Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
File: 3ikhmJ19kMZOuzVliDH-ao9JyTg.mft (raw, json)
Hash identifier: DoRRzpla/S0L52v/wz1/DWWtxwxLacn5+xk539RVdpI=
Subject key identifier: 7C:08:67:8B:C7:97:91:4C:A7:80:3A:BE:D7:5C:DD:BF:A0:10:6F:3D
Authority key identifier: DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
Certificate issuer: /CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Certificate serial: 019CAE352F930975A87E01EB5B2DF90819EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
Manifest number: 0CB9
Signing time: Mon 02 Mar 2026 11:00:46 +0000
Manifest this update: Mon 02 Mar 2026 11:00:46 +0000
Manifest next update: Tue 03 Mar 2026 11:00:46 +0000
Files and hashes: 1: 3ikhmJ19kMZOuzVliDH-ao9JyTg.crl (hash: N+EB9J8pN/0L0Npw95GqNk3axwpUegOgkft12nQI75Q=)
2: _ioUT6ot6spKYeitBH6WHig08aI.roa (hash: lPf90VagjG9YZhFPp1sns8p7TmON2JIuqMSkRErr21k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:35:2f:93:09:75:a8:7e:01:eb:5b:2d:f9:08:19:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Validity
Not Before: Mar 2 11:00:46 2026 GMT
Not After : Mar 3 11:00:46 2026 GMT
Subject: CN=7c08678bc797914ca7803abed75cddbfa0106f3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:00:b0:c9:93:bb:ed:9b:14:8e:2e:7a:d5:f9:
32:30:d3:5f:a0:20:7d:5f:ce:5c:1d:d9:34:64:84:
ff:e9:93:fe:fd:68:3a:71:1e:15:f7:81:84:ae:e7:
5c:5b:8c:5b:e9:6e:7a:49:aa:4e:ce:5b:0d:34:16:
95:b0:d1:77:e7:11:ac:3e:93:73:64:6d:f1:d0:80:
eb:d9:b9:4b:be:71:92:68:95:1a:c4:e2:fa:75:04:
af:dc:cf:e8:8e:53:64:08:af:b8:f1:01:67:33:24:
fd:6e:0f:45:b0:4f:ec:fe:75:dc:58:9c:1e:1c:09:
67:d3:50:1b:0f:07:31:82:40:dc:3d:93:e3:e8:c8:
a6:38:09:34:96:ba:13:4b:b6:ca:c3:a9:b9:0d:bb:
3d:eb:3f:5b:0c:b6:03:bb:fe:04:0a:c7:1d:66:26:
3a:92:df:38:d4:31:aa:55:78:7a:73:87:5a:74:d8:
3e:e1:b0:00:9a:aa:84:c5:26:27:a1:5f:a2:d3:03:
4f:88:d7:66:d2:92:bb:3e:80:a0:fc:34:a4:99:f2:
a7:92:51:fe:4a:f4:49:09:8e:57:de:d1:02:d3:31:
3c:85:56:c5:a0:ed:a3:19:0f:d4:bf:a9:26:d8:60:
61:b7:0c:cc:43:1f:bc:f4:8c:ff:23:3d:70:58:48:
11:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:08:67:8B:C7:97:91:4C:A7:80:3A:BE:D7:5C:DD:BF:A0:10:6F:3D
X509v3 Authority Key Identifier:
keyid:DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:40:88:05:eb:da:11:42:0d:21:88:fb:b7:be:f1:f8:c2:ca:
56:8d:65:3a:bc:e4:2f:2c:4f:63:96:e2:64:72:49:53:3c:07:
b4:81:98:17:0d:c2:fd:c6:52:f0:24:ff:99:21:72:54:c4:73:
88:48:12:2a:5a:18:07:5c:62:a1:27:1e:71:2d:53:18:3b:f4:
91:1f:53:e2:ed:1d:dc:8a:2d:f2:c9:21:cf:55:4f:74:da:37:
2c:ac:6d:a4:d2:06:16:12:31:19:2c:e2:4f:5e:64:10:56:4a:
25:b9:59:05:b6:62:1c:69:63:d7:92:c2:b1:6f:0e:96:5d:e8:
28:ea:32:1e:e7:c8:b6:1b:ce:d5:01:ad:be:93:35:86:79:b8:
c1:b4:51:97:3d:3a:ce:fa:a0:fb:30:6c:24:63:9b:7c:8b:b9:
f4:cc:b0:d9:f9:77:9a:c3:8a:f5:46:fa:64:fa:72:03:8a:43:
b6:85:7e:73:7c:c0:69:38:be:b9:4c:3f:e2:67:2a:da:11:8e:
94:87:92:9b:0a:59:78:f3:5d:18:3b:2f:9b:b1:bc:32:b4:b8:
57:21:1d:09:d0:2d:77:27:b6:2f:bc:c4:c6:dc:fa:cf:eb:f5:
29:cf:1b:ee:1d:92:db:d4:d0:1b:0c:9f:3d:34:c6:22:53:46:
aa:4e:e8:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNS+TCXWofgHrWy35CBnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMjkyMTk4OWQ3ZDkwYzY0ZWJiMzU2NTg4MzFmZTZhOGY0
OWM5MzgwHhcNMjYwMzAyMTEwMDQ2WhcNMjYwMzAzMTEwMDQ2WjAzMTEwLwYDVQQD
Eyg3YzA4Njc4YmM3OTc5MTRjYTc4MDNhYmVkNzVjZGRiZmEwMTA2ZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwCwyZO77ZsUji561fkyMNNfoCB9
X85cHdk0ZIT/6ZP+/Wg6cR4V94GErudcW4xb6W56SapOzlsNNBaVsNF35xGsPpNz
ZG3x0IDr2blLvnGSaJUaxOL6dQSv3M/ojlNkCK+48QFnMyT9bg9FsE/s/nXcWJwe
HAln01AbDwcxgkDcPZPj6MimOAk0lroTS7bKw6m5Dbs96z9bDLYDu/4ECscdZiY6
kt841DGqVXh6c4dadNg+4bAAmqqExSYnoV+i0wNPiNdm0pK7PoCg/DSkmfKnklH+
SvRJCY5X3tEC0zE8hVbFoO2jGQ/Uv6km2GBhtwzMQx+89Iz/Iz1wWEgRZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwIZ4vHl5FMp4A6vtdc3b+gEG89MB8GA1UdIwQY
MBaAFN4pIZidfZDGTrs1ZYgx/mqPSck4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTct
MGI1ZWNiNDc0ZjE1LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTctMGI1ZWNiNDc0ZjE1
LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN0CIBeva
EUINIYj7t77x+MLKVo1lOrzkLyxPY5biZHJJUzwHtIGYFw3C/cZS8CT/mSFyVMRz
iEgSKloYB1xioScecS1TGDv0kR9T4u0d3Iot8skhz1VPdNo3LKxtpNIGFhIxGSzi
T15kEFZKJblZBbZiHGlj15LCsW8Oll3oKOoyHufIthvO1QGtvpM1hnm4wbRRlz06
zvqg+zBsJGObfIu59Myw2fl3msOK9Ub6ZPpyA4pDtoV+c3zAaTi+uUw/4mcq2hGO
lIeSmwpZePNdGDsvm7G8MrS4VyEdCdAtdye2L7zExtz6z+v1Kc8b7h2S29TQGwyf
PTTGIlNGqk7opQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:55:39 2026 by rpki-client