Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft
File: 3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft (raw, json)
Hash identifier: gXc7fqlJbTzFOHRjb/BsvbWxRyI7sG+geKVKsIk4cvI=
Subject key identifier: 5B:8A:AF:8B:85:58:18:3A:12:B3:D6:39:57:77:29:A5:0E:E2:93:C2
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 019D9AE30BD4CDEA0EA9350B176DE9AFD15E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft
Manifest number: 10AB
Signing time: Fri 17 Apr 2026 10:01:04 +0000
Manifest this update: Fri 17 Apr 2026 10:01:04 +0000
Manifest next update: Sat 18 Apr 2026 10:01:04 +0000
Files and hashes: 1: 3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl (hash: tug2w3miZxkLhpl3QtSJ23Tiz2xB6qHFVGh1CC99Fe0=)
2: 41nL5ZV4qJFS5Q2xxQRuLMPoip0.roa (hash: BJiNQu65WQwhnTLfbv69MpyE5IwMrQPr3mJhDc7s1uM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e3:0b:d4:cd:ea:0e:a9:35:0b:17:6d:e9:af:d1:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: Apr 17 10:01:04 2026 GMT
Not After : Apr 18 10:01:04 2026 GMT
Subject: CN=5b8aaf8b8558183a12b3d639577729a50ee293c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7a:2b:6b:88:63:5c:82:f8:bf:95:c5:b5:39:
0a:96:12:c4:a9:1e:55:d7:31:03:9c:64:a0:26:e1:
c4:3b:01:3c:a9:7b:41:1a:ff:c5:a6:af:f1:3d:62:
e1:ef:b3:5a:51:b2:8a:d2:df:cf:57:77:2d:9e:6f:
be:d7:74:cc:cd:e6:8d:db:2d:cc:48:c6:68:dd:af:
f3:a1:45:b4:84:ff:51:e4:7b:18:89:b7:4d:4b:62:
51:26:d6:ca:f1:ee:dd:0a:25:d0:f0:b3:55:9e:f8:
cc:81:35:97:00:5c:47:2e:93:8c:16:92:a9:1d:fe:
7e:29:0f:02:58:8b:71:f9:be:ba:a7:67:dc:1c:c2:
1c:a8:e7:d6:bc:19:ce:11:39:78:66:2b:82:f4:a0:
17:d3:ce:49:d5:ee:ed:1c:c7:ec:e8:95:22:4a:18:
9f:6e:93:b1:60:3d:c1:21:99:67:1c:e4:47:a0:92:
9c:10:0f:f7:9d:5a:aa:02:c6:87:57:8b:0d:93:5c:
32:66:34:1f:72:66:18:0c:9a:28:c1:6d:ea:3c:68:
9c:2f:6c:b3:9b:68:88:5f:8e:a9:78:2b:4a:ee:6e:
7b:24:0f:9b:77:57:9a:32:7a:80:06:a6:b8:44:e1:
1d:70:89:7e:e3:f6:ce:c2:d4:39:73:af:4f:da:81:
03:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:8A:AF:8B:85:58:18:3A:12:B3:D6:39:57:77:29:A5:0E:E2:93:C2
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:f6:75:8c:e4:6c:cd:ef:77:b5:e7:2e:15:cd:32:88:1a:08:
a8:d9:b9:82:a3:56:ac:03:7d:16:ed:76:f7:b2:1a:aa:c9:2a:
f8:30:96:cd:4e:35:aa:d0:a7:86:78:d8:25:0b:2a:3b:f3:ff:
c5:2b:d1:98:fe:90:93:d2:c1:35:08:bf:31:4a:08:9d:ee:86:
68:be:05:3f:7a:ae:f9:db:ae:ca:90:f8:f2:ff:2e:8c:09:10:
ee:a1:b6:a5:35:1e:e5:15:c8:b6:ce:56:0e:bc:69:6f:60:37:
a6:29:68:30:02:fe:b3:ae:36:6d:f8:5e:8f:88:97:f4:7b:33:
df:c1:a3:91:f0:15:e3:6e:6e:9e:aa:fe:63:fc:65:ef:16:f5:
ad:af:f4:7a:93:b1:da:52:fa:aa:34:c8:b3:9e:d0:09:81:55:
9c:94:63:26:20:5e:46:4b:26:2a:b7:89:ca:05:a5:7d:70:1c:
84:59:3b:4b:db:ab:89:3f:ef:53:72:d4:4f:4a:8d:9a:9e:f4:
19:94:7c:b9:18:82:0f:42:6e:53:f4:4c:18:2a:a9:0e:e1:66:
0d:01:7f:a4:60:7e:1a:d8:00:2d:74:81:9e:b4:2d:a8:2c:16:
86:5f:fe:71:11:ce:f4:f1:d2:a6:86:f7:5a:50:49:cf:b0:f8:
d2:d1:66:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4wvUzeoOqTULF23pr9FeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjYwNDE3MTAwMTA0WhcNMjYwNDE4MTAwMTA0WjAzMTEwLwYDVQQD
Eyg1YjhhYWY4Yjg1NTgxODNhMTJiM2Q2Mzk1Nzc3MjlhNTBlZTI5M2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnora4hjXIL4v5XFtTkKlhLEqR5V
1zEDnGSgJuHEOwE8qXtBGv/Fpq/xPWLh77NaUbKK0t/PV3ctnm++13TMzeaN2y3M
SMZo3a/zoUW0hP9R5HsYibdNS2JRJtbK8e7dCiXQ8LNVnvjMgTWXAFxHLpOMFpKp
Hf5+KQ8CWItx+b66p2fcHMIcqOfWvBnOETl4ZiuC9KAX085J1e7tHMfs6JUiShif
bpOxYD3BIZlnHORHoJKcEA/3nVqqAsaHV4sNk1wyZjQfcmYYDJoowW3qPGicL2yz
m2iIX46peCtK7m57JA+bd1eaMnqABqa4ROEdcIl+4/bOwtQ5c69P2oED7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFuKr4uFWBg6ErPWOVd3KaUO4pPCMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhfZ1jORs
ze93tecuFc0yiBoIqNm5gqNWrAN9Fu1297Iaqskq+DCWzU41qtCnhnjYJQsqO/P/
xSvRmP6Qk9LBNQi/MUoIne6GaL4FP3qu+duuypD48v8ujAkQ7qG2pTUe5RXIts5W
Drxpb2A3piloMAL+s642bfhej4iX9Hsz38GjkfAV425unqr+Y/xl7xb1ra/0epOx
2lL6qjTIs57QCYFVnJRjJiBeRksmKreJygWlfXAchFk7S9uriT/vU3LUT0qNmp70
GZR8uRiCD0JuU/RMGCqpDuFmDQF/pGB+GtgALXSBnrQtqCwWhl/+cRHO9PHSpob3
WlBJz7D40tFmTA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:32:15 2026 by rpki-client