Identifier:
keyid:B4:C7:E5:6F:46:87:EA:1B:2D:77:63:D0:88:8D:10:50:23:5B:57:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tMflb0aH6hstd2PQiI0QUCNbV0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:10:9c:d7:3c:1f:28:91:be:0d:a8:51:6b:df:62:d4:7e:4f:
e4:f9:6a:df:21:7a:e9:3e:d8:ac:65:9c:a9:af:86:1a:51:c2:
64:89:df:a6:d1:e8:a1:04:b6:f2:cb:6b:e5:62:8f:85:3d:9c:
24:e4:d5:f4:db:17:2c:3e:04:e6:ba:5a:87:4c:6d:b5:a2:bb:
72:a3:f8:5c:31:25:a3:3d:50:d9:e8:29:58:d3:66:3c:58:9c:
e4:41:07:ac:8a:0e:5a:d2:5c:c7:59:bb:0b:e5:cc:4c:f5:1a:
2a:b3:44:a6:93:52:3c:88:e2:19:ed:33:a8:8c:18:fc:29:05:
59:bf:27:b4:a9:31:22:6d:9e:36:76:07:c5:c5:0b:e8:e7:5c:
37:65:2e:d9:44:9f:4d:14:a0:1c:42:3b:be:f6:7e:6b:3d:2b:
60:3c:c6:72:ab:b4:5f:1c:a4:ea:32:de:87:6f:c6:e6:a6:06:
35:8c:9f:d9:7b:c0:bc:96:5a:75:85:c0:95:7e:72:2a:6e:71:
dc:4e:ff:ee:57:d6:0e:e4:e1:81:d0:65:a5:b5:c5:1a:78:1c:
ba:67:9c:2e:9e:11:25:a5:c4:f8:de:8e:bf:08:02:54:7d:d5:
9c:50:7f:3c:a5:36:a0:f5:06:08:ca:1b:ab:e5:1b:8a:46:f7:
d3:0b:34:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZWC/BKIX8XwA64QECl23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YzdlNTZmNDY4N2VhMWIyZDc3NjNkMDg4OGQxMDUwMjM1
YjU3NGIwHhcNMjYwMzI5MDcwMTAxWhcNMjYwMzMwMDcwMTAxWjAzMTEwLwYDVQQD
EygzNmZmMmE4ZjUxYzM3OWZmNjZhMWQzMGNkYmQzZGRjZDBmYWEzYmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSQKkX+LETdPxw6/SmXs7ZEIjiwN
7TYSn6LplXfh/g7wSwalzU4j4Sctea8Lwj8YBM2ZpAW+F8+URioGHtvWBRMN2MEI
/alvpGaxPQutd4QDwuAOjfeeQVJjF2oQPuYsdyr+rfvlSTDQK8BMr3GsX7K21PR6
bLsVtPu1/Lceqac68gQNLio08uUKIfj+WIgLejUruSRZYsYLorI+4O98G6/7y/bj
flqW6EJpayjJsV1ISteR7DTcMHnwGn8Sk47/bkPBlvUKjB7rD5fCTWAybDOEQ3LE
BRqKBB2kK35hkBpafw7SLs82DRkG40xEoolym/iX/plbB/QL3CbJyDZrRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDb/Ko9Rw3n/ZqHTDNvT3c0PqjvVMB8GA1UdIwQY
MBaAFLTH5W9Gh+obLXdj0IiNEFAjW1dLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE1mbGIwYUg2aHN0ZDJQUWlJMFFVQ05iVjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84NTE5MDItNTA1MC00NmIyLWI0NTIt
MDU5OWYwYjJiMDlhLzEvdE1mbGIwYUg2aHN0ZDJQUWlJMFFVQ05iVjBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84NTE5MDItNTA1MC00NmIyLWI0NTItMDU5OWYwYjJiMDlh
LzEvdE1mbGIwYUg2aHN0ZDJQUWlJMFFVQ05iVjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeBCc1zwf
KJG+DahRa99i1H5P5Plq3yF66T7YrGWcqa+GGlHCZInfptHooQS28str5WKPhT2c
JOTV9NsXLD4E5rpah0xttaK7cqP4XDEloz1Q2egpWNNmPFic5EEHrIoOWtJcx1m7
C+XMTPUaKrNEppNSPIjiGe0zqIwY/CkFWb8ntKkxIm2eNnYHxcUL6OdcN2Uu2USf
TRSgHEI7vvZ+az0rYDzGcqu0Xxyk6jLeh2/G5qYGNYyf2XvAvJZadYXAlX5yKm5x
3E7/7lfWDuThgdBlpbXFGngcumecLp4RJaXE+N6OvwgCVH3VnFB/PKU2oPUGCMob
q+Ubikb30ws0wQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:16:27 2026 by rpki-client