Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft
File: 3itcv5Z6A0nYiXBLtNYfpSajHW8.mft (raw, json)
Hash identifier: 9kQFAEQSCZ7KVD3sgvdWd6sxoRR70FP497N8Sg3Zy88=
Subject key identifier: C2:C3:88:30:A8:7A:B2:7A:E7:7A:97:99:79:EC:02:E9:FA:4E:8D:D4
Authority key identifier: DE:2B:5C:BF:96:7A:03:49:D8:89:70:4B:B4:D6:1F:A5:26:A3:1D:6F
Certificate issuer: /CN=de2b5cbf967a0349d889704bb4d61fa526a31d6f
Certificate serial: 019D38D2CB124260E62696A6FCB7F3D35851
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft
Manifest number: 17CF
Signing time: Sun 29 Mar 2026 09:00:31 +0000
Manifest this update: Sun 29 Mar 2026 09:00:31 +0000
Manifest next update: Mon 30 Mar 2026 09:00:31 +0000
Files and hashes: 1: 3itcv5Z6A0nYiXBLtNYfpSajHW8.crl (hash: Kw1zqNEe72DPNULCzv1EHuebQCRva/S9+VF3hvA71sg=)
2: xU2EDS3A1kqxHB5fmWawALQua5w.roa (hash: gy/kCjpuCiDHyb5854bh+q6WsJ4/S+45FLFM/o6soug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:cb:12:42:60:e6:26:96:a6:fc:b7:f3:d3:58:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2b5cbf967a0349d889704bb4d61fa526a31d6f
Validity
Not Before: Mar 29 09:00:31 2026 GMT
Not After : Mar 30 09:00:31 2026 GMT
Subject: CN=c2c38830a87ab27ae77a979979ec02e9fa4e8dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6c:4f:c0:1d:6d:02:be:76:9e:67:74:d1:dc:
81:68:87:55:8b:01:4d:1d:00:41:c3:0d:5f:a3:1c:
0d:ca:d9:ce:bd:2d:01:2f:a8:b8:c8:a3:1f:48:74:
c1:d3:27:e7:ee:f5:42:aa:f6:69:30:6b:6e:b2:de:
f8:d9:e4:49:8a:82:fb:64:a6:9e:2f:75:29:b5:6e:
66:fd:05:87:3a:4e:3a:71:56:18:1d:f8:6e:37:75:
28:f4:1c:52:a3:df:00:7c:6d:55:46:22:3b:97:41:
ee:4b:5c:4f:04:fa:5c:a9:a8:56:df:d0:9e:c9:87:
c9:a5:8e:da:fd:7a:fc:96:4d:2a:ae:17:2e:8b:82:
d3:e0:da:b3:a9:86:2b:41:14:e1:36:64:34:97:a5:
be:6a:8b:a1:65:56:81:40:0c:49:b2:08:76:4b:16:
34:6f:03:df:9d:33:47:3b:1e:93:6c:1d:ff:9a:93:
da:87:8e:8b:72:75:c0:fb:4a:7e:87:d4:91:1e:0b:
43:ab:3a:05:55:6d:14:dd:1d:93:33:85:26:89:56:
e6:4a:eb:5b:92:27:ca:87:18:38:91:62:df:22:ca:
ae:0a:89:07:68:08:b9:58:6a:21:ce:cf:d7:d4:d5:
4a:e2:12:0f:9b:23:84:6f:ba:d2:37:8f:cc:d9:6d:
ac:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:C3:88:30:A8:7A:B2:7A:E7:7A:97:99:79:EC:02:E9:FA:4E:8D:D4
X509v3 Authority Key Identifier:
keyid:DE:2B:5C:BF:96:7A:03:49:D8:89:70:4B:B4:D6:1F:A5:26:A3:1D:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ba:48:42:e0:85:64:a8:82:3f:29:b0:3a:f9:55:bd:00:77:7a:
db:88:e4:66:2f:31:5b:7f:80:17:13:86:f5:56:43:1d:3c:3b:
2e:36:7e:96:54:60:3b:9f:b4:16:9b:3a:f4:46:17:ca:fa:d3:
03:7e:4e:f8:12:3d:74:29:b2:36:5b:d2:71:7c:11:e1:5d:30:
c4:04:0b:bc:3d:38:47:c2:ab:07:1f:a1:5f:98:e2:be:52:d8:
71:a2:c9:aa:d6:c8:da:32:ce:73:be:a1:3d:fe:5d:32:5a:5c:
3b:7a:80:f0:48:8d:5b:a3:a8:a6:cf:8e:09:a3:1b:d2:6b:c4:
9e:d4:c0:25:e6:57:48:d3:6f:c0:18:3d:35:34:91:76:de:6d:
5c:83:53:e6:3c:1c:bb:28:9f:19:6b:36:35:6b:e3:0b:11:32:
c6:70:58:aa:a2:79:2e:85:35:e4:fb:98:42:e7:17:37:f6:dc:
87:5a:9a:1a:63:17:3c:4e:b3:85:bb:af:49:2f:9c:c8:5e:e7:
5f:f9:81:3c:47:14:d1:d8:18:72:1e:7d:9e:09:43:97:1b:f4:
54:90:93:7d:b8:dc:14:1b:13:56:6d:6c:fa:eb:3c:0d:0f:13:
f6:c0:09:80:46:b0:b8:eb:82:2d:ff:1d:45:2e:d9:b1:80:0d:
ee:18:f8:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040ssSQmDmJpam/Lfz01hRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMmI1Y2JmOTY3YTAzNDlkODg5NzA0YmI0ZDYxZmE1MjZh
MzFkNmYwHhcNMjYwMzI5MDkwMDMxWhcNMjYwMzMwMDkwMDMxWjAzMTEwLwYDVQQD
EyhjMmMzODgzMGE4N2FiMjdhZTc3YTk3OTk3OWVjMDJlOWZhNGU4ZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumxPwB1tAr52nmd00dyBaIdViwFN
HQBBww1foxwNytnOvS0BL6i4yKMfSHTB0yfn7vVCqvZpMGtust742eRJioL7ZKae
L3UptW5m/QWHOk46cVYYHfhuN3Uo9BxSo98AfG1VRiI7l0HuS1xPBPpcqahW39Ce
yYfJpY7a/Xr8lk0qrhcui4LT4NqzqYYrQRThNmQ0l6W+aouhZVaBQAxJsgh2SxY0
bwPfnTNHOx6TbB3/mpPah46LcnXA+0p+h9SRHgtDqzoFVW0U3R2TM4UmiVbmSutb
kifKhxg4kWLfIsquCokHaAi5WGohzs/X1NVK4hIPmyOEb7rSN4/M2W2s9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMLDiDCoerJ653qXmXnsAun6To3UMB8GA1UdIwQY
MBaAFN4rXL+WegNJ2IlwS7TWH6Umox1vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi82NDZlN2QtNGY0Ni00MDdjLWJkZDAt
ZmQ3MmQ5NjJkZjI3LzEvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi82NDZlN2QtNGY0Ni00MDdjLWJkZDAtZmQ3MmQ5NjJkZjI3
LzEvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAukhC4IVk
qII/KbA6+VW9AHd624jkZi8xW3+AFxOG9VZDHTw7LjZ+llRgO5+0Fps69EYXyvrT
A35O+BI9dCmyNlvScXwR4V0wxAQLvD04R8KrBx+hX5jivlLYcaLJqtbI2jLOc76h
Pf5dMlpcO3qA8EiNW6Oops+OCaMb0mvEntTAJeZXSNNvwBg9NTSRdt5tXINT5jwc
uyifGWs2NWvjCxEyxnBYqqJ5LoU15PuYQucXN/bch1qaGmMXPE6zhbuvSS+cyF7n
X/mBPEcU0dgYch59nglDlxv0VJCTfbjcFBsTVm1s+us8DQ8T9sAJgEawuOuCLf8d
RS7ZsYAN7hj45g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:58:57 2026 by rpki-client