Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/3XJcTQlT5-z0bzfhT8oU_QmhLRY.mft
File: 3XJcTQlT5-z0bzfhT8oU_QmhLRY.mft (raw, json)
Hash identifier: +7kzh4gx0yWn007q3D2w7esGQEnH6QPDXLSVMJA0rdQ=
Subject key identifier: A6:55:E1:A3:1A:F1:C6:11:CE:4A:07:3B:E4:49:67:1A:E8:33:14:B3
Authority key identifier: DD:72:5C:4D:09:53:E7:EC:F4:6F:37:E1:4F:CA:14:FD:09:A1:2D:16
Certificate issuer: /CN=dd725c4d0953e7ecf46f37e14fca14fd09a12d16
Certificate serial: 019D3940D9AC9029895A0076BCE991049D55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3XJcTQlT5-z0bzfhT8oU_QmhLRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/3XJcTQlT5-z0bzfhT8oU_QmhLRY.mft
Manifest number: 13D3
Signing time: Sun 29 Mar 2026 11:00:44 +0000
Manifest this update: Sun 29 Mar 2026 11:00:44 +0000
Manifest next update: Mon 30 Mar 2026 11:00:44 +0000
Files and hashes: 1: 3XJcTQlT5-z0bzfhT8oU_QmhLRY.crl (hash: 8sc4S97gRdP0LABdNDEvFM8+PMinKz6nG/oeZho05yc=)
2: 6TUuFWgBkm98OJlIkhqINWWAoI0.roa (hash: GA9PdoKCJE0Uq5wLiSfj1Mw/gZ339oU3m0s7B3MQNRA=)
3: _qA7-iuYEvTbfVREYl9q7tay4Bk.roa (hash: Z/glgCy5dfzogAACVBlWtKvnqFreHrzxfTJl0PSlZgA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/3XJcTQlT5-z0bzfhT8oU_QmhLRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/3XJcTQlT5-z0bzfhT8oU_QmhLRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3XJcTQlT5-z0bzfhT8oU_QmhLRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:d9:ac:90:29:89:5a:00:76:bc:e9:91:04:9d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd725c4d0953e7ecf46f37e14fca14fd09a12d16
Validity
Not Before: Mar 29 11:00:44 2026 GMT
Not After : Mar 30 11:00:44 2026 GMT
Subject: CN=a655e1a31af1c611ce4a073be449671ae83314b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ba:06:3f:4a:a6:21:65:a3:ac:39:0e:72:6e:
49:5a:a0:7f:50:11:ba:b1:99:11:71:8f:6d:d7:1f:
bd:89:d6:2d:c2:af:2e:b7:e6:97:52:b7:1f:88:11:
28:3b:e6:6a:84:ab:c6:c9:e0:62:06:98:1d:3f:0d:
b2:7b:90:a7:db:9a:00:ab:86:90:a7:0c:6f:b1:39:
e5:0c:3d:01:ab:55:cc:ec:42:f4:de:d0:6e:ba:34:
1d:0e:7c:6e:3b:f4:2e:d6:12:49:9d:5b:26:35:86:
dd:f5:8f:02:f1:76:af:d1:76:ff:a1:4d:37:a6:fd:
98:84:25:0b:f7:9d:40:c3:58:65:aa:e6:21:65:29:
42:16:ea:1b:48:c4:55:70:3e:85:cc:5f:72:5b:02:
3f:55:91:f7:49:40:8b:eb:d1:d6:90:68:78:d6:64:
c5:ec:ca:b2:15:44:00:e6:db:19:68:fe:8e:22:02:
6d:99:a4:82:aa:b9:a1:72:f6:1e:70:a0:9d:15:c2:
58:3c:a6:ed:a1:7a:b8:eb:25:2f:43:a7:9f:ec:36:
db:dd:77:82:e4:11:2f:f9:f5:f6:bf:97:00:5b:7b:
88:5e:e0:e7:5f:f0:4e:61:5a:c2:d7:f4:d2:7c:f9:
2c:d1:23:60:ae:02:77:97:e0:72:2c:c6:28:23:84:
2f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:55:E1:A3:1A:F1:C6:11:CE:4A:07:3B:E4:49:67:1A:E8:33:14:B3
X509v3 Authority Key Identifier:
keyid:DD:72:5C:4D:09:53:E7:EC:F4:6F:37:E1:4F:CA:14:FD:09:A1:2D:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XJcTQlT5-z0bzfhT8oU_QmhLRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/3XJcTQlT5-z0bzfhT8oU_QmhLRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/3XJcTQlT5-z0bzfhT8oU_QmhLRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:4b:4d:a7:b5:28:2e:a1:12:43:44:10:dc:65:86:82:44:5c:
fa:6e:d0:76:de:83:2b:fc:e5:eb:de:6c:a8:eb:88:07:74:e4:
65:c2:19:71:a9:f2:1a:b2:b6:f8:c0:63:c0:21:dc:95:de:31:
72:32:cf:43:6a:77:50:34:1c:d3:9c:db:36:86:79:23:c5:cc:
46:03:e1:ae:17:9b:8f:05:5a:86:9c:67:32:30:57:f5:1a:27:
00:b5:10:5a:c1:d1:fd:63:98:e0:81:06:e7:50:0b:d1:f5:5e:
a6:31:f7:36:68:91:2e:b2:73:bd:d3:47:12:da:12:1d:f7:16:
4d:2a:93:be:2b:54:93:90:58:81:e6:9f:01:a9:3e:4c:9e:4d:
c2:f4:23:c3:f9:cd:e8:da:e9:06:22:32:4d:1a:9f:c5:3a:88:
e9:93:a4:87:f9:e9:50:99:c4:1b:9d:d9:7c:05:f7:6a:46:90:
84:7a:78:13:20:4e:52:44:d5:5c:63:46:7f:d8:51:2e:de:3b:
84:65:26:c4:3a:0a:44:44:8b:9b:0c:33:79:6f:cc:a0:32:31:
64:e4:f0:80:e8:6e:56:91:d7:c7:2f:1f:60:5f:1a:27:ad:ae:
e7:c8:57:30:11:48:86:0f:21:c1:ec:90:22:4f:3b:65:f6:49:
31:48:c6:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QNmskCmJWgB2vOmRBJ1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzI1YzRkMDk1M2U3ZWNmNDZmMzdlMTRmY2ExNGZkMDlh
MTJkMTYwHhcNMjYwMzI5MTEwMDQ0WhcNMjYwMzMwMTEwMDQ0WjAzMTEwLwYDVQQD
EyhhNjU1ZTFhMzFhZjFjNjExY2U0YTA3M2JlNDQ5NjcxYWU4MzMxNGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7oGP0qmIWWjrDkOcm5JWqB/UBG6
sZkRcY9t1x+9idYtwq8ut+aXUrcfiBEoO+ZqhKvGyeBiBpgdPw2ye5Cn25oAq4aQ
pwxvsTnlDD0Bq1XM7EL03tBuujQdDnxuO/Qu1hJJnVsmNYbd9Y8C8Xav0Xb/oU03
pv2YhCUL951Aw1hlquYhZSlCFuobSMRVcD6FzF9yWwI/VZH3SUCL69HWkGh41mTF
7MqyFUQA5tsZaP6OIgJtmaSCqrmhcvYecKCdFcJYPKbtoXq46yUvQ6ef7Dbb3XeC
5BEv+fX2v5cAW3uIXuDnX/BOYVrC1/TSfPks0SNgrgJ3l+ByLMYoI4QvNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZV4aMa8cYRzkoHO+RJZxroMxSzMB8GA1UdIwQY
MBaAFN1yXE0JU+fs9G834U/KFP0JoS0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hKY1RRbFQ1LXowYnpmaFQ4b1VfUW1oTFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9hYWE2ZTMtZjA1NC00OGU3LTgyNDYt
OGYyMGNiNzM0NDg4LzEvM1hKY1RRbFQ1LXowYnpmaFQ4b1VfUW1oTFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9hYWE2ZTMtZjA1NC00OGU3LTgyNDYtOGYyMGNiNzM0NDg4
LzEvM1hKY1RRbFQ1LXowYnpmaFQ4b1VfUW1oTFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqEtNp7Uo
LqESQ0QQ3GWGgkRc+m7Qdt6DK/zl695sqOuIB3TkZcIZcanyGrK2+MBjwCHcld4x
cjLPQ2p3UDQc05zbNoZ5I8XMRgPhrhebjwVahpxnMjBX9RonALUQWsHR/WOY4IEG
51AL0fVepjH3NmiRLrJzvdNHEtoSHfcWTSqTvitUk5BYgeafAak+TJ5NwvQjw/nN
6NrpBiIyTRqfxTqI6ZOkh/npUJnEG53ZfAX3akaQhHp4EyBOUkTVXGNGf9hRLt47
hGUmxDoKRESLmwwzeW/MoDIxZOTwgOhuVpHXxy8fYF8aJ62u58hXMBFIhg8hweyQ
Ik87ZfZJMUjGjw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:16:10 2026 by rpki-client