Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.mft
File: 3ciCMsB94s3Llur551FVC6pmxYg.mft (raw, json)
Hash identifier: hPBweuqM10RxH228Oy8ZeL85FqITPeBJLLrfAJik4zE=
Subject key identifier: 65:F7:20:DD:04:03:C1:09:AE:81:4C:FD:B9:03:0D:34:87:7B:D9:6C
Authority key identifier: DD:C8:82:32:C0:7D:E2:CD:CB:96:EA:F9:E7:51:55:0B:AA:66:C5:88
Certificate issuer: /CN=ddc88232c07de2cdcb96eaf9e751550baa66c588
Certificate serial: 019D397796D77671A53DC8CBD241FF8D87F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ciCMsB94s3Llur551FVC6pmxYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.mft
Manifest number: 0FF2
Signing time: Sun 29 Mar 2026 12:00:31 +0000
Manifest this update: Sun 29 Mar 2026 12:00:31 +0000
Manifest next update: Mon 30 Mar 2026 12:00:31 +0000
Files and hashes: 1: 3ciCMsB94s3Llur551FVC6pmxYg.crl (hash: AvEpJAh0Nt34t90nKa9wFP2QHXdtMHA0EajKLnkLSwQ=)
2: Hfq2hHkukqsFqywTjHsioREmNS4.roa (hash: paBdvdH/DYPPTu1rMzb8b23iJRlSlCeY0XMWLizu13w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ciCMsB94s3Llur551FVC6pmxYg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:96:d7:76:71:a5:3d:c8:cb:d2:41:ff:8d:87:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddc88232c07de2cdcb96eaf9e751550baa66c588
Validity
Not Before: Mar 29 12:00:31 2026 GMT
Not After : Mar 30 12:00:31 2026 GMT
Subject: CN=65f720dd0403c109ae814cfdb9030d34877bd96c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:fb:1d:e9:bd:6a:85:c9:94:f7:83:0b:44:0c:
ce:3c:f8:70:e2:13:f9:6b:9e:19:4d:05:83:0b:be:
fc:68:53:23:c2:ee:17:3c:d2:b1:1b:d6:bf:91:99:
b1:b4:7e:28:6f:cc:51:bc:9e:f6:ec:78:e8:ca:53:
cc:31:25:f8:b2:f4:99:8b:d2:62:77:00:9d:92:9d:
c8:77:e0:37:b0:c1:ec:4e:24:05:d3:66:91:ba:74:
2f:9d:91:ed:45:c6:d6:4b:b6:dc:f4:6e:6f:f7:bc:
e6:dd:24:58:2a:e8:7f:1e:95:e9:3f:6c:f5:6b:21:
84:d2:8f:fe:ec:07:99:37:3f:a0:0d:65:ab:bd:dd:
14:37:c1:d6:e1:75:d3:b7:91:a2:52:e8:db:c5:46:
f4:13:8e:b2:8a:97:85:03:ee:90:bb:2d:31:df:db:
92:7d:54:18:75:bd:83:bf:56:a0:5f:41:bc:03:69:
c6:4b:47:2c:20:e4:c5:cb:b7:5e:59:52:05:90:67:
fc:2e:1d:5e:20:7e:74:03:c0:5b:f1:b7:f8:c6:cb:
f4:62:51:7f:f3:cd:e0:a9:5c:ab:e7:30:a1:37:80:
48:84:d5:80:79:8d:d7:5a:e8:b3:f6:74:9f:43:1f:
38:bb:72:db:11:14:33:73:3a:00:fe:cd:d3:f6:fc:
0b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F7:20:DD:04:03:C1:09:AE:81:4C:FD:B9:03:0D:34:87:7B:D9:6C
X509v3 Authority Key Identifier:
keyid:DD:C8:82:32:C0:7D:E2:CD:CB:96:EA:F9:E7:51:55:0B:AA:66:C5:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ciCMsB94s3Llur551FVC6pmxYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:57:37:97:c1:22:86:2f:c0:7a:36:d0:f6:28:c1:61:58:f2:
4f:4b:d0:09:54:89:f2:ce:c0:c4:90:54:be:ce:e3:bb:6d:02:
00:8c:24:2a:3e:cd:dc:a1:bc:58:7c:7e:ba:25:72:8f:ac:63:
6d:dc:68:2c:67:28:90:bf:77:97:c1:95:28:dd:b5:e4:04:c8:
fd:ad:ae:6e:f1:4c:16:6d:9f:a9:b4:e2:f3:e2:f7:8a:96:ca:
a2:6c:a1:eb:22:0a:77:7a:90:75:8d:6e:ab:0d:88:28:f3:7b:
71:21:bb:78:70:47:48:a7:e9:0a:71:0f:c1:01:3c:a0:65:e1:
c2:42:eb:be:4c:69:8a:02:2c:9b:bc:68:e4:c9:4b:6d:a2:da:
e9:61:af:c6:8f:1c:c6:c1:f4:84:64:10:2e:0b:13:18:44:6c:
8e:1e:32:3f:3c:73:a7:c7:2e:df:c5:68:32:7f:6a:7e:5b:27:
ee:3a:5d:82:fe:78:ef:d9:41:01:23:bf:44:d6:a4:25:5b:73:
04:f0:f0:71:d1:27:de:7e:03:4d:3e:0b:72:20:7c:b9:68:57:
3b:80:3c:23:80:c5:c1:59:b4:bd:ae:c2:e7:9f:3c:09:75:4f:
a2:b8:79:bc:f1:99:3a:5e:d9:9f:66:f2:7d:af:95:7b:34:3e:
2f:be:74:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d5bXdnGlPcjL0kH/jYfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYzg4MjMyYzA3ZGUyY2RjYjk2ZWFmOWU3NTE1NTBiYWE2
NmM1ODgwHhcNMjYwMzI5MTIwMDMxWhcNMjYwMzMwMTIwMDMxWjAzMTEwLwYDVQQD
Eyg2NWY3MjBkZDA0MDNjMTA5YWU4MTRjZmRiOTAzMGQzNDg3N2JkOTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vsd6b1qhcmU94MLRAzOPPhw4hP5
a54ZTQWDC778aFMjwu4XPNKxG9a/kZmxtH4ob8xRvJ727HjoylPMMSX4svSZi9Ji
dwCdkp3Id+A3sMHsTiQF02aRunQvnZHtRcbWS7bc9G5v97zm3SRYKuh/HpXpP2z1
ayGE0o/+7AeZNz+gDWWrvd0UN8HW4XXTt5GiUujbxUb0E46yipeFA+6Quy0x39uS
fVQYdb2Dv1agX0G8A2nGS0csIOTFy7deWVIFkGf8Lh1eIH50A8Bb8bf4xsv0YlF/
883gqVyr5zChN4BIhNWAeY3XWuiz9nSfQx84u3LbERQzczoA/s3T9vwL4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGX3IN0EA8EJroFM/bkDDTSHe9lsMB8GA1UdIwQY
MBaAFN3IgjLAfeLNy5bq+edRVQuqZsWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2NpQ01zQjk0czNMbHVyNTUxRlZDNnBteFlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8wYzk2ZDQtYzc2MC00YWE2LTg1ZGIt
NDJjNzliMDNiNGRmLzEvM2NpQ01zQjk0czNMbHVyNTUxRlZDNnBteFlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8wYzk2ZDQtYzc2MC00YWE2LTg1ZGItNDJjNzliMDNiNGRm
LzEvM2NpQ01zQjk0czNMbHVyNTUxRlZDNnBteFlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAflc3l8Ei
hi/AejbQ9ijBYVjyT0vQCVSJ8s7AxJBUvs7ju20CAIwkKj7N3KG8WHx+uiVyj6xj
bdxoLGcokL93l8GVKN215ATI/a2ubvFMFm2fqbTi8+L3ipbKomyh6yIKd3qQdY1u
qw2IKPN7cSG7eHBHSKfpCnEPwQE8oGXhwkLrvkxpigIsm7xo5MlLbaLa6WGvxo8c
xsH0hGQQLgsTGERsjh4yPzxzp8cu38VoMn9qflsn7jpdgv5479lBASO/RNakJVtz
BPDwcdEn3n4DTT4LciB8uWhXO4A8I4DFwVm0va7C5588CXVPorh5vPGZOl7Zn2by
fa+VezQ+L750MA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:57:36 2026 by rpki-client