Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
File: 3W2WGgYrcca_r9m6jqaf3R-mOAI.mft (raw, json)
Hash identifier: 4pasKvh+tlH9GhXLhv1Z6JCIVSEXxrGmtOcuTugyws8=
Subject key identifier: CA:08:51:88:CC:79:DC:DD:5E:45:47:72:86:85:E5:7B:61:D8:E0:DA
Authority key identifier: DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02
Certificate issuer: /CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802
Certificate serial: 019D099E12E306369FCDE25BD6C11FCD4A6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
Manifest number: 0450
Signing time: Fri 20 Mar 2026 05:00:47 +0000
Manifest this update: Fri 20 Mar 2026 05:00:47 +0000
Manifest next update: Sat 21 Mar 2026 05:00:47 +0000
Files and hashes: 1: 3W2WGgYrcca_r9m6jqaf3R-mOAI.crl (hash: glTJnXqjxuqb5iOO4OnL2dfu34W2huUj5UxBv07Essk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 01:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:09:9e:12:e3:06:36:9f:cd:e2:5b:d6:c1:1f:cd:4a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802
Validity
Not Before: Mar 20 05:00:47 2026 GMT
Not After : Mar 21 05:00:47 2026 GMT
Subject: CN=ca085188cc79dcdd5e4547728685e57b61d8e0da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:77:70:05:bf:48:cc:fa:6f:01:fa:a5:92:ea:
1a:0a:9b:46:56:75:8d:d5:ba:32:6d:38:b5:ca:8f:
c2:aa:50:8a:20:a3:c3:43:3e:31:e1:a5:f6:46:a9:
fb:52:7d:53:62:ed:1a:2d:c5:41:77:5d:cb:3c:b4:
e6:0b:28:b8:70:a9:cc:17:c6:29:85:53:e2:96:51:
c9:dd:42:98:2b:ef:a6:59:f0:12:3d:40:11:76:e5:
67:43:cd:41:bb:a5:33:d1:ac:68:25:0b:19:b4:91:
eb:d3:bc:41:ec:46:e3:90:60:62:61:97:6a:4f:58:
53:a5:db:c8:34:bc:76:5e:8a:cc:d7:7e:c0:92:68:
6c:95:a6:8d:41:6b:ef:44:fa:99:02:d1:f9:80:8c:
21:bd:26:5e:fd:a1:ec:1b:ed:c3:10:9e:2f:dd:e0:
a2:30:42:f4:da:de:29:3e:09:b0:9a:d2:a9:ec:e6:
13:9f:4e:d1:8a:da:8a:47:3d:75:58:82:42:56:e1:
b4:1f:67:cc:5b:6c:aa:3a:d6:ff:52:fb:16:f4:a8:
81:41:ca:b0:da:ea:34:b1:07:66:61:25:d9:2e:2f:
32:2d:79:fe:a0:5e:33:f0:b9:74:43:3b:1a:76:89:
72:9b:4d:59:6e:4c:32:60:4b:54:ab:6b:ee:0a:65:
0a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:08:51:88:CC:79:DC:DD:5E:45:47:72:86:85:E5:7B:61:D8:E0:DA
X509v3 Authority Key Identifier:
keyid:DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:21:63:9b:57:32:28:1b:62:11:53:9c:45:3b:72:bc:65:d5:
dc:4c:ba:13:bb:51:1b:74:9d:60:83:87:48:f3:18:00:07:f1:
5a:b2:76:ff:2b:1e:81:94:2a:7a:71:17:fb:20:10:07:eb:32:
c2:66:2c:dd:1e:1f:1d:8d:42:88:40:1e:5d:e2:c9:ad:90:db:
02:a0:84:d6:9b:6d:37:40:00:1c:6b:64:46:0a:b4:a5:41:65:
69:8b:3e:f3:ce:24:88:d9:86:56:d4:10:6e:f2:0d:d0:0c:bf:
84:53:71:38:58:1b:72:0b:b3:bc:75:9c:4f:d2:e3:35:0d:84:
dc:03:41:6d:be:2d:68:f6:76:07:70:93:f7:83:89:08:af:70:
ab:53:01:b2:7b:8e:a6:71:62:ae:3d:63:7a:a0:6a:5c:c6:3c:
89:b7:48:13:5f:d0:9d:79:e4:26:fd:63:dc:96:dc:c3:b2:fe:
ca:e6:52:73:91:20:84:bf:35:c4:b2:67:65:e3:9f:41:d5:80:
a9:12:e0:b5:b3:15:e8:b7:2c:03:d4:53:c7:a2:34:a2:17:c1:
cf:31:d8:1e:58:d5:ea:fc:c9:83:83:0b:6f:7e:bc:dc:48:1e:
33:53:04:77:27:e2:77:08:67:1a:87:18:14:cc:93:c7:db:bb:
78:c9:5a:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0JnhLjBjafzeJb1sEfzUpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNmQ5NjFhMDYyYjcxYzZiZmFmZDliYThlYTY5ZmRkMWZh
NjM4MDIwHhcNMjYwMzIwMDUwMDQ3WhcNMjYwMzIxMDUwMDQ3WjAzMTEwLwYDVQQD
EyhjYTA4NTE4OGNjNzlkY2RkNWU0NTQ3NzI4Njg1ZTU3YjYxZDhlMGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyndwBb9IzPpvAfqlkuoaCptGVnWN
1boybTi1yo/CqlCKIKPDQz4x4aX2Rqn7Un1TYu0aLcVBd13LPLTmCyi4cKnMF8Yp
hVPillHJ3UKYK++mWfASPUARduVnQ81Bu6Uz0axoJQsZtJHr07xB7EbjkGBiYZdq
T1hTpdvINLx2XorM137AkmhslaaNQWvvRPqZAtH5gIwhvSZe/aHsG+3DEJ4v3eCi
MEL02t4pPgmwmtKp7OYTn07RitqKRz11WIJCVuG0H2fMW2yqOtb/UvsW9KiBQcqw
2uo0sQdmYSXZLi8yLXn+oF4z8Ll0Qzsadolym01ZbkwyYEtUq2vuCmUKLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMoIUYjMedzdXkVHcoaF5Xth2ODaMB8GA1UdIwQY
MBaAFN1tlhoGK3HGv6/Zuo6mn90fpjgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUt
NDgwZmQ4NGE4NDFmLzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUtNDgwZmQ4NGE4NDFm
LzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEiFjm1cy
KBtiEVOcRTtyvGXV3Ey6E7tRG3SdYIOHSPMYAAfxWrJ2/ysegZQqenEX+yAQB+sy
wmYs3R4fHY1CiEAeXeLJrZDbAqCE1pttN0AAHGtkRgq0pUFlaYs+884kiNmGVtQQ
bvIN0Ay/hFNxOFgbcguzvHWcT9LjNQ2E3ANBbb4taPZ2B3CT94OJCK9wq1MBsnuO
pnFirj1jeqBqXMY8ibdIE1/QnXnkJv1j3Jbcw7L+yuZSc5EghL81xLJnZeOfQdWA
qRLgtbMV6LcsA9RTx6I0ohfBzzHYHljV6vzJg4MLb3683EgeM1MEdyfidwhnGocY
FMyTx9u7eMla7w==
-----END CERTIFICATE-----
Generated at Fri Mar 20 08:50:01 2026 by rpki-client