Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/4a93c6-170a-4aa2-8dfc-6b9641823ca4/1/3SoSF2c-sRypijUTlSBAfJdo38M.mft
File: 3SoSF2c-sRypijUTlSBAfJdo38M.mft (raw, json)
Hash identifier: hNufbknV79iZw3KssK82K2eEXuSwCWbKGl9zMnbANUY=
Subject key identifier: D2:C3:C9:53:26:2E:02:64:D9:BB:1A:CB:14:60:F5:36:16:10:F5:C7
Authority key identifier: DD:2A:12:17:67:3E:B1:1C:A9:8A:35:13:95:20:40:7C:97:68:DF:C3
Certificate issuer: /CN=dd2a1217673eb11ca98a35139520407c9768dfc3
Certificate serial: 019CAC46A1F121AA5AFF38C3CC8BF07D94B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3SoSF2c-sRypijUTlSBAfJdo38M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/4a93c6-170a-4aa2-8dfc-6b9641823ca4/1/3SoSF2c-sRypijUTlSBAfJdo38M.mft
Manifest number: 014A
Signing time: Mon 02 Mar 2026 02:00:35 +0000
Manifest this update: Mon 02 Mar 2026 02:00:35 +0000
Manifest next update: Tue 03 Mar 2026 02:00:35 +0000
Files and hashes: 1: 3SoSF2c-sRypijUTlSBAfJdo38M.crl (hash: YFwf+6nfcqIY/3Ax1/1dqRPrFvJstuPS8su3zavrdMo=)
2: WQR-Dyl5ml38JzgsrWjiLr-jTjE.roa (hash: 8pC1xGdRfwbbzKrCgP0LBKBZ1huDVz6z9MO3fLjaue8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/4a93c6-170a-4aa2-8dfc-6b9641823ca4/1/3SoSF2c-sRypijUTlSBAfJdo38M.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/4a93c6-170a-4aa2-8dfc-6b9641823ca4/1/3SoSF2c-sRypijUTlSBAfJdo38M.mft
rsync://rpki.ripe.net/repository/DEFAULT/3SoSF2c-sRypijUTlSBAfJdo38M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:46:a1:f1:21:aa:5a:ff:38:c3:cc:8b:f0:7d:94:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd2a1217673eb11ca98a35139520407c9768dfc3
Validity
Not Before: Mar 2 02:00:35 2026 GMT
Not After : Mar 3 02:00:35 2026 GMT
Subject: CN=d2c3c953262e0264d9bb1acb1460f5361610f5c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:96:45:ee:d0:a0:ab:05:6c:17:cc:3a:06:b1:
ce:8f:30:c2:51:18:87:85:78:38:ae:3b:34:33:91:
04:6e:66:ce:cd:65:55:59:43:3c:45:49:35:80:7a:
a1:7d:ec:05:8e:72:59:2f:8a:64:68:7b:30:e2:78:
0f:00:32:fe:cf:40:d5:53:ac:aa:2b:b6:dc:97:73:
72:95:90:cb:19:ae:fa:96:81:f0:d6:74:7d:cd:69:
11:ca:91:66:81:72:da:09:bf:49:db:a8:94:eb:5c:
13:30:46:3a:95:19:02:b9:fd:43:30:28:64:11:f4:
ba:ea:e5:0a:76:c7:c5:33:7e:84:82:d9:1a:11:bd:
27:30:da:99:3c:01:06:b2:c3:90:e6:00:aa:af:08:
9a:ca:61:d1:79:6a:7b:d9:dd:04:ff:5f:23:76:19:
1e:57:b5:18:f7:92:17:88:f8:02:6e:4d:c7:18:f7:
ae:1d:4d:f8:7c:b9:96:46:a1:cf:b6:0b:aa:a6:ef:
aa:dc:ad:bb:0c:b0:2f:42:73:03:e4:3c:9b:e8:bc:
ef:e4:9b:9e:14:35:db:fb:99:ab:53:a3:32:a7:a4:
f4:6d:b1:8d:d7:8c:33:30:43:33:f9:9f:3f:72:0a:
3e:03:80:dd:6b:01:f4:f4:f9:80:dd:34:a1:38:1f:
97:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C3:C9:53:26:2E:02:64:D9:BB:1A:CB:14:60:F5:36:16:10:F5:C7
X509v3 Authority Key Identifier:
keyid:DD:2A:12:17:67:3E:B1:1C:A9:8A:35:13:95:20:40:7C:97:68:DF:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3SoSF2c-sRypijUTlSBAfJdo38M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/4a93c6-170a-4aa2-8dfc-6b9641823ca4/1/3SoSF2c-sRypijUTlSBAfJdo38M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/4a93c6-170a-4aa2-8dfc-6b9641823ca4/1/3SoSF2c-sRypijUTlSBAfJdo38M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:cc:2f:86:58:08:84:d8:40:9a:ec:94:c4:53:96:93:32:dc:
ae:50:a1:81:71:3d:67:72:fc:35:44:01:7b:85:fe:1f:8f:47:
b4:23:a4:b7:de:c0:24:25:ce:b0:85:48:4c:ae:06:41:cd:eb:
dc:e6:b0:19:52:17:d2:ac:df:75:ae:83:b0:16:76:18:6a:6a:
91:6d:c8:ba:0d:07:bb:85:dd:62:69:60:9d:2b:8c:84:e3:c3:
71:43:26:c1:1e:0a:b3:a4:57:f9:d5:34:ed:7d:fb:f2:1b:6d:
c4:b7:f2:01:32:99:f7:5b:66:02:71:c3:f7:6b:97:7d:d3:45:
80:e3:ab:3c:34:b2:e7:15:a6:99:cc:91:92:52:ba:40:5a:7a:
2f:5e:a3:02:ca:84:3e:1c:17:cf:ba:d8:b9:a3:e6:a9:33:8e:
27:2c:9a:85:b8:27:10:c7:d4:62:a4:e1:67:e8:e3:c1:1f:ae:
72:23:f6:23:2f:f2:ab:29:2d:c2:a1:d2:24:22:31:b6:b5:5d:
17:b5:3f:1d:e5:60:2e:b1:0a:16:34:bc:8e:0e:02:68:23:7e:
90:ef:64:a7:b8:c3:83:75:b5:1d:47:e7:ac:e7:8b:ed:0a:10:
f0:e5:b1:32:31:7e:d9:0b:26:b6:83:a6:0f:ab:2d:96:74:a6:
49:af:47:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRqHxIapa/zjDzIvwfZS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMmExMjE3NjczZWIxMWNhOThhMzUxMzk1MjA0MDdjOTc2
OGRmYzMwHhcNMjYwMzAyMDIwMDM1WhcNMjYwMzAzMDIwMDM1WjAzMTEwLwYDVQQD
EyhkMmMzYzk1MzI2MmUwMjY0ZDliYjFhY2IxNDYwZjUzNjE2MTBmNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZZF7tCgqwVsF8w6BrHOjzDCURiH
hXg4rjs0M5EEbmbOzWVVWUM8RUk1gHqhfewFjnJZL4pkaHsw4ngPADL+z0DVU6yq
K7bcl3NylZDLGa76loHw1nR9zWkRypFmgXLaCb9J26iU61wTMEY6lRkCuf1DMChk
EfS66uUKdsfFM36EgtkaEb0nMNqZPAEGssOQ5gCqrwiaymHReWp72d0E/18jdhke
V7UY95IXiPgCbk3HGPeuHU34fLmWRqHPtguqpu+q3K27DLAvQnMD5Dyb6Lzv5Jue
FDXb+5mrU6Myp6T0bbGN14wzMEMz+Z8/cgo+A4DdawH09PmA3TShOB+XowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLDyVMmLgJk2bsayxRg9TYWEPXHMB8GA1UdIwQY
MBaAFN0qEhdnPrEcqYo1E5UgQHyXaN/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1NvU0YyYy1zUnlwaWpVVGxTQkFmSmRvMzhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80YTkzYzYtMTcwYS00YWEyLThkZmMt
NmI5NjQxODIzY2E0LzEvM1NvU0YyYy1zUnlwaWpVVGxTQkFmSmRvMzhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80YTkzYzYtMTcwYS00YWEyLThkZmMtNmI5NjQxODIzY2E0
LzEvM1NvU0YyYy1zUnlwaWpVVGxTQkFmSmRvMzhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWcwvhlgI
hNhAmuyUxFOWkzLcrlChgXE9Z3L8NUQBe4X+H49HtCOkt97AJCXOsIVITK4GQc3r
3OawGVIX0qzfda6DsBZ2GGpqkW3Iug0Hu4XdYmlgnSuMhOPDcUMmwR4Ks6RX+dU0
7X378httxLfyATKZ91tmAnHD92uXfdNFgOOrPDSy5xWmmcyRklK6QFp6L16jAsqE
PhwXz7rYuaPmqTOOJyyahbgnEMfUYqThZ+jjwR+uciP2Iy/yqyktwqHSJCIxtrVd
F7U/HeVgLrEKFjS8jg4CaCN+kO9kp7jDg3W1HUfnrOeL7QoQ8OWxMjF+2QsmtoOm
D6stlnSmSa9HVw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:02:06 2026 by rpki-client