Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
File: 3erZGbhaEwUdAgi34o3cyzmLFNY.mft (raw, json)
Hash identifier: 9ZDnXdevGs+p3G1rT8EfGcdoshRxItt+ScU45JzUp54=
Subject key identifier: FE:5B:A5:4C:02:68:88:23:ED:00:46:81:47:28:B2:C8:9E:99:68:1B
Authority key identifier: DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
Certificate issuer: /CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Certificate serial: 019D9A749BD498CA910AED87A8D8FC914068
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
Manifest number: 18C8
Signing time: Fri 17 Apr 2026 08:00:26 +0000
Manifest this update: Fri 17 Apr 2026 08:00:26 +0000
Manifest next update: Sat 18 Apr 2026 08:00:26 +0000
Files and hashes: 1: 3erZGbhaEwUdAgi34o3cyzmLFNY.crl (hash: VfxqguP6IQp010Z5mPd9xUeVltdn1+plIqV9Cj9HZPI=)
2: iKwLG1q1sDs9tvR7rIxpNbBHq4g.roa (hash: 5Al8Pm91tYMp0+j7fJGmguSqWX96C92TH8gJMDHEyyY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:74:9b:d4:98:ca:91:0a:ed:87:a8:d8:fc:91:40:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Validity
Not Before: Apr 17 08:00:26 2026 GMT
Not After : Apr 18 08:00:26 2026 GMT
Subject: CN=fe5ba54c02688823ed0046814728b2c89e99681b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e3:73:ab:13:48:c1:47:8e:35:5f:df:2c:c9:
1e:a8:2f:25:4a:0a:03:d4:fc:c8:0a:ac:67:8b:3b:
a2:62:74:a7:ef:43:cc:aa:8f:0e:84:00:c2:d9:dd:
08:f8:22:c4:83:d5:15:0d:5d:2d:9d:9e:9e:e6:cd:
99:59:77:7b:f7:62:49:6d:df:d5:4e:b0:e9:71:bc:
5b:36:d2:0b:dd:fd:cd:fb:a8:5a:c8:90:67:11:36:
0e:d0:94:97:08:76:95:81:bd:99:be:f7:1a:12:59:
34:4a:df:87:02:72:ab:c7:0a:ce:32:0b:3e:19:aa:
c4:51:7d:08:98:5b:79:32:bb:d0:2f:b7:52:1d:f0:
a9:74:c4:89:1a:6a:38:fe:49:9c:73:d7:1c:f4:fb:
bc:51:7d:b2:7b:c4:eb:b8:dd:ce:8d:7f:c9:bd:98:
19:bc:ee:f9:8f:68:02:59:0e:1c:7f:5a:9e:28:f6:
8a:13:1e:6a:9e:f4:95:5e:77:92:de:6a:d9:a2:ae:
b4:15:a3:d0:2c:7f:42:15:94:78:ff:a9:2d:db:e9:
f0:88:f0:0a:8b:af:e4:26:25:58:38:7a:e3:f1:42:
b0:9e:96:a2:d3:1e:ff:12:6b:c3:67:b7:8b:ae:83:
11:c8:fc:ac:02:04:a7:a4:9b:6b:ca:ad:47:1f:b4:
79:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:5B:A5:4C:02:68:88:23:ED:00:46:81:47:28:B2:C8:9E:99:68:1B
X509v3 Authority Key Identifier:
keyid:DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:16:10:a8:4a:75:53:ae:7e:f5:c8:26:2a:a7:7b:55:f4:4a:
99:12:1d:07:3d:cd:4f:2c:a5:1c:5e:82:0c:4a:f2:97:7a:54:
4d:f9:1e:c3:88:36:f6:92:f4:32:f5:e4:52:59:f4:a7:64:7e:
91:7e:20:07:76:a8:01:5f:1c:22:b2:0d:73:4e:76:a9:ad:db:
d3:09:75:b4:4e:19:c9:88:4c:97:d5:42:03:b6:17:2b:cc:11:
e6:1f:53:8e:fc:01:c0:ae:41:d6:04:1b:a4:d7:35:d3:10:69:
e6:e5:80:0e:71:f9:12:77:21:3b:70:4f:d8:25:3d:46:89:21:
85:cc:6c:7c:6d:78:58:d0:41:60:7d:84:15:52:aa:92:39:37:
bc:0e:f0:bb:fe:ff:26:15:d0:a8:56:b2:30:ec:1c:03:86:ac:
10:43:d0:b2:47:dc:46:44:3a:61:8b:20:07:75:28:be:18:4f:
e0:24:1b:5f:a9:0f:30:77:f9:22:1b:bb:43:8b:c5:5b:5f:80:
5e:71:2c:db:06:d3:e4:51:3f:2c:06:51:f6:15:56:54:09:06:
82:cb:a9:51:e1:43:df:83:34:6e:9f:1a:a4:1e:64:bf:8c:5d:
07:2c:58:1b:f4:2b:2e:9f:46:7e:9a:80:b1:f2:d9:6b:8d:76:
c5:30:c0:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2adJvUmMqRCu2HqNj8kUBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZWFkOTE5Yjg1YTEzMDUxZDAyMDhiN2UyOGRkY2NiMzk4
YjE0ZDYwHhcNMjYwNDE3MDgwMDI2WhcNMjYwNDE4MDgwMDI2WjAzMTEwLwYDVQQD
EyhmZTViYTU0YzAyNjg4ODIzZWQwMDQ2ODE0NzI4YjJjODllOTk2ODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+NzqxNIwUeONV/fLMkeqC8lSgoD
1PzICqxnizuiYnSn70PMqo8OhADC2d0I+CLEg9UVDV0tnZ6e5s2ZWXd792JJbd/V
TrDpcbxbNtIL3f3N+6hayJBnETYO0JSXCHaVgb2ZvvcaElk0St+HAnKrxwrOMgs+
GarEUX0ImFt5MrvQL7dSHfCpdMSJGmo4/kmcc9cc9Pu8UX2ye8TruN3OjX/JvZgZ
vO75j2gCWQ4cf1qeKPaKEx5qnvSVXneS3mrZoq60FaPQLH9CFZR4/6kt2+nwiPAK
i6/kJiVYOHrj8UKwnpai0x7/EmvDZ7eLroMRyPysAgSnpJtryq1HH7R5qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5bpUwCaIgj7QBGgUcossiemWgbMB8GA1UdIwQY
MBaAFN3q2Rm4WhMFHQIIt+KN3Ms5ixTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQt
NDhiOGI1YTliNDExLzEvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQtNDhiOGI1YTliNDEx
LzEvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADxYQqEp1
U65+9cgmKqd7VfRKmRIdBz3NTyylHF6CDEryl3pUTfkew4g29pL0MvXkUln0p2R+
kX4gB3aoAV8cIrINc052qa3b0wl1tE4ZyYhMl9VCA7YXK8wR5h9TjvwBwK5B1gQb
pNc10xBp5uWADnH5EnchO3BP2CU9RokhhcxsfG14WNBBYH2EFVKqkjk3vA7wu/7/
JhXQqFayMOwcA4asEEPQskfcRkQ6YYsgB3UovhhP4CQbX6kPMHf5Ihu7Q4vFW1+A
XnEs2wbT5FE/LAZR9hVWVAkGgsupUeFD34M0bp8apB5kv4xdByxYG/QrLp9GfpqA
sfLZa412xTDAyQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:31:01 2026 by rpki-client