Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/CaT39OTp5yw6M5P7XW6nQrwbTCg.mft
File: CaT39OTp5yw6M5P7XW6nQrwbTCg.mft (raw, json)
Hash identifier: wZRueBG6P6aqmteUYFwGBtp1RiSZbe4wy57BZn7iDPk=
Subject key identifier: AF:D1:CB:55:4B:27:16:40:C8:9C:D3:3F:73:51:28:B3:3F:A0:2F:FD
Authority key identifier: 09:A4:F7:F4:E4:E9:E7:2C:3A:33:93:FB:5D:6E:A7:42:BC:1B:4C:28
Certificate issuer: /CN=09a4f7f4e4e9e72c3a3393fb5d6ea742bc1b4c28
Certificate serial: 019D3909AC7176B9D68CBBF4CAA0A28CC847
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CaT39OTp5yw6M5P7XW6nQrwbTCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/CaT39OTp5yw6M5P7XW6nQrwbTCg.mft
Manifest number: 1253
Signing time: Sun 29 Mar 2026 10:00:28 +0000
Manifest this update: Sun 29 Mar 2026 10:00:28 +0000
Manifest next update: Mon 30 Mar 2026 10:00:28 +0000
Files and hashes: 1: 0tgdN2qxcJplebNaaWT9iaqWv6s.roa (hash: SVEBZu78M2nPUUItloPsYESxd6cYYGpVpIZuduXUUjU=)
2: CaT39OTp5yw6M5P7XW6nQrwbTCg.crl (hash: 4lzOViVa0/FsPzB8m2CY7HVmyORhUCxAhdmoTYSFjzE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/CaT39OTp5yw6M5P7XW6nQrwbTCg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/CaT39OTp5yw6M5P7XW6nQrwbTCg.mft
rsync://rpki.ripe.net/repository/DEFAULT/CaT39OTp5yw6M5P7XW6nQrwbTCg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:ac:71:76:b9:d6:8c:bb:f4:ca:a0:a2:8c:c8:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09a4f7f4e4e9e72c3a3393fb5d6ea742bc1b4c28
Validity
Not Before: Mar 29 10:00:28 2026 GMT
Not After : Mar 30 10:00:28 2026 GMT
Subject: CN=afd1cb554b271640c89cd33f735128b33fa02ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:dd:86:10:61:b3:c8:a0:5a:73:35:c2:0b:c3:
1f:e6:2f:50:00:56:3f:56:23:c9:31:a9:09:3d:f3:
6a:64:55:76:96:75:9c:53:fd:3d:bb:e0:d9:bd:ab:
d8:63:64:95:79:f1:18:8a:92:66:9a:65:62:82:36:
7a:df:80:21:d4:ec:f0:cc:80:d6:35:ea:f5:3b:79:
74:fa:ad:07:ca:bd:30:18:f7:1a:99:63:31:7c:66:
5c:39:e7:60:df:e5:f5:cc:6a:47:88:26:34:74:35:
19:0e:86:d2:58:8d:90:e9:21:26:27:d3:97:af:9a:
b6:7e:64:3d:f8:26:2f:03:60:51:87:03:2e:03:bc:
b2:be:78:8a:8f:04:e6:13:52:5d:8a:10:04:a8:c9:
9b:3f:38:2f:de:f4:9a:d8:94:53:56:78:aa:92:4c:
7f:bb:3e:75:12:36:50:61:32:72:b6:51:b7:da:45:
a7:62:ef:be:5e:df:c4:c8:e5:5d:25:74:7a:05:25:
61:0d:fa:a2:af:be:5c:61:4e:e8:0e:55:a1:28:00:
bf:26:8a:c2:c4:56:40:e1:32:2e:68:46:75:64:9c:
78:12:31:8a:8c:77:f3:c1:b9:02:19:e1:c5:fd:88:
f7:80:81:fd:93:ab:a8:f7:12:d1:25:1e:18:43:40:
39:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:D1:CB:55:4B:27:16:40:C8:9C:D3:3F:73:51:28:B3:3F:A0:2F:FD
X509v3 Authority Key Identifier:
keyid:09:A4:F7:F4:E4:E9:E7:2C:3A:33:93:FB:5D:6E:A7:42:BC:1B:4C:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CaT39OTp5yw6M5P7XW6nQrwbTCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/CaT39OTp5yw6M5P7XW6nQrwbTCg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/CaT39OTp5yw6M5P7XW6nQrwbTCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:d6:53:4a:ed:af:09:f8:f4:c0:f5:28:70:3f:8b:ef:d4:a6:
eb:2b:fc:a8:86:10:74:c1:40:9d:cc:9a:5d:19:65:e4:53:d6:
03:16:2a:38:66:f6:98:3f:8e:8d:ee:51:bd:0e:47:a8:a8:0b:
37:38:1b:9a:92:30:1a:05:21:6f:0f:3a:a4:a3:e2:b5:b5:2f:
dd:ab:9c:d6:46:b7:c6:ec:bc:3c:43:94:c2:33:48:37:fb:a0:
a6:6d:29:66:64:80:f0:9d:cf:2f:ac:e0:70:0d:db:48:cc:d3:
fe:bc:ac:01:81:f8:c0:52:04:3c:91:12:34:67:72:02:81:6b:
4a:e3:41:8c:50:28:45:2b:39:47:4a:ed:a6:9f:90:f7:67:d0:
b1:c9:47:f9:ee:a7:ff:5a:6c:dc:43:6f:95:33:14:d3:28:b4:
3e:d6:47:c7:ab:15:fa:34:f4:10:47:22:2b:b2:d3:ba:2f:6d:
21:20:78:14:a8:76:d6:50:18:3e:89:78:2f:4d:7d:9f:21:5b:
5f:c8:ee:5b:eb:4b:3d:f3:ce:78:fb:4a:58:ba:7d:f4:9e:34:
8c:94:2b:8d:f6:6d:32:20:59:1d:6b:c8:73:ea:26:83:5a:af:
4e:12:57:be:49:18:d7:3c:57:7e:8d:9d:8c:cc:32:37:0a:25:
95:bf:b0:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CaxxdrnWjLv0yqCijMhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YTRmN2Y0ZTRlOWU3MmMzYTMzOTNmYjVkNmVhNzQyYmMx
YjRjMjgwHhcNMjYwMzI5MTAwMDI4WhcNMjYwMzMwMTAwMDI4WjAzMTEwLwYDVQQD
EyhhZmQxY2I1NTRiMjcxNjQwYzg5Y2QzM2Y3MzUxMjhiMzNmYTAyZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnd2GEGGzyKBaczXCC8Mf5i9QAFY/
ViPJMakJPfNqZFV2lnWcU/09u+DZvavYY2SVefEYipJmmmVigjZ634Ah1OzwzIDW
Ner1O3l0+q0Hyr0wGPcamWMxfGZcOedg3+X1zGpHiCY0dDUZDobSWI2Q6SEmJ9OX
r5q2fmQ9+CYvA2BRhwMuA7yyvniKjwTmE1JdihAEqMmbPzgv3vSa2JRTVniqkkx/
uz51EjZQYTJytlG32kWnYu++Xt/EyOVdJXR6BSVhDfqir75cYU7oDlWhKAC/JorC
xFZA4TIuaEZ1ZJx4EjGKjHfzwbkCGeHF/Yj3gIH9k6uo9xLRJR4YQ0A5WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/Ry1VLJxZAyJzTP3NRKLM/oC/9MB8GA1UdIwQY
MBaAFAmk9/Tk6ecsOjOT+11up0K8G0woMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2FUMzlPVHA1eXc2TTVQN1hXNm5RcndiVENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8zYjQ4ZDUtMjhkYS00Mzg1LTkzOTUt
Mjg0YzgyZGVjN2M2LzEvQ2FUMzlPVHA1eXc2TTVQN1hXNm5RcndiVENnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8zYjQ4ZDUtMjhkYS00Mzg1LTkzOTUtMjg0YzgyZGVjN2M2
LzEvQ2FUMzlPVHA1eXc2TTVQN1hXNm5RcndiVENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWNZTSu2v
Cfj0wPUocD+L79Sm6yv8qIYQdMFAncyaXRll5FPWAxYqOGb2mD+Oje5RvQ5HqKgL
NzgbmpIwGgUhbw86pKPitbUv3auc1ka3xuy8PEOUwjNIN/ugpm0pZmSA8J3PL6zg
cA3bSMzT/rysAYH4wFIEPJESNGdyAoFrSuNBjFAoRSs5R0rtpp+Q92fQsclH+e6n
/1ps3ENvlTMU0yi0PtZHx6sV+jT0EEciK7LTui9tISB4FKh21lAYPol4L019nyFb
X8juW+tLPfPOePtKWLp99J40jJQrjfZtMiBZHWvIc+omg1qvThJXvkkY1zxXfo2d
jMwyNwollb+w0g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:42:16 2026 by rpki-client