Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
File: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft (raw, json)
Hash identifier: Dj65Ok36wEeJhA0aH7PjvKDdcMxnjW1JgqSAsZwNiv8=
Subject key identifier: E5:32:01:2B:88:DF:D2:4E:A2:A4:81:3D:30:5F:6F:C2:ED:A6:D5:74
Authority key identifier: DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
Certificate issuer: /CN=dea85f21668a98d7e81a74183f0cce513086601b
Certificate serial: 019F129C2BA506100A6502DBD0CBC7B2C35D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
Manifest number: 0918
Signing time: Mon 29 Jun 2026 09:00:52 +0000
Manifest this update: Mon 29 Jun 2026 09:00:52 +0000
Manifest next update: Tue 30 Jun 2026 09:00:52 +0000
Files and hashes: 1: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl (hash: cxO171qqSSBxszh/9vJG8aykOQ0QNRtKB8fal+mVoJA=)
2: hBUefaIMV4VxrEK-fm1hTMzaWD8.roa (hash: ULTyVqCoLmJTp6EzOZiZ2uvQqGHDruUXv80DgFEK1ug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 09:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:12:9c:2b:a5:06:10:0a:65:02:db:d0:cb:c7:b2:c3:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dea85f21668a98d7e81a74183f0cce513086601b
Validity
Not Before: Jun 29 09:00:52 2026 GMT
Not After : Jun 30 09:00:52 2026 GMT
Subject: CN=e532012b88dfd24ea2a4813d305f6fc2eda6d574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:03:e8:3f:0e:2d:d8:56:28:4e:b3:6f:34:1b:
9d:66:3c:1d:fe:c1:66:8c:48:a0:43:da:e0:28:c2:
c5:35:68:2f:69:42:cd:03:c4:43:ed:32:eb:48:26:
af:8b:5e:b4:6f:c4:d0:ad:22:cd:99:b8:f1:de:f6:
c7:29:1b:c4:52:b4:c0:2c:69:c6:8c:7d:7a:34:8b:
4a:93:ae:10:12:b5:e5:80:a0:c9:57:84:ac:10:d8:
e1:8b:ff:90:1b:1e:c2:3f:46:8d:71:35:7d:36:bc:
b3:d8:c5:b7:19:cb:b3:6b:5f:81:e3:75:d7:1d:ca:
05:96:9b:14:1a:62:03:25:f2:88:da:62:b2:5c:4e:
59:df:17:c1:79:25:46:5d:50:a4:23:56:0c:c2:5e:
17:f3:0e:21:04:28:e5:ca:ef:5f:a3:be:fd:0e:9d:
75:09:57:01:c6:c5:62:19:f3:da:82:a6:ef:90:41:
7e:8e:2a:2f:84:14:cd:47:20:ea:99:9c:20:a1:14:
d1:17:9b:80:d2:95:4d:2e:90:6c:2c:e6:6f:bd:d4:
ec:96:43:2d:72:96:0d:47:60:7f:5b:6b:c1:fd:57:
41:c3:5c:fc:0e:ce:42:87:a3:e9:e0:68:7e:16:4c:
74:99:69:5a:48:db:f9:5c:e6:f6:1a:fd:6c:57:96:
17:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:32:01:2B:88:DF:D2:4E:A2:A4:81:3D:30:5F:6F:C2:ED:A6:D5:74
X509v3 Authority Key Identifier:
keyid:DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:b0:84:69:3c:14:47:47:42:41:db:2b:fc:ae:b3:ba:d6:4f:
f3:42:57:a3:a7:8f:37:48:a3:cb:f9:e7:63:af:ad:63:0b:79:
81:8b:ea:d8:2f:58:0f:3e:7a:0c:64:08:1e:ed:88:6a:91:91:
47:d9:bd:e9:85:7a:87:10:f9:c5:ae:cf:fd:e1:b2:f9:a0:d4:
9f:06:9b:83:b1:e6:73:1a:ed:ef:5b:31:72:63:2a:09:c5:14:
3a:26:34:ee:22:9f:b0:e9:03:e7:2b:4b:37:09:b1:da:ca:e0:
0d:3a:c1:84:31:34:db:fd:61:e1:2b:01:62:b9:07:9e:01:b2:
df:20:61:4e:e9:b3:d7:c2:11:71:10:31:03:38:69:a9:cc:e9:
c3:7b:6b:3a:37:34:c5:f7:16:40:82:e2:d1:8d:31:34:7c:57:
40:c0:28:ab:ec:12:47:68:6d:62:b9:78:23:d8:79:f9:4c:72:
8a:a2:b2:59:19:cc:d9:ea:c5:bf:8f:4a:f8:39:dd:56:6d:e5:
ad:0a:61:34:63:35:5a:a0:c5:04:60:10:67:9c:b1:a2:fb:8d:
55:f5:c6:7c:39:8d:bd:54:b4:ec:5d:d8:1e:ba:39:b5:ec:23:
3b:74:00:fb:91:41:de:31:7e:24:a1:34:48:29:f5:27:19:7e:
a6:2a:0c:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8SnCulBhAKZQLb0MvHssNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYTg1ZjIxNjY4YTk4ZDdlODFhNzQxODNmMGNjZTUxMzA4
NjYwMWIwHhcNMjYwNjI5MDkwMDUyWhcNMjYwNjMwMDkwMDUyWjAzMTEwLwYDVQQD
EyhlNTMyMDEyYjg4ZGZkMjRlYTJhNDgxM2QzMDVmNmZjMmVkYTZkNTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAPoPw4t2FYoTrNvNBudZjwd/sFm
jEigQ9rgKMLFNWgvaULNA8RD7TLrSCavi160b8TQrSLNmbjx3vbHKRvEUrTALGnG
jH16NItKk64QErXlgKDJV4SsENjhi/+QGx7CP0aNcTV9Nryz2MW3Gcuza1+B43XX
HcoFlpsUGmIDJfKI2mKyXE5Z3xfBeSVGXVCkI1YMwl4X8w4hBCjlyu9fo779Dp11
CVcBxsViGfPagqbvkEF+jiovhBTNRyDqmZwgoRTRF5uA0pVNLpBsLOZvvdTslkMt
cpYNR2B/W2vB/VdBw1z8Ds5Ch6Pp4Gh+Fkx0mWlaSNv5XOb2Gv1sV5YXmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOUyASuI39JOoqSBPTBfb8LtptV0MB8GA1UdIwQY
MBaAFN6oXyFmipjX6Bp0GD8MzlEwhmAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGIt
NTJmOGZmMThkMDY5LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGItNTJmOGZmMThkMDY5
LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAObCEaTwU
R0dCQdsr/K6zutZP80JXo6ePN0ijy/nnY6+tYwt5gYvq2C9YDz56DGQIHu2IapGR
R9m96YV6hxD5xa7P/eGy+aDUnwabg7Hmcxrt71sxcmMqCcUUOiY07iKfsOkD5ytL
Nwmx2srgDTrBhDE02/1h4SsBYrkHngGy3yBhTumz18IRcRAxAzhpqczpw3trOjc0
xfcWQILi0Y0xNHxXQMAoq+wSR2htYrl4I9h5+UxyiqKyWRnM2erFv49K+DndVm3l
rQphNGM1WqDFBGAQZ5yxovuNVfXGfDmNvVS07F3YHro5tewjO3QA+5FB3jF+JKE0
SCn1Jxl+pioMGA==
-----END CERTIFICATE-----
Generated at Mon Jun 29 12:39:57 2026 by rpki-client