Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.mft
File: 3Hgh4by_bgdOpIFKqlxj47qBPF8.mft (raw, json)
Hash identifier: gkMngtKMCBWgugtB+Fxg12g4/X2/MJ6HCDgpxHM46gk=
Subject key identifier: 02:46:35:F2:9A:E6:A9:04:64:C4:D3:B2:68:D4:04:50:3A:C4:5A:03
Authority key identifier: DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
Certificate issuer: /CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Certificate serial: 019D356416C549765CA56FD406B25D8FEEE4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.mft
Manifest number: 18A0
Signing time: Sat 28 Mar 2026 17:00:44 +0000
Manifest this update: Sat 28 Mar 2026 17:00:44 +0000
Manifest next update: Sun 29 Mar 2026 17:00:44 +0000
Files and hashes: 1: 32lYY6uEr5NQiZ36Yw1PDpEB0LE.roa (hash: nbIrlyDfM/OsIW8q6DxR5+MKnNJS4Cwv/h7ugS3W6kw=)
2: 3Hgh4by_bgdOpIFKqlxj47qBPF8.crl (hash: s6BPk89/HqDyTGpd8t5P1LFePkne/FoHq9LKP3pBxVk=)
3: 4brBRSXd-3J0XI6W1cQMml969rM.roa (hash: HAAIbdurASwhGqOl0EqIaoNlObK5qBtHlNL6sAbPYAw=)
4: CV0Da0hDhTImPAfNEKg1Zmq-t4Y.roa (hash: gRQv5O+XgMBfojo8WrrSJ295oJBia/Hac6oJn0s/JA4=)
5: CcbOPSFowzuVmbQQQVUT4gQZao4.roa (hash: QoVwdK39dtT9IvoLSexiLLdImyTyxwcjHq7QNn6fGOA=)
6: Nmra5MQ90P6ykkpupDiPaVY1kco.roa (hash: iXU9Ga0vhV6ku1r3OaZ+HmJepE5UeaNFpriSH+GfUVo=)
7: YorSmVSKuGvPWA7DA6m1cRcL1FY.roa (hash: qU63ylCGxnEyiZbz76RKuCXngXRAm2RLSoEhfEzs9Wk=)
8: hsVsux8sHzZqQOz9MIXAz_SM6VI.roa (hash: 3Hc4odb8fRJz6qv0eC3Z9gpTtQGDv+DPG+2jWtEDSs8=)
9: vulmYW4p9PU9wnTvn-jVp44qOCM.roa (hash: MXgO5bfy+NsKZlh8zhQJtMRiH5fhuEIemBIGiWuNsdY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:35:64:16:c5:49:76:5c:a5:6f:d4:06:b2:5d:8f:ee:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Validity
Not Before: Mar 28 17:00:44 2026 GMT
Not After : Mar 29 17:00:44 2026 GMT
Subject: CN=024635f29ae6a90464c4d3b268d404503ac45a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f5:7c:d4:5f:b4:f1:91:e9:08:39:e7:a6:f1:
d5:35:11:bd:ba:60:b2:80:5e:1f:fd:09:fa:36:d5:
d0:de:91:f0:d9:e1:0b:ac:2c:c0:ce:8a:66:6f:8d:
c4:06:f6:e5:07:4f:e4:dc:4f:36:88:38:06:0d:a6:
01:05:bb:c1:13:85:a3:8d:05:e2:f5:f4:65:6d:e2:
4d:b1:52:09:52:f7:98:81:57:3b:cd:47:04:1d:5d:
bd:d3:b8:d9:0d:ae:f1:99:f5:e4:32:c3:8a:9c:ce:
f0:89:18:4a:ee:dc:ad:b5:27:3f:ba:84:fc:54:4b:
3b:71:9a:e2:94:2f:84:ff:89:f6:f8:33:65:d2:9d:
75:25:f6:70:bd:02:83:60:22:95:3f:4d:b5:4a:2b:
be:70:fd:e4:04:a0:75:26:22:1e:b3:79:a1:28:26:
37:bf:74:2b:48:f4:37:8d:7b:55:fa:22:44:dd:f1:
ee:57:29:55:10:b4:f0:fa:41:11:39:54:8e:a9:0d:
c8:be:db:b7:cb:c2:84:4f:a7:d8:91:b1:74:c4:36:
bf:88:99:c2:9d:35:21:b2:13:6d:82:fe:97:45:61:
3a:ec:8c:17:63:61:73:66:29:db:74:09:76:6a:a5:
51:9c:b0:c6:a4:f9:65:25:7d:0f:cb:94:24:d0:eb:
76:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:46:35:F2:9A:E6:A9:04:64:C4:D3:B2:68:D4:04:50:3A:C4:5A:03
X509v3 Authority Key Identifier:
keyid:DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:59:57:6f:e4:e6:d3:51:85:5a:10:a6:30:ca:02:8c:3d:2f:
ee:e7:f6:d4:19:f4:43:59:96:92:ce:10:4a:80:17:b7:f2:c5:
a7:9f:01:6d:5a:e5:d0:d3:c9:2c:90:28:3b:30:f1:7a:cc:d5:
ce:39:c5:97:cd:22:85:be:59:39:c0:4b:c5:5c:ed:93:08:2c:
a2:ad:76:ae:08:08:14:cf:b0:54:69:5f:cc:58:c4:10:b3:9d:
9d:27:06:7e:8b:19:2c:5f:54:8b:61:18:33:53:8a:7f:6f:91:
b0:0e:9d:51:13:57:5f:d7:34:4c:10:26:2f:a5:11:f6:52:68:
da:1e:57:9b:3f:17:70:95:47:bd:ff:8e:98:17:8a:2a:1e:0e:
c3:71:dd:d9:51:c9:c0:6c:ef:02:fb:e0:cc:9f:56:fb:12:fa:
a9:d1:13:a3:ad:ef:20:a1:13:03:41:c9:8e:61:0c:94:00:cb:
19:18:6d:58:22:94:13:f8:e5:28:f5:62:ac:b7:8e:6c:61:06:
e9:0c:31:01:5d:40:4e:49:26:d1:5a:1a:88:aa:f0:9f:1a:40:
8f:67:ec:0b:f9:f6:b3:c4:50:de:bd:db:53:15:d7:ac:07:ed:
91:69:16:e6:08:f2:b3:8d:e5:85:e4:70:e1:b4:ed:2b:48:dc:
b1:70:9e:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ01ZBbFSXZcpW/UBrJdj+7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzgyMWUxYmNiZjZlMDc0ZWE0ODE0YWFhNWM2M2UzYmE4
MTNjNWYwHhcNMjYwMzI4MTcwMDQ0WhcNMjYwMzI5MTcwMDQ0WjAzMTEwLwYDVQQD
EygwMjQ2MzVmMjlhZTZhOTA0NjRjNGQzYjI2OGQ0MDQ1MDNhYzQ1YTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/V81F+08ZHpCDnnpvHVNRG9umCy
gF4f/Qn6NtXQ3pHw2eELrCzAzopmb43EBvblB0/k3E82iDgGDaYBBbvBE4WjjQXi
9fRlbeJNsVIJUveYgVc7zUcEHV2907jZDa7xmfXkMsOKnM7wiRhK7tyttSc/uoT8
VEs7cZrilC+E/4n2+DNl0p11JfZwvQKDYCKVP021Siu+cP3kBKB1JiIes3mhKCY3
v3QrSPQ3jXtV+iJE3fHuVylVELTw+kEROVSOqQ3Ivtu3y8KET6fYkbF0xDa/iJnC
nTUhshNtgv6XRWE67IwXY2FzZinbdAl2aqVRnLDGpPllJX0Py5Qk0Ot29wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJGNfKa5qkEZMTTsmjUBFA6xFoDMB8GA1UdIwQY
MBaAFNx4IeG8v24HTqSBSqpcY+O6gTxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYt
ZDQ4YjQyZWYxNTliLzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYtZDQ4YjQyZWYxNTli
LzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhFlXb+Tm
01GFWhCmMMoCjD0v7uf21Bn0Q1mWks4QSoAXt/LFp58BbVrl0NPJLJAoOzDxeszV
zjnFl80ihb5ZOcBLxVztkwgsoq12rggIFM+wVGlfzFjEELOdnScGfosZLF9Ui2EY
M1OKf2+RsA6dURNXX9c0TBAmL6UR9lJo2h5Xmz8XcJVHvf+OmBeKKh4Ow3Hd2VHJ
wGzvAvvgzJ9W+xL6qdETo63vIKETA0HJjmEMlADLGRhtWCKUE/jlKPVirLeObGEG
6QwxAV1ATkkm0VoaiKrwnxpAj2fsC/n2s8RQ3r3bUxXXrAftkWkW5gjys43lheRw
4bTtK0jcsXCe1g==
-----END CERTIFICATE-----
Generated at Sat Mar 28 18:28:57 2026 by rpki-client