Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
File: 3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json)
Hash identifier: KCPqGgVix8VnSKwkPTN6BHsQ6PhxSLwaXamMBI96i3E=
Subject key identifier: 15:DD:B9:A9:01:3B:F5:3E:F5:D5:30:B2:5E:BA:E3:F4:75:02:E2:4B
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Certificate issuer: /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial: 019CE222582049A789955639A861348A255B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
Manifest number: 0912
Signing time: Thu 12 Mar 2026 13:00:27 +0000
Manifest this update: Thu 12 Mar 2026 13:00:27 +0000
Manifest next update: Fri 13 Mar 2026 13:00:27 +0000
Files and hashes: 1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: LcJgXAs+EB2kFzDZLuSld7fberuL5M7602+XT+7Gxks=)
2: KyIGNZFDdjiF9uvViG3nRW9Bmw8.roa (hash: DzYiLKcYFU2Q0VtZNwQkwth/5N+BuGWGx0hMS551gkc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 13:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e2:22:58:20:49:a7:89:95:56:39:a8:61:34:8a:25:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Validity
Not Before: Mar 12 13:00:27 2026 GMT
Not After : Mar 13 13:00:27 2026 GMT
Subject: CN=15ddb9a9013bf53ef5d530b25ebae3f47502e24b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7d:46:5d:b0:a9:0e:f3:ed:97:4f:fc:da:69:
d2:15:88:84:e4:3f:fe:1b:39:62:2a:b6:29:f8:db:
28:36:f5:67:98:15:4e:4c:24:c4:10:ef:48:db:a2:
02:98:2c:ad:8a:c2:4b:ab:da:9c:2e:98:11:f1:87:
f2:bc:50:1a:86:a8:9b:47:f8:40:a5:4e:03:84:d5:
30:54:07:2d:20:cf:bf:14:9c:7d:5b:8b:ab:3a:ca:
5c:90:56:24:82:af:f0:c9:38:98:ec:30:40:b6:cb:
88:3c:8f:4b:8a:d2:39:1d:bf:2d:c2:69:e8:58:5f:
61:12:2a:de:40:96:b9:78:e5:61:af:e6:c4:b2:2b:
e5:93:e4:28:04:58:58:02:08:9c:49:9d:6f:59:7c:
a4:8e:cf:ed:c1:be:94:62:28:33:60:ae:16:4a:b5:
53:f6:5a:9c:f5:58:2e:9d:75:6c:50:09:69:ea:01:
a4:8f:2a:a2:d5:a1:01:59:5b:fc:88:51:9f:4b:7b:
07:d4:40:95:57:69:6f:b7:17:93:e3:c5:6d:86:25:
15:bc:9c:d3:56:c9:0a:71:c8:1e:ab:e3:a4:7b:fe:
0c:b6:4d:61:b8:bf:0b:b6:42:1d:a5:9b:73:4e:6f:
05:46:98:7a:fd:c9:17:95:92:ca:ad:ca:31:3e:56:
ca:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:DD:B9:A9:01:3B:F5:3E:F5:D5:30:B2:5E:BA:E3:F4:75:02:E2:4B
X509v3 Authority Key Identifier:
keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:1a:8a:92:9b:8f:7c:56:bf:ad:56:df:80:86:b9:58:18:f2:
92:dd:9d:f7:c3:60:74:87:32:41:85:36:fd:e1:03:0e:23:21:
44:ad:59:c1:7a:67:f2:54:fe:0b:75:be:99:80:db:41:db:f5:
68:6f:c1:51:91:22:d6:34:c6:98:a1:d0:87:e6:3d:47:26:d6:
e1:6c:e0:4e:20:57:d5:16:43:d8:c5:15:b4:99:f6:7f:00:f3:
b9:1e:41:a2:a7:d1:89:10:2b:9d:ec:e7:75:ba:1f:d7:1d:05:
59:5a:17:70:52:c3:99:87:64:a4:16:c7:36:87:54:d2:e9:84:
3f:f4:62:85:82:2e:73:8b:bd:47:9e:e8:81:a2:39:b7:f1:cc:
95:d3:96:05:27:59:68:c0:33:87:8b:9a:49:ea:11:58:57:4d:
71:43:dc:f8:d5:0d:21:ae:3d:3e:3e:75:2d:da:8f:de:e6:de:
5d:ce:b4:7e:ec:47:bc:c3:ad:6d:27:1b:63:a5:1e:24:8b:e6:
ac:b9:ce:0d:58:41:70:f3:f9:31:61:72:af:7e:5c:85:e6:14:
ec:c2:4b:55:0c:12:5e:f4:5b:fa:55:c5:31:22:21:f3:92:25:
78:09:3b:bb:30:90:9e:07:e9:2e:78:48:1b:31:54:9d:21:03:
bf:65:0c:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZziIlggSaeJlVY5qGE0iiVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjYwMzEyMTMwMDI3WhcNMjYwMzEzMTMwMDI3WjAzMTEwLwYDVQQD
EygxNWRkYjlhOTAxM2JmNTNlZjVkNTMwYjI1ZWJhZTNmNDc1MDJlMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx31GXbCpDvPtl0/82mnSFYiE5D/+
GzliKrYp+NsoNvVnmBVOTCTEEO9I26ICmCytisJLq9qcLpgR8YfyvFAahqibR/hA
pU4DhNUwVActIM+/FJx9W4urOspckFYkgq/wyTiY7DBAtsuIPI9LitI5Hb8twmno
WF9hEireQJa5eOVhr+bEsivlk+QoBFhYAgicSZ1vWXykjs/twb6UYigzYK4WSrVT
9lqc9VgunXVsUAlp6gGkjyqi1aEBWVv8iFGfS3sH1ECVV2lvtxeT48VthiUVvJzT
VskKccgeq+Oke/4Mtk1huL8LtkIdpZtzTm8FRph6/ckXlZLKrcoxPlbKvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXduakBO/U+9dUwsl664/R1AuJLMB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYxqKkpuP
fFa/rVbfgIa5WBjykt2d98NgdIcyQYU2/eEDDiMhRK1ZwXpn8lT+C3W+mYDbQdv1
aG/BUZEi1jTGmKHQh+Y9RybW4WzgTiBX1RZD2MUVtJn2fwDzuR5BoqfRiRArnezn
dbof1x0FWVoXcFLDmYdkpBbHNodU0umEP/RihYIuc4u9R57ogaI5t/HMldOWBSdZ
aMAzh4uaSeoRWFdNcUPc+NUNIa49Pj51LdqP3ubeXc60fuxHvMOtbScbY6UeJIvm
rLnODVhBcPP5MWFyr35cheYU7MJLVQwSXvRb+lXFMSIh85IleAk7uzCQngfpLnhI
GzFUnSEDv2UMGg==
-----END CERTIFICATE-----
Generated at Thu Mar 12 22:42:12 2026 by rpki-client