Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
File: 3keU2fyrI-wF3d1QSKP8cgQAKio.mft (raw, json)
Hash identifier: Eea0Ts9CguQt8XIC2reag1jgzh3tk0+HGa45LShT5wU=
Subject key identifier: 07:32:2F:63:A6:D9:EA:3F:28:83:E9:94:DD:93:0D:AD:52:F0:E5:5C
Authority key identifier: DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
Certificate issuer: /CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Certificate serial: 019D31BE8BB05BA281214FCFD61207C18EC1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
Manifest number: 11BB
Signing time: Sat 28 Mar 2026 00:01:04 +0000
Manifest this update: Sat 28 Mar 2026 00:01:04 +0000
Manifest next update: Sun 29 Mar 2026 00:01:04 +0000
Files and hashes: 1: 3keU2fyrI-wF3d1QSKP8cgQAKio.crl (hash: 8T90Qd4E5eA0bvmycwhuhP5jbE/ydhuUgdj+o/uCZqc=)
2: kZWW_ntfYvdgmDKHXouZXpr8UMU.roa (hash: pybDSm/TxiDymAX06iB+SSYkpRn7EWk4DKtBzvh17SE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:31:be:8b:b0:5b:a2:81:21:4f:cf:d6:12:07:c1:8e:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Validity
Not Before: Mar 28 00:01:04 2026 GMT
Not After : Mar 29 00:01:04 2026 GMT
Subject: CN=07322f63a6d9ea3f2883e994dd930dad52f0e55c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bf:9e:92:c5:cb:4e:0e:e7:44:00:d0:f8:e9:
48:86:ec:a8:b1:2c:2d:3a:2b:7d:72:d3:a0:38:b3:
80:8f:f8:c7:ff:08:e3:9e:30:be:b3:1c:e4:11:b4:
c4:0d:af:a1:0a:c7:ba:e3:c6:56:31:12:3a:73:3d:
b4:58:4e:15:76:0e:d7:da:f8:2f:c7:35:3e:b7:4a:
c1:81:34:ad:a3:c1:5d:5a:6d:33:01:32:37:50:20:
e9:51:22:6f:9b:92:64:73:a0:d3:cd:b1:c1:f8:3b:
4a:af:eb:1e:cd:34:50:60:f7:2f:59:de:a6:f1:4c:
99:83:b3:c6:b1:70:08:38:28:d5:54:d4:78:d5:2c:
ac:12:dd:84:55:d8:9f:11:4d:d9:e6:2a:7c:a9:c3:
db:33:25:7f:d6:26:b5:c9:a6:1d:83:d9:75:01:e8:
b8:e8:c7:ff:e0:c1:07:7b:17:20:0e:f4:76:e8:8e:
f6:03:fe:2d:55:bb:c0:59:5e:5c:4f:42:56:ad:6a:
f9:57:93:80:d4:0b:d5:b3:08:54:ce:2a:01:50:8e:
a5:72:27:67:c1:77:c8:71:46:9d:4f:ce:11:16:e1:
68:77:7b:67:61:d8:95:d5:9a:9a:68:2c:8d:c2:37:
fb:65:ec:4a:5a:40:30:cf:65:f5:38:17:c0:0d:d6:
a4:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:32:2F:63:A6:D9:EA:3F:28:83:E9:94:DD:93:0D:AD:52:F0:E5:5C
X509v3 Authority Key Identifier:
keyid:DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:ad:5c:11:6d:df:ef:e1:e6:aa:59:42:6c:31:6a:65:c0:37:
90:b6:b3:c8:da:a3:ad:a9:2b:ec:f3:50:7f:82:21:15:80:04:
db:4d:b9:48:ac:ba:7a:bb:c9:67:7a:bb:63:7f:64:2e:74:c1:
c7:c5:b3:bd:4c:f7:32:b0:15:8b:11:5f:60:d1:90:eb:de:8a:
a8:23:c9:96:ab:52:84:12:13:24:f5:4e:c1:96:df:e4:80:67:
1a:8d:57:7e:65:a4:b5:d1:9e:ba:04:27:41:7d:5a:d3:c3:85:
81:c7:a0:95:f8:9c:55:db:f9:8e:34:3f:ef:ab:6d:e0:57:1a:
46:c6:c6:33:e1:7e:f7:f0:b9:c6:54:74:af:05:db:eb:ff:9c:
87:24:f2:66:fb:14:a5:af:fe:06:3a:e7:1a:3c:3d:d5:80:53:
aa:19:4f:b2:c8:7b:71:f2:62:fa:b2:88:c5:26:cf:55:56:62:
57:fb:90:c3:9c:15:bc:e1:88:0d:3d:98:92:51:1d:b2:8f:b1:
0a:69:fe:6e:c4:cd:75:36:4e:45:36:8e:31:73:aa:d4:ac:4d:
26:78:2b:cc:2b:25:e6:c7:65:71:33:f6:4d:c8:cc:d6:f8:fa:
22:00:dc:f1:ed:58:e3:fd:cb:a1:8c:28:b5:63:ff:97:46:40:
3c:9d:d2:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0xvouwW6KBIU/P1hIHwY7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDc5NGQ5ZmNhYjIzZWMwNWRkZGQ1MDQ4YTNmYzcyMDQw
MDJhMmEwHhcNMjYwMzI4MDAwMTA0WhcNMjYwMzI5MDAwMTA0WjAzMTEwLwYDVQQD
EygwNzMyMmY2M2E2ZDllYTNmMjg4M2U5OTRkZDkzMGRhZDUyZjBlNTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7+eksXLTg7nRADQ+OlIhuyosSwt
Oit9ctOgOLOAj/jH/wjjnjC+sxzkEbTEDa+hCse648ZWMRI6cz20WE4Vdg7X2vgv
xzU+t0rBgTSto8FdWm0zATI3UCDpUSJvm5Jkc6DTzbHB+DtKr+sezTRQYPcvWd6m
8UyZg7PGsXAIOCjVVNR41SysEt2EVdifEU3Z5ip8qcPbMyV/1ia1yaYdg9l1Aei4
6Mf/4MEHexcgDvR26I72A/4tVbvAWV5cT0JWrWr5V5OA1AvVswhUzioBUI6lcidn
wXfIcUadT84RFuFod3tnYdiV1ZqaaCyNwjf7ZexKWkAwz2X1OBfADdakLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAcyL2Om2eo/KIPplN2TDa1S8OVcMB8GA1UdIwQY
MBaAFN5HlNn8qyPsBd3dUEij/HIEACoqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDIt
ZjAxMTI5Mzk1M2Y1LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDItZjAxMTI5Mzk1M2Y1
LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXa1cEW3f
7+HmqllCbDFqZcA3kLazyNqjrakr7PNQf4IhFYAE2025SKy6ervJZ3q7Y39kLnTB
x8WzvUz3MrAVixFfYNGQ696KqCPJlqtShBITJPVOwZbf5IBnGo1XfmWktdGeugQn
QX1a08OFgceglficVdv5jjQ/76tt4FcaRsbGM+F+9/C5xlR0rwXb6/+chyTyZvsU
pa/+BjrnGjw91YBTqhlPssh7cfJi+rKIxSbPVVZiV/uQw5wVvOGIDT2YklEdso+x
Cmn+bsTNdTZORTaOMXOq1KxNJngrzCsl5sdlcTP2TcjM1vj6IgDc8e1Y4/3LoYwo
tWP/l0ZAPJ3S6g==
-----END CERTIFICATE-----
Generated at Sat Mar 28 11:22:58 2026 by rpki-client