Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
File: 3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft (raw, json)
Hash identifier: h+FNFMIN9HEtm6KYi58dOJbxq/1E2oUiQVfofGExJrs=
Subject key identifier: 4E:D5:7F:06:3E:DA:DC:B1:A4:A3:E5:23:1D:CD:AF:85:4E:91:ED:14
Authority key identifier: DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
Certificate issuer: /CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Certificate serial: 019E1D908DA6188753056A59E516E912C7F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
Manifest number: 10E7
Signing time: Tue 12 May 2026 19:01:13 +0000
Manifest this update: Tue 12 May 2026 19:01:13 +0000
Manifest next update: Wed 13 May 2026 19:01:13 +0000
Files and hashes: 1: 3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl (hash: /iEaDN1qrffxGoso6rUv/yN6/2nsFSrRpuGFWlKTohU=)
2: ZupcI2nbSj0kv3bOiTJw_7ju_nM.roa (hash: 8lfURhp4+6wvfeyaLwrd59nHvD9zLaiHI+8CWa149w4=)
3: uRzlID_nfuupcIGUXbHpyyUrxts.roa (hash: 5LvqBXGtCHTt2jvIwKxCsctM10tlaiQJ5CWlpcE9cx8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1d:90:8d:a6:18:87:53:05:6a:59:e5:16:e9:12:c7:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Validity
Not Before: May 12 19:01:13 2026 GMT
Not After : May 13 19:01:13 2026 GMT
Subject: CN=4ed57f063edadcb1a4a3e5231dcdaf854e91ed14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:51:b3:ad:e9:e1:5d:08:f9:97:bf:99:92:4b:
7d:db:a0:ce:47:64:70:4b:02:aa:1e:b9:10:89:88:
0d:87:1e:5a:d7:8b:22:3d:73:58:fd:b3:86:82:50:
a4:9e:3c:de:c2:a0:91:27:c8:3f:b0:8c:4e:58:08:
cc:8a:70:7c:2a:36:60:8f:64:c9:bd:15:c1:7a:2a:
15:c4:6f:79:d2:bb:37:59:b2:cb:92:00:76:8a:2d:
0a:b1:19:b5:41:26:60:3e:af:37:3a:81:09:e5:81:
25:fc:a3:76:3b:b0:26:71:d2:34:8a:e7:a8:5c:0f:
17:65:2c:94:b0:55:e5:9b:c4:e8:e0:b7:2f:7f:15:
35:68:4e:6c:9d:fd:c6:ce:d2:d5:af:07:39:36:5b:
cf:6d:01:34:22:37:14:0e:b9:b1:03:9d:09:1f:67:
b4:db:13:6a:ae:91:a1:bf:e5:91:ba:3b:03:6f:55:
5d:ae:b3:72:62:8b:61:a6:1f:82:8b:a4:50:73:15:
e0:48:f3:2c:e6:c3:ca:37:74:ba:23:28:f7:ef:cc:
86:dc:13:cf:6a:0a:b6:d0:dd:37:3a:4d:07:7e:dd:
c5:41:e9:02:62:78:c8:1a:e1:04:b7:f7:53:3e:3b:
8d:d0:c7:e7:cc:12:fb:92:55:6c:1f:0c:5e:f5:b5:
6a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D5:7F:06:3E:DA:DC:B1:A4:A3:E5:23:1D:CD:AF:85:4E:91:ED:14
X509v3 Authority Key Identifier:
keyid:DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:ae:27:ec:d7:5f:cf:53:f3:e0:c6:6b:cf:9a:d0:32:87:d1:
de:5f:fe:e3:d9:f6:92:22:d1:68:72:c6:cc:f8:40:7d:02:81:
26:24:0f:87:2c:d6:47:87:c5:48:0c:56:72:19:68:c7:94:87:
8e:11:c4:b0:bc:90:a5:ec:5b:ee:fa:d4:3d:8c:a4:3b:b5:2e:
74:7b:7d:3f:61:36:0b:8c:08:02:45:42:04:7b:cf:34:92:00:
d3:bc:35:5d:1e:02:ca:39:b4:b9:28:ef:62:e2:ae:ac:a8:46:
8f:97:ed:05:e6:24:15:ce:a8:41:e5:c1:3c:e9:04:98:5f:47:
48:d8:18:8b:64:81:bd:4d:1c:a7:d2:4c:f0:59:b5:d0:98:2d:
fd:9e:2f:42:6a:41:56:25:16:53:2b:9b:48:e4:62:10:8e:bb:
86:a6:42:cf:e9:0f:a3:45:89:91:63:a4:63:45:ba:5f:dc:c7:
45:77:87:9f:2a:53:18:38:9c:dd:bc:76:14:60:82:f9:a0:1b:
ba:0b:99:55:31:fd:52:de:2f:db:bf:b5:47:61:14:01:57:1a:
f5:52:75:98:6b:f2:62:d8:1e:b4:18:15:db:c7:17:18:e0:3f:
1d:c9:de:83:81:6d:86:6c:cd:e7:ae:0c:67:ec:77:ef:f3:4e:
9f:3b:43:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dkI2mGIdTBWpZ5RbpEsf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNjkxNzY0NWQ5ZDIyMDQzNWY5MWM3ZTQ2YzgxMTBjZjg5
YWNiZTQwHhcNMjYwNTEyMTkwMTEzWhcNMjYwNTEzMTkwMTEzWjAzMTEwLwYDVQQD
Eyg0ZWQ1N2YwNjNlZGFkY2IxYTRhM2U1MjMxZGNkYWY4NTRlOTFlZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlGzrenhXQj5l7+Zkkt926DOR2Rw
SwKqHrkQiYgNhx5a14siPXNY/bOGglCknjzewqCRJ8g/sIxOWAjMinB8KjZgj2TJ
vRXBeioVxG950rs3WbLLkgB2ii0KsRm1QSZgPq83OoEJ5YEl/KN2O7AmcdI0iueo
XA8XZSyUsFXlm8To4LcvfxU1aE5snf3GztLVrwc5NlvPbQE0IjcUDrmxA50JH2e0
2xNqrpGhv+WRujsDb1VdrrNyYothph+Ci6RQcxXgSPMs5sPKN3S6Iyj378yG3BPP
agq20N03Ok0Hft3FQekCYnjIGuEEt/dTPjuN0MfnzBL7klVsHwxe9bVqLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE7VfwY+2tyxpKPlIx3Nr4VOke0UMB8GA1UdIwQY
MBaAFNxpF2RdnSIENfkcfkbIEQz4msvkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2Et
NDI4YmU5MDA4ZmJhLzEvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2EtNDI4YmU5MDA4ZmJh
LzEvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAca4n7Ndf
z1Pz4MZrz5rQMofR3l/+49n2kiLRaHLGzPhAfQKBJiQPhyzWR4fFSAxWchlox5SH
jhHEsLyQpexb7vrUPYykO7UudHt9P2E2C4wIAkVCBHvPNJIA07w1XR4Cyjm0uSjv
YuKurKhGj5ftBeYkFc6oQeXBPOkEmF9HSNgYi2SBvU0cp9JM8Fm10Jgt/Z4vQmpB
ViUWUyubSORiEI67hqZCz+kPo0WJkWOkY0W6X9zHRXeHnypTGDic3bx2FGCC+aAb
uguZVTH9Ut4v27+1R2EUAVca9VJ1mGvyYtgetBgV28cXGOA/Hcneg4FthmzN564M
Z+x37/NOnztD+g==
-----END CERTIFICATE-----
Generated at Tue May 12 21:17:03 2026 by rpki-client