Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft
File: 3AWXDmUMKq8atqOjOoNzJGahUS4.mft (raw, json)
Hash identifier: ibUaJ8ZYZuHjAG1yzzuBCPQ3ThNxtNg7osVFymGhDZo=
Subject key identifier: 86:B8:D3:8E:4D:33:AD:A8:AD:A5:C9:0C:D3:0C:1D:C5:A5:42:5F:7E
Authority key identifier: DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E
Certificate issuer: /CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e
Certificate serial: 019D9B51742E234D92D903019E2EDF44D751
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft
Manifest number: 18C4
Signing time: Fri 17 Apr 2026 12:01:39 +0000
Manifest this update: Fri 17 Apr 2026 12:01:39 +0000
Manifest next update: Sat 18 Apr 2026 12:01:39 +0000
Files and hashes: 1: 36CB5eigCHYIuRmXqrnDW_-F3Xc.roa (hash: KcH/S3GFg0T0gWVpA5XkZVyUjTJRMZNW3hzXP6Ng0zo=)
2: 3AWXDmUMKq8atqOjOoNzJGahUS4.crl (hash: A5L52JqF4JSDhJw3Vvc7M0V1XP1aorx9mMA/J+GLonk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:51:74:2e:23:4d:92:d9:03:01:9e:2e:df:44:d7:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e
Validity
Not Before: Apr 17 12:01:39 2026 GMT
Not After : Apr 18 12:01:39 2026 GMT
Subject: CN=86b8d38e4d33ada8ada5c90cd30c1dc5a5425f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5b:b2:a1:30:e6:8f:a9:38:e7:3d:bf:79:03:
21:58:f4:b4:f7:14:1a:b4:54:f6:1d:d7:99:38:7c:
79:99:a8:f8:08:28:1d:5f:7c:b4:1b:34:94:56:2c:
83:33:a0:bb:8e:94:cd:34:55:00:87:5e:12:64:e9:
0c:1e:0f:0c:59:db:86:e6:44:b0:38:bf:c4:83:9c:
ff:26:84:38:87:cd:5d:38:5c:66:12:1e:17:51:06:
10:4f:91:af:7b:40:d1:77:58:58:c5:e3:02:7b:e7:
77:66:ec:97:8d:d2:d8:65:38:26:78:3a:c3:d3:fc:
48:a5:c9:71:fe:c1:6a:ef:91:10:30:27:61:43:a5:
2d:2a:fb:7a:19:ef:7d:f0:78:e8:1d:bc:dc:5d:63:
67:c9:10:68:7f:b6:f0:c8:6c:8d:a5:23:5c:f2:ab:
c0:33:87:43:77:37:43:ee:c1:d9:ee:34:aa:46:b2:
8b:7c:25:4f:cd:56:c1:75:3d:49:6a:ee:ce:3f:4c:
d2:32:cd:cc:01:61:65:9f:1f:44:4b:9d:37:80:64:
ed:c5:7d:4e:57:69:40:93:7c:47:8a:41:48:62:61:
54:c3:36:f7:13:d3:6d:ba:a7:22:aa:fe:69:4e:44:
16:1c:c3:8e:26:5d:1d:b4:1d:ff:b7:ab:d3:9d:b0:
7e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B8:D3:8E:4D:33:AD:A8:AD:A5:C9:0C:D3:0C:1D:C5:A5:42:5F:7E
X509v3 Authority Key Identifier:
keyid:DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:a1:db:96:62:1b:fb:42:60:e2:40:28:17:20:55:4d:aa:f1:
3a:3a:aa:54:26:23:57:45:b7:ea:b0:ac:17:42:7b:17:37:06:
c8:f9:bc:fc:70:a6:03:56:61:a1:4f:ea:35:21:01:8a:69:31:
2a:ed:da:63:75:78:2e:9b:4b:7e:96:6f:ce:90:54:84:dc:25:
cb:d5:27:19:d7:b9:d2:92:b7:07:18:c6:db:70:25:a1:32:c0:
da:18:3a:7d:ef:ec:5a:88:65:9c:21:16:10:87:8b:9d:c9:08:
bd:68:ba:32:bb:ee:86:98:5a:ba:14:c8:27:2f:5e:6c:42:b1:
f6:bb:88:09:cf:dc:79:61:7e:8f:0c:9d:db:20:20:8e:14:c0:
be:97:e3:e4:ee:88:47:d5:4d:59:3b:a1:aa:19:3a:c9:01:2e:
ff:27:5c:02:75:2e:05:a9:91:b2:8a:95:ac:e4:87:53:4e:5f:
d0:4c:8b:66:e8:b2:b7:d0:30:eb:98:67:b6:95:45:3c:6f:f4:
7b:4f:b9:9a:0f:da:f4:6c:14:2f:45:bf:d4:a2:0f:f3:8f:16:
50:1d:da:d8:50:64:64:0d:20:aa:53:a8:e5:59:72:2f:f4:f8:
c4:7a:e6:4a:61:3c:31:85:25:4d:86:e4:08:09:73:f2:58:52:
00:cc:4a:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUXQuI02S2QMBni7fRNdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDU5NzBlNjUwYzJhYWYxYWI2YTNhMzNhODM3MzI0NjZh
MTUxMmUwHhcNMjYwNDE3MTIwMTM5WhcNMjYwNDE4MTIwMTM5WjAzMTEwLwYDVQQD
Eyg4NmI4ZDM4ZTRkMzNhZGE4YWRhNWM5MGNkMzBjMWRjNWE1NDI1ZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFuyoTDmj6k45z2/eQMhWPS09xQa
tFT2HdeZOHx5maj4CCgdX3y0GzSUViyDM6C7jpTNNFUAh14SZOkMHg8MWduG5kSw
OL/Eg5z/JoQ4h81dOFxmEh4XUQYQT5Gve0DRd1hYxeMCe+d3ZuyXjdLYZTgmeDrD
0/xIpclx/sFq75EQMCdhQ6UtKvt6Ge998HjoHbzcXWNnyRBof7bwyGyNpSNc8qvA
M4dDdzdD7sHZ7jSqRrKLfCVPzVbBdT1Jau7OP0zSMs3MAWFlnx9ES503gGTtxX1O
V2lAk3xHikFIYmFUwzb3E9Ntuqciqv5pTkQWHMOOJl0dtB3/t6vTnbB+xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIa4045NM62oraXJDNMMHcWlQl9+MB8GA1UdIwQY
MBaAFNwFlw5lDCqvGrajozqDcyRmoVEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTkt
NjdhNTQwZTI5N2YwLzEvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTktNjdhNTQwZTI5N2Yw
LzEvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb6HblmIb
+0Jg4kAoFyBVTarxOjqqVCYjV0W36rCsF0J7FzcGyPm8/HCmA1ZhoU/qNSEBimkx
Ku3aY3V4LptLfpZvzpBUhNwly9UnGde50pK3BxjG23AloTLA2hg6fe/sWohlnCEW
EIeLnckIvWi6MrvuhphauhTIJy9ebEKx9ruICc/ceWF+jwyd2yAgjhTAvpfj5O6I
R9VNWTuhqhk6yQEu/ydcAnUuBamRsoqVrOSHU05f0EyLZuiyt9Aw65hntpVFPG/0
e0+5mg/a9GwUL0W/1KIP848WUB3a2FBkZA0gqlOo5VlyL/T4xHrmSmE8MYUlTYbk
CAlz8lhSAMxKuA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:27:57 2026 by rpki-client