Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft
File: TyKDTEeXR7CovQphKfn-ZfgwJtA.mft (raw, json)
Hash identifier: ZZl8PTcS3h+J9Y2jqTr3MKoWO3SkHeyxW9DDw41JkUA=
Subject key identifier: B7:32:C2:D5:E6:04:62:54:D3:5F:D3:1A:09:45:39:13:94:86:56:BD
Authority key identifier: 4F:22:83:4C:47:97:47:B0:A8:BD:0A:61:29:F9:FE:65:F8:30:26:D0
Certificate issuer: /CN=4f22834c479747b0a8bd0a6129f9fe65f83026d0
Certificate serial: 019D382DD5C4865DD0709BC9BA113A6712DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft
Manifest number: 067A
Signing time: Sun 29 Mar 2026 06:00:20 +0000
Manifest this update: Sun 29 Mar 2026 06:00:20 +0000
Manifest next update: Mon 30 Mar 2026 06:00:20 +0000
Files and hashes: 1: 1-cEaaO_Ysid8Br5DRVo96OE6Rw0.roa (hash: fjeWtz//51nB13NzQwtc912b3agAHVfHErKRO/L6d0o=)
2: TyKDTEeXR7CovQphKfn-ZfgwJtA.crl (hash: 6ZJPkBiY2FJ53UVmCDmHeXMfVrKCcPw1k2fcwqnE+YY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft
rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:d5:c4:86:5d:d0:70:9b:c9:ba:11:3a:67:12:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f22834c479747b0a8bd0a6129f9fe65f83026d0
Validity
Not Before: Mar 29 06:00:20 2026 GMT
Not After : Mar 30 06:00:20 2026 GMT
Subject: CN=b732c2d5e6046254d35fd31a09453913948656bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bd:06:06:af:fe:2d:51:5a:9e:fd:00:08:fa:
5b:88:82:eb:0c:b3:6b:6c:c0:0f:a0:75:97:b3:8e:
22:65:e6:f3:9b:03:24:d3:ca:25:b5:06:e9:f8:c1:
a2:12:a4:d6:7a:1b:9b:a5:26:b0:c3:e8:ce:35:47:
98:13:03:1c:40:7a:3e:62:b8:60:c5:f4:81:0c:52:
04:a9:78:d4:40:f7:2f:67:7c:37:85:3e:95:b7:3f:
4e:af:20:8d:e0:27:7d:92:0b:da:79:aa:6f:9d:5b:
fc:85:85:c1:86:44:f5:e3:f9:f1:22:9c:f8:45:f7:
df:d7:42:0b:ca:f8:7a:a2:8c:d0:4a:72:4f:03:9d:
c9:aa:b6:7b:13:c8:32:a1:fa:42:41:fe:b0:81:93:
e6:20:2b:06:12:df:2a:a7:a0:ab:ad:77:6b:e9:19:
e3:13:b9:58:8e:8e:fa:13:5e:cf:b2:6b:1d:b0:1c:
65:1b:b4:98:a2:46:9d:3d:25:7c:1d:c2:14:01:06:
47:81:24:7b:5f:02:3f:a4:4f:76:4f:fb:8f:5f:13:
70:52:8b:78:ba:a3:63:5d:f0:b5:d0:fd:27:cc:4d:
97:98:c6:f8:1e:de:7d:d9:ce:ec:c6:9c:53:4a:27:
53:7f:b2:9c:0a:91:76:28:1f:48:23:59:06:bf:0f:
c6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:32:C2:D5:E6:04:62:54:D3:5F:D3:1A:09:45:39:13:94:86:56:BD
X509v3 Authority Key Identifier:
keyid:4F:22:83:4C:47:97:47:B0:A8:BD:0A:61:29:F9:FE:65:F8:30:26:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:a3:4e:2b:4f:12:d2:b7:64:b1:ad:dd:43:b4:95:5a:c0:52:
d8:6f:02:1d:a6:98:0c:9f:b4:18:05:12:b8:f5:9b:49:91:be:
15:49:33:e0:3b:40:dc:8a:b4:e2:8f:7e:c4:56:9b:10:d6:f2:
9a:c3:25:ee:01:33:d0:13:b5:93:31:dc:bb:84:ac:8e:aa:31:
1a:38:ee:07:d2:86:78:50:78:8e:02:d7:c2:7b:57:3c:d5:60:
0f:d0:53:d1:b3:0d:63:33:fe:6b:4b:a5:74:d0:88:7d:cb:51:
f0:87:73:c7:08:a7:df:04:c0:f2:c0:88:68:77:b3:20:4f:22:
0c:46:57:1c:0a:26:56:bb:f1:53:9c:39:39:6b:d5:b2:96:b3:
d3:4c:38:fa:64:58:b9:2c:d3:d0:fa:66:a8:de:c8:84:df:95:
fb:19:eb:a5:56:e0:49:01:b3:0c:be:f8:cd:a6:5b:dc:e4:1a:
ad:34:c5:70:11:03:72:da:e2:3b:b5:27:9c:bc:6a:1e:3f:80:
63:4f:23:4c:e7:01:41:cb:a7:ff:84:bc:3a:62:fd:8f:51:86:
e9:39:18:5e:31:08:f5:26:32:2b:d0:3a:34:68:da:09:dd:10:
5f:b2:da:4b:9a:11:95:98:f6:11:56:bf:8d:69:82:42:ed:fd:
6a:eb:07:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LdXEhl3QcJvJuhE6ZxLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMjI4MzRjNDc5NzQ3YjBhOGJkMGE2MTI5ZjlmZTY1Zjgz
MDI2ZDAwHhcNMjYwMzI5MDYwMDIwWhcNMjYwMzMwMDYwMDIwWjAzMTEwLwYDVQQD
EyhiNzMyYzJkNWU2MDQ2MjU0ZDM1ZmQzMWEwOTQ1MzkxMzk0ODY1NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb0GBq/+LVFanv0ACPpbiILrDLNr
bMAPoHWXs44iZebzmwMk08oltQbp+MGiEqTWehubpSaww+jONUeYEwMcQHo+Yrhg
xfSBDFIEqXjUQPcvZ3w3hT6Vtz9OryCN4Cd9kgvaeapvnVv8hYXBhkT14/nxIpz4
Rfff10ILyvh6oozQSnJPA53JqrZ7E8gyofpCQf6wgZPmICsGEt8qp6CrrXdr6Rnj
E7lYjo76E17PsmsdsBxlG7SYokadPSV8HcIUAQZHgSR7XwI/pE92T/uPXxNwUot4
uqNjXfC10P0nzE2XmMb4Ht592c7sxpxTSidTf7KcCpF2KB9II1kGvw/GbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLcywtXmBGJU01/TGglFOROUhla9MB8GA1UdIwQY
MBaAFE8ig0xHl0ewqL0KYSn5/mX4MCbQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iOWEwNTAtNzcyNi00ZWI1LWI0MDMt
N2JmNzI0MDU2MTUzLzEvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9iOWEwNTAtNzcyNi00ZWI1LWI0MDMtN2JmNzI0MDU2MTUz
LzEvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgaNOK08S
0rdksa3dQ7SVWsBS2G8CHaaYDJ+0GAUSuPWbSZG+FUkz4DtA3Iq04o9+xFabENby
msMl7gEz0BO1kzHcu4SsjqoxGjjuB9KGeFB4jgLXwntXPNVgD9BT0bMNYzP+a0ul
dNCIfctR8Idzxwin3wTA8sCIaHezIE8iDEZXHAomVrvxU5w5OWvVspaz00w4+mRY
uSzT0PpmqN7IhN+V+xnrpVbgSQGzDL74zaZb3OQarTTFcBEDctriO7UnnLxqHj+A
Y08jTOcBQcun/4S8OmL9j1GG6TkYXjEI9SYyK9A6NGjaCd0QX7LaS5oRlZj2EVa/
jWmCQu39ausHfA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:56:51 2026 by rpki-client