Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
File: 3erZGbhaEwUdAgi34o3cyzmLFNY.mft (raw, json)
Hash identifier: vlrM6aN4DtcXeOh040nR8yLmwFcbXGJ6wVtDPwVcBug=
Subject key identifier: 4A:1A:7A:FD:C3:5D:09:33:15:11:8D:25:E4:29:69:2E:2F:11:4A:13
Authority key identifier: DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
Certificate issuer: /CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Certificate serial: 019D98863D22CA286DAF27167D429F6717BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
Manifest number: 18C7
Signing time: Thu 16 Apr 2026 23:00:27 +0000
Manifest this update: Thu 16 Apr 2026 23:00:27 +0000
Manifest next update: Fri 17 Apr 2026 23:00:27 +0000
Files and hashes: 1: 3erZGbhaEwUdAgi34o3cyzmLFNY.crl (hash: 1zRwYaRBIDMvwTAFNbP7HriKcgnJ/FQjA8aaogq5/X0=)
2: iKwLG1q1sDs9tvR7rIxpNbBHq4g.roa (hash: 5Al8Pm91tYMp0+j7fJGmguSqWX96C92TH8gJMDHEyyY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:86:3d:22:ca:28:6d:af:27:16:7d:42:9f:67:17:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Validity
Not Before: Apr 16 23:00:27 2026 GMT
Not After : Apr 17 23:00:27 2026 GMT
Subject: CN=4a1a7afdc35d093315118d25e429692e2f114a13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4e:82:c0:5a:65:3e:da:7b:19:52:64:a9:a3:
9d:f4:94:03:79:2a:48:d3:22:29:ed:f4:d4:72:d3:
2a:ce:50:78:5f:6a:33:84:19:55:34:7e:37:d7:05:
8d:9d:6b:9d:42:72:6e:1f:04:a3:5e:63:40:25:0d:
2c:18:cb:b9:72:f9:ad:c1:a2:f4:c4:2c:56:ad:c6:
fa:26:cf:9d:39:62:32:39:17:e9:37:50:e5:70:68:
b3:01:c7:6c:06:bc:85:44:bd:88:9f:4e:f2:68:9c:
21:d8:51:1e:e0:06:45:60:99:c1:cd:64:09:28:40:
9f:d7:a6:d7:1e:a4:49:93:6d:8f:f6:09:7e:45:8c:
16:52:65:56:2c:2f:0a:ff:5d:71:95:ba:d8:0e:11:
d2:56:37:43:59:03:6d:38:b9:b5:33:ef:ad:d8:dd:
19:50:14:c5:54:3a:7d:ea:e9:db:63:00:f3:33:96:
b6:8d:53:58:69:c7:e0:1d:fe:19:75:3a:a3:8c:ed:
f8:a3:59:e9:f9:6f:3c:b3:08:ea:1d:3c:eb:20:b2:
59:ed:f0:5a:05:75:6c:16:a1:cc:62:7a:1c:20:cd:
42:ae:25:14:64:f2:47:5d:68:ca:77:d3:29:86:f2:
61:c3:74:fe:e1:c6:bf:2c:33:98:d9:9a:1a:88:6d:
6f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1A:7A:FD:C3:5D:09:33:15:11:8D:25:E4:29:69:2E:2F:11:4A:13
X509v3 Authority Key Identifier:
keyid:DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:e3:cc:f1:69:2c:d5:0d:f9:5c:48:a7:df:09:b0:2c:ee:f0:
62:4f:22:e6:ec:23:9d:4b:3a:a1:67:50:c0:e6:20:43:a6:68:
96:5a:af:25:ab:9b:00:be:84:4b:8c:56:06:28:f0:f2:b6:61:
ce:b1:bd:3d:4e:68:fb:5b:c5:39:5f:bc:b1:42:d7:f9:ac:f3:
03:d7:99:fc:5e:96:49:1c:37:ad:18:da:cc:a7:ed:53:e8:50:
56:fc:d0:da:ef:ae:17:58:fd:18:5a:18:6d:58:a5:4f:1d:9e:
fe:e9:5e:87:8a:a4:62:8c:31:f9:04:c2:27:73:10:69:81:95:
60:28:8b:70:17:e1:45:7e:01:a5:21:e2:9d:5e:95:5b:58:b3:
90:4f:19:db:b7:b0:e5:5c:38:82:c2:57:ad:fc:71:00:fc:23:
18:43:7a:24:ad:c5:6a:47:aa:53:a2:0e:ac:29:1e:b4:76:75:
5e:24:10:b7:63:9c:70:ea:7a:22:af:9c:b5:16:47:34:b7:03:
75:fe:7a:d8:64:fe:24:70:58:5b:0d:dd:23:b9:58:86:42:49:
c8:73:d3:46:b3:ab:5b:10:1e:f1:65:85:19:f5:71:bb:e1:a1:
51:a7:e7:38:73:59:ed:e7:bd:3c:dc:cf:c9:ce:e9:d3:8e:72:
dc:df:e9:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Yhj0iyihtrycWfUKfZxe/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZWFkOTE5Yjg1YTEzMDUxZDAyMDhiN2UyOGRkY2NiMzk4
YjE0ZDYwHhcNMjYwNDE2MjMwMDI3WhcNMjYwNDE3MjMwMDI3WjAzMTEwLwYDVQQD
Eyg0YTFhN2FmZGMzNWQwOTMzMTUxMThkMjVlNDI5NjkyZTJmMTE0YTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtk6CwFplPtp7GVJkqaOd9JQDeSpI
0yIp7fTUctMqzlB4X2ozhBlVNH431wWNnWudQnJuHwSjXmNAJQ0sGMu5cvmtwaL0
xCxWrcb6Js+dOWIyORfpN1DlcGizAcdsBryFRL2In07yaJwh2FEe4AZFYJnBzWQJ
KECf16bXHqRJk22P9gl+RYwWUmVWLC8K/11xlbrYDhHSVjdDWQNtOLm1M++t2N0Z
UBTFVDp96unbYwDzM5a2jVNYacfgHf4ZdTqjjO34o1np+W88swjqHTzrILJZ7fBa
BXVsFqHMYnocIM1CriUUZPJHXWjKd9MphvJhw3T+4ca/LDOY2ZoaiG1vgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEoaev3DXQkzFRGNJeQpaS4vEUoTMB8GA1UdIwQY
MBaAFN3q2Rm4WhMFHQIIt+KN3Ms5ixTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQt
NDhiOGI1YTliNDExLzEvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQtNDhiOGI1YTliNDEx
LzEvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhuPM8Wks
1Q35XEin3wmwLO7wYk8i5uwjnUs6oWdQwOYgQ6ZollqvJaubAL6ES4xWBijw8rZh
zrG9PU5o+1vFOV+8sULX+azzA9eZ/F6WSRw3rRjazKftU+hQVvzQ2u+uF1j9GFoY
bVilTx2e/uleh4qkYowx+QTCJ3MQaYGVYCiLcBfhRX4BpSHinV6VW1izkE8Z27ew
5Vw4gsJXrfxxAPwjGEN6JK3FakeqU6IOrCketHZ1XiQQt2OccOp6Iq+ctRZHNLcD
df562GT+JHBYWw3dI7lYhkJJyHPTRrOrWxAe8WWFGfVxu+GhUafnOHNZ7ee9PNzP
yc7p045y3N/p/w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:28:00 2026 by rpki-client