Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/8d4107-3c59-44d4-816f-3a4e8b9da5be/1/3f20crHtWewvNw8g-rSHlDnFMY8.mft
File: 3f20crHtWewvNw8g-rSHlDnFMY8.mft (raw, json)
Hash identifier: P2prKoV7ePAgcAyPwkxsxqYndPV9RYKr8vlpCkrccH0=
Subject key identifier: 38:31:4C:BD:8C:A7:F5:FD:55:F2:14:6F:AA:68:D9:4D:3B:C4:CB:9C
Authority key identifier: DD:FD:B4:72:B1:ED:59:EC:2F:37:0F:20:FA:B4:87:94:39:C5:31:8F
Certificate issuer: /CN=ddfdb472b1ed59ec2f370f20fab4879439c5318f
Certificate serial: 019D98F4B4B39E5114427520F24EDFD155F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3f20crHtWewvNw8g-rSHlDnFMY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/8d4107-3c59-44d4-816f-3a4e8b9da5be/1/3f20crHtWewvNw8g-rSHlDnFMY8.mft
Manifest number: D9
Signing time: Fri 17 Apr 2026 01:01:07 +0000
Manifest this update: Fri 17 Apr 2026 01:01:07 +0000
Manifest next update: Sat 18 Apr 2026 01:01:07 +0000
Files and hashes: 1: 3f20crHtWewvNw8g-rSHlDnFMY8.crl (hash: PUymOLEFU7ihkVD+Y/xO9GbSUl4xUl3qWyPxEnKSuGE=)
2: ZMQkud9K3mvXdpjh-yoqav-Fm2A.roa (hash: rezLl6nocyRRaT4FpZnJ5CHwHhiv5ot72qwHgOZEFQY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/8d4107-3c59-44d4-816f-3a4e8b9da5be/1/3f20crHtWewvNw8g-rSHlDnFMY8.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/8d4107-3c59-44d4-816f-3a4e8b9da5be/1/3f20crHtWewvNw8g-rSHlDnFMY8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3f20crHtWewvNw8g-rSHlDnFMY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:b4:b3:9e:51:14:42:75:20:f2:4e:df:d1:55:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddfdb472b1ed59ec2f370f20fab4879439c5318f
Validity
Not Before: Apr 17 01:01:07 2026 GMT
Not After : Apr 18 01:01:07 2026 GMT
Subject: CN=38314cbd8ca7f5fd55f2146faa68d94d3bc4cb9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:24:e9:88:a3:81:28:10:e9:17:4d:e2:a9:8f:
ed:5a:1b:6b:c3:24:6b:64:81:53:a7:b6:cc:35:3b:
7b:db:89:66:7c:6c:51:bd:f0:d0:a6:23:db:cc:23:
ea:7e:08:be:43:e6:57:35:c0:6f:52:c3:af:c3:96:
bf:55:85:d6:70:3e:0a:02:57:be:6d:95:24:a4:93:
c2:2f:11:1f:1c:9e:1f:ac:62:a7:f5:5f:d4:01:89:
2d:72:74:3a:29:e0:90:06:2f:36:bb:6a:9e:ac:77:
f4:e6:a1:15:d3:3d:12:c0:f5:6d:fb:f8:9e:28:b9:
c1:1b:38:cd:83:1f:c8:2e:d2:8f:b3:31:81:a0:11:
9e:c4:60:98:c3:d4:5e:49:20:bb:26:bb:da:93:02:
17:71:3c:d3:62:be:65:cb:fa:64:ac:60:e7:f5:1d:
4f:ef:4a:64:46:07:88:10:75:ab:69:93:c7:04:05:
58:7c:7e:82:55:93:57:1e:c0:95:3d:e5:3a:73:d5:
4d:c7:7e:3d:7c:ff:2a:7d:8a:c8:8d:24:3e:ee:cb:
e5:8d:27:56:80:d3:21:4d:42:5e:26:49:3e:09:33:
a4:cb:3a:bc:6b:f9:9e:9f:b4:40:84:58:c2:27:05:
5a:19:63:94:73:e3:31:23:c9:a1:48:5c:7f:ff:27:
0a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:31:4C:BD:8C:A7:F5:FD:55:F2:14:6F:AA:68:D9:4D:3B:C4:CB:9C
X509v3 Authority Key Identifier:
keyid:DD:FD:B4:72:B1:ED:59:EC:2F:37:0F:20:FA:B4:87:94:39:C5:31:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f20crHtWewvNw8g-rSHlDnFMY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8d4107-3c59-44d4-816f-3a4e8b9da5be/1/3f20crHtWewvNw8g-rSHlDnFMY8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8d4107-3c59-44d4-816f-3a4e8b9da5be/1/3f20crHtWewvNw8g-rSHlDnFMY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:86:73:8a:36:75:ef:8e:47:1c:aa:0f:e7:33:a8:6e:e2:6a:
a4:fc:e9:1d:1a:47:d9:ae:27:72:0b:21:1e:9e:01:5c:85:51:
54:dc:7b:30:f0:0e:81:71:f9:1d:63:95:e3:70:8f:8e:f4:e8:
6d:01:2a:75:d4:ce:db:6a:b8:cd:01:df:d7:fc:fd:98:88:c9:
fc:01:9f:af:91:d0:cb:a6:b8:39:47:09:99:29:5d:49:40:81:
c7:f6:bf:8b:e1:00:59:a7:d8:2f:e8:b1:27:6c:16:7b:9a:81:
cc:c4:54:3c:e6:89:87:c3:6a:d4:96:6f:80:af:9c:45:74:09:
a7:e8:ba:dc:df:e9:a2:3b:f2:a8:25:6a:34:d8:a0:58:87:d2:
24:65:17:33:1a:16:bf:a9:47:f0:17:90:a4:31:c8:2e:26:03:
29:53:13:69:85:5c:61:54:b0:4c:12:74:22:77:7d:81:3f:a8:
05:9d:e6:33:ef:01:cd:44:f1:ec:6f:e6:80:25:85:13:6d:23:
89:dc:d7:0d:6e:f4:81:78:cc:59:cd:bf:2b:61:54:84:be:25:
28:d7:2c:ba:b2:f6:d3:46:34:3f:4b:ed:4d:54:e9:13:4b:da:
0e:f2:d9:08:53:f7:1e:b9:d4:bb:12:4f:ae:0a:5b:fd:bc:4b:
82:22:3d:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9LSznlEUQnUg8k7f0VXzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZmRiNDcyYjFlZDU5ZWMyZjM3MGYyMGZhYjQ4Nzk0Mzlj
NTMxOGYwHhcNMjYwNDE3MDEwMTA3WhcNMjYwNDE4MDEwMTA3WjAzMTEwLwYDVQQD
EygzODMxNGNiZDhjYTdmNWZkNTVmMjE0NmZhYTY4ZDk0ZDNiYzRjYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCTpiKOBKBDpF03iqY/tWhtrwyRr
ZIFTp7bMNTt724lmfGxRvfDQpiPbzCPqfgi+Q+ZXNcBvUsOvw5a/VYXWcD4KAle+
bZUkpJPCLxEfHJ4frGKn9V/UAYktcnQ6KeCQBi82u2qerHf05qEV0z0SwPVt+/ie
KLnBGzjNgx/ILtKPszGBoBGexGCYw9ReSSC7JrvakwIXcTzTYr5ly/pkrGDn9R1P
70pkRgeIEHWraZPHBAVYfH6CVZNXHsCVPeU6c9VNx349fP8qfYrIjSQ+7svljSdW
gNMhTUJeJkk+CTOkyzq8a/men7RAhFjCJwVaGWOUc+MxI8mhSFx//ycK2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgxTL2Mp/X9VfIUb6po2U07xMucMB8GA1UdIwQY
MBaAFN39tHKx7VnsLzcPIPq0h5Q5xTGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2YyMGNySHRXZXd2Tnc4Zy1yU0hsRG5GTVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC84ZDQxMDctM2M1OS00NGQ0LTgxNmYt
M2E0ZThiOWRhNWJlLzEvM2YyMGNySHRXZXd2Tnc4Zy1yU0hsRG5GTVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC84ZDQxMDctM2M1OS00NGQ0LTgxNmYtM2E0ZThiOWRhNWJl
LzEvM2YyMGNySHRXZXd2Tnc4Zy1yU0hsRG5GTVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhIZzijZ1
745HHKoP5zOobuJqpPzpHRpH2a4ncgshHp4BXIVRVNx7MPAOgXH5HWOV43CPjvTo
bQEqddTO22q4zQHf1/z9mIjJ/AGfr5HQy6a4OUcJmSldSUCBx/a/i+EAWafYL+ix
J2wWe5qBzMRUPOaJh8Nq1JZvgK+cRXQJp+i63N/pojvyqCVqNNigWIfSJGUXMxoW
v6lH8BeQpDHILiYDKVMTaYVcYVSwTBJ0Ind9gT+oBZ3mM+8BzUTx7G/mgCWFE20j
idzXDW70gXjMWc2/K2FUhL4lKNcsurL200Y0P0vtTVTpE0vaDvLZCFP3HrnUuxJP
rgpb/bxLgiI9yg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:05:48 2026 by rpki-client