Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft
File: 3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft (raw, json)
Hash identifier: 4WJv/NmNXevLINypo09oSIYWyI54GwxFitef5IUGMS0=
Subject key identifier: 43:E5:CB:FE:50:E2:B6:62:B1:81:1A:A6:91:3F:7C:40:1F:59:29:BA
Authority key identifier: DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C
Certificate issuer: /CN=de804c9c8a43397d16779aa934f7067388fc7d7c
Certificate serial: 019CAB343CC8AC1BA8F6DF215921F8DF9E67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft
Manifest number: 1846
Signing time: Sun 01 Mar 2026 21:00:53 +0000
Manifest this update: Sun 01 Mar 2026 21:00:53 +0000
Manifest next update: Mon 02 Mar 2026 21:00:53 +0000
Files and hashes: 1: 3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl (hash: +kHN5TVjVji6g0KZMxDVjSQpjkfN4ah9o0BBCPwovMs=)
2: Db0vWV10PDdNvJlPrQIc334_tN8.roa (hash: c9vHRsLZpkXkOA11QWT95eyXoTQe6iY901YAkf3L6Io=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:3c:c8:ac:1b:a8:f6:df:21:59:21:f8:df:9e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de804c9c8a43397d16779aa934f7067388fc7d7c
Validity
Not Before: Mar 1 21:00:53 2026 GMT
Not After : Mar 2 21:00:53 2026 GMT
Subject: CN=43e5cbfe50e2b662b1811aa6913f7c401f5929ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:f9:d1:04:f5:d0:bb:ae:0d:a6:ca:e2:3f:84:
b3:4d:ef:38:b4:c0:2a:f1:b8:98:ac:7a:93:de:05:
a6:3e:33:86:70:85:ee:61:fc:57:b9:c0:a7:a6:7a:
a6:f2:27:56:84:ac:54:fb:92:ee:87:92:a0:48:4a:
5e:c7:66:ea:2e:39:cb:98:13:b1:84:5e:e9:a7:12:
34:c4:48:df:89:17:55:f7:bb:71:85:93:6d:b2:f0:
bd:41:7e:29:54:5c:4c:65:1c:67:dc:0c:89:95:00:
34:7d:69:20:19:7d:a1:86:8b:9e:49:47:0d:e8:33:
55:bb:0e:ec:96:d4:c0:1c:bc:55:2f:6a:d9:3d:60:
3c:9e:49:c6:18:f2:c9:03:1b:9c:97:34:1a:1a:d5:
50:ea:ee:1a:1e:8f:4f:98:45:f1:3a:94:19:cf:bc:
a9:bd:57:4b:1a:75:df:5e:c8:25:e6:95:e6:5d:49:
3f:71:c5:99:b3:50:8c:18:42:0f:4c:23:cc:9b:3f:
de:fd:86:89:49:df:6d:75:79:50:04:c4:0f:9e:39:
50:96:e7:5c:7c:d6:89:d3:15:6f:91:52:98:d3:6c:
e5:bf:91:3d:2d:b3:bc:e9:ab:32:cb:ad:fd:75:90:
76:29:1d:72:98:27:8c:37:98:73:e4:6c:2f:55:53:
58:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E5:CB:FE:50:E2:B6:62:B1:81:1A:A6:91:3F:7C:40:1F:59:29:BA
X509v3 Authority Key Identifier:
keyid:DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:e8:d4:f7:d0:71:0f:77:09:0a:79:b9:28:a1:71:1b:d0:3a:
77:bf:02:63:f8:37:6c:24:1d:de:27:1b:18:2a:24:40:ed:53:
95:f4:bb:56:d8:06:d4:dd:f4:a4:a1:b9:59:6d:c4:f0:0c:2b:
e2:5e:ed:b5:36:7a:bc:10:9d:a0:b5:3d:fc:54:62:80:d3:98:
33:b1:9c:d2:a7:a1:ab:39:4e:af:af:a2:33:c1:58:0a:f2:ac:
0a:91:09:66:4b:cc:5f:b0:50:3b:d3:12:bf:e1:79:ab:48:f4:
40:01:f0:32:45:29:c1:86:95:f0:7f:3e:4f:2c:59:83:8f:dd:
5b:65:0f:e0:17:3c:66:1b:e8:5a:83:a4:18:89:3d:e3:64:0b:
41:56:f4:c0:f7:10:96:14:7d:c1:74:06:04:d7:47:38:9f:8e:
bf:af:84:79:db:9f:49:82:21:00:71:ae:c8:9d:cd:86:b7:36:
34:25:49:dc:ba:ae:00:3d:a8:a2:de:1a:87:b3:af:b8:09:b9:
d2:a4:22:0e:d8:4a:b2:bc:76:85:0e:54:df:01:d9:81:da:59:
a9:0b:28:1a:3b:99:14:cd:78:d9:6c:c3:97:32:9b:46:ce:6b:
b0:63:3e:5b:87:07:42:70:3c:61:fc:da:31:66:da:81:7d:e1:
ef:a8:ac:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNDzIrBuo9t8hWSH4355nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODA0YzljOGE0MzM5N2QxNjc3OWFhOTM0ZjcwNjczODhm
YzdkN2MwHhcNMjYwMzAxMjEwMDUzWhcNMjYwMzAyMjEwMDUzWjAzMTEwLwYDVQQD
Eyg0M2U1Y2JmZTUwZTJiNjYyYjE4MTFhYTY5MTNmN2M0MDFmNTkyOWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9PnRBPXQu64NpsriP4SzTe84tMAq
8biYrHqT3gWmPjOGcIXuYfxXucCnpnqm8idWhKxU+5Luh5KgSEpex2bqLjnLmBOx
hF7ppxI0xEjfiRdV97txhZNtsvC9QX4pVFxMZRxn3AyJlQA0fWkgGX2hhoueSUcN
6DNVuw7sltTAHLxVL2rZPWA8nknGGPLJAxuclzQaGtVQ6u4aHo9PmEXxOpQZz7yp
vVdLGnXfXsgl5pXmXUk/ccWZs1CMGEIPTCPMmz/e/YaJSd9tdXlQBMQPnjlQludc
fNaJ0xVvkVKY02zlv5E9LbO86asyy639dZB2KR1ymCeMN5hz5GwvVVNY/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPly/5Q4rZisYEappE/fEAfWSm6MB8GA1UdIwQY
MBaAFN6ATJyKQzl9FneaqTT3BnOI/H18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85NjI1NGMtZmMwZS00ZjU4LTk1ZTIt
YWY0ZTUyNDFiZjIwLzEvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85NjI1NGMtZmMwZS00ZjU4LTk1ZTItYWY0ZTUyNDFiZjIw
LzEvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS+jU99Bx
D3cJCnm5KKFxG9A6d78CY/g3bCQd3icbGCokQO1TlfS7VtgG1N30pKG5WW3E8Awr
4l7ttTZ6vBCdoLU9/FRigNOYM7Gc0qehqzlOr6+iM8FYCvKsCpEJZkvMX7BQO9MS
v+F5q0j0QAHwMkUpwYaV8H8+TyxZg4/dW2UP4Bc8ZhvoWoOkGIk942QLQVb0wPcQ
lhR9wXQGBNdHOJ+Ov6+EedufSYIhAHGuyJ3Nhrc2NCVJ3LquAD2oot4ah7OvuAm5
0qQiDthKsrx2hQ5U3wHZgdpZqQsoGjuZFM142WzDlzKbRs5rsGM+W4cHQnA8Yfza
MWbagX3h76is+w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:46:40 2026 by rpki-client