Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.mft
File: 3r5RfnR14XwGlkORD9b3ezF7hTg.mft (raw, json)
Hash identifier: ibpz+LFbDb5jumOKGwtGESZrrjMsN4c49WhYSgweAps=
Subject key identifier: 84:F2:3C:68:81:6C:E2:27:09:0B:A2:75:47:1E:D5:AC:9E:35:0D:5F
Authority key identifier: DE:BE:51:7E:74:75:E1:7C:06:96:43:91:0F:D6:F7:7B:31:7B:85:38
Certificate issuer: /CN=debe517e7475e17c069643910fd6f77b317b8538
Certificate serial: 019D37C06636E0691CCA242C1E7BF1626BCD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.mft
Manifest number: 0B23
Signing time: Sun 29 Mar 2026 04:00:49 +0000
Manifest this update: Sun 29 Mar 2026 04:00:49 +0000
Manifest next update: Mon 30 Mar 2026 04:00:49 +0000
Files and hashes: 1: 3r5RfnR14XwGlkORD9b3ezF7hTg.crl (hash: tl+/fwXJIv3JxrZU/drjutJkUGrwTGNA5TFztuWYITI=)
2: y8l-GZaij3nY_lsT-zDKBTkrGss.roa (hash: edJk2bhQjppncI7NDvSvP36a6hLKHOIsn+JqFnH50EM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:66:36:e0:69:1c:ca:24:2c:1e:7b:f1:62:6b:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=debe517e7475e17c069643910fd6f77b317b8538
Validity
Not Before: Mar 29 04:00:49 2026 GMT
Not After : Mar 30 04:00:49 2026 GMT
Subject: CN=84f23c68816ce227090ba275471ed5ac9e350d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:49:29:99:aa:b1:1e:f4:b1:7f:d7:00:e4:77:
b1:97:46:ca:9a:e6:72:d8:82:0d:68:0a:41:68:1f:
06:66:e2:c4:44:8b:0f:d5:48:57:ff:f4:75:22:8a:
cf:9c:3f:a5:f2:7b:2c:c3:e5:7c:ec:aa:f3:df:50:
65:8e:1f:68:ec:66:51:9d:cc:29:3c:e0:f6:eb:8d:
ab:fd:e8:9c:93:76:8c:3f:f2:54:9b:7f:f5:93:ee:
1f:d4:67:8a:41:ff:93:cb:a9:4c:0c:7f:0c:3e:9c:
66:ae:4e:f7:1a:3f:97:95:38:8e:d5:e1:a1:f7:9f:
58:8b:79:ec:83:49:d5:0d:40:1a:8d:94:bc:04:dd:
c9:0c:38:88:cb:11:6a:5f:0d:5d:78:0f:d9:95:94:
1d:10:d0:0b:c2:a7:0e:ff:61:45:e6:89:5b:c2:8d:
09:08:d3:ed:23:f9:4e:76:39:50:9f:02:76:b9:05:
2c:12:60:10:9a:32:3a:da:4b:af:d3:c5:fb:9f:f6:
81:49:f0:76:8d:0f:23:75:7e:21:e2:ef:60:ac:a7:
fa:00:13:b7:9f:cd:5b:f2:a2:5c:5a:28:fd:9c:ad:
f7:35:9f:42:eb:be:f5:97:11:42:bf:e3:49:af:7a:
40:b3:8e:e5:41:36:66:3a:42:b9:59:de:21:67:22:
6d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F2:3C:68:81:6C:E2:27:09:0B:A2:75:47:1E:D5:AC:9E:35:0D:5F
X509v3 Authority Key Identifier:
keyid:DE:BE:51:7E:74:75:E1:7C:06:96:43:91:0F:D6:F7:7B:31:7B:85:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:9f:49:46:37:8f:85:90:ba:d8:30:ce:c3:dc:45:c7:7d:d4:
76:e9:95:07:0e:08:0a:b4:ab:e7:6a:dd:fb:d4:79:09:e8:07:
42:15:2b:b0:9b:47:41:b5:54:7c:a7:0d:95:ff:c2:4f:e5:89:
12:fe:b8:9d:02:e1:bc:07:a4:f3:7f:52:49:d0:f5:9b:76:dc:
99:ce:d9:7c:66:17:fa:9c:db:4f:39:b5:7c:23:28:2a:eb:ca:
9f:c3:a3:38:78:d6:06:cd:be:17:bd:79:2d:99:37:ed:9b:ea:
30:76:e4:96:d6:fd:96:6d:d5:45:bb:d3:d8:ce:b6:fc:c3:ca:
67:60:44:c8:88:19:3b:e1:f6:4a:5d:a9:7b:95:de:24:8e:96:
03:d8:4a:a7:ec:47:07:1c:88:f9:22:5e:42:30:ab:e6:4d:6d:
81:9d:c1:60:19:b6:7c:c4:d3:8b:9e:c4:4f:34:4a:74:a8:61:
1e:e3:e9:2d:ef:0d:ce:7b:fb:46:3c:5f:7e:7f:9d:1a:e3:d9:
43:4a:76:2f:1a:29:96:33:aa:f7:e7:66:ee:b6:37:00:b2:49:
18:2c:ef:94:49:bf:6b:fb:06:4d:56:4e:2d:50:72:6c:fb:2c:
1c:80:64:42:d1:f1:4f:4e:d0:01:28:ce:6b:f1:ef:4a:68:b0:
4a:19:6c:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wGY24GkcyiQsHnvxYmvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYmU1MTdlNzQ3NWUxN2MwNjk2NDM5MTBmZDZmNzdiMzE3
Yjg1MzgwHhcNMjYwMzI5MDQwMDQ5WhcNMjYwMzMwMDQwMDQ5WjAzMTEwLwYDVQQD
Eyg4NGYyM2M2ODgxNmNlMjI3MDkwYmEyNzU0NzFlZDVhYzllMzUwZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkkpmaqxHvSxf9cA5Hexl0bKmuZy
2IINaApBaB8GZuLERIsP1UhX//R1IorPnD+l8nssw+V87Krz31Bljh9o7GZRncwp
POD2642r/eick3aMP/JUm3/1k+4f1GeKQf+Ty6lMDH8MPpxmrk73Gj+XlTiO1eGh
959Yi3nsg0nVDUAajZS8BN3JDDiIyxFqXw1deA/ZlZQdENALwqcO/2FF5olbwo0J
CNPtI/lOdjlQnwJ2uQUsEmAQmjI62kuv08X7n/aBSfB2jQ8jdX4h4u9grKf6ABO3
n81b8qJcWij9nK33NZ9C6771lxFCv+NJr3pAs47lQTZmOkK5Wd4hZyJt/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFITyPGiBbOInCQuidUce1ayeNQ1fMB8GA1UdIwQY
MBaAFN6+UX50deF8BpZDkQ/W93sxe4U4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3I1UmZuUjE0WHdHbGtPUkQ5YjNlekY3aFRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zODUwYzktOWM2OC00NjEzLWE4NzAt
ODlmNWM0ZjMyOTcwLzEvM3I1UmZuUjE0WHdHbGtPUkQ5YjNlekY3aFRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zODUwYzktOWM2OC00NjEzLWE4NzAtODlmNWM0ZjMyOTcw
LzEvM3I1UmZuUjE0WHdHbGtPUkQ5YjNlekY3aFRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKZ9JRjeP
hZC62DDOw9xFx33UdumVBw4ICrSr52rd+9R5CegHQhUrsJtHQbVUfKcNlf/CT+WJ
Ev64nQLhvAek839SSdD1m3bcmc7ZfGYX+pzbTzm1fCMoKuvKn8OjOHjWBs2+F715
LZk37ZvqMHbkltb9lm3VRbvT2M62/MPKZ2BEyIgZO+H2Sl2pe5XeJI6WA9hKp+xH
BxyI+SJeQjCr5k1tgZ3BYBm2fMTTi57ETzRKdKhhHuPpLe8Nznv7Rjxffn+dGuPZ
Q0p2LxopljOq9+dm7rY3ALJJGCzvlEm/a/sGTVZOLVBybPssHIBkQtHxT07QASjO
a/HvSmiwShlscw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:17 2026 by rpki-client