Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft
File: 3-4r9D8hqBxJLG5qn8bwdNLwohc.mft (raw, json)
Hash identifier: jNtSKGRKBFIMMSbi86KNFTW08OoCLcS44DlahF61ylA=
Subject key identifier: ED:2D:3A:0F:74:10:52:5B:73:4A:A9:76:E0:24:80:3E:8D:DC:0F:7A
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Certificate issuer: /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial: 019DB16B3418E0F78D2ED67ECAA05AC2EB36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft
Manifest number: 18DB
Signing time: Tue 21 Apr 2026 19:01:25 +0000
Manifest this update: Tue 21 Apr 2026 19:01:25 +0000
Manifest next update: Wed 22 Apr 2026 19:01:25 +0000
Files and hashes: 1: 1fQajHTJp0S8KUunDd6YeyFtENM.roa (hash: mmAzmTwR/ELzJWO/mTGxkNnXnKiWntSSUF9kf4/Kzb4=)
2: 3-4r9D8hqBxJLG5qn8bwdNLwohc.crl (hash: vQ3UnL1A7jy8FZJrvzlE5cGXGBjT553mPGsCZdKxLqQ=)
3: 6I-aggcE89s528aMt_8CuZqJ61A.roa (hash: 1l0d6AnGSzNrEZie8Z3fZ9Fg7c3oqYcQ4vM6hMLN2Xk=)
4: AFp3F2X8yQTaBQfkM_zsF9UYmww.roa (hash: 7p1zPt6PNmGU8W+3TijuQxRqjYyJqKF96JpQUyZBeZY=)
5: EHQpUpEMo4S4SvN6ygFHQVkQJ6A.roa (hash: aL98OrOlu07CFPxf6rwXnJMO4vbO/beSHKJmE+F/5nQ=)
6: XBx3ZjkQBmOob1C1AQifpzrj3Es.roa (hash: toUyH2dFBi0jUqBudUbZQlU2ok2/b2pqbfdKdGPRAog=)
7: l6dcV9zJ9n_Ctd5EzzonA7X-jFo.roa (hash: mwxDuvlYfTCoynYTFAQOpS/BivdbtxW1voj1voq8fsg=)
8: rrxhY0T34NFm8dBURFOGg9BvJjw.roa (hash: CAUMQZvZz6QKlQgRUZEx4oRHdyyDBXGnUQ6HYMNXgDk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 14:21:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b1:6b:34:18:e0:f7:8d:2e:d6:7e:ca:a0:5a:c2:eb:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Validity
Not Before: Apr 21 19:01:25 2026 GMT
Not After : Apr 22 19:01:25 2026 GMT
Subject: CN=ed2d3a0f7410525b734aa976e024803e8ddc0f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:68:fa:4b:d0:8f:d6:a8:7b:5c:28:d4:c2:47:
b1:5e:93:09:54:cf:a0:3b:d1:55:9e:89:e1:04:8d:
07:75:11:5b:50:f4:84:27:d3:44:d2:0d:03:6e:f1:
88:4d:ae:a8:9e:26:14:ff:2c:94:20:6f:49:d3:c0:
61:23:ae:2e:28:16:c0:11:e6:39:2c:3a:5c:9a:14:
e8:36:5b:95:28:9d:74:d5:b5:95:91:ee:f9:7d:e2:
eb:41:6a:24:7e:34:11:d4:17:46:bf:8f:b2:41:72:
61:23:ba:bf:d7:77:7e:11:0f:e2:d5:f7:d2:ed:62:
10:67:50:ef:2f:81:7a:31:38:0c:d2:a1:8d:d2:9e:
e5:a8:04:f3:e6:d0:f2:a6:3e:9e:39:15:c1:3a:3c:
19:a6:14:a0:6b:82:bb:10:37:8d:31:9d:cc:c7:40:
43:17:2c:6d:c6:47:ff:18:7c:bb:be:91:75:52:9d:
80:d4:34:f8:03:95:c6:45:db:3e:65:f5:91:fe:0e:
2b:57:22:b7:8b:ab:c1:f0:3e:cd:8c:0e:8b:0f:e8:
cb:0e:48:e3:84:6c:86:50:d1:de:4e:12:05:f1:cf:
48:82:85:6a:ab:58:0d:c8:f4:ed:ef:f7:34:91:d4:
44:c7:6a:19:aa:8b:c1:2a:19:30:4b:8b:de:e4:19:
e4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:2D:3A:0F:74:10:52:5B:73:4A:A9:76:E0:24:80:3E:8D:DC:0F:7A
X509v3 Authority Key Identifier:
keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:41:c0:b3:9e:68:8e:0f:31:e5:56:89:85:69:f7:9c:eb:5d:
e2:eb:43:3e:20:27:ae:53:f8:b0:90:f6:d9:d5:b0:5a:52:de:
8e:86:bc:1f:7a:e1:82:57:c5:38:af:66:1f:06:86:d0:55:4f:
a4:38:ca:5c:4e:cd:96:0a:ef:36:62:5c:42:09:e1:05:e1:dc:
6c:95:53:67:81:df:a8:2c:b7:cb:ea:15:7e:24:31:c4:49:73:
35:94:08:1e:66:a1:bb:21:96:3d:65:e5:f8:3b:d8:90:d9:3e:
54:28:e7:18:e6:a7:05:3c:0a:a5:28:b8:36:12:eb:06:72:ba:
45:e4:d2:a3:a9:32:64:3a:0a:ea:45:ca:79:55:d5:29:bb:6b:
9d:2e:1d:07:40:da:15:4f:f9:13:27:3d:b7:65:1e:df:0e:85:
8e:da:d5:5c:23:3c:c2:38:1b:f4:84:93:07:3a:69:07:59:6d:
54:71:84:65:45:ff:da:6e:29:81:6a:91:28:c3:95:11:c5:b4:
b2:3e:63:5e:60:db:d5:86:40:d3:f3:68:e2:e7:6b:ba:68:66:
02:25:05:ff:b9:50:36:b5:3d:16:13:36:91:ae:60:a8:e5:f7:
48:20:1a:ed:66:9c:c5:c7:2c:3f:34:ca:c4:04:c8:25:e7:f4:
d8:cc:fa:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2xazQY4PeNLtZ+yqBawus2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm
MGEyMTcwHhcNMjYwNDIxMTkwMTI1WhcNMjYwNDIyMTkwMTI1WjAzMTEwLwYDVQQD
EyhlZDJkM2EwZjc0MTA1MjViNzM0YWE5NzZlMDI0ODAzZThkZGMwZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGj6S9CP1qh7XCjUwkexXpMJVM+g
O9FVnonhBI0HdRFbUPSEJ9NE0g0DbvGITa6oniYU/yyUIG9J08BhI64uKBbAEeY5
LDpcmhToNluVKJ101bWVke75feLrQWokfjQR1BdGv4+yQXJhI7q/13d+EQ/i1ffS
7WIQZ1DvL4F6MTgM0qGN0p7lqATz5tDypj6eORXBOjwZphSga4K7EDeNMZ3Mx0BD
Fyxtxkf/GHy7vpF1Up2A1DT4A5XGRds+ZfWR/g4rVyK3i6vB8D7NjA6LD+jLDkjj
hGyGUNHeThIF8c9IgoVqq1gNyPTt7/c0kdREx2oZqovBKhkwS4ve5BnkbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO0tOg90EFJbc0qpduAkgD6N3A96MB8GA1UdIwQY
MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt
MjhkNzhlYjlmMmRjLzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj
LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkEHAs55o
jg8x5VaJhWn3nOtd4utDPiAnrlP4sJD22dWwWlLejoa8H3rhglfFOK9mHwaG0FVP
pDjKXE7NlgrvNmJcQgnhBeHcbJVTZ4HfqCy3y+oVfiQxxElzNZQIHmahuyGWPWXl
+DvYkNk+VCjnGOanBTwKpSi4NhLrBnK6ReTSo6kyZDoK6kXKeVXVKbtrnS4dB0Da
FU/5Eyc9t2Ue3w6FjtrVXCM8wjgb9ISTBzppB1ltVHGEZUX/2m4pgWqRKMOVEcW0
sj5jXmDb1YZA0/No4udrumhmAiUF/7lQNrU9FhM2ka5gqOX3SCAa7WacxccsPzTK
xATIJef02Mz6BA==
-----END CERTIFICATE-----
Generated at Wed Apr 22 00:12:23 2026 by rpki-client