Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
File: 3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft (raw, json)
Hash identifier: OabgeT9YH57aYbiNo5jgk2rTDTBnALRtzmSgIjvfC+Q=
Subject key identifier: 4D:43:7A:37:5F:9A:F4:8F:75:BC:44:00:6C:22:D3:FF:DB:C1:DD:13
Authority key identifier: DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
Certificate issuer: /CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Certificate serial: 019D265FF10C4D009DA498E6FEDEDCCDB9AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
Manifest number: 1067
Signing time: Wed 25 Mar 2026 19:01:55 +0000
Manifest this update: Wed 25 Mar 2026 19:01:55 +0000
Manifest next update: Thu 26 Mar 2026 19:01:55 +0000
Files and hashes: 1: 3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl (hash: lraDgd21h5T8Ft/YabFWiddmIbaHaAMiu6ZIAmNZibs=)
2: ZupcI2nbSj0kv3bOiTJw_7ju_nM.roa (hash: 8lfURhp4+6wvfeyaLwrd59nHvD9zLaiHI+8CWa149w4=)
3: uRzlID_nfuupcIGUXbHpyyUrxts.roa (hash: 5LvqBXGtCHTt2jvIwKxCsctM10tlaiQJ5CWlpcE9cx8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:f1:0c:4d:00:9d:a4:98:e6:fe:de:dc:cd:b9:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Validity
Not Before: Mar 25 19:01:55 2026 GMT
Not After : Mar 26 19:01:55 2026 GMT
Subject: CN=4d437a375f9af48f75bc44006c22d3ffdbc1dd13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0e:1c:a0:54:40:b7:bf:7c:f5:1a:41:77:ab:
4a:e3:b9:84:b5:4c:c1:4c:64:4e:2c:69:a9:cb:a1:
0e:6a:06:07:29:cc:21:c5:c0:0b:9b:fb:79:de:56:
d7:b0:59:bc:23:7b:0d:60:40:d2:ca:31:57:a5:f8:
cb:e3:51:25:94:01:49:86:8c:cd:c6:0b:df:7c:1c:
4a:84:eb:4c:61:ad:56:e6:99:7d:74:a3:1d:91:fa:
d8:47:5f:7d:c0:55:a6:33:43:2f:60:cf:30:73:52:
28:a3:89:8c:2c:77:54:a9:25:0e:9d:28:24:b0:f3:
b3:f3:36:f9:41:e9:33:11:0e:4e:72:24:4f:15:a6:
df:08:49:af:bb:5b:38:9c:ed:16:29:32:06:c5:6c:
94:dd:38:53:ca:1f:a7:46:48:27:40:4d:6d:cc:3c:
a1:d6:33:e6:11:b4:b7:b0:de:0e:60:6b:d5:b6:db:
96:93:bb:79:26:e2:71:3d:cb:73:cf:c8:41:bc:f5:
5c:ae:6d:06:a0:eb:62:af:cd:42:33:9f:0f:7f:ab:
06:5e:5e:63:0b:1d:e4:f6:c1:88:73:59:e6:1a:26:
25:50:23:98:2a:5e:54:e2:54:ff:4a:73:75:f9:3e:
4a:f3:1f:5f:57:29:3f:d3:83:3b:c7:01:d5:90:0b:
94:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:43:7A:37:5F:9A:F4:8F:75:BC:44:00:6C:22:D3:FF:DB:C1:DD:13
X509v3 Authority Key Identifier:
keyid:DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:bc:7d:e4:f8:db:41:22:ae:04:f8:4a:b6:e6:36:6f:3e:a4:
a3:93:25:c2:53:07:fc:06:b7:07:e1:36:5e:b4:18:aa:fe:73:
d2:ec:97:be:89:a1:af:af:94:aa:25:8b:bb:b6:35:01:74:d5:
a9:e6:5d:73:99:05:03:21:67:c0:15:1b:32:70:43:1d:66:cb:
74:25:d9:ea:13:89:19:66:db:54:6f:7f:40:32:7c:8c:f0:ce:
28:6d:fe:b1:ed:93:51:3d:4b:c5:7b:4b:0f:43:d9:a3:73:ef:
14:1b:1c:13:08:75:0b:5d:83:d8:78:b8:ec:bc:8a:9e:29:ab:
ee:b2:27:9c:bb:90:ff:8b:3e:58:26:66:a1:f4:4f:31:b0:b2:
b7:53:b1:ff:1d:09:43:75:81:e0:92:ff:4f:22:f3:ea:b6:07:
0a:82:d4:9f:eb:c7:b9:d9:a2:fa:07:44:6f:ae:9d:0e:f6:46:
ad:ca:71:5c:5a:06:07:ee:84:5d:0f:4f:76:2a:93:e0:eb:63:
d0:13:a1:bc:b3:ed:46:1a:e5:84:4a:06:9a:a6:55:7b:f0:37:
4f:f1:e9:9a:d6:d9:5d:29:9d:55:ec:f3:7e:a6:da:49:7d:81:
69:6d:7e:6d:97:22:52:9c:59:0c:fa:22:5c:cc:20:66:1a:ed:
9b:65:2a:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX/EMTQCdpJjm/t7czbmqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNjkxNzY0NWQ5ZDIyMDQzNWY5MWM3ZTQ2YzgxMTBjZjg5
YWNiZTQwHhcNMjYwMzI1MTkwMTU1WhcNMjYwMzI2MTkwMTU1WjAzMTEwLwYDVQQD
Eyg0ZDQzN2EzNzVmOWFmNDhmNzViYzQ0MDA2YzIyZDNmZmRiYzFkZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1A4coFRAt7989RpBd6tK47mEtUzB
TGROLGmpy6EOagYHKcwhxcALm/t53lbXsFm8I3sNYEDSyjFXpfjL41EllAFJhozN
xgvffBxKhOtMYa1W5pl9dKMdkfrYR199wFWmM0MvYM8wc1Ioo4mMLHdUqSUOnSgk
sPOz8zb5QekzEQ5OciRPFabfCEmvu1s4nO0WKTIGxWyU3ThTyh+nRkgnQE1tzDyh
1jPmEbS3sN4OYGvVttuWk7t5JuJxPctzz8hBvPVcrm0GoOtir81CM58Pf6sGXl5j
Cx3k9sGIc1nmGiYlUCOYKl5U4lT/SnN1+T5K8x9fVyk/04M7xwHVkAuUyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1DejdfmvSPdbxEAGwi0//bwd0TMB8GA1UdIwQY
MBaAFNxpF2RdnSIENfkcfkbIEQz4msvkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2Et
NDI4YmU5MDA4ZmJhLzEvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2EtNDI4YmU5MDA4ZmJh
LzEvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFrx95Pjb
QSKuBPhKtuY2bz6ko5MlwlMH/Aa3B+E2XrQYqv5z0uyXvomhr6+UqiWLu7Y1AXTV
qeZdc5kFAyFnwBUbMnBDHWbLdCXZ6hOJGWbbVG9/QDJ8jPDOKG3+se2TUT1LxXtL
D0PZo3PvFBscEwh1C12D2Hi47LyKnimr7rInnLuQ/4s+WCZmofRPMbCyt1Ox/x0J
Q3WB4JL/TyLz6rYHCoLUn+vHudmi+gdEb66dDvZGrcpxXFoGB+6EXQ9PdiqT4Otj
0BOhvLPtRhrlhEoGmqZVe/A3T/HpmtbZXSmdVezzfqbaSX2BaW1+bZciUpxZDPoi
XMwgZhrtm2Uqtg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:07:11 2026 by rpki-client