Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft
File: 3AWXDmUMKq8atqOjOoNzJGahUS4.mft (raw, json)
Hash identifier: UMGhCEYlEUmekVMg+lcZ2Rbye6zlwKGHkRAH45E9A6Y=
Subject key identifier: CF:99:87:89:55:79:BB:C1:1D:EB:7A:62:B5:8F:B4:D7:4F:2F:FC:E1
Authority key identifier: DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E
Certificate issuer: /CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e
Certificate serial: 019D2960B51B7DE093F46EE1BE03302931AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft
Manifest number: 1889
Signing time: Thu 26 Mar 2026 09:01:36 +0000
Manifest this update: Thu 26 Mar 2026 09:01:36 +0000
Manifest next update: Fri 27 Mar 2026 09:01:36 +0000
Files and hashes: 1: 36CB5eigCHYIuRmXqrnDW_-F3Xc.roa (hash: KcH/S3GFg0T0gWVpA5XkZVyUjTJRMZNW3hzXP6Ng0zo=)
2: 3AWXDmUMKq8atqOjOoNzJGahUS4.crl (hash: 2ozkt+zKPa99ALZ6cH51WDPmLBGpJc9ZpyZ2NBnVCZY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:60:b5:1b:7d:e0:93:f4:6e:e1:be:03:30:29:31:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e
Validity
Not Before: Mar 26 09:01:36 2026 GMT
Not After : Mar 27 09:01:36 2026 GMT
Subject: CN=cf9987895579bbc11deb7a62b58fb4d74f2ffce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d2:bc:e6:0b:8a:30:89:6a:76:77:dd:e7:e9:
76:8d:49:c5:23:15:41:8d:ac:12:1f:bf:16:75:b1:
fc:de:3c:c0:63:06:51:7c:b6:a3:f4:02:00:00:c0:
16:0a:cb:e5:7b:3d:91:ce:eb:a0:ac:dd:27:57:f8:
01:c8:20:38:13:8f:e2:38:4b:5d:8b:d2:85:20:5c:
91:9f:be:13:bc:fd:8d:1e:ab:c8:be:09:fe:21:74:
0d:31:f1:31:ef:89:6a:b3:e2:53:79:2d:85:a7:e2:
06:df:4b:ca:bb:74:e6:63:0f:75:84:e4:8a:0d:9e:
0d:5f:32:a4:c2:c7:88:90:db:57:da:54:7d:5c:72:
fb:4a:fc:a9:fc:36:1f:d4:8e:2c:d8:a0:b7:30:f1:
65:ee:41:f9:31:99:0b:43:52:50:7e:af:10:dd:91:
00:7c:19:92:6d:7d:9e:a9:b9:af:e7:20:ef:f5:28:
be:a4:5c:f9:91:68:d9:93:f2:2e:c8:58:aa:8d:85:
76:07:0c:6b:49:3b:f6:56:b1:41:a5:da:6a:cb:5c:
12:09:f3:63:18:0e:44:d8:b6:83:2f:55:90:ff:b9:
b7:67:fe:5a:07:f4:b4:bb:b9:a3:51:39:a2:51:c2:
f3:6f:94:4c:4a:10:7a:cb:11:ad:f3:d2:84:0d:1c:
36:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:99:87:89:55:79:BB:C1:1D:EB:7A:62:B5:8F:B4:D7:4F:2F:FC:E1
X509v3 Authority Key Identifier:
keyid:DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:3a:53:00:41:b4:d1:c8:a5:16:0a:7b:fb:b6:e7:36:ef:93:
46:f3:2e:90:f0:df:28:55:83:ac:8d:df:39:a7:e0:0a:a0:d2:
21:af:a2:b9:fa:09:a0:43:3c:63:c9:29:79:b6:a4:f7:95:68:
c1:82:76:87:be:a4:6b:09:ba:9f:ab:16:24:b9:55:a0:f6:fb:
10:92:c1:72:95:ba:5c:8c:45:e3:93:1a:47:33:2c:67:ba:8f:
0d:fd:2c:5b:b5:12:e9:8e:c2:37:5c:1f:80:16:2f:37:34:0e:
14:2a:ac:f3:4f:40:e0:00:1f:be:81:a0:37:a5:03:2a:dd:bd:
bd:65:3a:53:27:26:77:c6:48:b1:7e:43:1f:01:ca:78:0e:7c:
ba:22:23:05:b1:88:f9:6e:69:17:0b:24:7b:d5:ca:6d:c7:64:
84:d9:5c:62:21:12:05:be:df:2b:5f:c8:11:9b:90:1b:52:fa:
0c:9a:c9:53:37:a4:f3:6e:f3:73:7c:fa:a7:cb:38:71:33:3f:
e2:77:11:ad:cb:62:94:a4:d2:ae:81:7f:fa:07:b5:6f:fa:cb:
b0:4e:b1:dc:f5:29:3b:ab:12:c2:3a:f3:c2:18:ab:cf:9c:8e:
96:53:dd:6a:bd:aa:3c:f1:60:7f:d5:a3:71:bd:60:c1:fe:02:
e0:6c:c0:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYLUbfeCT9G7hvgMwKTGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDU5NzBlNjUwYzJhYWYxYWI2YTNhMzNhODM3MzI0NjZh
MTUxMmUwHhcNMjYwMzI2MDkwMTM2WhcNMjYwMzI3MDkwMTM2WjAzMTEwLwYDVQQD
EyhjZjk5ODc4OTU1NzliYmMxMWRlYjdhNjJiNThmYjRkNzRmMmZmY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutK85guKMIlqdnfd5+l2jUnFIxVB
jawSH78WdbH83jzAYwZRfLaj9AIAAMAWCsvlez2RzuugrN0nV/gByCA4E4/iOEtd
i9KFIFyRn74TvP2NHqvIvgn+IXQNMfEx74lqs+JTeS2Fp+IG30vKu3TmYw91hOSK
DZ4NXzKkwseIkNtX2lR9XHL7Svyp/DYf1I4s2KC3MPFl7kH5MZkLQ1JQfq8Q3ZEA
fBmSbX2eqbmv5yDv9Si+pFz5kWjZk/IuyFiqjYV2BwxrSTv2VrFBpdpqy1wSCfNj
GA5E2LaDL1WQ/7m3Z/5aB/S0u7mjUTmiUcLzb5RMShB6yxGt89KEDRw2ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+Zh4lVebvBHet6YrWPtNdPL/zhMB8GA1UdIwQY
MBaAFNwFlw5lDCqvGrajozqDcyRmoVEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTkt
NjdhNTQwZTI5N2YwLzEvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTktNjdhNTQwZTI5N2Yw
LzEvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcjpTAEG0
0cilFgp7+7bnNu+TRvMukPDfKFWDrI3fOafgCqDSIa+iufoJoEM8Y8kpebak95Vo
wYJ2h76kawm6n6sWJLlVoPb7EJLBcpW6XIxF45MaRzMsZ7qPDf0sW7US6Y7CN1wf
gBYvNzQOFCqs809A4AAfvoGgN6UDKt29vWU6Uycmd8ZIsX5DHwHKeA58uiIjBbGI
+W5pFwske9XKbcdkhNlcYiESBb7fK1/IEZuQG1L6DJrJUzek827zc3z6p8s4cTM/
4ncRrctilKTSroF/+ge1b/rLsE6x3PUpO6sSwjrzwhirz5yOllPdar2qPPFgf9Wj
cb1gwf4C4GzAgQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:00:46 2026 by rpki-client