Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft
File: tU3fbwMzHNdzx-ersVQpuo0gvXg.mft (raw, json)
Hash identifier: bCSuYQLlF7axXH5CDmjOWWnglC2VpnFJBUMCK5d1VxA=
Subject key identifier: 2A:2E:D6:84:C9:F2:B7:B3:91:60:AC:56:C2:6C:78:3F:78:92:5B:D2
Authority key identifier: B5:4D:DF:6F:03:33:1C:D7:73:C7:E7:AB:B1:54:29:BA:8D:20:BD:78
Certificate issuer: /CN=b54ddf6f03331cd773c7e7abb15429ba8d20bd78
Certificate serial: 019D37F7521F7DDC978C179A072A3C591A15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft
Manifest number: 09D2
Signing time: Sun 29 Mar 2026 05:00:48 +0000
Manifest this update: Sun 29 Mar 2026 05:00:48 +0000
Manifest next update: Mon 30 Mar 2026 05:00:48 +0000
Files and hashes: 1: n3LXa0-xioBb1QsCYTVot6eV2ZE.roa (hash: n4raPKw8IwbnWXJNFwCqDhVOg3Y+1y9CxDz8k7+MVtI=)
2: tU3fbwMzHNdzx-ersVQpuo0gvXg.crl (hash: Hd2lqRwmRS1b0GKzpMfEF6AXGOa9+QcDtTo7qDlFOiY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft
rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:52:1f:7d:dc:97:8c:17:9a:07:2a:3c:59:1a:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b54ddf6f03331cd773c7e7abb15429ba8d20bd78
Validity
Not Before: Mar 29 05:00:48 2026 GMT
Not After : Mar 30 05:00:48 2026 GMT
Subject: CN=2a2ed684c9f2b7b39160ac56c26c783f78925bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b9:23:85:13:a9:9a:17:2e:c1:43:63:63:8a:
eb:e1:b0:b0:e3:4e:00:10:37:3b:11:b8:4d:e8:f5:
94:c2:79:e3:9d:70:0b:4b:4a:81:cb:bb:22:fa:05:
b7:16:26:f4:00:96:79:01:d9:c8:19:48:ec:f3:1a:
03:28:39:0b:3e:52:50:2f:5c:a1:e2:1d:b7:fb:c3:
72:5e:6a:b2:3b:9f:f5:23:99:82:06:f8:2d:38:3e:
b1:83:ce:5e:86:2d:81:c0:23:c6:19:e3:dd:54:eb:
19:87:3b:e1:7d:f3:aa:4e:4c:62:a2:26:4f:b7:7b:
bc:d1:36:03:ac:9f:fa:c0:95:d7:28:98:48:35:31:
15:29:d8:4d:6e:33:54:39:97:83:ac:70:b0:21:98:
03:7c:6f:35:98:8d:4a:5d:9f:7b:88:92:fc:21:b1:
3a:81:a9:6f:1d:11:08:e7:5d:be:22:a4:1c:33:67:
59:59:4e:d1:94:0c:b6:e0:ee:9d:0d:4e:ae:03:bd:
78:6f:5a:9d:07:9d:65:13:41:d9:dc:0b:b7:c2:5f:
e6:cc:71:a6:91:71:ff:a7:c0:46:ed:b3:f1:33:86:
d8:59:79:ce:9b:c3:8a:16:ae:75:37:5a:51:64:c9:
00:94:2c:71:e8:80:b2:87:4b:9d:ba:0d:7d:61:d5:
fa:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2E:D6:84:C9:F2:B7:B3:91:60:AC:56:C2:6C:78:3F:78:92:5B:D2
X509v3 Authority Key Identifier:
keyid:B5:4D:DF:6F:03:33:1C:D7:73:C7:E7:AB:B1:54:29:BA:8D:20:BD:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:bf:30:ec:73:41:54:b9:ce:35:99:6b:0b:70:08:52:6b:1e:
d7:71:e0:c3:00:7f:c2:6c:7e:c6:36:f0:b5:c5:3a:46:1c:c1:
47:af:22:95:f1:76:1c:8b:1b:38:17:d5:2d:8e:61:b3:a1:d5:
90:76:38:0f:28:29:b5:0a:d7:fa:b3:9a:41:dd:dd:72:50:15:
df:90:fa:48:71:b0:f7:20:46:5f:91:c4:cd:b2:92:fe:66:dd:
1e:d3:6a:5d:9a:d9:c1:b4:52:e3:16:a7:bc:d7:94:ca:34:ef:
10:76:21:fd:a9:a4:18:01:de:6c:23:e3:dd:c8:39:6e:3e:f9:
40:cb:4e:5f:c7:78:20:bf:c2:c9:de:25:d2:52:05:eb:cb:46:
89:02:f9:b5:10:d7:16:c2:34:d1:65:45:b9:18:42:92:57:3e:
c8:af:d3:13:2e:16:b1:e8:88:ee:13:da:a7:63:21:11:0b:b7:
38:46:87:39:a2:ae:47:81:e2:04:87:20:4c:14:ff:de:8a:82:
28:b0:a7:d9:d3:85:63:cd:38:9b:ce:a8:a8:f2:7b:df:22:9b:
6f:7d:07:54:f0:ba:8a:1f:8b:ae:e1:57:36:ea:3b:59:f9:8e:
e8:f0:a6:1e:49:cf:63:87:e8:e4:ad:f1:42:88:ac:b6:20:5d:
cd:14:68:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0391IffdyXjBeaByo8WRoVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NGRkZjZmMDMzMzFjZDc3M2M3ZTdhYmIxNTQyOWJhOGQy
MGJkNzgwHhcNMjYwMzI5MDUwMDQ4WhcNMjYwMzMwMDUwMDQ4WjAzMTEwLwYDVQQD
EygyYTJlZDY4NGM5ZjJiN2IzOTE2MGFjNTZjMjZjNzgzZjc4OTI1YmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7kjhROpmhcuwUNjY4rr4bCw404A
EDc7EbhN6PWUwnnjnXALS0qBy7si+gW3Fib0AJZ5AdnIGUjs8xoDKDkLPlJQL1yh
4h23+8NyXmqyO5/1I5mCBvgtOD6xg85ehi2BwCPGGePdVOsZhzvhffOqTkxioiZP
t3u80TYDrJ/6wJXXKJhINTEVKdhNbjNUOZeDrHCwIZgDfG81mI1KXZ97iJL8IbE6
galvHREI512+IqQcM2dZWU7RlAy24O6dDU6uA714b1qdB51lE0HZ3Au3wl/mzHGm
kXH/p8BG7bPxM4bYWXnOm8OKFq51N1pRZMkAlCxx6ICyh0udug19YdX6qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCou1oTJ8rezkWCsVsJseD94klvSMB8GA1UdIwQY
MBaAFLVN328DMxzXc8fnq7FUKbqNIL14MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82NWJjZmYtYmEwMS00OThjLWI1NGQt
ODQwMjZiYzg1MmYwLzEvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82NWJjZmYtYmEwMS00OThjLWI1NGQtODQwMjZiYzg1MmYw
LzEvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeL8w7HNB
VLnONZlrC3AIUmse13HgwwB/wmx+xjbwtcU6RhzBR68ilfF2HIsbOBfVLY5hs6HV
kHY4DygptQrX+rOaQd3dclAV35D6SHGw9yBGX5HEzbKS/mbdHtNqXZrZwbRS4xan
vNeUyjTvEHYh/amkGAHebCPj3cg5bj75QMtOX8d4IL/Cyd4l0lIF68tGiQL5tRDX
FsI00WVFuRhCklc+yK/TEy4WseiI7hPap2MhEQu3OEaHOaKuR4HiBIcgTBT/3oqC
KLCn2dOFY804m86oqPJ73yKbb30HVPC6ih+LruFXNuo7WfmO6PCmHknPY4fo5K3x
QoistiBdzRRoZQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:56:14 2026 by rpki-client