Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/f75596-7790-432c-88cd-333e53cfa021/1/tE-FORdNAL-ov95JBD9IXDpYdSU.mft
File: tE-FORdNAL-ov95JBD9IXDpYdSU.mft (raw, json)
Hash identifier: ay73QAsMsMyvttQuGFymIMNkteVyPTpUmgQWJDIx8Uo=
Subject key identifier: 59:F0:AA:11:E1:A3:8E:31:FA:1D:38:4B:FC:58:FE:58:0E:34:75:D8
Authority key identifier: B4:4F:85:39:17:4D:00:BF:A8:BF:DE:49:04:3F:48:5C:3A:58:75:25
Certificate issuer: /CN=b44f8539174d00bfa8bfde49043f485c3a587525
Certificate serial: 019D3977FD1216AA9273E0296B2F7ADC8305
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tE-FORdNAL-ov95JBD9IXDpYdSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/f75596-7790-432c-88cd-333e53cfa021/1/tE-FORdNAL-ov95JBD9IXDpYdSU.mft
Manifest number: 188E
Signing time: Sun 29 Mar 2026 12:00:57 +0000
Manifest this update: Sun 29 Mar 2026 12:00:57 +0000
Manifest next update: Mon 30 Mar 2026 12:00:57 +0000
Files and hashes: 1: Som9pdt2cBfqpNs_uoKUr5V86tc.roa (hash: Er0ATXdFVQI+dlPzaVCGDkbogKEk2cw3WoLgdwrv/rM=)
2: tE-FORdNAL-ov95JBD9IXDpYdSU.crl (hash: lVbkn3Et/KNCkcmqjPtT0AnYvGHoNSY6hAJN8ZAUTdM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/f75596-7790-432c-88cd-333e53cfa021/1/tE-FORdNAL-ov95JBD9IXDpYdSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/f75596-7790-432c-88cd-333e53cfa021/1/tE-FORdNAL-ov95JBD9IXDpYdSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/tE-FORdNAL-ov95JBD9IXDpYdSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 12:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:fd:12:16:aa:92:73:e0:29:6b:2f:7a:dc:83:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b44f8539174d00bfa8bfde49043f485c3a587525
Validity
Not Before: Mar 29 12:00:57 2026 GMT
Not After : Mar 30 12:00:57 2026 GMT
Subject: CN=59f0aa11e1a38e31fa1d384bfc58fe580e3475d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:53:7c:75:8c:b8:c2:51:d3:bb:90:c8:e1:6d:
7b:02:59:f5:8a:ea:80:de:06:13:bd:2f:d3:a1:2d:
8d:75:86:3d:88:d6:08:0c:1c:a3:74:39:b7:ea:b0:
46:5f:09:18:1d:b8:e3:de:ec:4d:6c:37:67:0e:67:
5d:79:cd:27:50:75:ab:bf:15:1b:77:a4:e8:99:fd:
49:a7:36:88:b3:c1:bb:b2:8a:76:8c:d0:bd:86:a0:
ce:eb:3f:3a:bc:1e:d8:ca:23:9b:c9:62:0e:f4:d0:
37:8a:de:08:9d:db:5f:00:d0:bf:27:97:90:ba:52:
11:97:2b:4c:e4:f2:eb:17:1f:84:27:d6:b3:ec:56:
f8:3b:a0:39:bd:f9:68:87:ca:b1:10:b4:a8:bf:d1:
65:ed:ce:04:6f:6f:9c:07:81:1f:0d:ba:1b:49:4e:
15:40:c2:ec:84:75:fe:62:46:d8:b2:50:ff:6a:30:
5b:2f:21:eb:e7:e2:26:cd:eb:8d:65:03:b0:3e:43:
30:bc:88:eb:a2:07:7b:c2:b9:57:57:51:c0:51:3b:
41:26:c7:43:73:dc:57:fb:63:62:2f:10:98:6a:b9:
13:e2:1f:1a:53:fd:01:63:3c:c4:0d:28:86:11:1b:
d2:c5:b2:cc:b8:a3:f2:ba:b8:d2:55:41:d7:30:f1:
f7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F0:AA:11:E1:A3:8E:31:FA:1D:38:4B:FC:58:FE:58:0E:34:75:D8
X509v3 Authority Key Identifier:
keyid:B4:4F:85:39:17:4D:00:BF:A8:BF:DE:49:04:3F:48:5C:3A:58:75:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tE-FORdNAL-ov95JBD9IXDpYdSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f75596-7790-432c-88cd-333e53cfa021/1/tE-FORdNAL-ov95JBD9IXDpYdSU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f75596-7790-432c-88cd-333e53cfa021/1/tE-FORdNAL-ov95JBD9IXDpYdSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:c7:fc:c5:ef:c1:1c:91:28:b1:7a:ff:38:b0:89:68:77:d3:
be:2a:ee:08:2b:56:e3:0d:e2:75:42:d0:22:7a:cd:f5:25:0b:
23:1e:a1:a6:71:4a:22:a5:d0:53:42:c2:6b:12:c8:9a:60:1e:
02:52:5d:d4:4e:2f:2f:0c:5f:5a:21:69:4d:be:7a:17:ea:9c:
61:3f:8c:bc:ec:54:06:27:e4:c9:57:c9:4f:76:73:ed:14:eb:
d8:67:a3:a7:c4:ce:d4:0b:60:f4:b2:35:bd:a2:82:28:d5:76:
af:d0:9c:0b:dc:ba:03:b2:e1:db:d6:d0:4b:dd:d5:a8:3f:c9:
8d:81:6c:e6:ea:48:fc:86:a1:5b:d6:e9:a5:b8:f8:3f:aa:7b:
06:f4:06:30:42:b5:c2:0e:59:df:11:18:6a:b1:91:ca:26:96:
f1:3b:b3:2f:30:a6:71:b0:37:8e:b4:ad:ec:36:d9:75:b6:c5:
24:92:c8:aa:03:26:1d:c0:89:0c:48:4f:d0:42:75:8e:a2:21:
89:b7:fe:26:21:f3:25:87:ba:3a:16:cc:c4:8c:bb:0a:f0:4a:
de:31:1a:58:b4:b6:9f:22:ee:56:b7:cd:81:48:9a:0f:2c:77:
c4:39:95:8b:a0:f3:66:0b:ad:4e:93:48:36:25:02:a5:d4:f8:
a2:e9:4f:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d/0SFqqSc+Apay963IMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NGY4NTM5MTc0ZDAwYmZhOGJmZGU0OTA0M2Y0ODVjM2E1
ODc1MjUwHhcNMjYwMzI5MTIwMDU3WhcNMjYwMzMwMTIwMDU3WjAzMTEwLwYDVQQD
Eyg1OWYwYWExMWUxYTM4ZTMxZmExZDM4NGJmYzU4ZmU1ODBlMzQ3NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVN8dYy4wlHTu5DI4W17Aln1iuqA
3gYTvS/ToS2NdYY9iNYIDByjdDm36rBGXwkYHbjj3uxNbDdnDmddec0nUHWrvxUb
d6Tomf1JpzaIs8G7sop2jNC9hqDO6z86vB7YyiObyWIO9NA3it4IndtfANC/J5eQ
ulIRlytM5PLrFx+EJ9az7Fb4O6A5vfloh8qxELSov9Fl7c4Eb2+cB4EfDbobSU4V
QMLshHX+YkbYslD/ajBbLyHr5+ImzeuNZQOwPkMwvIjrogd7wrlXV1HAUTtBJsdD
c9xX+2NiLxCYarkT4h8aU/0BYzzEDSiGERvSxbLMuKPyurjSVUHXMPH38wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnwqhHho44x+h04S/xY/lgONHXYMB8GA1UdIwQY
MBaAFLRPhTkXTQC/qL/eSQQ/SFw6WHUlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEUtRk9SZE5BTC1vdjk1SkJEOUlYRHBZZFNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9mNzU1OTYtNzc5MC00MzJjLTg4Y2Qt
MzMzZTUzY2ZhMDIxLzEvdEUtRk9SZE5BTC1vdjk1SkJEOUlYRHBZZFNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9mNzU1OTYtNzc5MC00MzJjLTg4Y2QtMzMzZTUzY2ZhMDIx
LzEvdEUtRk9SZE5BTC1vdjk1SkJEOUlYRHBZZFNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADMf8xe/B
HJEosXr/OLCJaHfTviruCCtW4w3idULQInrN9SULIx6hpnFKIqXQU0LCaxLImmAe
AlJd1E4vLwxfWiFpTb56F+qcYT+MvOxUBifkyVfJT3Zz7RTr2Gejp8TO1Atg9LI1
vaKCKNV2r9CcC9y6A7Lh29bQS93VqD/JjYFs5upI/IahW9bppbj4P6p7BvQGMEK1
wg5Z3xEYarGRyiaW8TuzLzCmcbA3jrSt7DbZdbbFJJLIqgMmHcCJDEhP0EJ1jqIh
ibf+JiHzJYe6OhbMxIy7CvBK3jEaWLS2nyLuVrfNgUiaDyx3xDmVi6DzZgutTpNI
NiUCpdT4oulPqw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:24:19 2026 by rpki-client