Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
File: MH3iES3L0Gv7x-h_O_8jcinS0XM.mft (raw, json)
Hash identifier: 3pWfZRI3FLlZZ985QVFs5+4a62A43SmExziF1hiqsdg=
Subject key identifier: CD:26:38:C6:52:24:C9:5E:9F:67:FB:9D:37:20:75:86:EA:A2:40:26
Authority key identifier: 30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73
Certificate issuer: /CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
Certificate serial: 019D378991492AFC5947A05783BA819D6131
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
Manifest number: 03C2
Signing time: Sun 29 Mar 2026 03:00:55 +0000
Manifest this update: Sun 29 Mar 2026 03:00:55 +0000
Manifest next update: Mon 30 Mar 2026 03:00:55 +0000
Files and hashes: 1: MH3iES3L0Gv7x-h_O_8jcinS0XM.crl (hash: wqytd96s7wVlzAXWPCRdsU0Jwcr3Dhmmu6rvGGhJ26s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:91:49:2a:fc:59:47:a0:57:83:ba:81:9d:61:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
Validity
Not Before: Mar 29 03:00:55 2026 GMT
Not After : Mar 30 03:00:55 2026 GMT
Subject: CN=cd2638c65224c95e9f67fb9d37207586eaa24026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:89:06:8c:7b:ae:5d:ff:f1:53:3f:eb:dd:ee:
8d:61:9c:46:28:48:b4:20:46:c9:32:de:84:b8:f7:
1f:02:7a:92:73:4e:34:c2:3e:c5:a9:14:b4:a6:9d:
42:85:1b:4a:40:41:58:e2:32:d1:a2:b4:f8:be:6a:
cf:77:f4:6a:73:aa:1d:c5:2a:76:42:c3:af:de:98:
17:5f:40:cb:ee:d1:74:82:d4:6a:f4:80:8a:85:39:
d2:93:58:5c:97:16:94:39:a8:3b:53:09:83:2c:ca:
5e:38:d1:12:27:07:42:72:ce:93:9a:1f:9c:7d:bd:
d9:38:84:23:1c:6c:58:37:d5:22:31:1b:cc:c2:a9:
30:61:0a:f6:43:1c:8d:72:75:91:0a:76:07:a1:0f:
df:43:91:08:49:df:11:c9:69:84:63:c1:9f:ad:7f:
06:26:22:b1:c1:32:14:07:ed:04:48:d1:f5:31:72:
28:88:f5:ed:91:6c:20:e2:9d:31:9b:9e:ec:f3:2c:
5b:09:8b:fd:f7:2f:ea:ee:07:a7:be:7d:7f:d5:7e:
8f:ab:50:f6:23:b7:b3:93:72:f8:4a:ea:86:e6:03:
4c:01:f8:f0:99:fb:d4:df:d8:0e:61:e8:3b:e9:04:
00:6f:72:61:5b:86:d5:86:2b:5e:f9:5e:44:a4:ec:
e9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:26:38:C6:52:24:C9:5E:9F:67:FB:9D:37:20:75:86:EA:A2:40:26
X509v3 Authority Key Identifier:
keyid:30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:bd:39:90:46:57:3f:1f:fe:85:5a:53:5b:b8:e7:31:ab:97:
dc:62:49:00:1a:ba:15:dc:e9:a1:74:e5:75:fa:3e:db:aa:95:
fe:94:35:4d:aa:5a:56:36:d4:e5:4d:f1:34:c5:c5:2a:ac:d1:
16:87:89:43:72:c1:d5:78:c6:e0:57:6f:64:ff:10:d6:20:c1:
94:6a:00:05:8b:0a:b2:19:0e:7a:03:27:12:e9:7c:88:8a:3b:
c0:69:c3:75:5f:f5:d4:cd:d7:f4:13:66:9d:96:cc:5b:ac:6e:
49:3f:1c:55:98:5c:83:af:b8:1b:2e:a7:35:09:81:7a:40:0a:
7b:d4:ec:d6:d8:e2:93:e5:58:62:f0:de:b9:c9:1c:eb:76:f6:
67:e2:1a:c3:ba:f2:db:9e:6e:fb:aa:ba:3e:64:56:bb:be:d1:
4a:2b:77:38:e8:f5:72:4c:38:a2:02:6e:d0:6f:ee:10:2e:ac:
19:c2:a6:0b:6e:42:b2:e8:e8:91:2e:ff:19:01:59:85:19:df:
14:ae:d9:d6:56:73:60:61:a1:b8:e6:31:6f:86:f6:f5:7a:e1:
74:15:1b:2e:5d:ad:cf:38:00:44:25:4a:14:06:66:b3:4f:fc:
eb:f7:06:96:e4:03:19:19:5a:a5:66:d4:c0:65:a8:10:b3:95:
5e:cf:47:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iZFJKvxZR6BXg7qBnWExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2RlMjExMmRjYmQwNmJmYmM3ZTg3ZjNiZmYyMzcyMjlk
MmQxNzMwHhcNMjYwMzI5MDMwMDU1WhcNMjYwMzMwMDMwMDU1WjAzMTEwLwYDVQQD
EyhjZDI2MzhjNjUyMjRjOTVlOWY2N2ZiOWQzNzIwNzU4NmVhYTI0MDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjokGjHuuXf/xUz/r3e6NYZxGKEi0
IEbJMt6EuPcfAnqSc040wj7FqRS0pp1ChRtKQEFY4jLRorT4vmrPd/Rqc6odxSp2
QsOv3pgXX0DL7tF0gtRq9ICKhTnSk1hclxaUOag7UwmDLMpeONESJwdCcs6Tmh+c
fb3ZOIQjHGxYN9UiMRvMwqkwYQr2QxyNcnWRCnYHoQ/fQ5EISd8RyWmEY8GfrX8G
JiKxwTIUB+0ESNH1MXIoiPXtkWwg4p0xm57s8yxbCYv99y/q7genvn1/1X6Pq1D2
I7ezk3L4SuqG5gNMAfjwmfvU39gOYeg76QQAb3JhW4bVhite+V5EpOzp3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM0mOMZSJMlen2f7nTcgdYbqokAmMB8GA1UdIwQY
MBaAFDB94hEty9Br+8fofzv/I3Ip0tFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2Ut
MjczMjE1MWI4ZTg2LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2UtMjczMjE1MWI4ZTg2
LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACr05kEZX
Px/+hVpTW7jnMauX3GJJABq6FdzpoXTldfo+26qV/pQ1TapaVjbU5U3xNMXFKqzR
FoeJQ3LB1XjG4FdvZP8Q1iDBlGoABYsKshkOegMnEul8iIo7wGnDdV/11M3X9BNm
nZbMW6xuST8cVZhcg6+4Gy6nNQmBekAKe9Ts1tjik+VYYvDeuckc63b2Z+Iaw7ry
255u+6q6PmRWu77RSit3OOj1ckw4ogJu0G/uEC6sGcKmC25CsujokS7/GQFZhRnf
FK7Z1lZzYGGhuOYxb4b29XrhdBUbLl2tzzgARCVKFAZms0/86/cGluQDGRlapWbU
wGWoELOVXs9HXw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:16:47 2026 by rpki-client