Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
File: 3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json)
Hash identifier: FCi0Uy+mUAt9Da2Ecc3keoQKYtSsdECP0G9v7/9Jd4E=
Subject key identifier: 8B:FD:5E:66:30:FA:7B:AA:3D:55:D0:EB:FF:23:75:3C:D9:A0:E4:1B
Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
Certificate issuer: /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Certificate serial: 019D37C1084529623096BE0954E841D10717
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
Manifest number: 1027
Signing time: Sun 29 Mar 2026 04:01:30 +0000
Manifest this update: Sun 29 Mar 2026 04:01:30 +0000
Manifest next update: Mon 30 Mar 2026 04:01:30 +0000
Files and hashes: 1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: RAf1ZuLn3XdnIK91R2+ypX9cEqXux5UXrWfx9FOaKO4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c1:08:45:29:62:30:96:be:09:54:e8:41:d1:07:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Validity
Not Before: Mar 29 04:01:30 2026 GMT
Not After : Mar 30 04:01:30 2026 GMT
Subject: CN=8bfd5e6630fa7baa3d55d0ebff23753cd9a0e41b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:78:a3:90:55:7a:aa:29:3d:03:a7:0d:32:88:
16:dc:db:6e:13:eb:f6:55:90:6c:b8:c6:7b:b3:6f:
21:1a:9c:58:20:fb:c7:ff:7e:07:68:45:5c:00:5f:
44:d9:da:e0:7b:62:5f:22:b3:39:a2:4c:8b:db:b3:
75:3d:68:96:a5:86:c0:b2:5f:c2:28:d0:d6:da:9a:
9b:e4:08:a1:53:df:cb:e8:4b:a5:07:6f:56:da:63:
e6:f6:59:13:b2:6e:97:3d:1a:20:e6:1c:78:75:60:
47:24:e9:33:0f:82:16:6a:a7:3d:fd:fb:32:0d:d0:
1f:8b:fd:5c:d0:da:65:f7:4b:68:5c:4b:b9:6e:bd:
a6:39:9a:4d:21:21:3c:01:56:93:c8:19:ab:77:17:
bc:cd:ed:54:34:40:7d:4f:9d:e9:7f:ea:28:d1:7b:
ca:87:9b:91:42:e5:f4:eb:b8:5f:20:53:9c:4f:d8:
98:7d:0c:6b:67:be:a2:b2:77:52:09:43:86:bc:26:
d6:d0:53:81:bd:81:81:eb:25:29:49:78:4e:2b:c7:
69:f5:28:20:45:30:df:66:61:2f:0a:5b:2c:ab:f5:
41:9b:7a:68:30:4a:05:b3:94:00:39:49:83:22:73:
4e:f1:68:61:fa:50:fa:c2:04:82:0f:8f:b9:a7:5a:
c2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:FD:5E:66:30:FA:7B:AA:3D:55:D0:EB:FF:23:75:3C:D9:A0:E4:1B
X509v3 Authority Key Identifier:
keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:1e:18:7d:7f:13:c5:06:fd:4e:9a:d6:e6:99:04:b8:09:46:
f5:b3:98:e1:e5:b6:de:37:52:da:6e:c1:fe:c0:6f:7b:bf:2d:
ae:5b:fd:29:8e:fa:de:f9:6c:30:b0:f6:eb:b5:42:3f:fa:39:
7c:68:70:f6:d4:f2:b0:9f:15:58:49:c6:01:ed:3d:28:45:2a:
3e:94:db:af:a6:5e:bb:a1:b7:4f:68:d4:32:28:1b:a3:84:e1:
67:55:fc:3a:ca:86:6b:27:44:49:c7:09:63:8d:fd:bd:2f:e8:
d9:c9:32:8f:d9:85:e8:a8:f8:c2:91:96:20:15:11:91:01:59:
80:34:ea:ec:48:9a:2c:c3:16:af:45:96:33:5b:76:10:35:ee:
36:e3:42:e1:f1:c6:46:c2:c7:9a:1d:47:d7:89:ff:2d:82:c3:
c8:6c:48:0f:9e:52:cb:ba:8a:62:8a:05:81:1b:55:2f:11:5d:
f7:32:d3:8a:2e:74:3f:77:97:1a:74:db:d1:21:80:85:e8:f0:
31:d0:4a:70:0f:d5:f2:ac:ee:92:f1:88:df:28:cc:55:51:66:
73:0b:a0:7e:b9:dc:21:7e:b3:46:42:be:39:41:04:b8:0d:3e:
48:e9:b2:95:fa:36:4a:d5:89:aa:ce:3c:ea:c3:37:0a:2e:b2:
9c:0d:db:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wQhFKWIwlr4JVOhB0QcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3
MzE2MjcwHhcNMjYwMzI5MDQwMTMwWhcNMjYwMzMwMDQwMTMwWjAzMTEwLwYDVQQD
Eyg4YmZkNWU2NjMwZmE3YmFhM2Q1NWQwZWJmZjIzNzUzY2Q5YTBlNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunijkFV6qik9A6cNMogW3NtuE+v2
VZBsuMZ7s28hGpxYIPvH/34HaEVcAF9E2drge2JfIrM5okyL27N1PWiWpYbAsl/C
KNDW2pqb5AihU9/L6EulB29W2mPm9lkTsm6XPRog5hx4dWBHJOkzD4IWaqc9/fsy
DdAfi/1c0Npl90toXEu5br2mOZpNISE8AVaTyBmrdxe8ze1UNEB9T53pf+oo0XvK
h5uRQuX067hfIFOcT9iYfQxrZ76isndSCUOGvCbW0FOBvYGB6yUpSXhOK8dp9Sgg
RTDfZmEvClssq/VBm3poMEoFs5QAOUmDInNO8Whh+lD6wgSCD4+5p1rCNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIv9XmYw+nuqPVXQ6/8jdTzZoOQbMB8GA1UdIwQY
MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt
ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh
LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnB4YfX8T
xQb9TprW5pkEuAlG9bOY4eW23jdS2m7B/sBve78trlv9KY763vlsMLD267VCP/o5
fGhw9tTysJ8VWEnGAe09KEUqPpTbr6Zeu6G3T2jUMigbo4ThZ1X8OsqGaydESccJ
Y439vS/o2ckyj9mF6Kj4wpGWIBURkQFZgDTq7EiaLMMWr0WWM1t2EDXuNuNC4fHG
RsLHmh1H14n/LYLDyGxID55Sy7qKYooFgRtVLxFd9zLTii50P3eXGnTb0SGAhejw
MdBKcA/V8qzukvGI3yjMVVFmcwugfrncIX6zRkK+OUEEuA0+SOmylfo2StWJqs48
6sM3Ci6ynA3bdw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:10:04 2026 by rpki-client