Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft
File: 3hL5ZansM-LC6HthYb7vuL4obKM.mft (raw, json)
Hash identifier: Y2xqA8fYfPlhJvwGOhjsKCQjir7GZoGdGZdUSxT1/Uk=
Subject key identifier: FA:91:C6:38:CE:54:2F:8E:6B:10:F9:99:96:56:B0:0C:B5:9C:2D:49
Authority key identifier: DE:12:F9:65:A9:EC:33:E2:C2:E8:7B:61:61:BE:EF:B8:BE:28:6C:A3
Certificate issuer: /CN=de12f965a9ec33e2c2e87b6161beefb8be286ca3
Certificate serial: 019CAB344894E6CA69DB9F515FBF15B76A63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft
Manifest number: 166A
Signing time: Sun 01 Mar 2026 21:00:56 +0000
Manifest this update: Sun 01 Mar 2026 21:00:56 +0000
Manifest next update: Mon 02 Mar 2026 21:00:56 +0000
Files and hashes: 1: 3hL5ZansM-LC6HthYb7vuL4obKM.crl (hash: 3qptQQqOgvijY/AxGLUZa5lBW1wHylTsAz0jebd+gPY=)
2: dQKWrb4274MA9TnUoPK0iLguRN8.roa (hash: iabYGi8dw6jC4+Zg8izYgwpn552JIuXwr1GRxu62hag=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:48:94:e6:ca:69:db:9f:51:5f:bf:15:b7:6a:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de12f965a9ec33e2c2e87b6161beefb8be286ca3
Validity
Not Before: Mar 1 21:00:56 2026 GMT
Not After : Mar 2 21:00:56 2026 GMT
Subject: CN=fa91c638ce542f8e6b10f9999656b00cb59c2d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bc:98:ae:3c:b6:ff:a4:d9:07:0e:6f:3a:a9:
ee:e0:0e:57:05:4f:90:9a:da:ad:a2:c2:d7:de:b6:
f7:d0:74:8f:58:da:4f:79:0d:94:48:ec:24:12:83:
e5:14:25:b9:64:f8:52:77:fa:13:ba:0f:33:34:90:
e6:95:65:23:1e:7c:a0:a6:63:c9:88:f0:21:a0:e2:
3b:7a:59:1e:30:0f:c0:86:d4:c9:ab:de:4b:9e:3d:
51:1d:47:48:83:60:d3:1e:9e:70:e3:b6:5f:de:29:
98:f8:6b:eb:86:0d:43:71:a5:6e:b5:ee:79:bc:37:
ad:9e:57:8c:53:6d:88:e6:5f:e8:fd:d1:57:cc:09:
4b:46:52:de:4e:c6:ad:3d:aa:99:4c:86:5d:8d:7d:
1f:8b:cf:ca:5b:3c:92:89:fa:cf:62:a5:b1:9f:0d:
a9:e1:31:e6:f9:ca:9c:42:46:94:c4:14:d4:84:89:
c0:c9:72:44:24:e9:45:9c:99:28:c1:33:38:56:05:
54:47:d5:de:44:5e:7f:72:fc:50:97:6e:a9:d6:49:
9f:af:30:05:c1:f3:96:55:95:1d:83:43:15:02:1c:
e3:6c:95:b3:4a:c8:18:c3:28:90:5f:78:40:09:19:
65:30:dd:19:b6:09:33:5b:dd:88:90:ef:6b:a5:f4:
60:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:91:C6:38:CE:54:2F:8E:6B:10:F9:99:96:56:B0:0C:B5:9C:2D:49
X509v3 Authority Key Identifier:
keyid:DE:12:F9:65:A9:EC:33:E2:C2:E8:7B:61:61:BE:EF:B8:BE:28:6C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:dd:f6:92:5f:1b:98:1d:67:9a:d3:bd:4b:e6:cb:55:2f:86:
fc:48:c1:34:f4:9f:6d:51:dd:fc:cd:77:23:bf:ad:0c:06:59:
83:e5:fd:98:bf:cc:6e:42:47:8e:98:30:18:bd:00:6b:47:fc:
2d:74:c3:46:b6:22:27:f0:90:da:77:db:75:d8:a5:6e:fa:46:
92:63:9a:db:b1:c1:38:de:ba:78:48:51:fe:b6:bb:8d:53:ef:
e5:92:47:58:12:19:d2:5c:6a:23:a0:de:3d:73:ed:1a:fe:44:
14:d7:68:9c:bf:aa:b0:41:65:65:8d:e2:4c:73:33:09:33:d9:
8f:77:27:bc:17:d0:4b:a9:f4:34:5e:70:27:1e:39:24:c9:4c:
b1:da:e5:7c:81:43:21:be:67:03:b2:7c:85:2f:2b:31:4b:98:
ae:99:87:30:83:89:a5:05:1e:f9:95:ae:f8:ff:76:d9:61:89:
38:cb:67:89:21:a0:7e:99:89:a9:f7:9c:9b:da:22:47:21:65:
0d:e2:da:ce:f3:98:57:3a:ff:c8:01:8e:9c:0c:29:4a:16:5e:
0c:43:1d:78:3d:b3:26:04:1e:91:24:7e:7e:b8:f9:95:cf:f0:
5a:a0:fc:a2:31:fc:fb:a0:c8:59:8d:6e:93:43:3b:d3:80:84:
fb:e6:92:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNEiU5spp259RX78Vt2pjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTJmOTY1YTllYzMzZTJjMmU4N2I2MTYxYmVlZmI4YmUy
ODZjYTMwHhcNMjYwMzAxMjEwMDU2WhcNMjYwMzAyMjEwMDU2WjAzMTEwLwYDVQQD
EyhmYTkxYzYzOGNlNTQyZjhlNmIxMGY5OTk5NjU2YjAwY2I1OWMyZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApryYrjy2/6TZBw5vOqnu4A5XBU+Q
mtqtosLX3rb30HSPWNpPeQ2USOwkEoPlFCW5ZPhSd/oTug8zNJDmlWUjHnygpmPJ
iPAhoOI7elkeMA/AhtTJq95Lnj1RHUdIg2DTHp5w47Zf3imY+Gvrhg1DcaVute55
vDetnleMU22I5l/o/dFXzAlLRlLeTsatPaqZTIZdjX0fi8/KWzySifrPYqWxnw2p
4THm+cqcQkaUxBTUhInAyXJEJOlFnJkowTM4VgVUR9XeRF5/cvxQl26p1kmfrzAF
wfOWVZUdg0MVAhzjbJWzSsgYwyiQX3hACRllMN0ZtgkzW92IkO9rpfRgFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqRxjjOVC+OaxD5mZZWsAy1nC1JMB8GA1UdIwQY
MBaAFN4S+WWp7DPiwuh7YWG+77i+KGyjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wZjAzNzMtZGI2ZC00Nzk3LTgyMGQt
YjZkMTJhYzY2ODMxLzEvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wZjAzNzMtZGI2ZC00Nzk3LTgyMGQtYjZkMTJhYzY2ODMx
LzEvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF932kl8b
mB1nmtO9S+bLVS+G/EjBNPSfbVHd/M13I7+tDAZZg+X9mL/MbkJHjpgwGL0Aa0f8
LXTDRrYiJ/CQ2nfbddilbvpGkmOa27HBON66eEhR/ra7jVPv5ZJHWBIZ0lxqI6De
PXPtGv5EFNdonL+qsEFlZY3iTHMzCTPZj3cnvBfQS6n0NF5wJx45JMlMsdrlfIFD
Ib5nA7J8hS8rMUuYrpmHMIOJpQUe+ZWu+P922WGJOMtniSGgfpmJqfecm9oiRyFl
DeLazvOYVzr/yAGOnAwpShZeDEMdeD2zJgQekSR+frj5lc/wWqD8ojH8+6DIWY1u
k0M704CE++aStg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:14:54 2026 by rpki-client