Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
File: 3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json)
Hash identifier: Zsk2vLlyxNENmmFJbSyvADKko2nwZ6xm+EJwRNQUDYs=
Subject key identifier: 2D:78:43:84:64:85:70:0E:43:F3:0B:BA:EB:97:D3:A7:D1:B8:27:68
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Certificate issuer: /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial: 019DCDBE0249F658C10F035D8B8AD18823A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
Manifest number: 098C
Signing time: Mon 27 Apr 2026 07:01:14 +0000
Manifest this update: Mon 27 Apr 2026 07:01:14 +0000
Manifest next update: Tue 28 Apr 2026 07:01:14 +0000
Files and hashes: 1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: /Qpt9yj3mPJfGtOpcS6zB/lrG0QGZLoLFA5zKL30NBk=)
2: KyIGNZFDdjiF9uvViG3nRW9Bmw8.roa (hash: DzYiLKcYFU2Q0VtZNwQkwth/5N+BuGWGx0hMS551gkc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 23:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cd:be:02:49:f6:58:c1:0f:03:5d:8b:8a:d1:88:23:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Validity
Not Before: Apr 27 07:01:14 2026 GMT
Not After : Apr 28 07:01:14 2026 GMT
Subject: CN=2d7843846485700e43f30bbaeb97d3a7d1b82768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:0a:bc:45:42:16:bf:e9:0c:1e:32:00:61:7f:
56:82:5f:85:52:5b:6d:5c:2c:27:03:8a:eb:25:5f:
ef:39:ef:d0:72:43:3c:cd:29:1b:76:01:00:09:aa:
6d:73:6b:f6:cd:e4:cf:bf:ee:ee:08:bd:99:3a:cc:
69:a9:79:37:8b:e3:7f:90:c9:18:ee:de:46:bf:af:
15:08:54:a2:dd:5e:8f:d8:98:e9:99:e5:50:de:1c:
f1:c5:c0:8a:5d:c3:dd:9b:98:f2:b2:3f:a4:f8:f2:
d4:13:30:7c:71:43:55:38:6b:8e:bf:88:80:f1:da:
3d:54:ba:67:88:e8:68:6c:7d:33:58:3e:76:bb:81:
26:d3:f9:d2:53:36:70:f6:af:0a:9d:dd:71:ae:ee:
15:26:08:d8:4b:b5:00:1f:35:bb:fc:a3:4a:71:d5:
24:67:dd:09:ff:b5:a7:60:0c:b5:ec:71:37:89:0a:
89:af:71:e2:3d:e5:26:ef:b8:74:82:51:cd:a0:30:
73:38:99:18:e5:f8:df:72:c7:a8:70:97:68:22:7b:
9d:df:50:8f:4c:69:12:b8:1b:c6:5e:98:92:97:43:
f8:43:2d:21:fe:07:d4:93:99:f1:d8:24:97:58:c6:
04:01:be:6f:ec:11:24:aa:10:1d:af:03:39:97:56:
0e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:78:43:84:64:85:70:0E:43:F3:0B:BA:EB:97:D3:A7:D1:B8:27:68
X509v3 Authority Key Identifier:
keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:b8:71:2a:a1:07:ff:28:ab:c5:b7:b4:82:08:e1:d6:a5:48:
b6:cf:48:ca:54:cb:c9:75:ca:2a:75:72:8e:a2:61:40:b0:20:
24:8e:7b:00:6b:56:70:9a:c1:f2:9e:15:82:83:cd:d4:50:3d:
77:d6:ca:f1:4a:c9:51:2b:03:83:d8:e4:5f:86:58:d5:26:fd:
17:14:4e:39:40:e9:05:f4:69:77:0b:8c:c9:bc:d9:37:2b:f2:
0b:f8:a7:1b:9b:99:32:eb:a5:61:e9:27:19:c6:32:ef:fd:8d:
a2:7e:a5:ae:f2:ca:96:bc:f7:8f:45:62:ba:ae:d8:be:08:e8:
fb:4d:65:55:9e:22:29:fd:ba:7e:d3:f9:ea:0c:80:58:25:47:
24:48:9e:01:42:c2:27:f7:f4:ed:fd:de:ab:f5:ac:1c:bc:28:
94:c3:51:6c:22:3e:7a:cf:36:47:d0:e2:72:ea:1e:0d:5f:d4:
b3:bc:6e:a8:21:3f:32:e3:d8:60:82:e9:3c:a4:bc:26:f5:d3:
54:b1:ed:38:e5:0d:0f:ba:50:c5:93:17:77:d1:38:0b:4c:35:
07:53:1a:be:19:bb:c5:56:65:0d:90:a7:f7:4c:9d:7a:ba:83:
8b:ee:e5:2f:26:e4:3f:56:b3:ed:8d:f9:9f:ad:68:9a:88:a7:
fa:93:96:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3NvgJJ9ljBDwNdi4rRiCOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjYwNDI3MDcwMTE0WhcNMjYwNDI4MDcwMTE0WjAzMTEwLwYDVQQD
EygyZDc4NDM4NDY0ODU3MDBlNDNmMzBiYmFlYjk3ZDNhN2QxYjgyNzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wq8RUIWv+kMHjIAYX9Wgl+FUltt
XCwnA4rrJV/vOe/QckM8zSkbdgEACaptc2v2zeTPv+7uCL2ZOsxpqXk3i+N/kMkY
7t5Gv68VCFSi3V6P2JjpmeVQ3hzxxcCKXcPdm5jysj+k+PLUEzB8cUNVOGuOv4iA
8do9VLpniOhobH0zWD52u4Em0/nSUzZw9q8Knd1xru4VJgjYS7UAHzW7/KNKcdUk
Z90J/7WnYAy17HE3iQqJr3HiPeUm77h0glHNoDBzOJkY5fjfcseocJdoInud31CP
TGkSuBvGXpiSl0P4Qy0h/gfUk5nx2CSXWMYEAb5v7BEkqhAdrwM5l1YOgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC14Q4RkhXAOQ/MLuuuX06fRuCdoMB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYLhxKqEH
/yirxbe0ggjh1qVIts9IylTLyXXKKnVyjqJhQLAgJI57AGtWcJrB8p4VgoPN1FA9
d9bK8UrJUSsDg9jkX4ZY1Sb9FxROOUDpBfRpdwuMybzZNyvyC/inG5uZMuulYekn
GcYy7/2Non6lrvLKlrz3j0Viuq7Yvgjo+01lVZ4iKf26ftP56gyAWCVHJEieAULC
J/f07f3eq/WsHLwolMNRbCI+es82R9DicuoeDV/Us7xuqCE/MuPYYILpPKS8JvXT
VLHtOOUND7pQxZMXd9E4C0w1B1Mavhm7xVZlDZCn90yderqDi+7lLybkP1az7Y35
n61omoin+pOWNA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 09:16:28 2026 by rpki-client