Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft
File: 3itcv5Z6A0nYiXBLtNYfpSajHW8.mft (raw, json)
Hash identifier: ddBQWMBWLcwS/ykZYrAIEa46Rs+mCjV3lMLJcbINUsE=
Subject key identifier: 41:82:A9:2F:37:0A:13:76:10:8E:98:DB:D7:57:13:55:17:C4:43:8A
Authority key identifier: DE:2B:5C:BF:96:7A:03:49:D8:89:70:4B:B4:D6:1F:A5:26:A3:1D:6F
Certificate issuer: /CN=de2b5cbf967a0349d889704bb4d61fa526a31d6f
Certificate serial: 019D2961115D5D80B5201A8851B88CE92170
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft
Manifest number: 17C7
Signing time: Thu 26 Mar 2026 09:02:00 +0000
Manifest this update: Thu 26 Mar 2026 09:02:00 +0000
Manifest next update: Fri 27 Mar 2026 09:02:00 +0000
Files and hashes: 1: 3itcv5Z6A0nYiXBLtNYfpSajHW8.crl (hash: q6/fbLgskpEqOlOT0RthYmL2HElZIMKrVvyOyD+04Dw=)
2: xU2EDS3A1kqxHB5fmWawALQua5w.roa (hash: gy/kCjpuCiDHyb5854bh+q6WsJ4/S+45FLFM/o6soug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:61:11:5d:5d:80:b5:20:1a:88:51:b8:8c:e9:21:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2b5cbf967a0349d889704bb4d61fa526a31d6f
Validity
Not Before: Mar 26 09:02:00 2026 GMT
Not After : Mar 27 09:02:00 2026 GMT
Subject: CN=4182a92f370a1376108e98dbd757135517c4438a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:80:53:b3:4e:f4:15:14:3c:64:89:46:e2:10:
09:45:35:ab:64:63:09:73:e5:18:83:b2:c2:96:79:
79:92:73:bf:bc:89:35:4c:70:9f:4c:d7:e3:3d:98:
f4:5c:fa:94:d4:cd:26:db:9d:8d:52:2c:6f:c6:92:
ad:93:8c:b5:4c:5e:f5:1c:23:7c:ad:98:ec:f9:a0:
6f:96:79:2f:26:0e:47:91:28:7a:87:4d:4f:d5:0e:
1d:c7:a8:7d:c9:e3:45:f7:29:d1:32:a5:0d:75:7f:
31:4b:2f:89:86:2a:53:2c:ed:b4:e2:5b:3e:e0:5f:
5d:df:1f:fe:57:1d:35:0f:3a:e7:29:d8:e6:e1:9a:
94:23:03:ca:b7:70:b8:d9:5a:88:33:06:b6:0c:69:
31:ff:99:86:79:c4:24:1a:df:be:51:d7:84:45:2b:
77:d5:2d:63:47:19:3f:29:cf:7d:c8:94:e4:2c:89:
08:b4:7f:43:50:63:5f:73:e7:40:30:4f:e2:6c:2e:
73:f8:da:fa:05:23:6e:e1:3c:76:42:48:62:6b:65:
83:18:70:3b:72:d5:16:44:17:c1:56:bc:6c:1e:3b:
32:aa:69:17:40:68:4b:5f:b1:ab:2f:10:3d:93:64:
70:5b:da:32:ac:d6:17:e7:69:e4:0a:65:b4:7f:6a:
bd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:82:A9:2F:37:0A:13:76:10:8E:98:DB:D7:57:13:55:17:C4:43:8A
X509v3 Authority Key Identifier:
keyid:DE:2B:5C:BF:96:7A:03:49:D8:89:70:4B:B4:D6:1F:A5:26:A3:1D:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:49:8f:02:f4:3d:3d:b7:32:c4:24:3d:e8:b5:b3:95:bd:ba:
00:9f:45:c4:c2:a7:42:a6:39:54:1e:32:2e:75:a4:f8:f1:67:
62:10:fb:cb:22:ac:22:be:bc:8f:0e:c9:d4:9f:a6:4c:08:6c:
9f:e9:e6:bc:18:0c:69:ac:65:1e:2e:9b:3c:e7:1b:95:e4:d8:
dd:30:d3:38:b7:0a:0b:91:40:7b:fe:a3:e9:7c:1b:37:7a:5c:
d6:0e:d1:4f:68:8a:d0:ac:6a:9e:cf:87:9c:64:8c:f7:be:48:
9b:bf:ce:9f:b6:a8:d4:2c:5a:95:c7:7b:cc:0b:2d:1e:e4:69:
d8:74:9a:c2:d3:2c:10:9d:03:2d:3f:52:95:4a:34:db:dc:e5:
3c:f5:3b:9c:60:b8:48:a5:54:ed:d2:da:f8:43:00:65:86:0a:
59:2d:12:9b:19:9a:d0:54:e6:2a:a3:d7:37:09:f4:49:53:87:
f3:44:1d:9f:36:f4:8a:87:d2:61:bc:5a:2a:02:a2:2f:4b:26:
d7:8a:bb:61:a4:39:a6:b3:cd:86:90:7e:c0:64:36:95:ed:53:
ec:7d:8e:c1:20:c7:ea:f1:2a:84:60:18:97:3b:20:95:57:cf:
e0:9d:a4:22:d6:6c:19:38:48:69:e3:3a:a2:6a:a8:72:2f:36:
2d:42:3d:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYRFdXYC1IBqIUbiM6SFwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMmI1Y2JmOTY3YTAzNDlkODg5NzA0YmI0ZDYxZmE1MjZh
MzFkNmYwHhcNMjYwMzI2MDkwMjAwWhcNMjYwMzI3MDkwMjAwWjAzMTEwLwYDVQQD
Eyg0MTgyYTkyZjM3MGExMzc2MTA4ZTk4ZGJkNzU3MTM1NTE3YzQ0MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIBTs070FRQ8ZIlG4hAJRTWrZGMJ
c+UYg7LClnl5knO/vIk1THCfTNfjPZj0XPqU1M0m252NUixvxpKtk4y1TF71HCN8
rZjs+aBvlnkvJg5HkSh6h01P1Q4dx6h9yeNF9ynRMqUNdX8xSy+JhipTLO204ls+
4F9d3x/+Vx01DzrnKdjm4ZqUIwPKt3C42VqIMwa2DGkx/5mGecQkGt++UdeERSt3
1S1jRxk/Kc99yJTkLIkItH9DUGNfc+dAME/ibC5z+Nr6BSNu4Tx2Qkhia2WDGHA7
ctUWRBfBVrxsHjsyqmkXQGhLX7GrLxA9k2RwW9oyrNYX52nkCmW0f2q9qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGCqS83ChN2EI6Y29dXE1UXxEOKMB8GA1UdIwQY
MBaAFN4rXL+WegNJ2IlwS7TWH6Umox1vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi82NDZlN2QtNGY0Ni00MDdjLWJkZDAt
ZmQ3MmQ5NjJkZjI3LzEvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi82NDZlN2QtNGY0Ni00MDdjLWJkZDAtZmQ3MmQ5NjJkZjI3
LzEvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYUmPAvQ9
PbcyxCQ96LWzlb26AJ9FxMKnQqY5VB4yLnWk+PFnYhD7yyKsIr68jw7J1J+mTAhs
n+nmvBgMaaxlHi6bPOcbleTY3TDTOLcKC5FAe/6j6XwbN3pc1g7RT2iK0Kxqns+H
nGSM975Im7/On7ao1Cxalcd7zAstHuRp2HSawtMsEJ0DLT9SlUo029zlPPU7nGC4
SKVU7dLa+EMAZYYKWS0Smxma0FTmKqPXNwn0SVOH80Qdnzb0iofSYbxaKgKiL0sm
14q7YaQ5prPNhpB+wGQ2le1T7H2OwSDH6vEqhGAYlzsglVfP4J2kItZsGThIaeM6
omqoci82LUI9Bg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:27:13 2026 by rpki-client