Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/1-tfhSiYlYBkcZldpmOnGm4nDwTY.mft
File: 1-tfhSiYlYBkcZldpmOnGm4nDwTY.mft (raw, json)
Hash identifier: CLcjv0t/EYz3JKFhcaagFdhOI6r7mLz7jgK6a0uiVGo=
Subject key identifier: 8D:97:8A:9E:BC:E2:D4:35:78:AB:5D:AA:E5:68:E6:3F:8F:9F:9C:9E
Authority key identifier: FA:D7:E1:4A:26:25:60:19:1C:66:57:69:98:E9:C6:9B:89:C3:C1:36
Certificate issuer: /CN=fad7e14a262560191c66576998e9c69b89c3c136
Certificate serial: 019D389BF6016CE6418C6930DC4AE5E40EA4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tfhSiYlYBkcZldpmOnGm4nDwTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/1-tfhSiYlYBkcZldpmOnGm4nDwTY.mft
Manifest number: 0D1F
Signing time: Sun 29 Mar 2026 08:00:38 +0000
Manifest this update: Sun 29 Mar 2026 08:00:38 +0000
Manifest next update: Mon 30 Mar 2026 08:00:38 +0000
Files and hashes: 1: 1-tfhSiYlYBkcZldpmOnGm4nDwTY.crl (hash: fPIu+fZmLuaL6E3dgHUyfruc66vUHlBZxzOxEBWU6Cs=)
2: bocz5SG9Zj4HkXUBKia2cUoBHTI.roa (hash: kxCpDn7CCZ/6SqGTk6+uT7aXJeJIuhuC431y0OFAOkk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/1-tfhSiYlYBkcZldpmOnGm4nDwTY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/1-tfhSiYlYBkcZldpmOnGm4nDwTY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-tfhSiYlYBkcZldpmOnGm4nDwTY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:f6:01:6c:e6:41:8c:69:30:dc:4a:e5:e4:0e:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7e14a262560191c66576998e9c69b89c3c136
Validity
Not Before: Mar 29 08:00:38 2026 GMT
Not After : Mar 30 08:00:38 2026 GMT
Subject: CN=8d978a9ebce2d43578ab5daae568e63f8f9f9c9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f0:a7:bf:42:61:34:aa:2a:f4:40:59:66:3c:
cd:40:bd:e3:1a:f4:66:3f:e9:71:34:c1:27:e2:58:
28:e1:92:68:93:0a:b9:33:80:65:fd:c2:cf:78:d4:
4d:c5:06:e0:29:09:fb:69:61:d5:79:b0:43:94:f3:
ec:25:50:a2:b1:79:ab:79:50:22:38:e7:31:bf:d9:
87:57:b7:7d:aa:f3:5e:82:4a:1a:09:5e:3e:0e:39:
50:f5:d6:12:eb:49:d5:4b:53:44:9e:b2:f9:63:66:
85:c9:18:31:29:2b:ee:2c:f0:e2:0a:62:43:92:cb:
ac:2e:86:a7:ea:37:11:3a:3f:bc:d2:e6:62:30:aa:
a9:a7:bd:c5:c9:34:74:d7:41:8a:b1:d7:90:28:d6:
b5:c1:a2:31:11:4f:69:a4:01:22:f7:fb:1f:03:36:
04:3c:23:48:be:0f:f0:aa:1f:4b:ca:0c:a8:f7:05:
6a:58:47:65:f5:40:ad:da:c2:7c:83:08:b2:ec:0b:
22:9f:55:d3:c6:dd:7c:92:af:3f:e9:04:66:bb:6f:
67:3f:b3:bb:0d:77:75:63:fa:2c:f9:61:9d:2b:c3:
99:36:59:be:d1:fa:8d:8a:98:90:55:6e:e0:92:bf:
b7:b8:35:72:f5:12:5e:5f:d2:07:51:66:6c:1c:90:
99:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:97:8A:9E:BC:E2:D4:35:78:AB:5D:AA:E5:68:E6:3F:8F:9F:9C:9E
X509v3 Authority Key Identifier:
keyid:FA:D7:E1:4A:26:25:60:19:1C:66:57:69:98:E9:C6:9B:89:C3:C1:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tfhSiYlYBkcZldpmOnGm4nDwTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/1-tfhSiYlYBkcZldpmOnGm4nDwTY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/1-tfhSiYlYBkcZldpmOnGm4nDwTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:82:13:75:11:e6:4c:a2:85:6f:c5:3a:44:e4:44:3b:f3:27:
6e:8c:6c:a8:94:80:ea:f4:1a:4f:00:a7:bb:ae:ce:c8:39:7e:
67:75:82:93:ca:8f:90:b2:8c:23:4e:ed:25:81:3b:2a:06:2a:
c7:b5:d1:3b:7d:39:10:0d:cb:ed:07:64:65:d5:60:33:7d:1d:
20:79:a1:71:15:a6:1a:b6:d8:60:31:6d:51:07:57:24:6a:bc:
0a:dd:ba:e5:89:65:2d:c8:8c:d3:81:6e:e2:54:58:c9:77:03:
64:cb:c6:74:68:cb:e9:e9:7d:e3:39:7b:b5:4e:b8:82:12:dc:
e3:7f:75:e9:da:67:2d:17:94:87:54:44:bd:ec:03:12:c6:df:
2c:91:5d:4b:ff:1c:d5:22:5e:e0:28:d3:bd:e2:3d:75:0b:04:
f2:09:db:3b:a4:6d:31:8d:09:14:6d:ea:9e:1e:13:cb:ae:ec:
f2:98:49:80:19:69:fc:cd:83:fa:b1:a6:ea:0d:fd:f2:d7:bb:
e2:94:83:1a:7f:f8:c4:84:1d:9a:06:60:d6:60:5b:cc:49:04:
29:ef:62:c1:8c:9a:6c:f0:db:bb:d7:18:c1:6d:14:85:a8:22:
a7:29:b2:15:9b:32:bb:fb:93:3d:4f:ea:23:fd:d6:10:8a:e3:
21:42:a7:3e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ04m/YBbOZBjGkw3Erl5A6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDdlMTRhMjYyNTYwMTkxYzY2NTc2OTk4ZTljNjliODlj
M2MxMzYwHhcNMjYwMzI5MDgwMDM4WhcNMjYwMzMwMDgwMDM4WjAzMTEwLwYDVQQD
Eyg4ZDk3OGE5ZWJjZTJkNDM1NzhhYjVkYWFlNTY4ZTYzZjhmOWY5YzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/Cnv0JhNKoq9EBZZjzNQL3jGvRm
P+lxNMEn4lgo4ZJokwq5M4Bl/cLPeNRNxQbgKQn7aWHVebBDlPPsJVCisXmreVAi
OOcxv9mHV7d9qvNegkoaCV4+DjlQ9dYS60nVS1NEnrL5Y2aFyRgxKSvuLPDiCmJD
ksusLoan6jcROj+80uZiMKqpp73FyTR010GKsdeQKNa1waIxEU9ppAEi9/sfAzYE
PCNIvg/wqh9Lygyo9wVqWEdl9UCt2sJ8gwiy7Asin1XTxt18kq8/6QRmu29nP7O7
DXd1Y/os+WGdK8OZNlm+0fqNipiQVW7gkr+3uDVy9RJeX9IHUWZsHJCZ5QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFI2Xip684tQ1eKtdquVo5j+Pn5yeMB8GA1UdIwQY
MBaAFPrX4UomJWAZHGZXaZjpxpuJw8E2MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10ZmhTaVlsWUJrY1psZHBtT25HbTRuRHdUWS5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEvZTY2NTZiLTgwYzgtNDM1ZS1iYzFk
LWQ2ZTcxNTUyM2YzOS8xLzEtdGZoU2lZbFlCa2NabGRwbU9uR200bkR3VFkubWZ0
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxULzlhL2U2NjU2Yi04MGM4LTQzNWUtYmMxZC1kNmU3MTU1MjNm
MzkvMS8xLXRmaFNpWWxZQmtjWmxkcG1PbkdtNG5Ed1RZLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABoIT
dRHmTKKFb8U6ROREO/MnboxsqJSA6vQaTwCnu67OyDl+Z3WCk8qPkLKMI07tJYE7
KgYqx7XRO305EA3L7QdkZdVgM30dIHmhcRWmGrbYYDFtUQdXJGq8Ct265YllLciM
04Fu4lRYyXcDZMvGdGjL6el94zl7tU64ghLc43916dpnLReUh1REvewDEsbfLJFd
S/8c1SJe4CjTveI9dQsE8gnbO6RtMY0JFG3qnh4Ty67s8phJgBlp/M2D+rGm6g39
8te74pSDGn/4xIQdmgZg1mBbzEkEKe9iwYyabPDbu9cYwW0UhagipymyFZsyu/uT
PU/qI/3WEIrjIUKnPg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:48:58 2026 by rpki-client