Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
File: 3VP2PxOgyVKgefRXihDtv246pYs.mft (raw, json)
Hash identifier: VcpOJ37DxEXAt2s/Mikk07VKvXHRZgzqkZZnrvTeDcI=
Subject key identifier: F9:F7:77:B8:6E:A7:50:EA:32:A8:48:3F:6E:E6:3E:8C:BC:69:C7:BF
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 019D371B5C7C87E95DBF13F4B1D87373A98F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
Manifest number: 17FE
Signing time: Sun 29 Mar 2026 01:00:33 +0000
Manifest this update: Sun 29 Mar 2026 01:00:33 +0000
Manifest next update: Mon 30 Mar 2026 01:00:33 +0000
Files and hashes: 1: 3VP2PxOgyVKgefRXihDtv246pYs.crl (hash: 3Nl/4V90RYnJBHGOQYoG3giyA6JAtjnTlSHDZKK4Ji4=)
2: TWjQ2gsQUU9MXDJP00l8lOI_i8I.roa (hash: PtqnNrTefbS8Cw3BlkL6LKO9S8DUkKbOBZ0zbUviWfs=)
3: WoaNei28YSaPDdcENSu3LjSXLKg.roa (hash: YXB0+7Vswy/qgNB0Agbnb+glIUAaceZRMWc/efKKqKU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 01:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:1b:5c:7c:87:e9:5d:bf:13:f4:b1:d8:73:73:a9:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: Mar 29 01:00:33 2026 GMT
Not After : Mar 30 01:00:33 2026 GMT
Subject: CN=f9f777b86ea750ea32a8483f6ee63e8cbc69c7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:14:d9:cc:fc:e0:15:f8:08:73:a8:2b:b9:a0:
2d:1a:5f:e6:2b:21:94:11:9a:29:97:a4:29:9f:de:
bc:45:d7:b2:ad:c5:5c:b1:9e:aa:7a:9f:ba:87:87:
8b:1c:c0:1f:c0:89:2a:db:17:ca:f8:e6:a6:92:59:
2c:5f:6e:89:e4:06:26:7f:be:8d:43:51:ec:f3:a8:
32:f9:06:33:3f:55:a5:a1:5e:59:57:22:09:e3:b9:
6c:0b:8a:f5:5b:50:2f:08:d8:71:e5:91:5d:ee:c7:
3e:08:8d:80:66:ce:22:72:e0:81:6a:da:47:da:c7:
3b:3a:15:18:9e:e8:2d:5f:4f:f2:67:3e:a3:88:7a:
11:dd:80:52:e9:6b:4b:67:59:78:8e:f9:f2:15:d5:
e2:0b:9e:d2:83:fd:25:e1:7a:fb:ca:e8:a4:3e:1b:
80:09:bb:1e:a3:8b:50:f9:5d:61:f1:34:06:55:a4:
8c:94:84:aa:d0:f2:ea:8e:31:1b:6c:e2:36:ea:35:
d9:55:4c:f0:80:14:7e:6d:56:e8:82:85:be:d3:aa:
eb:ed:f4:7c:c3:3c:47:07:12:46:55:06:ad:e8:d6:
4e:cc:cf:ea:b8:05:68:01:1d:97:c3:4e:49:77:74:
6c:5b:02:e6:5b:06:72:7d:e6:46:89:a7:cf:fb:84:
3d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F7:77:B8:6E:A7:50:EA:32:A8:48:3F:6E:E6:3E:8C:BC:69:C7:BF
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:32:f3:95:0a:00:93:0f:00:69:f4:93:a8:ad:69:45:26:04:
a5:78:9e:65:ab:71:61:b2:e5:27:e0:18:c2:5d:14:e2:07:e1:
60:b5:c1:c7:8f:a1:52:b1:b5:97:69:15:21:f5:2c:f3:d9:05:
b5:d3:71:78:1c:00:a3:21:5b:28:57:61:8e:67:cf:9d:74:9d:
15:f4:e1:43:c8:f6:73:17:24:0e:e6:af:6b:9d:b7:49:b1:af:
bc:1d:bf:35:46:3e:6a:99:f8:a4:85:9b:3c:7f:af:45:0b:78:
5b:05:e7:69:f2:65:48:34:bc:5c:4b:6b:04:a3:9b:ef:5b:6a:
61:a5:b8:90:0d:83:70:f7:5b:d7:43:d5:b5:fe:9b:d0:76:ba:
0d:55:ef:c8:a4:5d:f9:30:98:6b:ec:5a:f3:74:2e:d4:e7:5c:
b6:d6:f6:f8:ce:b3:f7:08:c6:d2:b8:dc:fe:fb:8f:d7:6f:7a:
2b:9d:82:6b:c4:e0:0e:f5:48:29:24:5b:ea:3c:43:f6:e1:ef:
9e:49:89:fb:b1:c7:ad:b4:59:41:17:81:c7:4a:52:44:9e:52:
94:75:12:3f:be:04:4a:26:54:72:f5:89:c3:54:6b:9f:03:25:
c7:c7:8f:51:e8:31:ca:be:09:65:3f:d9:ab:62:d6:23:d9:1b:
1f:d0:2b:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G1x8h+ldvxP0sdhzc6mPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTNmNjNmMTNhMGM5NTJhMDc5ZjQ1NzhhMTBlZGJmNmUz
YWE1OGIwHhcNMjYwMzI5MDEwMDMzWhcNMjYwMzMwMDEwMDMzWjAzMTEwLwYDVQQD
EyhmOWY3NzdiODZlYTc1MGVhMzJhODQ4M2Y2ZWU2M2U4Y2JjNjljN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxTZzPzgFfgIc6gruaAtGl/mKyGU
EZopl6Qpn968RdeyrcVcsZ6qep+6h4eLHMAfwIkq2xfK+OamklksX26J5AYmf76N
Q1Hs86gy+QYzP1WloV5ZVyIJ47lsC4r1W1AvCNhx5ZFd7sc+CI2AZs4icuCBatpH
2sc7OhUYnugtX0/yZz6jiHoR3YBS6WtLZ1l4jvnyFdXiC57Sg/0l4Xr7yuikPhuA
Cbseo4tQ+V1h8TQGVaSMlISq0PLqjjEbbOI26jXZVUzwgBR+bVbogoW+06rr7fR8
wzxHBxJGVQat6NZOzM/quAVoAR2Xw05Jd3RsWwLmWwZyfeZGiafP+4Q9EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPn3d7hup1DqMqhIP27mPoy8ace/MB8GA1UdIwQY
MBaAFN1T9j8ToMlSoHn0V4oQ7b9uOqWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYt
NWNkZmExMTdhZWM2LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYtNWNkZmExMTdhZWM2
LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAczLzlQoA
kw8AafSTqK1pRSYEpXieZatxYbLlJ+AYwl0U4gfhYLXBx4+hUrG1l2kVIfUs89kF
tdNxeBwAoyFbKFdhjmfPnXSdFfThQ8j2cxckDuava523SbGvvB2/NUY+apn4pIWb
PH+vRQt4WwXnafJlSDS8XEtrBKOb71tqYaW4kA2DcPdb10PVtf6b0Ha6DVXvyKRd
+TCYa+xa83Qu1Odcttb2+M6z9wjG0rjc/vuP1296K52Ca8TgDvVIKSRb6jxD9uHv
nkmJ+7HHrbRZQReBx0pSRJ5SlHUSP74ESiZUcvWJw1RrnwMlx8ePUegxyr4JZT/Z
q2LWI9kbH9Ar6A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:25 2026 by rpki-client