Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft
File: 3AXfbkBO-SDmpZKNiWPmpfjWESA.mft (raw, json)
Hash identifier: Lkwe1vQpjFm/H3hIfWUpE3rvry/4SSsRqQEAmW9s95o=
Subject key identifier: 0B:E1:14:71:01:9A:EF:35:13:69:F2:F6:32:9B:E1:8E:37:31:C1:1A
Authority key identifier: DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20
Certificate issuer: /CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
Certificate serial: 019CAC46FD34D7E7F2251EE92D3DCD5F46ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft
Manifest number: 1848
Signing time: Mon 02 Mar 2026 02:00:59 +0000
Manifest this update: Mon 02 Mar 2026 02:00:59 +0000
Manifest next update: Tue 03 Mar 2026 02:00:59 +0000
Files and hashes: 1: 3AXfbkBO-SDmpZKNiWPmpfjWESA.crl (hash: ppu9wRNEvayKtrtQX3bjSSOjWNon80X2g92106RTj4M=)
2: WLGZfCZKmxfMTTmHvuZLK2OwTpM.roa (hash: o/3DvFAKUtiQSitJNR+MpNrJR84HlaGWEw9iU7EJXWI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:46:fd:34:d7:e7:f2:25:1e:e9:2d:3d:cd:5f:46:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
Validity
Not Before: Mar 2 02:00:59 2026 GMT
Not After : Mar 3 02:00:59 2026 GMT
Subject: CN=0be11471019aef351369f2f6329be18e3731c11a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:21:65:f2:91:53:86:bd:47:1e:d2:e0:9e:00:
40:71:32:ce:73:8f:45:d9:41:fe:54:a7:8f:5a:de:
3c:f5:6e:de:37:78:e4:f3:4b:3d:4f:95:7c:6f:90:
cc:11:f8:51:35:d1:97:86:6c:db:2e:ae:2c:ca:6b:
65:bc:be:9b:1e:a6:cd:98:29:f8:85:54:a1:e6:47:
20:7b:da:07:9f:d0:dc:09:e3:04:54:0d:66:85:bb:
f6:28:cd:83:90:b8:f0:13:b1:d0:91:48:36:db:ed:
e8:d9:16:ff:07:f8:b8:a7:c3:f1:b2:12:83:7c:40:
88:96:85:5f:4e:f0:d8:ef:3b:b9:e4:e3:c9:d1:53:
43:35:71:f3:13:30:4c:04:a4:00:1b:cc:32:05:6c:
ee:ca:97:b4:35:27:3f:b7:1a:87:79:4c:28:b2:83:
2c:81:7e:6c:69:98:28:ce:7a:19:ce:00:ce:2a:f6:
be:c2:bb:30:26:d4:7a:c2:98:19:1d:24:2b:d3:c3:
c7:f8:4c:c3:8b:f5:10:eb:76:f5:31:a9:8f:bf:24:
d9:81:5e:1e:b0:72:81:5b:95:4e:c6:91:80:b4:9f:
83:99:df:ea:69:09:7b:3e:24:69:f9:df:9b:87:f4:
a5:a4:84:ee:6d:a0:f2:98:f4:9e:6b:74:62:72:9a:
3e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E1:14:71:01:9A:EF:35:13:69:F2:F6:32:9B:E1:8E:37:31:C1:1A
X509v3 Authority Key Identifier:
keyid:DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:52:4d:37:6c:db:62:bb:f6:d9:f0:80:60:b6:79:23:4f:13:
0c:f9:e6:f7:fc:6d:e5:68:cf:66:ee:5b:5b:e6:04:54:b4:25:
bb:69:5a:99:4d:c2:cd:6c:84:db:d5:e7:40:81:5d:ec:2c:16:
4a:8c:e5:8e:9b:11:5f:74:eb:78:0d:dc:54:02:63:e9:fd:52:
ac:3f:0c:dd:d8:15:f1:df:79:ba:de:0f:f1:f5:ce:76:1a:b9:
ea:24:e3:51:41:99:e6:ad:b9:6d:8e:1f:53:20:81:55:c3:ea:
49:f5:b3:94:21:c2:90:89:aa:fb:73:aa:d8:db:8f:a0:c7:3b:
3a:74:bd:78:48:22:c4:54:4f:93:b1:0b:88:39:12:30:f3:f5:
a9:f1:04:79:ce:d1:8c:84:b5:30:fc:39:d6:a9:b0:6a:60:1e:
6e:4d:39:b3:87:8d:c4:28:c1:d7:65:4a:d3:56:2c:d7:ae:bd:
aa:bb:f5:9a:00:6a:44:61:e5:18:04:90:05:aa:f0:a2:f0:1c:
20:bd:ce:65:9c:14:86:15:b4:fe:c5:fa:b2:52:15:fd:21:8b:
ec:89:28:94:bf:c2:94:fb:dc:19:f7:04:57:d5:d6:4a:f5:b3:
76:38:94:64:16:eb:cf:58:91:82:e2:47:e4:89:ff:9c:9c:68:
bd:47:df:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRv001+fyJR7pLT3NX0btMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDVkZjZlNDA0ZWY5MjBlNmE1OTI4ZDg5NjNlNmE1Zjhk
NjExMjAwHhcNMjYwMzAyMDIwMDU5WhcNMjYwMzAzMDIwMDU5WjAzMTEwLwYDVQQD
EygwYmUxMTQ3MTAxOWFlZjM1MTM2OWYyZjYzMjliZTE4ZTM3MzFjMTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSFl8pFThr1HHtLgngBAcTLOc49F
2UH+VKePWt489W7eN3jk80s9T5V8b5DMEfhRNdGXhmzbLq4symtlvL6bHqbNmCn4
hVSh5kcge9oHn9DcCeMEVA1mhbv2KM2DkLjwE7HQkUg22+3o2Rb/B/i4p8PxshKD
fECIloVfTvDY7zu55OPJ0VNDNXHzEzBMBKQAG8wyBWzuype0NSc/txqHeUwosoMs
gX5saZgoznoZzgDOKva+wrswJtR6wpgZHSQr08PH+EzDi/UQ63b1MamPvyTZgV4e
sHKBW5VOxpGAtJ+Dmd/qaQl7PiRp+d+bh/SlpITubaDymPSea3Ricpo+rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvhFHEBmu81E2ny9jKb4Y43McEaMB8GA1UdIwQY
MBaAFNwF325ATvkg5qWSjYlj5qX41hEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQt
YmNlOTM0MjA1YWU4LzEvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQtYmNlOTM0MjA1YWU4
LzEvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARlJNN2zb
Yrv22fCAYLZ5I08TDPnm9/xt5WjPZu5bW+YEVLQlu2lamU3CzWyE29XnQIFd7CwW
SozljpsRX3TreA3cVAJj6f1SrD8M3dgV8d95ut4P8fXOdhq56iTjUUGZ5q25bY4f
UyCBVcPqSfWzlCHCkImq+3Oq2NuPoMc7OnS9eEgixFRPk7ELiDkSMPP1qfEEec7R
jIS1MPw51qmwamAebk05s4eNxCjB12VK01Ys1669qrv1mgBqRGHlGASQBarwovAc
IL3OZZwUhhW0/sX6slIV/SGL7IkolL/ClPvcGfcEV9XWSvWzdjiUZBbrz1iRguJH
5In/nJxovUffwA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:41:00 2026 by rpki-client