Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/652dfe-acae-4243-bf33-30bbfc0855e4/1/3VsiS2WT5VgDip5A5mDHcUJ1XBs.mft
File: 3VsiS2WT5VgDip5A5mDHcUJ1XBs.mft (raw, json)
Hash identifier: ERpbHgPd2ZcMVR57DthtF5E0TT81IDqnZe8DbAL/cfQ=
Subject key identifier: 80:75:D4:AB:51:A6:E6:AA:3C:4F:12:40:CD:11:CF:EC:D3:2C:77:D0
Authority key identifier: DD:5B:22:4B:65:93:E5:58:03:8A:9E:40:E6:60:C7:71:42:75:5C:1B
Certificate issuer: /CN=dd5b224b6593e558038a9e40e660c77142755c1b
Certificate serial: 019D3A1CCBD8BEF266F08F3A357C0AB552D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VsiS2WT5VgDip5A5mDHcUJ1XBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/652dfe-acae-4243-bf33-30bbfc0855e4/1/3VsiS2WT5VgDip5A5mDHcUJ1XBs.mft
Manifest number: 0CA2
Signing time: Sun 29 Mar 2026 15:00:58 +0000
Manifest this update: Sun 29 Mar 2026 15:00:58 +0000
Manifest next update: Mon 30 Mar 2026 15:00:58 +0000
Files and hashes: 1: 3VsiS2WT5VgDip5A5mDHcUJ1XBs.crl (hash: PUGtWdAFihUaT3hUrkinoNyDVS/gN30UGxp2hAdgT6c=)
2: qVOiKU3-XCJIV1dlmVqm9Z8OCSU.roa (hash: 1b1b4ZznQQVB7nOvdHCZX+1O8620BLLwp7A6OVcEvQw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/652dfe-acae-4243-bf33-30bbfc0855e4/1/3VsiS2WT5VgDip5A5mDHcUJ1XBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/652dfe-acae-4243-bf33-30bbfc0855e4/1/3VsiS2WT5VgDip5A5mDHcUJ1XBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VsiS2WT5VgDip5A5mDHcUJ1XBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:1c:cb:d8:be:f2:66:f0:8f:3a:35:7c:0a:b5:52:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd5b224b6593e558038a9e40e660c77142755c1b
Validity
Not Before: Mar 29 15:00:58 2026 GMT
Not After : Mar 30 15:00:58 2026 GMT
Subject: CN=8075d4ab51a6e6aa3c4f1240cd11cfecd32c77d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:38:d3:f9:ce:1e:f4:3e:9d:7d:bd:5b:1b:41:
cf:1f:81:97:f4:75:a7:e8:5e:4c:7f:31:5c:12:f5:
f6:4d:30:9f:d2:f1:19:01:0c:df:7e:67:06:60:4d:
10:b7:bf:8d:71:12:0d:9e:ec:0e:78:80:4d:14:fc:
ff:15:fd:78:05:d4:3b:33:c5:39:bd:37:13:0f:1e:
94:2e:7b:65:80:19:cf:9f:f3:c8:db:b4:57:6e:13:
57:f8:79:5a:fc:6a:ed:93:55:e8:b7:ec:95:22:33:
a3:1f:79:9d:53:f1:6c:54:a1:29:ef:ab:b0:d8:1c:
31:0b:15:5c:c9:8c:e8:e9:18:86:e4:3f:31:b5:e5:
58:cc:01:34:4e:a5:47:97:e0:8e:a4:c7:75:17:59:
f2:0c:10:b1:8f:06:7f:89:e0:bd:ec:1c:ed:90:41:
0a:78:6d:64:a8:4f:97:f0:ed:94:71:96:c5:03:35:
9b:4f:30:f0:0e:5b:d5:55:73:27:21:59:e8:23:d4:
7d:fd:a5:79:f6:31:af:12:8a:06:f0:d2:a7:8c:67:
62:6c:df:34:29:42:86:b3:c2:62:04:c2:1b:6f:26:
4a:a7:ce:eb:c3:a7:b5:b3:79:3a:76:e3:5f:73:77:
ab:e3:bd:57:3d:9e:c8:91:97:26:ce:2e:d5:91:a5:
c8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:75:D4:AB:51:A6:E6:AA:3C:4F:12:40:CD:11:CF:EC:D3:2C:77:D0
X509v3 Authority Key Identifier:
keyid:DD:5B:22:4B:65:93:E5:58:03:8A:9E:40:E6:60:C7:71:42:75:5C:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VsiS2WT5VgDip5A5mDHcUJ1XBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/652dfe-acae-4243-bf33-30bbfc0855e4/1/3VsiS2WT5VgDip5A5mDHcUJ1XBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/652dfe-acae-4243-bf33-30bbfc0855e4/1/3VsiS2WT5VgDip5A5mDHcUJ1XBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:68:10:21:a4:28:82:b6:dc:54:79:7a:3b:78:d6:39:36:ec:
e6:f2:3a:85:26:65:f9:12:db:a8:1a:43:16:06:5f:46:67:0a:
a2:1d:50:c0:0a:f6:7c:7d:d1:a2:d2:5d:57:83:33:e0:8a:33:
26:c2:bb:c4:ed:66:30:3d:80:b8:05:25:06:60:bb:12:ce:74:
74:17:8c:87:fe:a9:aa:ff:b2:ab:5d:3b:dc:e0:6e:27:ac:7c:
1b:20:c3:82:2e:48:46:96:f6:59:92:a4:83:f9:28:b8:79:4a:
db:47:29:fb:09:0b:cd:62:fe:51:ff:35:8f:ec:5e:09:55:d8:
f4:4c:73:ed:10:8e:c6:14:57:6b:ef:66:7c:c8:fa:9d:76:a2:
5b:ba:ed:9d:8a:b3:be:5c:bb:8a:01:83:63:3a:de:9d:90:50:
82:ed:bf:09:71:e6:71:4d:63:75:33:10:3d:f4:0b:04:fa:e6:
69:c3:56:b3:b9:21:e1:ef:9b:85:6a:1e:06:2c:c3:ee:4b:cf:
17:66:6d:b6:5e:e3:fa:fa:30:5f:fb:2d:11:d1:94:f0:03:9e:
af:f2:3b:0c:0a:dc:0e:93:03:cb:46:fc:41:7f:06:34:64:3a:
40:89:dd:52:8b:0a:ab:76:bf:f5:20:40:fc:2a:e1:8a:80:30:
2d:b6:ba:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HMvYvvJm8I86NXwKtVLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNWIyMjRiNjU5M2U1NTgwMzhhOWU0MGU2NjBjNzcxNDI3
NTVjMWIwHhcNMjYwMzI5MTUwMDU4WhcNMjYwMzMwMTUwMDU4WjAzMTEwLwYDVQQD
Eyg4MDc1ZDRhYjUxYTZlNmFhM2M0ZjEyNDBjZDExY2ZlY2QzMmM3N2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jjT+c4e9D6dfb1bG0HPH4GX9HWn
6F5MfzFcEvX2TTCf0vEZAQzffmcGYE0Qt7+NcRINnuwOeIBNFPz/Ff14BdQ7M8U5
vTcTDx6ULntlgBnPn/PI27RXbhNX+Hla/Grtk1Xot+yVIjOjH3mdU/FsVKEp76uw
2BwxCxVcyYzo6RiG5D8xteVYzAE0TqVHl+COpMd1F1nyDBCxjwZ/ieC97BztkEEK
eG1kqE+X8O2UcZbFAzWbTzDwDlvVVXMnIVnoI9R9/aV59jGvEooG8NKnjGdibN80
KUKGs8JiBMIbbyZKp87rw6e1s3k6duNfc3er471XPZ7IkZcmzi7VkaXI3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIB11KtRpuaqPE8SQM0Rz+zTLHfQMB8GA1UdIwQY
MBaAFN1bIktlk+VYA4qeQOZgx3FCdVwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZzaVMyV1Q1VmdEaXA1QTVtREhjVUoxWEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi82NTJkZmUtYWNhZS00MjQzLWJmMzMt
MzBiYmZjMDg1NWU0LzEvM1ZzaVMyV1Q1VmdEaXA1QTVtREhjVUoxWEJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi82NTJkZmUtYWNhZS00MjQzLWJmMzMtMzBiYmZjMDg1NWU0
LzEvM1ZzaVMyV1Q1VmdEaXA1QTVtREhjVUoxWEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQmgQIaQo
grbcVHl6O3jWOTbs5vI6hSZl+RLbqBpDFgZfRmcKoh1QwAr2fH3RotJdV4Mz4Ioz
JsK7xO1mMD2AuAUlBmC7Es50dBeMh/6pqv+yq1073OBuJ6x8GyDDgi5IRpb2WZKk
g/kouHlK20cp+wkLzWL+Uf81j+xeCVXY9Exz7RCOxhRXa+9mfMj6nXaiW7rtnYqz
vly7igGDYzrenZBQgu2/CXHmcU1jdTMQPfQLBPrmacNWs7kh4e+bhWoeBizD7kvP
F2Zttl7j+vowX/stEdGU8AOer/I7DArcDpMDy0b8QX8GNGQ6QIndUosKq3a/9SBA
/CrhioAwLba6BQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:09:23 2026 by rpki-client