Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
File: 3YXca2FDoX_rSYIOpSAEiVj0itw.mft (raw, json)
Hash identifier: 3PeOtEL2mMUqcxuhJn6AoPpcIk76zV4Y4mQd00s6pu0=
Subject key identifier: 94:C2:A8:46:66:1D:36:11:A7:67:A1:0C:8D:90:CB:6A:22:9D:24:7E
Authority key identifier: DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC
Certificate issuer: /CN=dd85dc6b6143a17feb49820ea520048958f48adc
Certificate serial: 019D25F1F64AAE987C012C7673563730301D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
Manifest number: 1320
Signing time: Wed 25 Mar 2026 17:01:47 +0000
Manifest this update: Wed 25 Mar 2026 17:01:47 +0000
Manifest next update: Thu 26 Mar 2026 17:01:47 +0000
Files and hashes: 1: 3YXca2FDoX_rSYIOpSAEiVj0itw.crl (hash: 4bZ/7t/x8ES1oTOC5eQO3mH8vxdp8CR2Mn5gbpZ6tCI=)
2: BsyNzVaxxAwnI04Dd9aOhMe6ucE.roa (hash: 0aNXoEKl0ws+Toia/ObhW+i07V56stDq9dLrY8oS6mU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:f1:f6:4a:ae:98:7c:01:2c:76:73:56:37:30:30:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd85dc6b6143a17feb49820ea520048958f48adc
Validity
Not Before: Mar 25 17:01:47 2026 GMT
Not After : Mar 26 17:01:47 2026 GMT
Subject: CN=94c2a846661d3611a767a10c8d90cb6a229d247e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:57:13:9f:68:df:b7:8b:01:ef:d9:a7:0a:6a:
3c:f3:05:4d:f8:b1:6b:39:b0:41:1d:ab:59:d6:b2:
fb:25:77:ca:e7:ba:38:2c:06:7b:98:61:30:d4:36:
5f:7c:87:9b:c8:28:93:f4:ab:0b:18:42:13:c5:55:
14:f5:d1:d2:6c:10:c2:3a:7a:d3:e1:73:a3:cf:5d:
37:e8:c1:a2:b3:a4:1c:8b:2c:5a:d9:6c:25:00:58:
97:9a:53:90:a4:49:c8:71:80:5d:38:e2:ab:2a:51:
b5:d0:5d:4b:33:6b:89:73:90:e2:68:cb:84:ed:35:
50:3c:25:0d:9f:74:31:18:9b:08:b4:85:eb:92:d7:
76:87:ff:77:13:47:ee:ee:36:44:4f:8e:45:21:89:
59:f9:e8:58:49:c0:5c:ed:52:23:78:22:37:69:c9:
d3:53:9d:71:ab:b7:65:52:b2:d0:30:54:b3:36:03:
d0:82:a0:00:c3:9d:4f:cd:12:11:74:ff:af:06:50:
16:56:39:ee:52:69:8a:56:ec:c7:8d:a5:61:bc:c9:
98:9b:85:cd:36:1f:79:43:df:f3:ff:57:c8:d0:8f:
11:64:12:16:03:81:01:5a:01:4e:f6:3a:04:fb:1b:
4f:9a:3d:ff:72:04:61:48:cb:27:f5:22:b8:18:c8:
a3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C2:A8:46:66:1D:36:11:A7:67:A1:0C:8D:90:CB:6A:22:9D:24:7E
X509v3 Authority Key Identifier:
keyid:DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:39:a1:54:73:24:77:5a:bf:35:d3:77:ef:02:63:d4:26:bc:
41:b8:87:87:39:47:33:94:a2:aa:e2:79:a3:8d:da:06:bf:7f:
77:85:64:01:42:ad:a8:e9:25:7e:66:df:03:6e:34:2d:9c:cb:
0f:8f:cc:46:c7:47:9a:1f:b4:d2:03:71:48:e2:84:55:29:00:
2f:55:91:21:c7:7f:45:04:a3:95:80:01:5c:36:92:0a:8a:d2:
d1:1c:f6:5b:26:7f:fe:fd:3f:6e:48:f7:2e:c0:28:23:4d:e7:
40:37:f3:81:df:d5:aa:d8:a1:49:92:c6:cd:b5:12:0b:6c:73:
c4:28:f0:7c:bc:6b:10:fe:21:6e:6c:10:d0:9a:da:0d:00:01:
49:bd:1d:f6:82:5f:23:ad:af:eb:80:0d:60:46:6c:9b:71:bb:
a3:d4:f1:02:46:61:bd:55:e0:02:11:38:dc:20:50:46:cf:87:
e9:91:4f:3a:94:6a:31:cb:72:b2:43:85:ea:a2:c9:96:94:bf:
f3:c3:6a:84:f6:75:ca:e7:0f:66:1c:31:2b:bb:9e:d4:5b:60:
04:15:f3:8f:5f:8c:d2:81:d8:b7:38:c0:8d:3c:d0:03:ce:16:
b3:e4:00:fc:e7:91:b8:57:b5:2e:0a:5a:b9:bf:94:91:f1:b4:
ca:91:da:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8fZKrph8ASx2c1Y3MDAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkODVkYzZiNjE0M2ExN2ZlYjQ5ODIwZWE1MjAwNDg5NThm
NDhhZGMwHhcNMjYwMzI1MTcwMTQ3WhcNMjYwMzI2MTcwMTQ3WjAzMTEwLwYDVQQD
Eyg5NGMyYTg0NjY2MWQzNjExYTc2N2ExMGM4ZDkwY2I2YTIyOWQyNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplcTn2jft4sB79mnCmo88wVN+LFr
ObBBHatZ1rL7JXfK57o4LAZ7mGEw1DZffIebyCiT9KsLGEITxVUU9dHSbBDCOnrT
4XOjz1036MGis6Qciyxa2WwlAFiXmlOQpEnIcYBdOOKrKlG10F1LM2uJc5DiaMuE
7TVQPCUNn3QxGJsItIXrktd2h/93E0fu7jZET45FIYlZ+ehYScBc7VIjeCI3acnT
U51xq7dlUrLQMFSzNgPQgqAAw51PzRIRdP+vBlAWVjnuUmmKVuzHjaVhvMmYm4XN
Nh95Q9/z/1fI0I8RZBIWA4EBWgFO9joE+xtPmj3/cgRhSMsn9SK4GMijpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJTCqEZmHTYRp2ehDI2Qy2oinSR+MB8GA1UdIwQY
MBaAFN2F3GthQ6F/60mCDqUgBIlY9IrcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQt
NGFjODU2YTgxODJkLzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQtNGFjODU2YTgxODJk
LzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVDmhVHMk
d1q/NdN37wJj1Ca8QbiHhzlHM5SiquJ5o43aBr9/d4VkAUKtqOklfmbfA240LZzL
D4/MRsdHmh+00gNxSOKEVSkAL1WRIcd/RQSjlYABXDaSCorS0Rz2WyZ//v0/bkj3
LsAoI03nQDfzgd/VqtihSZLGzbUSC2xzxCjwfLxrEP4hbmwQ0JraDQABSb0d9oJf
I62v64ANYEZsm3G7o9TxAkZhvVXgAhE43CBQRs+H6ZFPOpRqMctyskOF6qLJlpS/
88NqhPZ1yucPZhwxK7ue1FtgBBXzj1+M0oHYtzjAjTzQA84Ws+QA/OeRuFe1Lgpa
ub+UkfG0ypHaKQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:26:17 2026 by rpki-client