Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft
File: tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft (raw, json)
Hash identifier: sV4MyWi/eUZVzB6aX/8BOPpU7F0MJatUz0StoFbrwlY=
Subject key identifier: 88:99:3E:1F:A1:EE:5E:70:34:11:74:03:BD:41:20:C2:23:3E:E3:37
Authority key identifier: B5:CC:DD:88:3F:6D:D1:14:EC:F6:F7:27:16:A8:46:34:F6:7A:C9:77
Certificate issuer: /CN=b5ccdd883f6dd114ecf6f72716a84634f67ac977
Certificate serial: 019D39E58AC54CEF4F71162E3BB6EF5B04C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft
Manifest number: 0EC1
Signing time: Sun 29 Mar 2026 14:00:37 +0000
Manifest this update: Sun 29 Mar 2026 14:00:37 +0000
Manifest next update: Mon 30 Mar 2026 14:00:37 +0000
Files and hashes: 1: dIqmIrGGl8FI-sOwGOw90e9FkJY.roa (hash: ux/S4urJBgHoaCGluZkTkGPr6Fq78RqIkr3zENS3Pqk=)
2: tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl (hash: cpaXDYjgZOn5s9QieoeldsVg2dMepC9nn+7xsrpyQsg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft
rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:e5:8a:c5:4c:ef:4f:71:16:2e:3b:b6:ef:5b:04:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5ccdd883f6dd114ecf6f72716a84634f67ac977
Validity
Not Before: Mar 29 14:00:37 2026 GMT
Not After : Mar 30 14:00:37 2026 GMT
Subject: CN=88993e1fa1ee5e7034117403bd4120c2233ee337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:81:a3:6e:b4:5d:bb:04:35:b1:a2:59:47:ba:
01:60:53:86:c2:56:74:b2:d4:11:59:f4:18:da:70:
f1:e5:93:4b:ba:9f:0e:34:8f:84:74:78:72:83:d7:
b3:1a:48:11:bc:69:67:8f:ee:5c:1e:42:d3:f0:89:
10:5e:66:58:6a:d4:0e:00:2d:b2:32:01:00:b1:e3:
5d:c9:ab:4d:6e:fb:42:4e:53:45:62:63:10:0c:bf:
ac:69:e9:1f:b7:8d:bb:68:4a:55:7c:64:e3:77:a1:
53:5e:e6:35:0e:3f:00:cb:5f:06:b5:74:a4:e0:63:
7d:8f:a6:7a:d6:9d:f6:95:94:b1:10:e1:50:8f:64:
b5:b4:ba:bc:74:f3:9c:4a:22:6a:23:7d:3e:23:06:
20:9e:2d:10:a3:5d:23:0b:63:cb:5b:7c:d9:50:b5:
2b:a9:57:85:7b:b4:1d:20:80:c7:ce:8c:5d:aa:0f:
a4:3e:ea:ba:8b:2e:f0:73:23:11:8e:08:ac:50:97:
85:df:b8:ba:7a:da:e0:4e:52:3f:64:61:b0:a2:80:
d4:1e:45:dd:82:e8:b7:3c:6f:a5:24:2c:87:c7:b3:
d6:20:aa:14:f2:c5:85:81:fe:b4:cf:b4:b6:f2:a4:
a2:31:68:51:11:8e:c6:d2:1e:3b:66:2c:e8:0d:a8:
70:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:99:3E:1F:A1:EE:5E:70:34:11:74:03:BD:41:20:C2:23:3E:E3:37
X509v3 Authority Key Identifier:
keyid:B5:CC:DD:88:3F:6D:D1:14:EC:F6:F7:27:16:A8:46:34:F6:7A:C9:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:7c:a2:11:41:6f:3f:21:91:2f:ce:23:60:5f:60:9f:e4:10:
18:e2:e6:93:a4:85:c0:69:a7:c5:d4:51:7e:da:ca:69:bd:c5:
ae:9f:c7:3c:68:68:41:01:69:9e:ed:7b:22:58:10:8f:7d:f6:
81:29:2e:c0:83:74:a2:f3:d3:a6:45:1d:72:e8:d4:30:20:80:
4a:de:05:4c:6c:6f:ea:ac:7b:7e:c6:1d:21:78:75:74:90:db:
f4:31:d6:24:79:ce:72:94:e6:5c:86:f9:cc:38:33:59:3a:76:
92:b5:35:63:16:a6:bd:5a:86:c7:e6:89:28:14:38:c3:e1:29:
dd:8b:b3:7a:eb:34:0f:a0:15:85:97:a2:92:ac:06:3d:59:ed:
7d:43:2f:d6:85:75:52:3d:91:3f:74:3a:71:8b:c0:a3:21:f0:
ac:17:e8:d9:e9:ec:c8:9d:c0:57:95:88:91:11:a4:6a:68:56:
c2:de:d3:2b:f4:5f:44:66:ac:5f:39:a9:3a:09:f7:56:30:de:
87:c1:b3:25:4f:e0:b1:f6:5a:38:54:7d:30:2f:9b:97:ba:99:
ac:32:2d:65:ee:55:bd:11:c5:9b:20:b0:cc:5d:d0:a3:f7:9b:
6d:16:c0:a0:91:a3:f3:6e:ac:2c:c1:2a:53:2c:e8:8e:57:54:
d2:8a:da:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055YrFTO9PcRYuO7bvWwTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1Y2NkZDg4M2Y2ZGQxMTRlY2Y2ZjcyNzE2YTg0NjM0ZjY3
YWM5NzcwHhcNMjYwMzI5MTQwMDM3WhcNMjYwMzMwMTQwMDM3WjAzMTEwLwYDVQQD
Eyg4ODk5M2UxZmExZWU1ZTcwMzQxMTc0MDNiZDQxMjBjMjIzM2VlMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4GjbrRduwQ1saJZR7oBYFOGwlZ0
stQRWfQY2nDx5ZNLup8ONI+EdHhyg9ezGkgRvGlnj+5cHkLT8IkQXmZYatQOAC2y
MgEAseNdyatNbvtCTlNFYmMQDL+saekft427aEpVfGTjd6FTXuY1Dj8Ay18GtXSk
4GN9j6Z61p32lZSxEOFQj2S1tLq8dPOcSiJqI30+IwYgni0Qo10jC2PLW3zZULUr
qVeFe7QdIIDHzoxdqg+kPuq6iy7wcyMRjgisUJeF37i6etrgTlI/ZGGwooDUHkXd
gui3PG+lJCyHx7PWIKoU8sWFgf60z7S28qSiMWhREY7G0h47ZizoDahwWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIiZPh+h7l5wNBF0A71BIMIjPuM3MB8GA1UdIwQY
MBaAFLXM3Yg/bdEU7Pb3JxaoRjT2esl3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iYTc4NGQtNzQ2ZS00OWU3LWE0MDgt
NGFiYWY1M2E1MGFmLzEvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iYTc4NGQtNzQ2ZS00OWU3LWE0MDgtNGFiYWY1M2E1MGFm
LzEvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmHyiEUFv
PyGRL84jYF9gn+QQGOLmk6SFwGmnxdRRftrKab3Frp/HPGhoQQFpnu17IlgQj332
gSkuwIN0ovPTpkUdcujUMCCASt4FTGxv6qx7fsYdIXh1dJDb9DHWJHnOcpTmXIb5
zDgzWTp2krU1YxamvVqGx+aJKBQ4w+Ep3Yuzeus0D6AVhZeikqwGPVntfUMv1oV1
Uj2RP3Q6cYvAoyHwrBfo2ensyJ3AV5WIkRGkamhWwt7TK/RfRGasXzmpOgn3VjDe
h8GzJU/gsfZaOFR9MC+bl7qZrDItZe5VvRHFmyCwzF3Qo/ebbRbAoJGj826sLMEq
UyzojldU0oraqQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:00:53 2026 by rpki-client