Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
File: 3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json)
Hash identifier: toMGf6BKDolQYtAqQJz85tykNEooMRUNCYKrk3spyjM=
Subject key identifier: FF:1F:2E:65:1F:46:84:72:98:20:36:12:EE:4C:13:25:2D:CE:B7:56
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Certificate issuer: /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial: 019D999970174A1B25F2D72505876DF73F3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
Manifest number: 0971
Signing time: Fri 17 Apr 2026 04:01:02 +0000
Manifest this update: Fri 17 Apr 2026 04:01:02 +0000
Manifest next update: Sat 18 Apr 2026 04:01:02 +0000
Files and hashes: 1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: rjTvgx6CmJL9+yrnNlTRp+sGRxz96x3/Kl375KaX7fQ=)
2: KyIGNZFDdjiF9uvViG3nRW9Bmw8.roa (hash: DzYiLKcYFU2Q0VtZNwQkwth/5N+BuGWGx0hMS551gkc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 04:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:99:70:17:4a:1b:25:f2:d7:25:05:87:6d:f7:3f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Validity
Not Before: Apr 17 04:01:02 2026 GMT
Not After : Apr 18 04:01:02 2026 GMT
Subject: CN=ff1f2e651f46847298203612ee4c13252dceb756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5e:a5:b3:c8:2b:1e:d2:b2:6a:cb:13:4a:1c:
56:8e:83:16:f2:b4:ab:e5:2e:74:3a:fa:a3:94:e1:
22:e9:29:9f:aa:6d:75:06:48:a2:34:91:72:4c:37:
06:31:1d:5a:ad:5e:74:c7:ee:1c:b7:ad:93:07:67:
34:46:3e:ce:06:18:19:e9:f3:72:1d:02:76:36:8d:
a1:3e:d3:ba:38:31:81:4f:39:26:c1:a6:cd:27:47:
9b:19:0d:7c:4b:06:25:85:69:40:4b:6c:e7:bd:4d:
f1:99:f0:98:ab:46:3a:24:ad:0f:2a:15:84:70:3c:
52:db:77:7c:e2:bc:85:b1:92:2a:02:b9:63:d8:b7:
63:f7:e5:ef:3b:de:43:b7:ca:35:b7:8d:46:38:d8:
91:2d:74:52:62:ba:19:ea:7c:6b:61:78:25:00:5c:
44:47:9f:46:41:a6:22:6a:ef:a4:61:d3:13:f0:74:
43:cb:63:ab:91:08:4a:3f:b2:83:8e:84:5f:d2:67:
b8:68:40:38:31:76:ce:08:ef:3b:d5:7c:19:bb:ad:
bd:f6:3d:fb:7f:98:9a:4e:93:8a:9d:09:10:01:bc:
4f:cf:6e:79:cd:09:6c:2a:2b:f8:4d:ad:8f:04:94:
37:1d:72:4f:cc:a9:69:2a:c6:43:7c:71:81:40:0d:
66:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:1F:2E:65:1F:46:84:72:98:20:36:12:EE:4C:13:25:2D:CE:B7:56
X509v3 Authority Key Identifier:
keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:6d:99:7d:5b:b4:3d:4b:ac:35:05:b7:6f:6c:4d:99:05:87:
f6:f5:d9:91:4b:4a:a6:16:98:ec:ce:bc:5f:8f:cd:98:af:31:
e6:14:06:56:5b:56:ef:cd:e3:c0:18:12:b9:91:e5:94:7b:aa:
c0:ff:7c:dd:8a:f8:80:07:14:db:ba:ac:ba:d3:03:ba:33:c3:
1f:37:08:08:fc:55:31:fd:5a:66:8b:10:4e:38:65:dc:1c:77:
ef:05:0d:88:9e:86:2e:76:40:ab:75:4c:7f:93:57:1b:d5:37:
ae:a2:d1:eb:d5:21:4b:b9:94:d9:c8:c9:26:63:97:1d:17:96:
24:44:8a:c3:00:fb:41:5f:03:b6:0f:0f:18:5c:e7:91:e9:ba:
73:3b:f5:72:dd:29:11:27:4f:52:02:91:a8:48:c3:4a:96:66:
9c:5b:93:d3:a1:2e:cb:0d:2f:20:73:1e:e4:1a:39:18:89:02:
d9:cb:55:11:bd:99:d5:7f:87:58:be:85:cb:47:9e:56:6a:b9:
ce:34:22:34:6f:f2:43:ee:6a:68:14:86:77:d5:44:a8:7e:fe:
3e:1d:fe:9d:2c:01:72:0e:93:00:5f:94:a7:0d:45:fd:57:c8:
e9:0f:9c:de:42:c6:1e:29:a5:0c:78:dd:03:5b:8f:0d:06:63:
5f:0a:12:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmXAXShsl8tclBYdt9z88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjYwNDE3MDQwMTAyWhcNMjYwNDE4MDQwMTAyWjAzMTEwLwYDVQQD
EyhmZjFmMmU2NTFmNDY4NDcyOTgyMDM2MTJlZTRjMTMyNTJkY2ViNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvV6ls8grHtKyassTShxWjoMW8rSr
5S50OvqjlOEi6Smfqm11BkiiNJFyTDcGMR1arV50x+4ct62TB2c0Rj7OBhgZ6fNy
HQJ2No2hPtO6ODGBTzkmwabNJ0ebGQ18SwYlhWlAS2znvU3xmfCYq0Y6JK0PKhWE
cDxS23d84ryFsZIqArlj2Ldj9+XvO95Dt8o1t41GONiRLXRSYroZ6nxrYXglAFxE
R59GQaYiau+kYdMT8HRDy2OrkQhKP7KDjoRf0me4aEA4MXbOCO871XwZu6299j37
f5iaTpOKnQkQAbxPz255zQlsKiv4Ta2PBJQ3HXJPzKlpKsZDfHGBQA1mcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8fLmUfRoRymCA2Eu5MEyUtzrdWMB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtW2ZfVu0
PUusNQW3b2xNmQWH9vXZkUtKphaY7M68X4/NmK8x5hQGVltW783jwBgSuZHllHuq
wP983Yr4gAcU27qsutMDujPDHzcICPxVMf1aZosQTjhl3Bx37wUNiJ6GLnZAq3VM
f5NXG9U3rqLR69UhS7mU2cjJJmOXHReWJESKwwD7QV8Dtg8PGFznkem6czv1ct0p
ESdPUgKRqEjDSpZmnFuT06Euyw0vIHMe5Bo5GIkC2ctVEb2Z1X+HWL6Fy0eeVmq5
zjQiNG/yQ+5qaBSGd9VEqH7+Ph3+nSwBcg6TAF+Upw1F/VfI6Q+c3kLGHimlDHjd
A1uPDQZjXwoSOw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:56:42 2026 by rpki-client