Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.mft
File: Tom7FOgJr_PsljCL2a6GUafndio.mft (raw, json)
Hash identifier: bdWoWbeDJaJ5wWWt5dLxh2eV3jSyns+fdGKnHZrv7J0=
Subject key identifier: 33:72:6E:14:70:F9:7F:B3:44:BE:6A:6B:F1:25:BA:30:82:11:16:05
Authority key identifier: 4E:89:BB:14:E8:09:AF:F3:EC:96:30:8B:D9:AE:86:51:A7:E7:76:2A
Certificate issuer: /CN=4e89bb14e809aff3ec96308bd9ae8651a7e7762a
Certificate serial: 019D389BA61D6412CD2414D3D0814B7CAB1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tom7FOgJr_PsljCL2a6GUafndio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.mft
Manifest number: 188F
Signing time: Sun 29 Mar 2026 08:00:17 +0000
Manifest this update: Sun 29 Mar 2026 08:00:17 +0000
Manifest next update: Mon 30 Mar 2026 08:00:17 +0000
Files and hashes: 1: Tom7FOgJr_PsljCL2a6GUafndio.crl (hash: 8bG0ZYpKK0KJPm5rrvdgKbvC4yzlZD4NcgJ/9mKg750=)
2: ocvm0IdE2g81VMWQHWvGerIOuso.roa (hash: vva88+yWqRlVE96LUlXUKJ3JPb4q0jP0+58DLgtlF9A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tom7FOgJr_PsljCL2a6GUafndio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:a6:1d:64:12:cd:24:14:d3:d0:81:4b:7c:ab:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e89bb14e809aff3ec96308bd9ae8651a7e7762a
Validity
Not Before: Mar 29 08:00:17 2026 GMT
Not After : Mar 30 08:00:17 2026 GMT
Subject: CN=33726e1470f97fb344be6a6bf125ba3082111605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:98:85:c9:9d:ff:dd:fe:20:d4:61:89:c0:16:
9f:5a:27:7d:c8:37:e3:3c:59:af:fe:93:f3:d3:63:
a6:06:53:10:f6:dc:11:c9:bc:8e:10:4d:5e:53:40:
70:57:7b:e2:cd:bb:e5:14:ee:f7:58:ee:87:89:6b:
3c:1d:48:ff:6a:02:c8:cb:20:6e:be:1a:de:60:10:
29:d9:07:c0:6a:8f:72:41:3b:5a:60:25:0c:48:bc:
9a:40:2e:d5:4c:48:54:f1:fd:6f:cd:ec:ed:d9:23:
1d:30:33:32:55:6d:d5:81:31:04:92:b3:0d:69:bc:
0d:5d:e2:b6:e5:f2:1c:8d:cc:f2:83:30:5e:91:ab:
39:41:78:d2:5d:89:fc:13:b3:86:48:81:66:62:d6:
9f:e5:a3:18:be:04:dd:9b:32:be:bd:4f:1f:75:9b:
24:8e:36:a2:f0:68:fd:09:16:5b:6a:76:f3:d3:5d:
df:be:91:98:86:de:0f:f5:67:e8:69:63:b0:5e:0a:
e7:d2:1e:0c:9b:72:c9:36:77:30:1c:ed:77:da:e4:
86:df:bf:38:33:95:0c:f4:06:f2:b9:d4:5c:26:dc:
2f:b9:25:db:6f:01:df:2a:fb:f2:d9:9e:33:65:2c:
fe:e9:70:24:c0:1e:37:1a:34:24:de:4c:fb:fc:f6:
40:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:72:6E:14:70:F9:7F:B3:44:BE:6A:6B:F1:25:BA:30:82:11:16:05
X509v3 Authority Key Identifier:
keyid:4E:89:BB:14:E8:09:AF:F3:EC:96:30:8B:D9:AE:86:51:A7:E7:76:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tom7FOgJr_PsljCL2a6GUafndio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:dc:3e:0b:cb:a5:d1:00:d6:e3:e8:b0:2f:c2:42:9d:0d:14:
7f:af:3a:f5:f8:6f:c3:07:d7:d7:04:d0:7a:a8:cf:9c:a5:2f:
61:22:03:b1:21:7d:ad:b6:93:bd:06:8c:9b:1f:e7:26:bf:9e:
05:2d:35:78:63:48:f9:b3:25:c0:f0:c6:5c:66:47:5d:cd:66:
a1:d0:32:6c:0d:b6:53:c2:d7:25:f5:9e:97:72:41:a8:f0:22:
6a:e1:58:60:b4:6d:99:43:b2:8f:0d:9b:aa:27:63:d3:16:c5:
35:a6:c6:b2:3f:aa:4a:70:e1:5d:36:68:62:d9:68:0c:81:01:
4c:82:ac:d6:09:43:10:aa:1c:31:59:78:3f:74:fe:3c:21:f3:
d8:df:06:bf:9f:2b:77:c1:42:51:62:0c:69:f8:87:88:11:a9:
98:69:d7:9e:49:70:e3:5f:27:7c:79:84:97:c9:27:24:60:e2:
8a:0d:aa:fc:f8:91:93:60:f0:1d:97:cb:1e:be:99:e4:7d:da:
cb:e2:48:a5:a0:17:e3:c0:5c:7a:e1:ac:1f:ed:a5:c0:3b:da:
de:85:d7:9b:6d:0b:36:a8:17:cf:ae:64:41:b2:4f:e0:e7:b3:
5e:16:39:12:67:5c:04:24:0e:f7:14:37:96:39:cb:66:42:15:
26:13:11:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m6YdZBLNJBTT0IFLfKseMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlODliYjE0ZTgwOWFmZjNlYzk2MzA4YmQ5YWU4NjUxYTdl
Nzc2MmEwHhcNMjYwMzI5MDgwMDE3WhcNMjYwMzMwMDgwMDE3WjAzMTEwLwYDVQQD
EygzMzcyNmUxNDcwZjk3ZmIzNDRiZTZhNmJmMTI1YmEzMDgyMTExNjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JiFyZ3/3f4g1GGJwBafWid9yDfj
PFmv/pPz02OmBlMQ9twRybyOEE1eU0BwV3vizbvlFO73WO6HiWs8HUj/agLIyyBu
vhreYBAp2QfAao9yQTtaYCUMSLyaQC7VTEhU8f1vzezt2SMdMDMyVW3VgTEEkrMN
abwNXeK25fIcjczygzBekas5QXjSXYn8E7OGSIFmYtaf5aMYvgTdmzK+vU8fdZsk
jjai8Gj9CRZbanbz013fvpGYht4P9WfoaWOwXgrn0h4Mm3LJNncwHO132uSG3784
M5UM9AbyudRcJtwvuSXbbwHfKvvy2Z4zZSz+6XAkwB43GjQk3kz7/PZABwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNybhRw+X+zRL5qa/ElujCCERYFMB8GA1UdIwQY
MBaAFE6JuxToCa/z7JYwi9muhlGn53YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG9tN0ZPZ0pyX1BzbGpDTDJhNkdVYWZuZGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hZTNjYzgtY2U3NC00ZDU3LTgxOWEt
OWZhMDJjYzI0OGU1LzEvVG9tN0ZPZ0pyX1BzbGpDTDJhNkdVYWZuZGlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hZTNjYzgtY2U3NC00ZDU3LTgxOWEtOWZhMDJjYzI0OGU1
LzEvVG9tN0ZPZ0pyX1BzbGpDTDJhNkdVYWZuZGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc9w+C8ul
0QDW4+iwL8JCnQ0Uf6869fhvwwfX1wTQeqjPnKUvYSIDsSF9rbaTvQaMmx/nJr+e
BS01eGNI+bMlwPDGXGZHXc1modAybA22U8LXJfWel3JBqPAiauFYYLRtmUOyjw2b
qidj0xbFNabGsj+qSnDhXTZoYtloDIEBTIKs1glDEKocMVl4P3T+PCHz2N8Gv58r
d8FCUWIMafiHiBGpmGnXnklw418nfHmEl8knJGDiig2q/PiRk2DwHZfLHr6Z5H3a
y+JIpaAX48BceuGsH+2lwDva3oXXm20LNqgXz65kQbJP4OezXhY5EmdcBCQO9xQ3
ljnLZkIVJhMRfw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:47:50 2026 by rpki-client