Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
File: _tdzOdk4vvCHWZKTwgGzufgiNiM.mft (raw, json)
Hash identifier: YUWLCPprVMAAREOauGozpreRzc6yCMddiwqMA0Q/1Y0=
Subject key identifier: 0C:F5:1E:56:32:89:D5:22:A3:57:3F:B4:87:E6:48:D4:3E:B8:EC:1C
Authority key identifier: FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23
Certificate issuer: /CN=fed77339d938bef087599293c201b3b9f8223623
Certificate serial: 019D389BF3C938632A964CFB381F6D788ABE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
Manifest number: 1821
Signing time: Sun 29 Mar 2026 08:00:37 +0000
Manifest this update: Sun 29 Mar 2026 08:00:37 +0000
Manifest next update: Mon 30 Mar 2026 08:00:37 +0000
Files and hashes: 1: _tdzOdk4vvCHWZKTwgGzufgiNiM.crl (hash: DLXZ1XSiQuhm9W2oxtKBRZNS9FJENpD0glMufRX9DCw=)
2: dVMqcvXursPYfDYSCDAE4DhRFlc.roa (hash: Yq3X9779TMJZn56pp7FdF+bqg71vRgvQymxrtb6IBFY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:f3:c9:38:63:2a:96:4c:fb:38:1f:6d:78:8a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fed77339d938bef087599293c201b3b9f8223623
Validity
Not Before: Mar 29 08:00:37 2026 GMT
Not After : Mar 30 08:00:37 2026 GMT
Subject: CN=0cf51e563289d522a3573fb487e648d43eb8ec1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b7:fe:2b:2c:2b:74:de:31:ee:de:3e:1c:cd:
25:cb:7d:46:ce:79:3e:d4:3a:5d:61:47:3b:9d:69:
cc:53:81:aa:57:cb:25:66:d9:af:ca:13:14:91:d7:
81:09:a6:f4:74:2d:3c:73:18:29:76:66:24:71:54:
b7:e4:03:82:f6:b1:fe:b1:08:91:a6:d8:9c:e3:b8:
ac:d9:0a:f5:16:ae:ff:b4:b6:52:59:2f:92:8d:20:
2a:e0:a7:d0:cf:5d:0c:4a:e8:b0:df:36:e2:d7:b9:
bf:fb:33:78:4b:70:ab:04:2e:83:b8:6b:93:df:8c:
16:c2:e0:00:b6:d6:66:a7:0b:c1:47:be:e2:d4:7a:
68:7e:c8:bb:7d:b2:b4:ca:2a:aa:da:28:4f:aa:8e:
f8:d4:23:07:4e:16:c9:5d:4c:f9:88:10:bb:bd:8c:
45:1c:8e:5b:86:5c:fc:fc:47:88:7f:a3:72:70:60:
1d:2f:51:f4:cb:bc:eb:a6:a1:45:85:1e:da:70:10:
43:99:25:72:f1:d5:8a:77:69:87:b0:41:b7:e4:8d:
4f:65:fe:24:bd:f1:12:5e:56:c2:09:b1:75:5e:06:
cc:7d:05:63:82:ac:44:5b:c8:db:24:04:a1:be:6a:
b3:28:74:1a:27:95:5e:ec:d7:84:2d:57:8b:27:b7:
95:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F5:1E:56:32:89:D5:22:A3:57:3F:B4:87:E6:48:D4:3E:B8:EC:1C
X509v3 Authority Key Identifier:
keyid:FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:5a:9a:09:c1:d1:1a:c4:3e:20:94:92:1b:3b:3e:34:98:62:
7d:c9:62:e2:96:3d:e8:8f:36:d6:38:bb:f5:1c:9e:ba:ae:cd:
0d:b6:d6:d3:a9:8c:8c:7a:3b:d7:4e:b0:c2:81:93:36:1b:96:
00:e0:4c:88:ef:c1:0c:03:d9:79:c7:0e:ef:dc:ab:63:a4:b8:
bc:84:20:6b:5d:2f:59:9b:30:87:b9:dc:60:46:03:65:a4:09:
d9:38:a6:f3:fa:09:ee:ad:13:7f:3d:d9:11:cd:48:e8:f0:11:
fb:59:43:4b:b0:5f:51:51:c3:a2:22:7a:bc:f4:53:4d:cb:52:
dc:ac:b0:e4:d6:56:63:76:9c:a6:a4:11:14:e2:56:15:ad:55:
b1:dc:bc:63:f7:09:ae:a4:38:e1:60:1e:ff:20:ea:87:6a:5d:
b6:3f:d9:36:55:05:12:eb:37:ff:be:da:fe:de:ac:e5:4c:fb:
2a:7c:10:3f:cd:3f:58:e8:d6:37:e7:cb:11:e2:29:9e:77:e1:
3a:61:90:16:ab:96:41:b5:cf:61:df:98:ee:09:16:b1:2d:c4:
60:2f:0c:58:66:fb:6e:bc:56:b4:b3:65:fb:28:e1:08:26:ec:
1e:d4:9b:ff:b9:5b:71:96:f1:b5:10:5c:d5:bb:93:d7:6a:c3:
3a:a9:95:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m/PJOGMqlkz7OB9teIq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDc3MzM5ZDkzOGJlZjA4NzU5OTI5M2MyMDFiM2I5Zjgy
MjM2MjMwHhcNMjYwMzI5MDgwMDM3WhcNMjYwMzMwMDgwMDM3WjAzMTEwLwYDVQQD
EygwY2Y1MWU1NjMyODlkNTIyYTM1NzNmYjQ4N2U2NDhkNDNlYjhlYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37f+KywrdN4x7t4+HM0ly31Gznk+
1DpdYUc7nWnMU4GqV8slZtmvyhMUkdeBCab0dC08cxgpdmYkcVS35AOC9rH+sQiR
ptic47is2Qr1Fq7/tLZSWS+SjSAq4KfQz10MSuiw3zbi17m/+zN4S3CrBC6DuGuT
34wWwuAAttZmpwvBR77i1Hpofsi7fbK0yiqq2ihPqo741CMHThbJXUz5iBC7vYxF
HI5bhlz8/EeIf6NycGAdL1H0y7zrpqFFhR7acBBDmSVy8dWKd2mHsEG35I1PZf4k
vfESXlbCCbF1XgbMfQVjgqxEW8jbJAShvmqzKHQaJ5Ve7NeELVeLJ7eVUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAz1HlYyidUio1c/tIfmSNQ+uOwcMB8GA1UdIwQY
MBaAFP7XcznZOL7wh1mSk8IBs7n4IjYjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEt
ZDE3NTAwMjBjYWY1LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEtZDE3NTAwMjBjYWY1
LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADFqaCcHR
GsQ+IJSSGzs+NJhifcli4pY96I821ji79Ryeuq7NDbbW06mMjHo7106wwoGTNhuW
AOBMiO/BDAPZeccO79yrY6S4vIQga10vWZswh7ncYEYDZaQJ2Tim8/oJ7q0Tfz3Z
Ec1I6PAR+1lDS7BfUVHDoiJ6vPRTTctS3Kyw5NZWY3acpqQRFOJWFa1Vsdy8Y/cJ
rqQ44WAe/yDqh2pdtj/ZNlUFEus3/77a/t6s5Uz7KnwQP80/WOjWN+fLEeIpnnfh
OmGQFquWQbXPYd+Y7gkWsS3EYC8MWGb7brxWtLNl+yjhCCbsHtSb/7lbcZbxtRBc
1buT12rDOqmV1g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:02:40 2026 by rpki-client