Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
File: 3YXca2FDoX_rSYIOpSAEiVj0itw.mft (raw, json)
Hash identifier: 1SD9TE40f9yeTG6ArAp+Yx3pMIeUFQvUL/KBuHbx0v0=
Subject key identifier: 08:6F:20:22:E6:55:51:90:8D:06:2A:16:35:14:14:E1:81:F6:BC:99
Authority key identifier: DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC
Certificate issuer: /CN=dd85dc6b6143a17feb49820ea520048958f48adc
Certificate serial: 019D375237F16869399159F7B07867B75B58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
Manifest number: 1329
Signing time: Sun 29 Mar 2026 02:00:28 +0000
Manifest this update: Sun 29 Mar 2026 02:00:28 +0000
Manifest next update: Mon 30 Mar 2026 02:00:28 +0000
Files and hashes: 1: 3YXca2FDoX_rSYIOpSAEiVj0itw.crl (hash: S9s58RCpvll3QqpEraczGbhSlKvY8qKbNxBChHDRMyU=)
2: BsyNzVaxxAwnI04Dd9aOhMe6ucE.roa (hash: 0aNXoEKl0ws+Toia/ObhW+i07V56stDq9dLrY8oS6mU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:37:f1:68:69:39:91:59:f7:b0:78:67:b7:5b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd85dc6b6143a17feb49820ea520048958f48adc
Validity
Not Before: Mar 29 02:00:28 2026 GMT
Not After : Mar 30 02:00:28 2026 GMT
Subject: CN=086f2022e65551908d062a16351414e181f6bc99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:66:c0:c6:f6:f4:de:f8:61:65:28:35:90:c3:
81:a3:8b:6f:cf:41:8e:7e:1d:9f:38:11:d6:ef:e6:
b9:bd:27:cd:d4:40:95:cf:02:57:24:3a:90:9e:0c:
2f:2c:c1:4d:40:16:26:54:2a:08:0f:1f:67:bf:ac:
3d:67:b3:22:d5:0b:7f:59:38:58:3f:31:67:46:40:
5b:f7:0c:b1:c8:45:ae:60:2d:07:60:4a:b6:e2:9e:
07:35:1d:8f:88:23:f5:49:b5:f8:a0:8f:18:ea:cd:
42:ac:0d:76:e5:8b:60:85:67:17:e8:9f:f4:90:80:
fd:f8:2b:89:98:7b:e2:ee:4a:62:98:c0:76:2b:cb:
ee:04:c5:c9:fb:5b:fc:56:00:08:23:c1:64:24:8a:
41:eb:47:dc:11:a6:06:2f:b8:01:3e:00:9f:f0:1f:
ee:fa:29:e9:29:2a:fa:75:8f:5c:46:64:b8:73:50:
20:9f:2d:6b:a5:34:56:98:87:74:ae:ff:41:05:f4:
05:17:9a:b6:46:2b:65:9b:40:44:21:8f:8f:c3:f2:
df:14:94:bb:43:4a:68:00:a7:0f:87:79:3a:d7:ac:
4d:fe:5f:4e:2b:4d:e5:2a:dc:72:c8:36:1e:d5:35:
47:b4:09:22:d2:79:c6:fc:6d:3d:b0:f7:87:11:33:
2c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6F:20:22:E6:55:51:90:8D:06:2A:16:35:14:14:E1:81:F6:BC:99
X509v3 Authority Key Identifier:
keyid:DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:86:a1:6f:8f:35:b2:d6:1c:aa:93:5a:16:be:87:41:f9:c1:
c3:16:84:29:56:68:aa:da:6e:0b:c0:39:70:f4:84:74:79:37:
55:1b:42:94:26:a0:ea:7a:85:0d:de:87:3b:24:fe:cd:8a:c4:
58:eb:3a:6f:41:17:e8:c0:b1:e4:af:78:ad:12:ae:76:c9:93:
dd:2d:28:27:90:08:48:c8:5d:44:a7:19:c0:89:fb:c5:99:dc:
f0:91:1f:bc:cf:be:5c:e2:2e:1a:81:25:11:d0:67:83:26:9b:
a3:37:9e:e1:15:74:15:06:1b:34:1f:1d:79:86:d9:92:38:b4:
84:80:9c:c0:8e:4f:db:1a:a3:ab:ba:8c:6e:64:38:66:b1:23:
c5:1e:89:08:fb:a8:62:ea:6a:80:7f:e5:f1:66:65:6e:ee:15:
ec:52:06:85:85:8c:e9:ba:f2:13:20:27:c4:b3:78:0b:08:08:
54:55:fe:11:a2:fd:bc:95:8b:39:01:ec:fd:3b:0b:bb:85:70:
bb:18:bb:22:f4:8c:2d:d4:cd:f6:49:1e:de:1c:4a:50:13:d6:
e2:58:55:d5:ed:f9:75:de:47:4f:29:d0:df:4f:dc:9c:ed:01:
1a:83:28:1c:fd:83:46:46:7c:8f:7b:3f:7b:78:d8:cb:5f:66:
8f:a9:e4:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UjfxaGk5kVn3sHhnt1tYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkODVkYzZiNjE0M2ExN2ZlYjQ5ODIwZWE1MjAwNDg5NThm
NDhhZGMwHhcNMjYwMzI5MDIwMDI4WhcNMjYwMzMwMDIwMDI4WjAzMTEwLwYDVQQD
EygwODZmMjAyMmU2NTU1MTkwOGQwNjJhMTYzNTE0MTRlMTgxZjZiYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GbAxvb03vhhZSg1kMOBo4tvz0GO
fh2fOBHW7+a5vSfN1ECVzwJXJDqQngwvLMFNQBYmVCoIDx9nv6w9Z7Mi1Qt/WThY
PzFnRkBb9wyxyEWuYC0HYEq24p4HNR2PiCP1SbX4oI8Y6s1CrA125YtghWcX6J/0
kID9+CuJmHvi7kpimMB2K8vuBMXJ+1v8VgAII8FkJIpB60fcEaYGL7gBPgCf8B/u
+inpKSr6dY9cRmS4c1Agny1rpTRWmId0rv9BBfQFF5q2Ritlm0BEIY+Pw/LfFJS7
Q0poAKcPh3k616xN/l9OK03lKtxyyDYe1TVHtAki0nnG/G09sPeHETMsZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAhvICLmVVGQjQYqFjUUFOGB9ryZMB8GA1UdIwQY
MBaAFN2F3GthQ6F/60mCDqUgBIlY9IrcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQt
NGFjODU2YTgxODJkLzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQtNGFjODU2YTgxODJk
LzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARIahb481
stYcqpNaFr6HQfnBwxaEKVZoqtpuC8A5cPSEdHk3VRtClCag6nqFDd6HOyT+zYrE
WOs6b0EX6MCx5K94rRKudsmT3S0oJ5AISMhdRKcZwIn7xZnc8JEfvM++XOIuGoEl
EdBngyabozee4RV0FQYbNB8deYbZkji0hICcwI5P2xqjq7qMbmQ4ZrEjxR6JCPuo
YupqgH/l8WZlbu4V7FIGhYWM6bryEyAnxLN4CwgIVFX+EaL9vJWLOQHs/TsLu4Vw
uxi7IvSMLdTN9kke3hxKUBPW4lhV1e35dd5HTynQ30/cnO0BGoMoHP2DRkZ8j3s/
e3jYy19mj6nk+w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:32:35 2026 by rpki-client