Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft
File: 3hL5ZansM-LC6HthYb7vuL4obKM.mft (raw, json)
Hash identifier: T1Lj5oZoIvRJPThEM3EHTu4Xp8AiBc3Hyx+gKAVosxA=
Subject key identifier: 4F:F2:C2:3F:E3:23:0E:6D:97:2F:F2:80:EC:AC:07:DD:22:7D:11:B0
Authority key identifier: DE:12:F9:65:A9:EC:33:E2:C2:E8:7B:61:61:BE:EF:B8:BE:28:6C:A3
Certificate issuer: /CN=de12f965a9ec33e2c2e87b6161beefb8be286ca3
Certificate serial: 019D382DD57E8BA3FD9CBBA776805BA22C1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft
Manifest number: 16B3
Signing time: Sun 29 Mar 2026 06:00:20 +0000
Manifest this update: Sun 29 Mar 2026 06:00:20 +0000
Manifest next update: Mon 30 Mar 2026 06:00:20 +0000
Files and hashes: 1: 3hL5ZansM-LC6HthYb7vuL4obKM.crl (hash: NohhhEEj/O9sH9Kz0R4Tjcv6nZRn9EqDqM6DrKrWNjE=)
2: dQKWrb4274MA9TnUoPK0iLguRN8.roa (hash: iabYGi8dw6jC4+Zg8izYgwpn552JIuXwr1GRxu62hag=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:d5:7e:8b:a3:fd:9c:bb:a7:76:80:5b:a2:2c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de12f965a9ec33e2c2e87b6161beefb8be286ca3
Validity
Not Before: Mar 29 06:00:20 2026 GMT
Not After : Mar 30 06:00:20 2026 GMT
Subject: CN=4ff2c23fe3230e6d972ff280ecac07dd227d11b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6c:3e:95:72:4f:9d:d3:0e:9e:73:22:fe:dd:
39:9a:d3:3c:2a:8b:41:4e:0f:ee:dd:bd:f6:74:4d:
89:c6:06:34:1b:ce:12:92:52:68:29:2c:dc:aa:89:
a4:76:b3:1e:78:19:b0:ba:8d:18:8d:d4:43:86:5b:
87:20:3d:11:7d:ab:cc:ae:e7:bb:2c:f0:be:5f:fb:
f2:0e:c4:aa:d4:43:53:0f:3d:21:d9:a6:78:57:e4:
c7:80:85:7e:8c:f5:6f:db:e5:67:a2:22:5c:ee:97:
50:f8:c9:d0:c0:c4:43:ca:3f:b7:e1:00:28:a2:c5:
12:b2:53:f0:85:22:33:20:91:3e:ab:15:0b:f8:49:
16:6f:76:24:5e:9e:f1:96:9e:49:3d:a7:d3:08:9c:
ca:63:02:6b:08:71:0a:44:2a:2d:ea:ab:01:84:7f:
40:f2:5e:2f:9d:9d:ee:bb:63:a5:71:1f:6c:cc:83:
b2:93:e2:06:19:27:fc:be:95:5c:ca:91:0b:23:de:
f1:21:4c:2c:c6:96:d2:fd:61:9f:63:d2:17:2f:dd:
d0:51:e4:bd:3d:dc:74:df:e6:de:46:0c:34:c3:a6:
2e:1d:68:95:f7:dd:a6:c5:e3:b1:14:7d:2b:37:e7:
78:5d:8d:96:90:8c:0a:a1:5a:0d:4a:4e:ca:b9:e1:
3f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F2:C2:3F:E3:23:0E:6D:97:2F:F2:80:EC:AC:07:DD:22:7D:11:B0
X509v3 Authority Key Identifier:
keyid:DE:12:F9:65:A9:EC:33:E2:C2:E8:7B:61:61:BE:EF:B8:BE:28:6C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:bc:46:4e:46:c2:13:20:81:68:b3:88:f4:44:75:64:99:07:
06:8a:c2:52:f3:f0:15:e7:19:9b:4f:30:3b:ae:c2:7a:23:da:
70:69:e3:57:e3:00:f6:f1:7f:b0:58:f8:0c:e2:ef:07:e6:0f:
6d:e6:38:a8:c9:08:ec:36:ed:07:b4:87:d9:eb:37:84:cd:37:
12:e4:58:1c:00:84:23:f8:77:83:5c:9f:e9:8f:d1:1f:87:8e:
1d:86:e6:61:c4:29:48:de:87:37:58:c4:22:3d:9d:e2:97:9f:
e2:49:60:ea:01:65:e7:5e:c4:b9:0b:67:02:bb:ae:d3:40:93:
4a:04:08:8f:99:9e:e8:58:82:02:7c:c2:2a:d3:5c:d8:5d:6b:
36:02:af:60:2c:f6:51:76:86:de:30:7f:d5:f6:da:6f:88:c8:
4e:8e:fc:6b:42:52:27:7b:e1:4c:4a:59:b1:28:66:16:54:74:
aa:ab:ff:91:fc:29:78:ec:4f:0a:67:b2:3a:2d:cd:64:fd:c8:
1f:d7:dc:45:a4:de:e8:e0:d4:95:25:33:d6:0d:d1:11:2b:d7:
cc:fa:b4:fc:16:3b:bd:84:a3:4f:bf:0d:af:18:a8:80:db:61:
46:32:3c:26:cf:f8:c8:08:97:f3:c2:bf:c8:1c:85:fe:86:68:
76:75:68:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LdV+i6P9nLundoBboiwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTJmOTY1YTllYzMzZTJjMmU4N2I2MTYxYmVlZmI4YmUy
ODZjYTMwHhcNMjYwMzI5MDYwMDIwWhcNMjYwMzMwMDYwMDIwWjAzMTEwLwYDVQQD
Eyg0ZmYyYzIzZmUzMjMwZTZkOTcyZmYyODBlY2FjMDdkZDIyN2QxMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGw+lXJPndMOnnMi/t05mtM8KotB
Tg/u3b32dE2JxgY0G84SklJoKSzcqomkdrMeeBmwuo0YjdRDhluHID0RfavMrue7
LPC+X/vyDsSq1ENTDz0h2aZ4V+THgIV+jPVv2+VnoiJc7pdQ+MnQwMRDyj+34QAo
osUSslPwhSIzIJE+qxUL+EkWb3YkXp7xlp5JPafTCJzKYwJrCHEKRCot6qsBhH9A
8l4vnZ3uu2OlcR9szIOyk+IGGSf8vpVcypELI97xIUwsxpbS/WGfY9IXL93QUeS9
Pdx03+beRgw0w6YuHWiV992mxeOxFH0rN+d4XY2WkIwKoVoNSk7KueE/LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/ywj/jIw5tly/ygOysB90ifRGwMB8GA1UdIwQY
MBaAFN4S+WWp7DPiwuh7YWG+77i+KGyjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wZjAzNzMtZGI2ZC00Nzk3LTgyMGQt
YjZkMTJhYzY2ODMxLzEvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wZjAzNzMtZGI2ZC00Nzk3LTgyMGQtYjZkMTJhYzY2ODMx
LzEvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQbxGTkbC
EyCBaLOI9ER1ZJkHBorCUvPwFecZm08wO67CeiPacGnjV+MA9vF/sFj4DOLvB+YP
beY4qMkI7DbtB7SH2es3hM03EuRYHACEI/h3g1yf6Y/RH4eOHYbmYcQpSN6HN1jE
Ij2d4pef4klg6gFl517EuQtnAruu00CTSgQIj5me6FiCAnzCKtNc2F1rNgKvYCz2
UXaG3jB/1fbab4jITo78a0JSJ3vhTEpZsShmFlR0qqv/kfwpeOxPCmeyOi3NZP3I
H9fcRaTe6ODUlSUz1g3RESvXzPq0/BY7vYSjT78NrxiogNthRjI8Js/4yAiX88K/
yByF/oZodnVoew==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:35:00 2026 by rpki-client