Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
File: 3YXca2FDoX_rSYIOpSAEiVj0itw.mft (raw, json)
Hash identifier: D73yrL64IlZWuwhnS+kiyWArhSgOjBfrefhpsVAW0iQ=
Subject key identifier: EF:B8:DF:88:F9:1B:58:90:44:A9:86:35:77:AC:8C:9B:01:15:29:C6
Authority key identifier: DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC
Certificate issuer: /CN=dd85dc6b6143a17feb49820ea520048958f48adc
Certificate serial: 019CAA5897CCCAF216C40366B47181BE5CBA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
Manifest number: 12E0
Signing time: Sun 01 Mar 2026 17:00:58 +0000
Manifest this update: Sun 01 Mar 2026 17:00:58 +0000
Manifest next update: Mon 02 Mar 2026 17:00:58 +0000
Files and hashes: 1: 3YXca2FDoX_rSYIOpSAEiVj0itw.crl (hash: tvy5LngJRGof36g6mDpfvlWd5ajneA2T5Ql3BJRyUfc=)
2: BsyNzVaxxAwnI04Dd9aOhMe6ucE.roa (hash: 0aNXoEKl0ws+Toia/ObhW+i07V56stDq9dLrY8oS6mU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:97:cc:ca:f2:16:c4:03:66:b4:71:81:be:5c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd85dc6b6143a17feb49820ea520048958f48adc
Validity
Not Before: Mar 1 17:00:58 2026 GMT
Not After : Mar 2 17:00:58 2026 GMT
Subject: CN=efb8df88f91b589044a9863577ac8c9b011529c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:59:bd:0b:e2:dc:80:83:5c:13:08:93:49:4a:
80:cc:31:53:73:6b:dc:c0:cc:5e:38:ce:c8:1f:0c:
c2:5c:32:c0:4e:44:fa:4d:26:66:68:b3:b3:99:7c:
39:bd:87:01:2e:d5:3c:69:3d:39:5b:3e:dc:6a:26:
3b:a4:e2:37:9d:e9:44:b0:3d:a1:c5:00:3a:7b:45:
57:23:56:87:ee:45:ca:09:ca:8a:f2:9d:07:0d:61:
33:36:be:76:b1:ed:80:ca:db:33:99:59:17:31:a8:
07:6b:be:c3:5a:17:71:3c:63:cf:95:91:36:fe:80:
ff:0d:4b:83:55:8e:74:00:40:2a:b5:fc:ea:39:d6:
ad:75:1f:92:6b:b6:1a:df:69:45:ae:00:35:38:7f:
d1:35:97:e3:4b:52:7d:45:d5:86:0d:61:38:8d:6f:
54:78:ea:29:ef:d7:c2:de:c9:2d:39:0a:a8:c4:fb:
79:4b:5b:38:11:fa:61:ab:28:d0:37:fa:dd:9a:c6:
f3:60:55:fb:6f:b5:8e:89:7d:e9:e8:c6:9d:c7:44:
91:ad:ed:d8:bb:16:b8:23:25:24:4c:c8:42:2e:fb:
65:c6:a2:0a:62:5e:1a:b5:c2:8d:b7:62:78:52:21:
e9:b7:8f:f8:36:83:eb:ce:40:7c:77:ce:33:17:23:
80:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:B8:DF:88:F9:1B:58:90:44:A9:86:35:77:AC:8C:9B:01:15:29:C6
X509v3 Authority Key Identifier:
keyid:DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:66:f6:5b:55:dd:5d:62:2c:fc:a1:02:41:02:08:48:fc:a1:
ab:b8:9a:0a:5f:ac:6c:fe:01:65:ad:f6:38:e0:41:08:94:1b:
b7:dc:90:f0:6b:1a:fa:f4:d8:a9:62:9a:15:ed:29:08:f9:9c:
8c:85:68:d1:46:19:8c:e8:17:e0:8e:b4:64:4a:70:a6:7b:cd:
d6:9c:12:b0:4e:28:de:2f:ba:d3:36:06:83:e5:11:32:ac:a0:
b2:ef:a9:b2:5f:7c:da:3d:11:ab:94:a6:68:43:22:b7:a4:e0:
d7:7b:44:32:e4:65:18:39:42:bc:09:32:d1:fa:e3:69:43:73:
e1:e8:f7:c2:b4:6d:45:1a:85:ad:6e:25:d3:7d:82:9b:76:e7:
4f:78:37:6c:2d:f9:7e:ce:17:3d:cb:db:47:00:92:76:3f:0e:
a9:25:23:be:26:bc:63:54:6d:3f:6e:2c:d2:71:03:67:cb:50:
ef:4d:00:96:9a:07:59:e9:9f:5b:96:3e:f5:52:ee:c9:aa:5d:
f7:a5:a3:98:03:92:ef:a4:66:3a:18:b0:9f:6f:69:88:94:59:
77:2d:d2:3c:56:ee:21:a3:ed:31:c3:c6:b1:bd:3d:e3:09:f1:
48:76:04:9d:85:09:69:98:82:a4:2d:b2:54:75:98:f8:76:9f:
94:02:fe:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWJfMyvIWxANmtHGBvly6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkODVkYzZiNjE0M2ExN2ZlYjQ5ODIwZWE1MjAwNDg5NThm
NDhhZGMwHhcNMjYwMzAxMTcwMDU4WhcNMjYwMzAyMTcwMDU4WjAzMTEwLwYDVQQD
EyhlZmI4ZGY4OGY5MWI1ODkwNDRhOTg2MzU3N2FjOGM5YjAxMTUyOWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Vm9C+LcgINcEwiTSUqAzDFTc2vc
wMxeOM7IHwzCXDLATkT6TSZmaLOzmXw5vYcBLtU8aT05Wz7caiY7pOI3nelEsD2h
xQA6e0VXI1aH7kXKCcqK8p0HDWEzNr52se2AytszmVkXMagHa77DWhdxPGPPlZE2
/oD/DUuDVY50AEAqtfzqOdatdR+Sa7Ya32lFrgA1OH/RNZfjS1J9RdWGDWE4jW9U
eOop79fC3sktOQqoxPt5S1s4EfphqyjQN/rdmsbzYFX7b7WOiX3p6Madx0SRre3Y
uxa4IyUkTMhCLvtlxqIKYl4atcKNt2J4UiHpt4/4NoPrzkB8d84zFyOADwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO+434j5G1iQRKmGNXesjJsBFSnGMB8GA1UdIwQY
MBaAFN2F3GthQ6F/60mCDqUgBIlY9IrcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQt
NGFjODU2YTgxODJkLzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQtNGFjODU2YTgxODJk
LzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN2b2W1Xd
XWIs/KECQQIISPyhq7iaCl+sbP4BZa32OOBBCJQbt9yQ8Gsa+vTYqWKaFe0pCPmc
jIVo0UYZjOgX4I60ZEpwpnvN1pwSsE4o3i+60zYGg+URMqygsu+psl982j0Rq5Sm
aEMit6Tg13tEMuRlGDlCvAky0frjaUNz4ej3wrRtRRqFrW4l032Cm3bnT3g3bC35
fs4XPcvbRwCSdj8OqSUjvia8Y1RtP24s0nEDZ8tQ700AlpoHWemfW5Y+9VLuyapd
96WjmAOS76RmOhiwn29piJRZdy3SPFbuIaPtMcPGsb094wnxSHYEnYUJaZiCpC2y
VHWY+HaflAL+zw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:48:14 2026 by rpki-client