Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
File: 3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json)
Hash identifier: hg0ZwMaQv0plrcsjFIiN4DD5K7fO+gvXOuIxBVoadLQ=
Subject key identifier: 23:7F:56:77:56:2A:2A:44:FF:FA:67:D3:F3:88:E5:A4:02:87:07:50
Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
Certificate issuer: /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Certificate serial: 019E1F7F3EBEF75BE0967021D59C75D96043
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
Manifest number: 109F
Signing time: Wed 13 May 2026 04:01:33 +0000
Manifest this update: Wed 13 May 2026 04:01:33 +0000
Manifest next update: Thu 14 May 2026 04:01:33 +0000
Files and hashes: 1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: TRPgydDzGq4/NqpJKP4n57QgCocqv1VnW7S9IrdwpXg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 04:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1f:7f:3e:be:f7:5b:e0:96:70:21:d5:9c:75:d9:60:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Validity
Not Before: May 13 04:01:33 2026 GMT
Not After : May 14 04:01:33 2026 GMT
Subject: CN=237f5677562a2a44fffa67d3f388e5a402870750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:b2:b3:58:dd:ed:51:7e:d2:cb:5e:cc:08:f5:
9a:94:ee:a8:c2:6f:30:4f:23:77:89:04:de:0b:6c:
79:0d:72:fc:22:d1:14:d4:37:33:78:2e:56:ca:ee:
87:e6:1c:8b:0f:08:ae:da:d6:48:24:bf:28:18:1c:
2a:72:69:41:b1:39:bc:51:8c:66:86:0c:88:c7:ec:
88:da:33:d3:d8:17:0d:14:94:ef:da:6c:f2:14:79:
56:56:e9:54:44:5f:38:80:b9:3d:4d:bd:ca:8c:cc:
37:9f:35:dc:f2:e5:11:fa:35:c5:ec:fe:c9:0f:22:
c6:65:78:50:c4:f0:c6:db:0d:45:46:64:14:d7:1f:
3a:4f:d0:6c:8e:8b:5c:b4:e4:d7:84:43:57:d0:c7:
4c:9b:35:0c:41:7b:5f:87:55:05:51:9f:c8:19:a4:
6b:b1:71:cf:27:cf:50:c8:90:4a:d5:05:3e:e3:62:
96:e9:39:67:ce:fe:dd:26:be:60:6e:41:45:b1:6f:
13:06:be:e4:7c:d2:6b:f4:7b:0f:4b:89:22:14:46:
dd:56:9c:32:6f:aa:40:e9:f1:ed:07:dd:50:a1:42:
fe:a4:95:fa:9e:91:b4:6e:9e:64:e0:41:1c:f4:37:
b6:98:73:90:92:fc:52:ae:24:72:3e:79:01:ab:b8:
82:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7F:56:77:56:2A:2A:44:FF:FA:67:D3:F3:88:E5:A4:02:87:07:50
X509v3 Authority Key Identifier:
keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:1b:b1:74:35:d0:de:df:e2:ee:03:c1:33:83:98:11:33:29:
c1:7a:3d:6c:e0:12:b7:02:ba:58:8f:86:fd:27:0b:c3:35:9f:
29:55:5e:4c:a1:05:9c:9c:b8:f4:1f:b5:b5:1d:8c:d6:05:ce:
69:78:49:55:7d:32:c9:18:61:f6:a2:bc:52:63:55:15:e6:b8:
76:e2:14:8b:61:ba:ca:75:27:a1:c1:eb:a0:56:6f:6b:9d:ce:
10:14:4e:6d:05:bf:dd:10:3e:4c:8c:ec:ca:12:6c:d1:1d:77:
31:4d:38:62:93:33:88:5d:51:b4:43:89:2a:d1:5b:48:2d:3f:
3b:5a:6f:3d:cc:89:fc:46:45:8b:b2:dc:05:72:7d:02:ec:37:
ec:46:6f:61:d4:d6:74:13:0b:f4:38:20:89:fa:2e:a2:77:61:
4e:5b:2f:1c:95:4f:60:8d:1b:ad:c1:6e:2e:26:e1:15:06:b4:
74:d4:4c:a7:52:41:a0:7d:68:25:7d:f9:cb:ae:f9:73:86:0c:
4e:4f:49:fd:8a:cf:05:fd:59:c3:d4:fa:be:92:08:4b:a6:87:
2c:4e:43:4d:80:04:d8:7e:17:66:64:1a:77:1e:6a:4a:bc:89:
cd:27:9e:13:61:88:fe:05:27:e1:37:67:7f:52:91:f4:fc:d8:
f8:cc:3a:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ffz6+91vglnAh1Zx12WBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3
MzE2MjcwHhcNMjYwNTEzMDQwMTMzWhcNMjYwNTE0MDQwMTMzWjAzMTEwLwYDVQQD
EygyMzdmNTY3NzU2MmEyYTQ0ZmZmYTY3ZDNmMzg4ZTVhNDAyODcwNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8bKzWN3tUX7Sy17MCPWalO6owm8w
TyN3iQTeC2x5DXL8ItEU1DczeC5Wyu6H5hyLDwiu2tZIJL8oGBwqcmlBsTm8UYxm
hgyIx+yI2jPT2BcNFJTv2mzyFHlWVulURF84gLk9Tb3KjMw3nzXc8uUR+jXF7P7J
DyLGZXhQxPDG2w1FRmQU1x86T9BsjotctOTXhENX0MdMmzUMQXtfh1UFUZ/IGaRr
sXHPJ89QyJBK1QU+42KW6Tlnzv7dJr5gbkFFsW8TBr7kfNJr9HsPS4kiFEbdVpwy
b6pA6fHtB91QoUL+pJX6npG0bp5k4EEc9De2mHOQkvxSriRyPnkBq7iC4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCN/VndWKipE//pn0/OI5aQChwdQMB8GA1UdIwQY
MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt
ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh
LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOhuxdDXQ
3t/i7gPBM4OYETMpwXo9bOAStwK6WI+G/ScLwzWfKVVeTKEFnJy49B+1tR2M1gXO
aXhJVX0yyRhh9qK8UmNVFea4duIUi2G6ynUnocHroFZva53OEBRObQW/3RA+TIzs
yhJs0R13MU04YpMziF1RtEOJKtFbSC0/O1pvPcyJ/EZFi7LcBXJ9Auw37EZvYdTW
dBML9DggifouondhTlsvHJVPYI0brcFuLibhFQa0dNRMp1JBoH1oJX35y675c4YM
Tk9J/YrPBf1Zw9T6vpIIS6aHLE5DTYAE2H4XZmQadx5qSryJzSeeE2GI/gUn4Tdn
f1KR9PzY+Mw65Q==
-----END CERTIFICATE-----
Generated at Wed May 13 14:31:51 2026 by rpki-client