Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/tu1iBVpRkcAuxREulRgaiawGDOs.mft
File: tu1iBVpRkcAuxREulRgaiawGDOs.mft (raw, json)
Hash identifier: i5ZkabTM4J9a8F2GfzQOdu/d8qUJZp2lgRYZW2UHxws=
Subject key identifier: AF:CC:B0:7D:99:7A:3C:75:5D:87:AF:B4:23:F0:9E:7C:5E:04:60:46
Authority key identifier: B6:ED:62:05:5A:51:91:C0:2E:C5:11:2E:95:18:1A:89:AC:06:0C:EB
Certificate issuer: /CN=b6ed62055a5191c02ec5112e95181a89ac060ceb
Certificate serial: 019D382EAEB42D5FFCB7451E7A45F3DC785A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu1iBVpRkcAuxREulRgaiawGDOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/tu1iBVpRkcAuxREulRgaiawGDOs.mft
Manifest number: 0DE9
Signing time: Sun 29 Mar 2026 06:01:16 +0000
Manifest this update: Sun 29 Mar 2026 06:01:16 +0000
Manifest next update: Mon 30 Mar 2026 06:01:16 +0000
Files and hashes: 1: 47fmLu8UcYsmHdmBdck_ql59f5M.roa (hash: ZblBR2/w1rIwhbzwuKN2kKmflX9a5wlTCaHuPYPzgd8=)
2: tu1iBVpRkcAuxREulRgaiawGDOs.crl (hash: QondqCeEJfa5CODL11JT1JZ1r9wkXs01TgJ2EN6fui8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/tu1iBVpRkcAuxREulRgaiawGDOs.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/tu1iBVpRkcAuxREulRgaiawGDOs.mft
rsync://rpki.ripe.net/repository/DEFAULT/tu1iBVpRkcAuxREulRgaiawGDOs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:ae:b4:2d:5f:fc:b7:45:1e:7a:45:f3:dc:78:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6ed62055a5191c02ec5112e95181a89ac060ceb
Validity
Not Before: Mar 29 06:01:16 2026 GMT
Not After : Mar 30 06:01:16 2026 GMT
Subject: CN=afccb07d997a3c755d87afb423f09e7c5e046046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:77:a4:51:d5:23:b8:0f:8b:02:d0:58:fe:ad:
b4:9b:3d:24:8a:1b:d9:fd:5d:aa:f3:b8:b5:f6:59:
03:1f:91:35:56:45:1e:b1:03:59:cf:74:47:24:36:
15:d9:26:6a:63:ae:4d:33:12:9a:09:c2:1e:71:c8:
0d:fe:a5:ce:c2:8d:64:f6:98:68:7e:4e:35:4d:b2:
df:e6:72:83:7e:bb:64:d5:23:de:06:3b:21:86:e1:
55:bf:1c:df:fd:01:8f:a1:4c:1f:81:97:08:f5:a4:
22:cb:37:70:66:fe:fb:c6:4b:22:2c:bb:7a:d1:18:
15:96:44:ab:82:af:5b:d9:b3:53:57:53:50:e9:66:
af:a8:2f:58:b6:1d:7e:2f:0f:c3:47:92:d7:92:0a:
76:37:21:c1:cc:7a:eb:3a:c5:5d:c0:6e:38:05:ee:
d6:cc:05:62:24:15:bb:a6:22:da:b1:5f:37:7e:bf:
83:6c:10:56:8e:f1:7d:aa:e7:95:1f:3c:92:5b:d7:
6b:6c:67:99:0c:28:62:12:8e:bf:52:95:bc:4a:45:
0d:48:b0:7e:eb:df:27:95:c9:49:2c:61:a5:32:a8:
d7:d2:74:a7:c0:aa:91:ea:37:ec:fa:61:a0:a8:07:
67:42:8c:18:91:3a:46:6d:0c:a5:0c:0f:09:29:00:
23:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:CC:B0:7D:99:7A:3C:75:5D:87:AF:B4:23:F0:9E:7C:5E:04:60:46
X509v3 Authority Key Identifier:
keyid:B6:ED:62:05:5A:51:91:C0:2E:C5:11:2E:95:18:1A:89:AC:06:0C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu1iBVpRkcAuxREulRgaiawGDOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/tu1iBVpRkcAuxREulRgaiawGDOs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/tu1iBVpRkcAuxREulRgaiawGDOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:73:38:af:d4:b4:b1:e0:09:14:cf:37:30:24:19:7a:a5:7d:
9a:3a:44:58:65:f5:a4:2b:dc:87:66:68:55:22:43:aa:cd:24:
7f:88:33:29:26:03:64:5e:7a:b5:46:0d:2d:a5:7d:dc:db:3b:
f9:fb:aa:42:7c:93:54:83:83:fe:79:e7:fb:ee:a3:ea:c3:6e:
29:1f:e3:b9:1f:dd:43:b9:72:04:f6:1f:14:76:5c:91:a3:46:
ce:0b:8b:24:fd:a5:6d:43:46:c1:7b:c1:1d:39:ed:cf:6b:62:
e4:da:da:fd:d9:a8:84:c1:0c:30:4c:d6:cb:7d:2f:77:fb:50:
5e:99:b6:d7:7b:02:e4:b9:4c:9b:25:cc:1a:2a:34:a6:e1:fe:
88:e8:81:9e:99:11:78:62:ad:1a:dd:db:b6:32:e0:43:bf:78:
18:db:8f:92:5d:c3:3e:45:64:f0:70:f6:f3:2f:37:d6:35:23:
f3:39:41:6f:cd:c7:ef:50:a0:9a:a4:ac:f0:fc:d7:cc:d5:09:
fa:c0:cd:ab:b1:13:42:a0:3c:e8:51:9a:1e:76:82:a2:b9:17:
ca:b7:6f:f5:aa:fd:3c:99:be:00:09:b3:e5:e0:22:d9:f9:d4:
54:9d:fd:d0:93:c0:40:5b:2e:eb:c0:e8:50:b5:86:20:25:64:
96:0f:ce:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lq60LV/8t0UeekXz3HhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZWQ2MjA1NWE1MTkxYzAyZWM1MTEyZTk1MTgxYTg5YWMw
NjBjZWIwHhcNMjYwMzI5MDYwMTE2WhcNMjYwMzMwMDYwMTE2WjAzMTEwLwYDVQQD
EyhhZmNjYjA3ZDk5N2EzYzc1NWQ4N2FmYjQyM2YwOWU3YzVlMDQ2MDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonekUdUjuA+LAtBY/q20mz0kihvZ
/V2q87i19lkDH5E1VkUesQNZz3RHJDYV2SZqY65NMxKaCcIeccgN/qXOwo1k9pho
fk41TbLf5nKDfrtk1SPeBjshhuFVvxzf/QGPoUwfgZcI9aQiyzdwZv77xksiLLt6
0RgVlkSrgq9b2bNTV1NQ6WavqC9Yth1+Lw/DR5LXkgp2NyHBzHrrOsVdwG44Be7W
zAViJBW7piLasV83fr+DbBBWjvF9queVHzySW9drbGeZDChiEo6/UpW8SkUNSLB+
698nlclJLGGlMqjX0nSnwKqR6jfs+mGgqAdnQowYkTpGbQylDA8JKQAjgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/MsH2Zejx1XYevtCPwnnxeBGBGMB8GA1UdIwQY
MBaAFLbtYgVaUZHALsURLpUYGomsBgzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHUxaUJWcFJrY0F1eFJFdWxSZ2FpYXdHRE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kYzEzYzEtZGU1Ni00NDlmLTljMjkt
YzgxMjY2YjdjNDllLzEvdHUxaUJWcFJrY0F1eFJFdWxSZ2FpYXdHRE9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kYzEzYzEtZGU1Ni00NDlmLTljMjktYzgxMjY2YjdjNDll
LzEvdHUxaUJWcFJrY0F1eFJFdWxSZ2FpYXdHRE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQXM4r9S0
seAJFM83MCQZeqV9mjpEWGX1pCvch2ZoVSJDqs0kf4gzKSYDZF56tUYNLaV93Ns7
+fuqQnyTVIOD/nnn++6j6sNuKR/juR/dQ7lyBPYfFHZckaNGzguLJP2lbUNGwXvB
HTntz2ti5Nra/dmohMEMMEzWy30vd/tQXpm213sC5LlMmyXMGio0puH+iOiBnpkR
eGKtGt3btjLgQ794GNuPkl3DPkVk8HD28y831jUj8zlBb83H71CgmqSs8PzXzNUJ
+sDNq7ETQqA86FGaHnaCorkXyrdv9ar9PJm+AAmz5eAi2fnUVJ390JPAQFsu68Do
ULWGICVklg/OJw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:29:58 2026 by rpki-client