Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
File: r3gchFM5kA9-ayAz5jiItTrleHU.mft (raw, json)
Hash identifier: OmSnmo3SBDJv3j47O1/wKVqBbT7Ss+nWF8xXDMTlwSA=
Subject key identifier: 90:4A:39:31:8B:52:CC:04:A8:BF:7E:CB:30:81:EA:74:73:A8:5F:EC
Authority key identifier: AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
Certificate issuer: /CN=af781c845339900f7e6b2033e63888b53ae57875
Certificate serial: 019CAF486A71D0C9EEA048D8B56FB93304EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
Manifest number: 1849
Signing time: Mon 02 Mar 2026 16:01:24 +0000
Manifest this update: Mon 02 Mar 2026 16:01:24 +0000
Manifest next update: Tue 03 Mar 2026 16:01:24 +0000
Files and hashes: 1: r3gchFM5kA9-ayAz5jiItTrleHU.crl (hash: OEBtFw4MEd4AlTEwnDUmPEj7QqUq2S0CCfj8dNPEZuY=)
2: ygzwdt05FZY5UgU4PNRonpu2D5Q.roa (hash: iuwiLZg36gzzO6D5OpB0qDgYjkp9/xl1ZMAuUek9+EY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:48:6a:71:d0:c9:ee:a0:48:d8:b5:6f:b9:33:04:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af781c845339900f7e6b2033e63888b53ae57875
Validity
Not Before: Mar 2 16:01:24 2026 GMT
Not After : Mar 3 16:01:24 2026 GMT
Subject: CN=904a39318b52cc04a8bf7ecb3081ea7473a85fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5b:52:23:53:a5:1c:91:b4:db:00:aa:e1:b6:
30:ee:49:e6:64:96:de:07:91:22:ee:54:c3:18:d2:
e9:43:a7:2e:1e:09:da:f0:19:17:aa:ed:0d:e6:fd:
30:8a:56:fb:f6:08:be:08:c6:cb:0b:3c:ce:b8:db:
b5:f4:0a:08:d9:82:07:d1:07:52:f5:ac:19:5a:65:
c7:84:3a:db:05:18:9a:e0:80:da:ef:2c:89:97:17:
4b:ee:57:af:fb:73:e2:13:b5:07:f1:74:35:6b:7d:
23:34:57:b9:7b:cd:13:2d:3a:58:af:e9:f3:47:72:
77:c8:6e:31:e5:c7:e3:ed:4b:d1:b5:87:b9:da:fc:
35:d4:2f:6f:06:86:1e:df:02:42:9b:6a:1c:f6:d9:
f1:d6:a2:e1:a1:84:8c:69:38:6c:8b:73:b4:35:e9:
d6:b4:ed:5c:11:3a:31:5a:8c:39:b2:d2:a5:46:83:
8e:70:4c:e8:a0:65:2d:3e:6b:4a:02:41:bd:97:fd:
5e:06:43:b7:3f:89:87:99:52:cd:4a:2b:d2:8a:8d:
38:05:e1:e3:d4:98:24:c1:81:34:c1:9e:1d:58:bc:
d8:e9:59:aa:3a:d0:f9:3f:dd:06:27:70:5a:af:ce:
57:1b:a8:0b:0a:53:f3:30:47:28:98:d2:b6:c0:b9:
a1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4A:39:31:8B:52:CC:04:A8:BF:7E:CB:30:81:EA:74:73:A8:5F:EC
X509v3 Authority Key Identifier:
keyid:AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:83:9e:4e:5c:a8:29:07:bb:ea:49:cb:07:14:b1:b3:39:92:
76:85:25:79:c2:8c:07:a6:86:c6:39:88:80:ea:16:93:07:2a:
4f:2c:5d:bb:05:c3:b8:98:de:91:42:76:ed:d7:41:f9:db:da:
0b:5a:90:87:a9:c0:68:50:44:f6:97:39:64:d2:6e:26:e3:90:
43:23:d0:23:f3:93:b5:11:62:2a:c7:14:7a:7e:ba:6a:86:83:
7f:c0:9e:99:6e:87:e3:1f:e9:e2:85:c2:11:1b:52:4a:bc:b3:
f5:53:f0:c2:06:b6:9b:c6:f5:60:b6:33:aa:6c:2d:5a:99:38:
78:8a:65:c2:0a:11:00:87:ad:02:33:e2:ad:63:9d:e9:5f:20:
a9:86:71:87:34:53:09:50:ae:56:d9:e3:fc:1c:d2:6b:4c:84:
a6:24:4c:75:79:ba:f7:e2:67:08:d4:8e:99:0f:ea:3e:48:41:
7c:88:41:ea:83:75:1a:75:1d:fc:b9:78:d4:4c:59:26:2e:58:
63:1c:c6:0f:90:a8:32:ac:dc:82:2c:92:b3:91:95:0d:7e:00:
f5:b7:a2:5c:7b:49:d7:3b:47:dd:58:90:f7:9e:1d:c6:bd:94:
85:82:95:dd:7a:a4:56:40:03:46:e3:b8:8f:c3:44:94:4f:6a:
3d:24:31:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvSGpx0MnuoEjYtW+5MwTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzgxYzg0NTMzOTkwMGY3ZTZiMjAzM2U2Mzg4OGI1M2Fl
NTc4NzUwHhcNMjYwMzAyMTYwMTI0WhcNMjYwMzAzMTYwMTI0WjAzMTEwLwYDVQQD
Eyg5MDRhMzkzMThiNTJjYzA0YThiZjdlY2IzMDgxZWE3NDczYTg1ZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFtSI1OlHJG02wCq4bYw7knmZJbe
B5Ei7lTDGNLpQ6cuHgna8BkXqu0N5v0wilb79gi+CMbLCzzOuNu19AoI2YIH0QdS
9awZWmXHhDrbBRia4IDa7yyJlxdL7lev+3PiE7UH8XQ1a30jNFe5e80TLTpYr+nz
R3J3yG4x5cfj7UvRtYe52vw11C9vBoYe3wJCm2oc9tnx1qLhoYSMaThsi3O0NenW
tO1cEToxWow5stKlRoOOcEzooGUtPmtKAkG9l/1eBkO3P4mHmVLNSivSio04BeHj
1JgkwYE0wZ4dWLzY6VmqOtD5P90GJ3Bar85XG6gLClPzMEcomNK2wLmhQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJBKOTGLUswEqL9+yzCB6nRzqF/sMB8GA1UdIwQY
MBaAFK94HIRTOZAPfmsgM+Y4iLU65Xh1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTIt
NWNmMzdhMzQ4MzBkLzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTItNWNmMzdhMzQ4MzBk
LzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeoOeTlyo
KQe76knLBxSxszmSdoUlecKMB6aGxjmIgOoWkwcqTyxduwXDuJjekUJ27ddB+dva
C1qQh6nAaFBE9pc5ZNJuJuOQQyPQI/OTtRFiKscUen66aoaDf8CemW6H4x/p4oXC
ERtSSryz9VPwwga2m8b1YLYzqmwtWpk4eIplwgoRAIetAjPirWOd6V8gqYZxhzRT
CVCuVtnj/BzSa0yEpiRMdXm69+JnCNSOmQ/qPkhBfIhB6oN1GnUd/Ll41ExZJi5Y
YxzGD5CoMqzcgiySs5GVDX4A9beiXHtJ1ztH3ViQ954dxr2UhYKV3XqkVkADRuO4
j8NElE9qPSQxzA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:55:44 2026 by rpki-client