Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
File: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft (raw, json)
Hash identifier: 6EUJkhAL002Mr0EJ4n1cEea6JWib1lBjR98mC0ZRkMQ=
Subject key identifier: 21:7E:00:B9:C4:2C:A5:68:69:65:CF:CE:BA:8F:A9:93:EB:D4:D1:4B
Authority key identifier: DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
Certificate issuer: /CN=dea85f21668a98d7e81a74183f0cce513086601b
Certificate serial: 019CAC7E47EBD59250A026A7B25A4BBF12EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
Manifest number: 07DA
Signing time: Mon 02 Mar 2026 03:01:22 +0000
Manifest this update: Mon 02 Mar 2026 03:01:22 +0000
Manifest next update: Tue 03 Mar 2026 03:01:22 +0000
Files and hashes: 1: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl (hash: TAdfyEtQyWvn6c8c2uZSytBhvLKB8f+4EyzLmxBWwZw=)
2: hBUefaIMV4VxrEK-fm1hTMzaWD8.roa (hash: ULTyVqCoLmJTp6EzOZiZ2uvQqGHDruUXv80DgFEK1ug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:7e:47:eb:d5:92:50:a0:26:a7:b2:5a:4b:bf:12:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dea85f21668a98d7e81a74183f0cce513086601b
Validity
Not Before: Mar 2 03:01:22 2026 GMT
Not After : Mar 3 03:01:22 2026 GMT
Subject: CN=217e00b9c42ca5686965cfceba8fa993ebd4d14b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d2:e3:38:4f:c2:62:36:a9:46:92:d1:b5:22:
87:26:61:40:17:0f:bd:7c:71:ea:3b:16:00:07:30:
3f:62:bc:21:2f:05:0a:d4:5e:25:96:4e:c4:ec:ee:
ff:d9:9f:04:6f:18:32:c0:3a:45:b9:a8:fd:e6:a7:
73:b4:22:bb:33:7a:27:d9:2f:d0:c0:71:1e:49:7c:
09:87:ee:80:14:39:b8:2e:e3:2c:4a:4c:e6:a3:c7:
9a:58:b2:da:ed:72:7c:8c:ff:3f:75:dc:68:7d:a9:
45:0f:a1:0a:6b:39:86:5f:b5:ba:e6:d5:2e:d2:c8:
55:d0:af:f9:27:43:ca:74:55:6a:5d:f2:06:bf:73:
74:60:e3:b5:46:14:e0:49:2b:75:bb:69:b3:56:74:
bf:ea:e8:13:b9:da:62:37:34:27:f2:bc:19:f6:99:
4a:88:af:54:22:34:29:45:d9:d4:8e:0c:41:f6:63:
ba:fe:00:cb:61:8c:ef:89:cd:43:67:db:82:e5:a6:
79:18:74:0b:e1:26:2c:8e:aa:9f:1f:9f:87:c9:dc:
93:1d:62:ad:7f:0e:24:62:ed:d9:cf:8b:1f:dc:09:
7c:db:4b:f1:f3:0e:23:10:15:f2:55:cf:b3:ce:aa:
74:0f:61:0c:f0:8a:d0:e2:d8:d6:4b:2c:16:7f:9c:
2d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:7E:00:B9:C4:2C:A5:68:69:65:CF:CE:BA:8F:A9:93:EB:D4:D1:4B
X509v3 Authority Key Identifier:
keyid:DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:3c:96:e7:8b:28:85:e2:71:d3:8e:7d:20:8a:73:91:15:51:
c7:60:ed:5a:a4:ff:22:26:17:84:c4:3e:82:5e:50:23:c0:28:
4d:9f:05:a2:1e:de:4f:47:84:bd:ef:94:90:20:78:6b:99:1e:
ea:00:3d:66:99:53:4d:c0:32:d5:df:f6:62:69:9c:00:1e:78:
d7:19:4a:d5:9d:3f:88:94:32:93:1a:8a:94:5c:33:4e:3b:47:
8d:02:e2:0a:e9:3e:b9:5c:77:ad:4b:01:1a:37:33:49:5e:18:
92:c4:a3:94:7e:0b:57:c5:ff:70:b5:ce:f2:90:60:37:7e:b8:
91:ec:44:a5:38:45:67:70:b0:25:bf:19:b1:95:15:ee:8a:f9:
31:ef:ff:db:00:8d:ab:8d:a6:8f:71:f5:f1:cc:c6:64:0f:cc:
51:b3:65:06:51:4e:d5:71:ee:18:5d:cc:cd:ce:41:2b:0c:33:
e7:07:76:63:35:1d:75:ea:80:f4:88:24:ec:ac:94:46:4d:56:
8f:91:3b:1a:f8:ee:09:b7:94:46:3f:16:75:b3:73:e9:0d:00:
41:72:f8:7c:67:fb:1f:7b:7e:81:80:0a:eb:28:4a:78:3a:e1:
8e:0f:f7:a0:95:a7:1d:1d:14:b8:3e:22:0a:d3:bb:bd:18:06:
dc:2b:da:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysfkfr1ZJQoCanslpLvxLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYTg1ZjIxNjY4YTk4ZDdlODFhNzQxODNmMGNjZTUxMzA4
NjYwMWIwHhcNMjYwMzAyMDMwMTIyWhcNMjYwMzAzMDMwMTIyWjAzMTEwLwYDVQQD
EygyMTdlMDBiOWM0MmNhNTY4Njk2NWNmY2ViYThmYTk5M2ViZDRkMTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dLjOE/CYjapRpLRtSKHJmFAFw+9
fHHqOxYABzA/YrwhLwUK1F4llk7E7O7/2Z8EbxgywDpFuaj95qdztCK7M3on2S/Q
wHEeSXwJh+6AFDm4LuMsSkzmo8eaWLLa7XJ8jP8/ddxofalFD6EKazmGX7W65tUu
0shV0K/5J0PKdFVqXfIGv3N0YOO1RhTgSSt1u2mzVnS/6ugTudpiNzQn8rwZ9plK
iK9UIjQpRdnUjgxB9mO6/gDLYYzvic1DZ9uC5aZ5GHQL4SYsjqqfH5+HydyTHWKt
fw4kYu3Zz4sf3Al820vx8w4jEBXyVc+zzqp0D2EM8IrQ4tjWSywWf5wt6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCF+ALnELKVoaWXPzrqPqZPr1NFLMB8GA1UdIwQY
MBaAFN6oXyFmipjX6Bp0GD8MzlEwhmAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGIt
NTJmOGZmMThkMDY5LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGItNTJmOGZmMThkMDY5
LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKjyW54so
heJx0459IIpzkRVRx2DtWqT/IiYXhMQ+gl5QI8AoTZ8Foh7eT0eEve+UkCB4a5ke
6gA9ZplTTcAy1d/2YmmcAB541xlK1Z0/iJQykxqKlFwzTjtHjQLiCuk+uVx3rUsB
GjczSV4YksSjlH4LV8X/cLXO8pBgN364kexEpThFZ3CwJb8ZsZUV7or5Me//2wCN
q42mj3H18czGZA/MUbNlBlFO1XHuGF3Mzc5BKwwz5wd2YzUddeqA9Igk7KyURk1W
j5E7GvjuCbeURj8WdbNz6Q0AQXL4fGf7H3t+gYAK6yhKeDrhjg/3oJWnHR0UuD4i
CtO7vRgG3CvaYA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:18:48 2026 by rpki-client