Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
File: 3jCrARAqrvMOvUyJHAOAm6rQOeA.mft (raw, json)
Hash identifier: mqBIos12gsBzcPwMcPuo+Ub4Tsy5lYXA649TiS9zAfs=
Subject key identifier: 4F:37:6B:82:30:14:54:9F:17:4B:CC:55:D0:23:BC:E3:6A:1D:65:7E
Authority key identifier: DE:30:AB:01:10:2A:AE:F3:0E:BD:4C:89:1C:03:80:9B:AA:D0:39:E0
Certificate issuer: /CN=de30ab01102aaef30ebd4c891c03809baad039e0
Certificate serial: 019D37C1010BF44743C9B248E4CE27BABFBB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
Manifest number: 0253
Signing time: Sun 29 Mar 2026 04:01:28 +0000
Manifest this update: Sun 29 Mar 2026 04:01:28 +0000
Manifest next update: Mon 30 Mar 2026 04:01:28 +0000
Files and hashes: 1: 3jCrARAqrvMOvUyJHAOAm6rQOeA.crl (hash: XWcnG/LCT+6cSRGxN5bzvTHLFHU5lTfg/z7urNdJ3Tk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c1:01:0b:f4:47:43:c9:b2:48:e4:ce:27:ba:bf:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de30ab01102aaef30ebd4c891c03809baad039e0
Validity
Not Before: Mar 29 04:01:28 2026 GMT
Not After : Mar 30 04:01:28 2026 GMT
Subject: CN=4f376b823014549f174bcc55d023bce36a1d657e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1e:c6:3b:74:93:02:eb:fb:76:cc:10:75:e2:
2a:7c:7f:12:96:2d:58:69:e5:62:2f:f5:ba:cb:00:
57:a2:8d:de:7b:d7:ec:fa:9c:f1:d0:2c:a0:22:37:
6c:3a:d1:c3:1b:1c:cb:7b:4c:1f:f8:c5:cb:07:da:
b5:c0:7f:12:49:dd:ad:f2:ab:f4:61:80:5b:2c:be:
8c:45:78:ad:9b:df:14:42:24:78:ca:bb:47:c5:d5:
3e:c5:c5:27:11:a5:ce:bb:9c:85:34:3c:49:cc:f1:
b6:d1:3f:da:f5:2c:43:b8:80:63:75:08:ac:ba:ed:
8a:eb:9c:d5:65:48:98:3b:fe:5f:a8:2e:ba:0d:85:
c8:d0:b4:72:57:18:f8:b8:1a:24:75:34:9f:97:9e:
58:ec:0e:27:b2:c7:e0:08:ef:d7:d1:c8:c2:8e:b0:
ec:0d:40:ce:ba:80:d7:d3:ee:5c:20:4e:46:84:09:
62:36:45:2b:a7:21:d9:e3:66:ed:b9:d7:74:da:42:
90:cf:6f:02:95:ae:ff:02:8f:3c:fe:01:2d:da:e0:
de:70:c4:e3:ae:ec:2f:cd:ac:e7:25:09:53:f3:06:
60:8b:2d:c2:94:c5:f9:04:16:f9:e7:00:6d:2d:ed:
38:04:77:c8:75:4a:23:be:27:ad:ea:82:3a:26:4e:
0f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:37:6B:82:30:14:54:9F:17:4B:CC:55:D0:23:BC:E3:6A:1D:65:7E
X509v3 Authority Key Identifier:
keyid:DE:30:AB:01:10:2A:AE:F3:0E:BD:4C:89:1C:03:80:9B:AA:D0:39:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:4f:d5:96:ce:e1:6a:22:77:88:07:93:25:80:a3:24:38:22:
1e:34:1d:39:3d:0a:23:da:d6:26:c9:65:e0:44:75:45:99:f8:
59:7c:ab:60:62:7d:1e:72:5a:25:b9:e1:db:50:20:c5:05:86:
15:32:f5:8c:60:2b:e4:71:8f:ce:10:e1:33:0e:c4:76:20:9d:
90:77:0c:91:96:96:ce:3d:00:02:6f:bd:81:71:ca:46:ce:d9:
2f:08:ba:ee:9c:a4:72:80:28:a6:d2:93:c0:9a:9d:d1:5b:ed:
90:05:36:a5:d2:62:99:fa:12:40:f3:8d:21:2a:78:bd:43:3b:
75:3a:12:a8:a0:59:53:db:3e:b8:23:6c:9b:fc:49:6e:e1:b3:
4d:9a:c0:78:73:cd:0a:6d:07:2b:fc:a6:00:9f:de:e5:bc:18:
4a:3b:28:51:e6:c0:d2:50:10:70:3a:14:69:93:d8:f9:9b:b4:
9d:aa:64:e9:2f:10:38:86:91:19:46:aa:1a:3b:6f:57:96:21:
4b:db:c0:53:69:86:f8:48:0e:1d:d5:1a:19:63:65:f5:27:ef:
8d:3b:73:93:0b:e1:aa:f4:06:a5:ec:7c:9b:fe:81:5a:25:d0:
f7:0e:10:51:ed:aa:83:57:44:18:0b:a4:4e:6b:d1:71:1d:f2:
a5:da:22:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wQEL9EdDybJI5M4nur+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMzBhYjAxMTAyYWFlZjMwZWJkNGM4OTFjMDM4MDliYWFk
MDM5ZTAwHhcNMjYwMzI5MDQwMTI4WhcNMjYwMzMwMDQwMTI4WjAzMTEwLwYDVQQD
Eyg0ZjM3NmI4MjMwMTQ1NDlmMTc0YmNjNTVkMDIzYmNlMzZhMWQ2NTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR7GO3STAuv7dswQdeIqfH8Sli1Y
aeViL/W6ywBXoo3ee9fs+pzx0CygIjdsOtHDGxzLe0wf+MXLB9q1wH8SSd2t8qv0
YYBbLL6MRXitm98UQiR4yrtHxdU+xcUnEaXOu5yFNDxJzPG20T/a9SxDuIBjdQis
uu2K65zVZUiYO/5fqC66DYXI0LRyVxj4uBokdTSfl55Y7A4nssfgCO/X0cjCjrDs
DUDOuoDX0+5cIE5GhAliNkUrpyHZ42btudd02kKQz28Cla7/Ao88/gEt2uDecMTj
ruwvzaznJQlT8wZgiy3ClMX5BBb55wBtLe04BHfIdUojviet6oI6Jk4PfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE83a4IwFFSfF0vMVdAjvONqHWV+MB8GA1UdIwQY
MBaAFN4wqwEQKq7zDr1MiRwDgJuq0DngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81NTNkZTEtMGVlNS00YjI1LWE1MjAt
ZDQyNzY4Yzg0ZGY3LzEvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81NTNkZTEtMGVlNS00YjI1LWE1MjAtZDQyNzY4Yzg0ZGY3
LzEvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr0/Vls7h
aiJ3iAeTJYCjJDgiHjQdOT0KI9rWJsll4ER1RZn4WXyrYGJ9HnJaJbnh21AgxQWG
FTL1jGAr5HGPzhDhMw7EdiCdkHcMkZaWzj0AAm+9gXHKRs7ZLwi67pykcoAoptKT
wJqd0VvtkAU2pdJimfoSQPONISp4vUM7dToSqKBZU9s+uCNsm/xJbuGzTZrAeHPN
Cm0HK/ymAJ/e5bwYSjsoUebA0lAQcDoUaZPY+Zu0napk6S8QOIaRGUaqGjtvV5Yh
S9vAU2mG+EgOHdUaGWNl9SfvjTtzkwvhqvQGpex8m/6BWiXQ9w4QUe2qg1dEGAuk
TmvRcR3ypdoibA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:55:23 2026 by rpki-client