Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
File: 3VP2PxOgyVKgefRXihDtv246pYs.mft (raw, json)
Hash identifier: lkohsFG4ulITsKXZMkJP9KreZ28v/6kawu1mOGjXixw=
Subject key identifier: 87:0E:17:65:FD:43:73:B9:B0:7D:4F:07:8F:BD:B6:76:DA:EC:25:98
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 019E1CEBBAC54623C048F12B3B710DC08AF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
Manifest number: 1875
Signing time: Tue 12 May 2026 16:01:11 +0000
Manifest this update: Tue 12 May 2026 16:01:11 +0000
Manifest next update: Wed 13 May 2026 16:01:11 +0000
Files and hashes: 1: 3VP2PxOgyVKgefRXihDtv246pYs.crl (hash: Uwg+CX9y4zoxhfijUrVJDCR7JJQTpPSYSNM9dnTxuCs=)
2: TWjQ2gsQUU9MXDJP00l8lOI_i8I.roa (hash: PtqnNrTefbS8Cw3BlkL6LKO9S8DUkKbOBZ0zbUviWfs=)
3: WoaNei28YSaPDdcENSu3LjSXLKg.roa (hash: YXB0+7Vswy/qgNB0Agbnb+glIUAaceZRMWc/efKKqKU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:eb:ba:c5:46:23:c0:48:f1:2b:3b:71:0d:c0:8a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: May 12 16:01:11 2026 GMT
Not After : May 13 16:01:11 2026 GMT
Subject: CN=870e1765fd4373b9b07d4f078fbdb676daec2598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b8:d3:f9:e6:39:90:9a:b1:e7:05:5a:c0:f1:
16:81:69:bb:35:a3:e8:f5:b0:41:58:c0:b4:8e:60:
18:41:b8:3a:9e:8c:80:bd:34:9d:43:08:74:3c:2e:
99:f9:19:7a:b1:19:97:eb:11:ab:4c:3c:84:34:eb:
20:c6:d4:20:cf:08:6c:35:93:d9:3f:90:ae:3d:87:
f4:1c:c6:9c:ba:70:b3:82:34:b0:92:e7:aa:a3:2e:
5e:cc:9e:2d:ca:53:11:97:85:c6:0c:df:9c:71:f0:
86:4a:5a:7b:d1:99:23:f9:92:d1:af:5b:68:16:30:
1b:8e:52:14:3e:b4:fa:9d:34:dd:c2:81:66:a1:00:
09:08:ec:a2:7d:55:d2:b1:dc:ff:d1:4a:29:85:17:
91:5a:a1:d9:bb:39:34:b9:f6:2b:eb:58:7e:80:08:
4f:49:b9:a2:c6:45:44:b4:aa:c5:cd:43:33:90:27:
d3:89:7a:20:8b:52:35:ff:79:87:e1:f2:d6:08:ab:
12:ba:69:1e:c4:e7:64:7f:f0:81:2c:5d:d6:f8:b1:
ad:73:e4:09:d4:ac:d0:7b:16:54:5a:51:e7:2d:1c:
75:e5:97:90:22:ff:a5:de:01:a5:85:7d:68:6c:b7:
25:43:09:cb:35:4d:93:a9:6c:65:79:c4:f3:e8:89:
84:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:0E:17:65:FD:43:73:B9:B0:7D:4F:07:8F:BD:B6:76:DA:EC:25:98
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:b4:ec:db:ee:e8:57:69:5d:bc:27:5e:70:db:dc:6f:ad:07:
28:43:5d:07:2a:4c:9d:e6:a3:41:39:89:a1:32:93:d7:7b:4e:
ff:3c:27:6d:ef:d8:4a:04:2a:4b:6c:64:07:95:3c:75:99:4d:
f8:56:65:5e:d8:a9:6a:2a:36:eb:9c:19:c5:7b:b7:9d:83:78:
5f:69:a1:5e:f4:8c:b8:3a:05:fd:f3:1d:6a:ac:8c:ef:00:82:
dc:3f:76:d1:51:48:b6:f4:84:99:17:33:19:14:0c:6f:55:89:
91:00:62:b0:ad:94:86:85:48:a2:3c:8a:65:3b:22:e4:03:9b:
c6:2f:00:a4:08:2a:c1:c2:2b:f3:91:d3:de:f2:d3:85:dc:23:
c3:3c:51:5e:48:8d:3b:a5:64:7e:48:5c:7e:68:2a:55:7f:d7:
44:fb:64:10:7f:50:18:24:e2:67:fb:bb:fc:ca:20:1d:d7:9c:
e4:e3:3f:94:98:05:3e:bc:40:ea:7b:45:b0:78:b1:89:9e:74:
de:de:f9:77:9c:6d:b4:1a:00:a1:de:d2:95:16:db:ef:b1:e9:
19:fc:c3:68:a7:29:d0:17:6b:8d:f6:c4:24:59:3e:18:20:38:
cf:a0:97:17:29:27:1a:47:f3:e1:40:82:8a:e3:39:aa:1e:d2:
eb:78:1e:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4c67rFRiPASPErO3ENwIrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTNmNjNmMTNhMGM5NTJhMDc5ZjQ1NzhhMTBlZGJmNmUz
YWE1OGIwHhcNMjYwNTEyMTYwMTExWhcNMjYwNTEzMTYwMTExWjAzMTEwLwYDVQQD
Eyg4NzBlMTc2NWZkNDM3M2I5YjA3ZDRmMDc4ZmJkYjY3NmRhZWMyNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLjT+eY5kJqx5wVawPEWgWm7NaPo
9bBBWMC0jmAYQbg6noyAvTSdQwh0PC6Z+Rl6sRmX6xGrTDyENOsgxtQgzwhsNZPZ
P5CuPYf0HMacunCzgjSwkueqoy5ezJ4tylMRl4XGDN+ccfCGSlp70Zkj+ZLRr1to
FjAbjlIUPrT6nTTdwoFmoQAJCOyifVXSsdz/0UophReRWqHZuzk0ufYr61h+gAhP
SbmixkVEtKrFzUMzkCfTiXogi1I1/3mH4fLWCKsSumkexOdkf/CBLF3W+LGtc+QJ
1KzQexZUWlHnLRx15ZeQIv+l3gGlhX1obLclQwnLNU2TqWxlecTz6ImEzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcOF2X9Q3O5sH1PB4+9tnba7CWYMB8GA1UdIwQY
MBaAFN1T9j8ToMlSoHn0V4oQ7b9uOqWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYt
NWNkZmExMTdhZWM2LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYtNWNkZmExMTdhZWM2
LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhbTs2+7o
V2ldvCdecNvcb60HKENdBypMneajQTmJoTKT13tO/zwnbe/YSgQqS2xkB5U8dZlN
+FZlXtipaio265wZxXu3nYN4X2mhXvSMuDoF/fMdaqyM7wCC3D920VFItvSEmRcz
GRQMb1WJkQBisK2UhoVIojyKZTsi5AObxi8ApAgqwcIr85HT3vLThdwjwzxRXkiN
O6VkfkhcfmgqVX/XRPtkEH9QGCTiZ/u7/MogHdec5OM/lJgFPrxA6ntFsHixiZ50
3t75d5xttBoAod7SlRbb77HpGfzDaKcp0BdrjfbEJFk+GCA4z6CXFyknGkfz4UCC
iuM5qh7S63gejg==
-----END CERTIFICATE-----
Generated at Tue May 12 21:15:56 2026 by rpki-client