Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/3xWNyykOxa5_ZsH6D42WMhHe6lQ.mft
File: 3xWNyykOxa5_ZsH6D42WMhHe6lQ.mft (raw, json)
Hash identifier: yygsD8LuY4ckyDUoNgyQn70T8Q1qZPj9kLs/AdQB1Bw=
Subject key identifier: 47:1A:41:F4:4A:D5:EC:27:0F:D7:93:18:F4:9D:AD:E0:0C:14:EE:E0
Authority key identifier: DF:15:8D:CB:29:0E:C5:AE:7F:66:C1:FA:0F:8D:96:32:11:DE:EA:54
Certificate issuer: /CN=df158dcb290ec5ae7f66c1fa0f8d963211deea54
Certificate serial: 019D394078AB844A5127705BC2DA7C104743
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3xWNyykOxa5_ZsH6D42WMhHe6lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/3xWNyykOxa5_ZsH6D42WMhHe6lQ.mft
Manifest number: 03A3
Signing time: Sun 29 Mar 2026 11:00:19 +0000
Manifest this update: Sun 29 Mar 2026 11:00:19 +0000
Manifest next update: Mon 30 Mar 2026 11:00:19 +0000
Files and hashes: 1: 3xWNyykOxa5_ZsH6D42WMhHe6lQ.crl (hash: GwgfcWB75PYsXC3yoMQKtYVWfRQjIC6WVoAr54RpIvU=)
2: jMWE95cdXToEzGHRnrJGNVd_shY.roa (hash: ggn3Fl2wZwmOiQ6vfdHYpUj0Mg0aJO8O6vjWtwjQjkU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/3xWNyykOxa5_ZsH6D42WMhHe6lQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/3xWNyykOxa5_ZsH6D42WMhHe6lQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/3xWNyykOxa5_ZsH6D42WMhHe6lQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:78:ab:84:4a:51:27:70:5b:c2:da:7c:10:47:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df158dcb290ec5ae7f66c1fa0f8d963211deea54
Validity
Not Before: Mar 29 11:00:19 2026 GMT
Not After : Mar 30 11:00:19 2026 GMT
Subject: CN=471a41f44ad5ec270fd79318f49dade00c14eee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:09:a1:7a:84:9b:f2:db:24:e3:c6:64:e7:d2:
7d:07:62:8a:53:7c:35:57:57:91:5e:25:97:4a:0d:
5f:b8:1a:fb:c9:31:4a:6a:0d:72:7d:bf:65:63:d3:
75:1d:a5:69:ad:d5:6c:1d:e0:a4:28:d7:0e:73:6f:
cb:02:0e:8e:cc:10:9a:a6:81:94:58:11:4b:ac:cf:
56:15:c7:50:f4:ad:43:e3:74:fc:20:b7:3a:cc:9f:
b7:5c:a4:16:00:4e:f6:f4:a0:b7:fd:a6:b2:16:ce:
4f:32:76:fb:82:fa:12:f3:cd:91:ca:12:25:07:1d:
cd:1e:4f:7e:0e:3d:b6:c1:17:75:2e:60:a0:5d:69:
04:81:21:08:05:e8:f6:66:09:37:41:9f:1d:f5:fd:
94:4f:a3:cd:82:99:a7:ae:28:d3:43:05:f2:40:84:
45:18:ba:2f:2f:56:0e:cd:89:00:1a:87:2d:01:c7:
f9:b6:f8:33:e9:c7:10:24:5d:34:65:c9:ba:11:3f:
25:09:a0:10:08:70:fc:5b:d5:99:97:a7:5f:55:0d:
04:62:ee:ef:a5:57:bb:3a:70:db:f9:20:f8:85:af:
04:76:14:56:9e:2c:58:05:c8:aa:af:6b:c4:52:00:
5b:86:70:07:8c:9d:92:c4:37:66:bd:b2:b6:ea:97:
b4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:1A:41:F4:4A:D5:EC:27:0F:D7:93:18:F4:9D:AD:E0:0C:14:EE:E0
X509v3 Authority Key Identifier:
keyid:DF:15:8D:CB:29:0E:C5:AE:7F:66:C1:FA:0F:8D:96:32:11:DE:EA:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3xWNyykOxa5_ZsH6D42WMhHe6lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/3xWNyykOxa5_ZsH6D42WMhHe6lQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/3xWNyykOxa5_ZsH6D42WMhHe6lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:15:61:87:a2:f0:7f:cc:1b:70:39:9f:e3:b2:3b:95:5d:7c:
dd:1c:65:02:ca:7c:3d:e0:d5:db:b9:c1:4c:f8:c3:c2:f5:62:
ce:7b:b2:8c:3b:e1:14:29:5d:04:5c:2d:5c:ee:50:dc:00:f5:
a2:4f:86:e9:8d:92:2a:30:0f:bb:bc:b5:5e:10:22:1c:f8:ad:
1a:9d:7a:d8:b4:af:2b:50:6f:bb:1c:36:26:0b:65:8b:a4:67:
49:27:2d:db:4e:bb:04:49:5e:2c:c1:78:9c:73:3b:9b:77:48:
59:2a:d9:39:65:b1:1d:b0:d1:23:c5:20:0b:24:aa:3b:ce:db:
3c:2e:6b:e4:36:21:aa:02:3f:f1:93:f5:6d:d0:fe:9d:aa:62:
eb:6f:1f:47:d3:84:d0:51:1b:53:0d:b3:c1:a0:d4:9f:b2:96:
27:f2:a2:96:68:dd:2a:a0:f3:a6:8f:b7:23:4e:ef:ef:9e:4f:
7a:e7:38:a2:cd:30:04:a3:33:18:c1:25:8f:fe:2e:b5:09:af:
2b:b2:7a:dd:40:6a:0a:ba:ba:26:ff:32:20:2f:d9:4e:86:f8:
e7:89:38:d2:f2:27:97:7d:1b:b3:36:db:f1:57:9c:e6:3f:e2:
54:da:41:93:a3:9a:1a:81:0b:f4:e4:91:73:14:83:de:27:e5:
f1:18:57:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QHirhEpRJ3Bbwtp8EEdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMTU4ZGNiMjkwZWM1YWU3ZjY2YzFmYTBmOGQ5NjMyMTFk
ZWVhNTQwHhcNMjYwMzI5MTEwMDE5WhcNMjYwMzMwMTEwMDE5WjAzMTEwLwYDVQQD
Eyg0NzFhNDFmNDRhZDVlYzI3MGZkNzkzMThmNDlkYWRlMDBjMTRlZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wmheoSb8tsk48Zk59J9B2KKU3w1
V1eRXiWXSg1fuBr7yTFKag1yfb9lY9N1HaVprdVsHeCkKNcOc2/LAg6OzBCapoGU
WBFLrM9WFcdQ9K1D43T8ILc6zJ+3XKQWAE729KC3/aayFs5PMnb7gvoS882RyhIl
Bx3NHk9+Dj22wRd1LmCgXWkEgSEIBej2Zgk3QZ8d9f2UT6PNgpmnrijTQwXyQIRF
GLovL1YOzYkAGoctAcf5tvgz6ccQJF00Zcm6ET8lCaAQCHD8W9WZl6dfVQ0EYu7v
pVe7OnDb+SD4ha8EdhRWnixYBciqr2vEUgBbhnAHjJ2SxDdmvbK26pe0/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcaQfRK1ewnD9eTGPSdreAMFO7gMB8GA1UdIwQY
MBaAFN8VjcspDsWuf2bB+g+NljIR3upUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3hXTnl5a094YTVfWnNINkQ0MldNaEhlNmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hNTRiODUtYWYzZS00N2M2LTgwZTct
YzQxNDJkZjM1Y2MzLzEvM3hXTnl5a094YTVfWnNINkQ0MldNaEhlNmxRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hNTRiODUtYWYzZS00N2M2LTgwZTctYzQxNDJkZjM1Y2Mz
LzEvM3hXTnl5a094YTVfWnNINkQ0MldNaEhlNmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApBVhh6Lw
f8wbcDmf47I7lV183RxlAsp8PeDV27nBTPjDwvViznuyjDvhFCldBFwtXO5Q3AD1
ok+G6Y2SKjAPu7y1XhAiHPitGp162LSvK1Bvuxw2Jgtli6RnSSct2067BEleLMF4
nHM7m3dIWSrZOWWxHbDRI8UgCySqO87bPC5r5DYhqgI/8ZP1bdD+napi628fR9OE
0FEbUw2zwaDUn7KWJ/KilmjdKqDzpo+3I07v755Peuc4os0wBKMzGMElj/4utQmv
K7J63UBqCrq6Jv8yIC/ZTob454k40vInl30bszbb8Vec5j/iVNpBk6OaGoEL9OSR
cxSD3ifl8RhX8Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:00:25 2026 by rpki-client