Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
File: 3ikhmJ19kMZOuzVliDH-ao9JyTg.mft (raw, json)
Hash identifier: yUzYByDljD03wkIlzQOY2j22Ap7D8+ah5tnpKHHfmMA=
Subject key identifier: 18:62:BC:88:28:A3:F3:66:0F:88:A4:A6:9B:8A:E6:96:F9:D0:25:FB
Authority key identifier: DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
Certificate issuer: /CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Certificate serial: 019D27DF6C5A14698C48E69F2D3EAD1FAC07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
Manifest number: 0CF8
Signing time: Thu 26 Mar 2026 02:00:46 +0000
Manifest this update: Thu 26 Mar 2026 02:00:46 +0000
Manifest next update: Fri 27 Mar 2026 02:00:46 +0000
Files and hashes: 1: 3ikhmJ19kMZOuzVliDH-ao9JyTg.crl (hash: eu/GnhHCcNXQHyIjF4goJrUYTRaXjeEcm3OzLooz0dQ=)
2: _ioUT6ot6spKYeitBH6WHig08aI.roa (hash: lPf90VagjG9YZhFPp1sns8p7TmON2JIuqMSkRErr21k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:6c:5a:14:69:8c:48:e6:9f:2d:3e:ad:1f:ac:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Validity
Not Before: Mar 26 02:00:46 2026 GMT
Not After : Mar 27 02:00:46 2026 GMT
Subject: CN=1862bc8828a3f3660f88a4a69b8ae696f9d025fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:dd:f9:b5:b0:d9:51:0b:80:7c:f0:52:88:22:
6a:fc:13:0a:e7:4d:03:9e:1d:3f:84:5c:69:12:f0:
dd:d3:8f:bf:9a:67:42:2e:71:6e:44:a7:a7:9c:f3:
03:84:9e:24:3c:20:6c:c1:14:2f:64:42:4d:6a:c6:
2b:8c:13:50:c8:15:20:aa:9b:da:3c:17:4a:ac:a6:
7a:e8:4a:ee:dd:05:c7:b4:59:94:60:27:67:75:e7:
41:5f:84:a0:0a:d8:86:74:ba:00:4d:e3:95:70:41:
46:d2:f0:d3:d8:25:5e:e3:ca:1c:21:8f:d0:aa:30:
ee:b7:91:4e:d7:b8:53:a9:20:25:6f:cd:6e:65:6f:
e4:65:30:f7:87:46:cc:17:8d:22:8c:01:fc:59:fb:
0a:be:28:9f:2f:15:f9:67:71:1c:a2:db:51:fc:76:
cb:59:77:64:3c:21:78:c3:78:c1:28:75:60:2d:fb:
ec:c3:1d:53:60:2b:da:ef:5e:ed:d7:42:f4:e0:f7:
01:a1:45:fb:fe:ae:8d:91:27:db:45:4c:5f:9a:08:
33:d3:00:50:e4:80:9d:7d:9d:07:db:21:71:bf:8b:
12:03:6b:3f:59:31:f2:5f:a0:4b:b6:0a:d8:f8:41:
58:99:ad:5c:02:bc:1b:be:75:58:21:b6:36:56:8d:
21:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:62:BC:88:28:A3:F3:66:0F:88:A4:A6:9B:8A:E6:96:F9:D0:25:FB
X509v3 Authority Key Identifier:
keyid:DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:c6:b7:4f:d5:45:d8:c4:3b:2b:16:28:06:33:16:3b:84:47:
51:79:6b:23:8b:79:79:7f:18:3f:22:e2:a3:18:dd:a6:5e:66:
6b:16:01:56:8b:28:30:37:1b:c4:6b:ba:63:5d:a8:29:dc:46:
a1:6a:15:09:6e:ff:f1:4f:b3:1f:17:61:d9:6f:62:a9:8d:91:
80:33:07:a5:19:88:7e:15:bd:f5:c8:eb:99:38:62:29:9c:80:
8f:a8:86:ad:4c:7d:30:62:ef:f7:86:b6:02:32:63:a4:ca:28:
77:90:48:e5:8a:97:72:da:a2:bd:74:70:87:0a:4f:e5:8d:5c:
28:39:a5:e2:e5:07:a2:42:bd:01:d1:6e:40:19:a9:f3:2f:f1:
da:53:7f:f8:80:e2:dc:0f:44:3a:c5:7a:5f:6c:6a:5a:b7:94:
4e:a7:55:bf:9e:27:3d:3a:59:50:56:f3:1e:62:58:e0:b8:9a:
c7:5a:f6:91:22:ab:e2:bc:a6:4b:1f:7e:6b:c8:7c:5b:81:e4:
fd:7f:57:15:46:7c:ef:7d:01:f5:c0:14:49:ec:b6:ec:68:40:
64:49:1f:c8:78:ae:9c:b5:ae:e7:68:6b:bf:8b:20:f4:86:72:
3e:f1:5f:7b:1f:eb:53:04:e1:de:69:95:62:ea:73:d8:df:1b:
c2:1a:f9:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n32xaFGmMSOafLT6tH6wHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMjkyMTk4OWQ3ZDkwYzY0ZWJiMzU2NTg4MzFmZTZhOGY0
OWM5MzgwHhcNMjYwMzI2MDIwMDQ2WhcNMjYwMzI3MDIwMDQ2WjAzMTEwLwYDVQQD
EygxODYyYmM4ODI4YTNmMzY2MGY4OGE0YTY5YjhhZTY5NmY5ZDAyNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt35tbDZUQuAfPBSiCJq/BMK500D
nh0/hFxpEvDd04+/mmdCLnFuRKennPMDhJ4kPCBswRQvZEJNasYrjBNQyBUgqpva
PBdKrKZ66Eru3QXHtFmUYCdndedBX4SgCtiGdLoATeOVcEFG0vDT2CVe48ocIY/Q
qjDut5FO17hTqSAlb81uZW/kZTD3h0bMF40ijAH8WfsKviifLxX5Z3EcottR/HbL
WXdkPCF4w3jBKHVgLfvswx1TYCva717t10L04PcBoUX7/q6NkSfbRUxfmggz0wBQ
5ICdfZ0H2yFxv4sSA2s/WTHyX6BLtgrY+EFYma1cArwbvnVYIbY2Vo0hYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBhivIgoo/NmD4ikppuK5pb50CX7MB8GA1UdIwQY
MBaAFN4pIZidfZDGTrs1ZYgx/mqPSck4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTct
MGI1ZWNiNDc0ZjE1LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTctMGI1ZWNiNDc0ZjE1
LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ8a3T9VF
2MQ7KxYoBjMWO4RHUXlrI4t5eX8YPyLioxjdpl5maxYBVosoMDcbxGu6Y12oKdxG
oWoVCW7/8U+zHxdh2W9iqY2RgDMHpRmIfhW99cjrmThiKZyAj6iGrUx9MGLv94a2
AjJjpMood5BI5YqXctqivXRwhwpP5Y1cKDml4uUHokK9AdFuQBmp8y/x2lN/+IDi
3A9EOsV6X2xqWreUTqdVv54nPTpZUFbzHmJY4Liax1r2kSKr4rymSx9+a8h8W4Hk
/X9XFUZ8730B9cAUSey27GhAZEkfyHiunLWu52hrv4sg9IZyPvFfex/rUwTh3mmV
Yupz2N8bwhr5OA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:31:25 2026 by rpki-client