Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/3af153-ed0d-49c0-99df-0cdefbfc787a/1/F3AFF3Um1mjoRLKnpaWaxkpJVlI.mft
File: F3AFF3Um1mjoRLKnpaWaxkpJVlI.mft (raw, json)
Hash identifier: wnopafS9HlFiX0p1GhDYKmOzlHrhHQehOFiFHiJ0PVI=
Subject key identifier: A8:3E:A4:B1:BF:71:E1:74:0D:5C:64:F8:33:7D:E6:93:CC:6D:F9:54
Authority key identifier: 17:70:05:17:75:26:D6:68:E8:44:B2:A7:A5:A5:9A:C6:4A:49:56:52
Certificate issuer: /CN=177005177526d668e844b2a7a5a59ac64a495652
Certificate serial: 019D3789A5FD9A2DE2F11D283CA4AAAACDA4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3AFF3Um1mjoRLKnpaWaxkpJVlI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/3af153-ed0d-49c0-99df-0cdefbfc787a/1/F3AFF3Um1mjoRLKnpaWaxkpJVlI.mft
Manifest number: 07EA
Signing time: Sun 29 Mar 2026 03:01:00 +0000
Manifest this update: Sun 29 Mar 2026 03:01:00 +0000
Manifest next update: Mon 30 Mar 2026 03:01:00 +0000
Files and hashes: 1: F3AFF3Um1mjoRLKnpaWaxkpJVlI.crl (hash: QAJBe1nr6DcVJItg2jQMmbYpyYiFUTPbSIAGErPFNF8=)
2: udQh1E7UdhZ3q6PAG0MlGhbmPaw.roa (hash: XThKptGke2Rt2jt7oAQhE+VAuCr0Qg/2RUNkoKL1FUY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/3af153-ed0d-49c0-99df-0cdefbfc787a/1/F3AFF3Um1mjoRLKnpaWaxkpJVlI.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/3af153-ed0d-49c0-99df-0cdefbfc787a/1/F3AFF3Um1mjoRLKnpaWaxkpJVlI.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3AFF3Um1mjoRLKnpaWaxkpJVlI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:a5:fd:9a:2d:e2:f1:1d:28:3c:a4:aa:aa:cd:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=177005177526d668e844b2a7a5a59ac64a495652
Validity
Not Before: Mar 29 03:01:00 2026 GMT
Not After : Mar 30 03:01:00 2026 GMT
Subject: CN=a83ea4b1bf71e1740d5c64f8337de693cc6df954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a6:80:85:17:4a:e4:5b:e6:18:20:9d:8e:fd:
67:ee:3e:f6:38:de:75:95:75:1e:36:57:6a:3e:b3:
ed:82:bf:49:dc:e2:72:19:38:72:12:b3:fc:c4:ae:
7b:a1:bb:0f:6c:27:0c:27:69:f4:8e:85:0b:ca:11:
d9:92:c8:57:2c:46:68:4f:22:33:16:c5:02:33:74:
4b:51:3a:6a:4a:86:0e:ed:92:63:99:e7:3f:2c:67:
78:a8:86:bb:40:e9:8c:9a:64:70:5d:95:60:a6:41:
27:8d:05:85:ac:9d:2d:d5:6c:26:01:c2:1e:16:23:
41:74:22:99:45:a9:3e:3f:0f:d8:a5:94:d2:06:1a:
71:74:8e:ad:95:73:d2:0f:b6:5d:bc:93:72:19:e9:
9b:d8:9f:10:a7:ba:2c:08:3c:27:20:65:c5:71:77:
91:e0:83:69:50:4b:e4:d2:c5:5e:f5:23:ec:19:d2:
25:46:6e:4e:6f:2d:e5:00:59:6e:8a:5a:99:fe:70:
3a:df:f7:75:65:e5:a5:cc:7e:35:d4:30:ae:1d:27:
c6:07:40:31:26:66:ba:4c:7d:ce:7b:64:8f:f1:da:
d9:32:51:17:2a:45:10:0b:48:89:e1:d5:9c:2d:2d:
58:bc:1b:b6:29:5e:ca:cc:4c:c4:d4:e4:5d:35:9c:
b6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:3E:A4:B1:BF:71:E1:74:0D:5C:64:F8:33:7D:E6:93:CC:6D:F9:54
X509v3 Authority Key Identifier:
keyid:17:70:05:17:75:26:D6:68:E8:44:B2:A7:A5:A5:9A:C6:4A:49:56:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3AFF3Um1mjoRLKnpaWaxkpJVlI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/3af153-ed0d-49c0-99df-0cdefbfc787a/1/F3AFF3Um1mjoRLKnpaWaxkpJVlI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/3af153-ed0d-49c0-99df-0cdefbfc787a/1/F3AFF3Um1mjoRLKnpaWaxkpJVlI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:63:e3:5b:ee:d0:05:6e:3f:0b:ae:34:a8:7f:4b:ce:d7:cd:
f2:be:2c:e5:ba:0c:59:6c:88:33:09:31:8d:45:fd:b4:a5:6a:
d3:bd:8b:b1:70:d3:46:bb:43:63:12:be:63:e1:bd:7f:7e:77:
00:e4:e7:b1:1f:ec:dc:b3:ec:27:94:54:83:cf:d1:b5:d5:f5:
32:21:b5:2a:92:ca:2a:c3:d8:06:e9:1b:d7:e1:19:db:33:7d:
fe:14:6b:5a:96:7c:3d:27:49:43:e9:83:9a:55:85:13:46:d9:
e6:a2:6e:b0:59:2a:fe:72:f5:59:72:9c:13:3e:6b:1f:83:4a:
f8:11:b0:2f:aa:48:b8:6a:fa:6a:85:7d:5c:ab:5d:2f:c3:ec:
24:e7:95:9a:3c:46:72:b5:52:bc:40:d2:c8:26:64:c3:2f:a5:
78:95:16:28:15:f4:c6:07:48:47:b6:de:e1:e9:e3:b6:f1:1e:
83:8e:38:e8:a9:aa:b4:b5:14:86:91:be:58:0a:0d:e8:5c:c2:
4b:ae:c5:3e:fd:2a:2d:7c:0e:43:8f:16:0b:d3:43:9c:7e:d5:
db:e4:20:be:13:4e:37:f0:e9:25:a6:bb:24:1f:4c:8d:09:1a:
2d:e3:ac:11:7a:05:19:95:eb:6b:56:04:7c:9a:3a:86:de:6a:
df:32:00:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iaX9mi3i8R0oPKSqqs2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzAwNTE3NzUyNmQ2NjhlODQ0YjJhN2E1YTU5YWM2NGE0
OTU2NTIwHhcNMjYwMzI5MDMwMTAwWhcNMjYwMzMwMDMwMTAwWjAzMTEwLwYDVQQD
EyhhODNlYTRiMWJmNzFlMTc0MGQ1YzY0ZjgzMzdkZTY5M2NjNmRmOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaaAhRdK5FvmGCCdjv1n7j72ON51
lXUeNldqPrPtgr9J3OJyGThyErP8xK57obsPbCcMJ2n0joULyhHZkshXLEZoTyIz
FsUCM3RLUTpqSoYO7ZJjmec/LGd4qIa7QOmMmmRwXZVgpkEnjQWFrJ0t1WwmAcIe
FiNBdCKZRak+Pw/YpZTSBhpxdI6tlXPSD7ZdvJNyGemb2J8Qp7osCDwnIGXFcXeR
4INpUEvk0sVe9SPsGdIlRm5Oby3lAFluilqZ/nA63/d1ZeWlzH411DCuHSfGB0Ax
Jma6TH3Oe2SP8drZMlEXKkUQC0iJ4dWcLS1YvBu2KV7KzEzE1ORdNZy2YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKg+pLG/ceF0DVxk+DN95pPMbflUMB8GA1UdIwQY
MBaAFBdwBRd1JtZo6ESyp6WlmsZKSVZSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNBRkYzVW0xbWpvUkxLbnBhV2F4a3BKVmxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8zYWYxNTMtZWQwZC00OWMwLTk5ZGYt
MGNkZWZiZmM3ODdhLzEvRjNBRkYzVW0xbWpvUkxLbnBhV2F4a3BKVmxJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8zYWYxNTMtZWQwZC00OWMwLTk5ZGYtMGNkZWZiZmM3ODdh
LzEvRjNBRkYzVW0xbWpvUkxLbnBhV2F4a3BKVmxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaGPjW+7Q
BW4/C640qH9LztfN8r4s5boMWWyIMwkxjUX9tKVq072LsXDTRrtDYxK+Y+G9f353
AOTnsR/s3LPsJ5RUg8/RtdX1MiG1KpLKKsPYBukb1+EZ2zN9/hRrWpZ8PSdJQ+mD
mlWFE0bZ5qJusFkq/nL1WXKcEz5rH4NK+BGwL6pIuGr6aoV9XKtdL8PsJOeVmjxG
crVSvEDSyCZkwy+leJUWKBX0xgdIR7be4enjtvEeg4446KmqtLUUhpG+WAoN6FzC
S67FPv0qLXwOQ48WC9NDnH7V2+QgvhNON/DpJaa7JB9MjQkaLeOsEXoFGZXra1YE
fJo6ht5q3zIA7A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:37:44 2026 by rpki-client