Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
File: 3VP2PxOgyVKgefRXihDtv246pYs.mft (raw, json)
Hash identifier: DX5W/QbExN2K5FRYICigRo7xkfM3+++2FZJDSn7AGzo=
Subject key identifier: 3C:F1:1E:15:4B:02:F8:E1:EC:BC:2E:CE:39:A5:41:A4:0E:54:BC:04
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 019DA52F82E4AC3F54483A001B20D532327D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
Manifest number: 1837
Signing time: Sun 19 Apr 2026 10:00:47 +0000
Manifest this update: Sun 19 Apr 2026 10:00:47 +0000
Manifest next update: Mon 20 Apr 2026 10:00:47 +0000
Files and hashes: 1: 3VP2PxOgyVKgefRXihDtv246pYs.crl (hash: CldXRUD4vEyifqolLuhQXX6Xkx8XzfgVQBHOmBS4qV0=)
2: TWjQ2gsQUU9MXDJP00l8lOI_i8I.roa (hash: PtqnNrTefbS8Cw3BlkL6LKO9S8DUkKbOBZ0zbUviWfs=)
3: WoaNei28YSaPDdcENSu3LjSXLKg.roa (hash: YXB0+7Vswy/qgNB0Agbnb+glIUAaceZRMWc/efKKqKU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a5:2f:82:e4:ac:3f:54:48:3a:00:1b:20:d5:32:32:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: Apr 19 10:00:47 2026 GMT
Not After : Apr 20 10:00:47 2026 GMT
Subject: CN=3cf11e154b02f8e1ecbc2ece39a541a40e54bc04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:de:1c:93:e3:6b:c9:5b:7c:80:6f:0e:9d:45:
88:b9:9d:0d:a6:10:a8:a8:fa:43:b5:26:ed:88:71:
45:77:73:c8:d0:b9:b6:08:2f:70:fc:7b:12:78:5f:
f2:be:cf:1c:7b:99:14:36:a5:f6:af:d9:3a:c7:c7:
c7:c6:14:90:ce:cf:ca:de:cb:a2:1a:b5:13:1d:07:
7a:cc:fd:05:f6:42:0d:41:96:f5:48:df:dd:b9:c1:
46:2f:0c:e4:6c:6c:eb:9f:50:b0:46:fd:07:38:d1:
7a:9e:f8:98:64:ed:e3:85:a6:48:84:d3:66:3e:4d:
df:42:6d:cf:60:b5:9d:b1:53:ba:f0:e0:86:a9:fb:
d3:8d:60:4d:d5:4b:39:16:0b:d5:ed:bc:c1:2e:10:
a8:e7:c1:c4:5e:c0:ef:fe:50:e0:b3:fe:35:17:79:
fa:77:20:5f:d2:59:d3:2d:15:c4:6c:0f:e2:81:3b:
74:44:03:ef:ee:94:9b:20:53:de:cf:bf:15:e3:81:
51:93:cc:45:7e:47:72:b3:fc:3f:98:fe:c1:87:98:
cd:95:5b:ed:f5:5e:45:2f:8c:ae:0f:43:43:54:87:
f2:6f:e7:f1:10:9a:08:db:5b:4e:6c:71:b7:a2:50:
26:36:98:b4:e2:d7:5a:34:6d:59:dd:b8:2d:7e:c3:
49:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F1:1E:15:4B:02:F8:E1:EC:BC:2E:CE:39:A5:41:A4:0E:54:BC:04
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:b1:3d:c3:8f:c5:d9:a6:06:26:a2:07:27:e8:71:b1:a6:0e:
91:92:c1:a9:95:4d:96:c9:5d:19:7d:7f:0a:54:e4:e6:b7:2c:
fa:ca:c5:cc:ce:17:a1:d2:cf:3e:a4:5a:99:d4:45:49:97:27:
24:1d:d8:e4:2b:f1:a9:7b:e0:9c:85:6d:42:54:17:df:2d:e0:
12:5f:5e:f8:3c:bb:4d:ba:3f:d5:b9:a9:9b:20:f4:4d:71:07:
8c:96:8e:cd:ca:4f:fe:00:e3:22:b8:a1:40:c7:04:3b:af:1f:
1a:8f:4d:c2:78:1c:25:a6:b0:2f:97:c4:a9:e3:10:e0:94:06:
2d:59:b5:39:a2:44:c5:f7:f6:93:54:6f:e7:d8:a9:ed:e2:25:
15:15:07:38:ec:a1:23:eb:b8:84:fb:8f:17:c6:dc:75:23:87:
cc:c3:75:c2:72:c9:72:16:9e:7d:16:ed:5d:4b:2c:21:ae:91:
5f:25:a4:30:93:3c:df:12:f2:09:30:ae:6d:ec:e1:c4:90:62:
6a:64:af:42:96:a3:97:66:63:08:82:0a:5f:19:9e:73:63:19:
85:21:44:7d:bd:f7:06:e6:a1:71:8b:20:b7:0f:f2:44:e6:4c:
f3:8a:50:f7:9c:90:f4:ad:12:83:5e:32:05:fe:18:d3:be:af:
d2:a3:ab:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2lL4LkrD9USDoAGyDVMjJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTNmNjNmMTNhMGM5NTJhMDc5ZjQ1NzhhMTBlZGJmNmUz
YWE1OGIwHhcNMjYwNDE5MTAwMDQ3WhcNMjYwNDIwMTAwMDQ3WjAzMTEwLwYDVQQD
EygzY2YxMWUxNTRiMDJmOGUxZWNiYzJlY2UzOWE1NDFhNDBlNTRiYzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd4ck+NryVt8gG8OnUWIuZ0NphCo
qPpDtSbtiHFFd3PI0Lm2CC9w/HsSeF/yvs8ce5kUNqX2r9k6x8fHxhSQzs/K3sui
GrUTHQd6zP0F9kINQZb1SN/ducFGLwzkbGzrn1CwRv0HONF6nviYZO3jhaZIhNNm
Pk3fQm3PYLWdsVO68OCGqfvTjWBN1Us5FgvV7bzBLhCo58HEXsDv/lDgs/41F3n6
dyBf0lnTLRXEbA/igTt0RAPv7pSbIFPez78V44FRk8xFfkdys/w/mP7Bh5jNlVvt
9V5FL4yuD0NDVIfyb+fxEJoI21tObHG3olAmNpi04tdaNG1Z3bgtfsNJ9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzxHhVLAvjh7LwuzjmlQaQOVLwEMB8GA1UdIwQY
MBaAFN1T9j8ToMlSoHn0V4oQ7b9uOqWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYt
NWNkZmExMTdhZWM2LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYtNWNkZmExMTdhZWM2
LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANLE9w4/F
2aYGJqIHJ+hxsaYOkZLBqZVNlsldGX1/ClTk5rcs+srFzM4XodLPPqRamdRFSZcn
JB3Y5CvxqXvgnIVtQlQX3y3gEl9e+Dy7Tbo/1bmpmyD0TXEHjJaOzcpP/gDjIrih
QMcEO68fGo9NwngcJaawL5fEqeMQ4JQGLVm1OaJExff2k1Rv59ip7eIlFRUHOOyh
I+u4hPuPF8bcdSOHzMN1wnLJchaefRbtXUssIa6RXyWkMJM83xLyCTCubezhxJBi
amSvQpajl2ZjCIIKXxmec2MZhSFEfb33BuahcYsgtw/yROZM84pQ95yQ9K0Sg14y
Bf4Y076v0qOr6w==
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:39:14 2026 by rpki-client