Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
File: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft (raw, json)
Hash identifier: oGvLodvi6unMnb0BnF0wqxWTaAewSrKamMDamFBRMOk=
Subject key identifier: 06:91:65:5F:B1:2D:EA:1F:80:DD:2D:75:12:9A:6E:B5:45:DF:B2:98
Authority key identifier: DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
Certificate issuer: /CN=dea85f21668a98d7e81a74183f0cce513086601b
Certificate serial: 019D224BC8240D7B9F83D4AFBEEE6787DBB0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
Manifest number: 0817
Signing time: Wed 25 Mar 2026 00:01:24 +0000
Manifest this update: Wed 25 Mar 2026 00:01:24 +0000
Manifest next update: Thu 26 Mar 2026 00:01:24 +0000
Files and hashes: 1: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl (hash: NWJqeN5KACdzq0giWtXHBhR0t0VgqJ3ejEb0IHZ9AoA=)
2: hBUefaIMV4VxrEK-fm1hTMzaWD8.roa (hash: ULTyVqCoLmJTp6EzOZiZ2uvQqGHDruUXv80DgFEK1ug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:22:4b:c8:24:0d:7b:9f:83:d4:af:be:ee:67:87:db:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dea85f21668a98d7e81a74183f0cce513086601b
Validity
Not Before: Mar 25 00:01:24 2026 GMT
Not After : Mar 26 00:01:24 2026 GMT
Subject: CN=0691655fb12dea1f80dd2d75129a6eb545dfb298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0d:e2:b3:03:64:11:74:d4:bb:66:6f:77:cc:
2d:41:72:5f:9a:ce:49:9a:ca:bb:d3:0a:95:ac:58:
cb:61:b8:16:0a:b1:9e:6c:5e:0b:7f:66:8e:0c:83:
70:f4:46:be:74:7a:30:90:10:ba:e3:1c:02:16:b2:
98:1b:cc:cb:e9:bd:01:79:f6:41:fb:d0:9f:1d:ce:
c2:22:24:12:3c:0c:41:87:47:b2:55:50:85:6c:74:
c5:5a:7a:d2:1d:d8:50:11:da:8b:4b:6c:1f:22:3d:
fa:93:50:e6:09:2a:b4:77:f8:7c:aa:53:a2:78:a2:
69:9f:c5:26:69:bb:1c:95:5d:d4:ae:ce:bb:87:b0:
30:12:2a:53:2a:c4:7c:4c:76:71:c1:9d:88:50:23:
6f:d1:21:10:4d:64:c8:30:5b:8a:be:0c:c1:93:ab:
2e:d5:7e:c3:ca:e3:35:c4:3f:45:f3:0b:23:32:a6:
19:a8:04:f5:b5:8c:56:ac:84:64:9f:57:d5:79:20:
f7:0a:a9:0a:9e:d9:18:b9:06:ab:13:0c:3c:84:47:
c6:8d:90:c1:62:91:87:bc:de:82:4a:72:3b:74:8b:
8e:3f:56:ec:2a:23:4d:e2:56:9f:1d:da:7c:cd:d6:
a6:91:b1:ed:fd:66:bd:f5:34:89:ad:07:de:82:05:
d2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:91:65:5F:B1:2D:EA:1F:80:DD:2D:75:12:9A:6E:B5:45:DF:B2:98
X509v3 Authority Key Identifier:
keyid:DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:b0:8c:f4:35:73:91:78:36:b7:d6:1f:de:b6:4c:97:ca:a7:
56:80:58:79:bd:24:f5:4c:41:7d:ff:d8:88:e3:46:fa:50:db:
fd:38:2a:c4:a8:d8:0a:c1:31:d0:3d:33:29:e8:1a:4b:65:d7:
c4:18:05:e7:44:41:dd:20:bb:2b:ce:22:a7:a3:f6:db:cf:f9:
55:26:0d:c0:be:f6:ab:0e:11:e1:65:70:cd:5e:35:3c:f9:38:
ec:9b:a6:55:91:8d:18:cb:a5:8d:f6:73:03:0d:12:a4:32:60:
7d:f2:e8:b2:10:91:ca:66:5c:0f:83:ef:80:3a:97:4a:d1:1e:
7e:6f:19:4c:32:e9:ad:fe:4e:be:77:1f:23:aa:89:9b:60:5d:
e3:48:fd:52:0f:68:18:94:c7:48:13:41:e3:36:7d:e7:a7:e7:
91:d1:92:da:ff:dd:c5:75:7f:36:55:48:d0:36:40:2c:80:cb:
c8:61:a6:bf:82:9e:83:5e:29:fb:14:ec:ed:38:44:ac:20:28:
7f:29:8c:6e:4d:1b:a0:c7:01:7a:ec:66:03:85:7f:22:e7:33:
88:f9:fb:cc:ca:30:c8:39:1e:d2:93:99:36:38:70:3e:4b:5d:
dd:aa:e3:fc:ad:58:4b:2e:f3:1e:2e:1f:36:89:67:5e:c1:00:
a5:3f:6c:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0iS8gkDXufg9Svvu5nh9uwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYTg1ZjIxNjY4YTk4ZDdlODFhNzQxODNmMGNjZTUxMzA4
NjYwMWIwHhcNMjYwMzI1MDAwMTI0WhcNMjYwMzI2MDAwMTI0WjAzMTEwLwYDVQQD
EygwNjkxNjU1ZmIxMmRlYTFmODBkZDJkNzUxMjlhNmViNTQ1ZGZiMjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ3iswNkEXTUu2Zvd8wtQXJfms5J
msq70wqVrFjLYbgWCrGebF4Lf2aODINw9Ea+dHowkBC64xwCFrKYG8zL6b0BefZB
+9CfHc7CIiQSPAxBh0eyVVCFbHTFWnrSHdhQEdqLS2wfIj36k1DmCSq0d/h8qlOi
eKJpn8UmabsclV3Urs67h7AwEipTKsR8THZxwZ2IUCNv0SEQTWTIMFuKvgzBk6su
1X7DyuM1xD9F8wsjMqYZqAT1tYxWrIRkn1fVeSD3CqkKntkYuQarEww8hEfGjZDB
YpGHvN6CSnI7dIuOP1bsKiNN4lafHdp8zdamkbHt/Wa99TSJrQfeggXSEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAaRZV+xLeofgN0tdRKabrVF37KYMB8GA1UdIwQY
MBaAFN6oXyFmipjX6Bp0GD8MzlEwhmAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGIt
NTJmOGZmMThkMDY5LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGItNTJmOGZmMThkMDY5
LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFLCM9DVz
kXg2t9Yf3rZMl8qnVoBYeb0k9UxBff/YiONG+lDb/TgqxKjYCsEx0D0zKegaS2XX
xBgF50RB3SC7K84ip6P228/5VSYNwL72qw4R4WVwzV41PPk47JumVZGNGMuljfZz
Aw0SpDJgffLoshCRymZcD4PvgDqXStEefm8ZTDLprf5OvncfI6qJm2Bd40j9Ug9o
GJTHSBNB4zZ956fnkdGS2v/dxXV/NlVI0DZALIDLyGGmv4Keg14p+xTs7ThErCAo
fymMbk0boMcBeuxmA4V/IucziPn7zMowyDke0pOZNjhwPktd3arj/K1YSy7zHi4f
NolnXsEApT9sPw==
-----END CERTIFICATE-----
Generated at Wed Mar 25 09:47:18 2026 by rpki-client