Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
File: TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft (raw, json)
Hash identifier: 08eGYTRKZStDhQ+JLTi+JK1CTkV2nw1i99Kvcw8pruQ=
Subject key identifier: E8:97:A2:E5:57:5F:8E:19:23:A6:2F:CC:9E:A4:C6:68:6F:67:7D:A8
Authority key identifier: 4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB
Certificate issuer: /CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
Certificate serial: 019D38D330238E64B98F5744F0E261C8FC7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
Manifest number: 16C8
Signing time: Sun 29 Mar 2026 09:00:57 +0000
Manifest this update: Sun 29 Mar 2026 09:00:57 +0000
Manifest next update: Mon 30 Mar 2026 09:00:57 +0000
Files and hashes: 1: TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl (hash: HZBVIsaxOq2m4bCsLl1suDRD/MlgG21kODx/wnlCXxE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:30:23:8e:64:b9:8f:57:44:f0:e2:61:c8:fc:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
Validity
Not Before: Mar 29 09:00:57 2026 GMT
Not After : Mar 30 09:00:57 2026 GMT
Subject: CN=e897a2e5575f8e1923a62fcc9ea4c6686f677da8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7e:0c:6f:6b:73:6b:05:eb:f1:c8:c6:a6:b9:
98:e6:e0:82:cf:e7:30:b6:92:94:0e:23:ce:ad:45:
6f:c2:26:a5:ed:a7:b2:a8:15:f4:d3:c0:05:65:e5:
68:db:7c:0b:8d:38:c0:72:e3:09:3b:ed:c5:54:77:
7f:92:e1:9c:2d:10:e5:14:0f:32:41:28:95:81:4d:
c5:e9:89:a5:42:26:04:6a:3c:5c:60:cf:9f:d9:2d:
96:d6:c1:26:cf:df:c2:90:ee:0c:b6:0a:1c:59:05:
8d:a7:93:9c:68:49:7a:5f:e8:d0:f4:fe:d6:71:8a:
0f:fc:2f:97:4a:8f:5d:2a:a5:6b:32:e0:53:98:f9:
31:1c:ae:eb:4e:2e:fb:2a:21:85:4d:a0:a2:b3:f9:
5f:87:3a:fa:21:26:c3:4e:bd:2b:02:57:58:cc:ad:
2c:e9:af:c6:18:66:36:c1:2f:ce:b7:fb:fc:81:61:
bc:28:a0:3e:83:ef:00:5c:04:2c:78:9e:37:4b:3b:
9d:e3:00:35:16:43:b2:6a:c1:66:0d:02:fa:b4:b5:
b6:a2:df:44:10:5b:5b:77:c9:0f:10:4f:13:75:40:
04:02:d8:91:d2:da:1d:de:1b:7a:23:f3:4b:04:99:
ca:03:3f:fc:95:53:d6:80:b4:ea:f8:7a:77:98:5a:
e5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:97:A2:E5:57:5F:8E:19:23:A6:2F:CC:9E:A4:C6:68:6F:67:7D:A8
X509v3 Authority Key Identifier:
keyid:4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:ad:da:4b:a0:69:c6:53:f8:22:cf:b9:55:5b:ff:da:e6:ed:
09:17:d3:55:64:59:35:2b:3e:42:bc:50:39:42:4f:8b:4b:ed:
2f:8a:58:8c:40:74:79:5d:38:8c:c8:74:57:78:3b:a8:82:84:
85:0d:82:6a:ba:ea:f4:58:b7:7f:48:5d:e1:e4:ee:0a:fa:1c:
91:da:50:ea:2b:da:5e:56:b8:a4:21:9f:82:4e:07:54:35:08:
2b:77:f4:fc:ea:80:34:b5:3d:11:ec:05:2f:a5:38:45:68:7e:
14:ca:3c:29:4a:59:be:98:31:87:94:33:94:36:21:f1:03:a0:
b8:66:83:e0:6d:81:cd:96:44:1a:24:a7:19:bb:bb:96:80:58:
7e:47:47:bd:c5:ce:41:eb:be:7c:1c:57:3f:05:7e:63:f5:a4:
30:67:f6:f3:a9:93:45:b5:f5:3d:15:e0:cf:0d:e7:3e:de:88:
79:ea:e0:79:c5:6b:93:65:62:9f:ae:bd:4c:2c:f0:f9:01:c6:
56:71:70:42:72:38:2f:bc:5b:e1:22:c6:41:df:a6:a8:37:e3:
c1:82:01:5b:a2:ca:df:c2:f6:d9:fd:95:6f:a7:6e:18:4c:63:
55:d3:86:c2:e5:26:2a:92:79:68:52:72:e7:7c:f3:f0:3d:87:
3b:32:57:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040zAjjmS5j1dE8OJhyPx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGYyNTdmMzM5Y2ZiOWUyNzU0YjZjYzI0MzY0ZjBmMTI5
MDU4ZGIwHhcNMjYwMzI5MDkwMDU3WhcNMjYwMzMwMDkwMDU3WjAzMTEwLwYDVQQD
EyhlODk3YTJlNTU3NWY4ZTE5MjNhNjJmY2M5ZWE0YzY2ODZmNjc3ZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu34Mb2tzawXr8cjGprmY5uCCz+cw
tpKUDiPOrUVvwial7aeyqBX008AFZeVo23wLjTjAcuMJO+3FVHd/kuGcLRDlFA8y
QSiVgU3F6YmlQiYEajxcYM+f2S2W1sEmz9/CkO4MtgocWQWNp5OcaEl6X+jQ9P7W
cYoP/C+XSo9dKqVrMuBTmPkxHK7rTi77KiGFTaCis/lfhzr6ISbDTr0rAldYzK0s
6a/GGGY2wS/Ot/v8gWG8KKA+g+8AXAQseJ43Szud4wA1FkOyasFmDQL6tLW2ot9E
EFtbd8kPEE8TdUAEAtiR0tod3ht6I/NLBJnKAz/8lVPWgLTq+Hp3mFrl5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOiXouVXX44ZI6YvzJ6kxmhvZ32oMB8GA1UdIwQY
MBaAFE0PJX8znPueJ1S2zCQ2Tw8SkFjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUt
ZjNmNTgxZGZjNjQ4LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUtZjNmNTgxZGZjNjQ4
LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATa3aS6Bp
xlP4Is+5VVv/2ubtCRfTVWRZNSs+QrxQOUJPi0vtL4pYjEB0eV04jMh0V3g7qIKE
hQ2Carrq9Fi3f0hd4eTuCvockdpQ6ivaXla4pCGfgk4HVDUIK3f0/OqANLU9EewF
L6U4RWh+FMo8KUpZvpgxh5QzlDYh8QOguGaD4G2BzZZEGiSnGbu7loBYfkdHvcXO
Qeu+fBxXPwV+Y/WkMGf286mTRbX1PRXgzw3nPt6IeergecVrk2Vin669TCzw+QHG
VnFwQnI4L7xb4SLGQd+mqDfjwYIBW6LK38L22f2Vb6duGExjVdOGwuUmKpJ5aFJy
53zz8D2HOzJXyw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:49:20 2026 by rpki-client