Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
File: 3frtS0AyNuLKi-twkcug4GpUPQo.mft (raw, json)
Hash identifier: /qfRifN4Sx+ElBwC0tk9wsB7ue06kOI+A1163eL2T80=
Subject key identifier: 12:38:11:00:8D:95:BD:3D:C9:0A:FA:3A:E3:3F:07:11:D0:01:E7:A9
Authority key identifier: DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A
Certificate issuer: /CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
Certificate serial: 019D38657D899B241C92C0967A324F136158
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
Manifest number: 03D2
Signing time: Sun 29 Mar 2026 07:01:08 +0000
Manifest this update: Sun 29 Mar 2026 07:01:08 +0000
Manifest next update: Mon 30 Mar 2026 07:01:08 +0000
Files and hashes: 1: 3frtS0AyNuLKi-twkcug4GpUPQo.crl (hash: HyVufjqSKFGPRtVf3V7r5+cKebIA+PE3olnWHePcXtY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:7d:89:9b:24:1c:92:c0:96:7a:32:4f:13:61:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
Validity
Not Before: Mar 29 07:01:08 2026 GMT
Not After : Mar 30 07:01:08 2026 GMT
Subject: CN=123811008d95bd3dc90afa3ae33f0711d001e7a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:af:85:b4:9c:59:62:c9:55:94:fd:80:5d:b2:
86:ed:61:58:df:6c:49:e7:bc:d2:bd:58:73:2e:ab:
8d:30:b5:42:57:24:4a:f2:a3:28:41:d7:c4:b6:25:
27:03:35:d4:b3:d8:b4:e5:4b:e8:fe:13:28:e2:ad:
1a:f7:63:9e:f4:16:72:79:19:cb:61:1a:99:2e:30:
e8:16:fd:31:7c:58:66:ea:b8:de:88:87:c0:f3:d7:
3d:d9:14:96:18:6a:c4:eb:d4:d7:81:ce:46:32:af:
78:02:2a:87:ff:d7:7f:73:a7:d1:c7:40:04:94:7b:
61:2f:93:9e:54:2a:bf:54:cb:e2:e1:43:d4:79:de:
d3:04:20:39:30:2d:1e:c4:c8:79:f0:80:2a:78:73:
26:d5:47:9a:e6:40:2f:96:ef:49:99:ec:0c:09:05:
b5:d6:57:9b:8e:e4:52:d4:fe:43:21:34:7f:03:9f:
9e:19:a6:74:c7:60:7c:db:09:2f:5e:0c:e1:95:bc:
ff:29:c4:84:6d:6f:8a:ef:95:12:27:da:83:d4:6b:
4f:82:23:b7:1f:5a:0a:3d:bf:13:f6:3f:59:1b:14:
b6:fd:1a:0f:56:01:af:40:bb:ad:53:fc:3e:7f:66:
5a:57:18:d9:22:ad:a7:8a:4d:04:3f:aa:9c:4e:1c:
8e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:38:11:00:8D:95:BD:3D:C9:0A:FA:3A:E3:3F:07:11:D0:01:E7:A9
X509v3 Authority Key Identifier:
keyid:DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:de:71:6c:de:0d:6a:e4:9f:96:b0:c8:24:24:b9:70:77:12:
c2:18:d2:4d:d0:31:91:e2:a2:11:18:b2:eb:7b:b8:85:04:21:
ed:4c:74:43:e4:48:dc:ad:2b:8e:68:e7:23:d5:bb:99:06:c1:
a0:a0:fb:9d:de:3f:9c:72:a7:a5:98:bb:8c:8c:ba:8b:05:0f:
1b:e1:9d:2d:a5:58:b1:04:40:36:81:a8:54:59:2d:f0:af:2b:
85:4b:99:5c:9c:01:bd:0d:ef:d4:9d:b7:85:b2:8c:6d:c7:4b:
e5:62:1c:64:59:5b:66:74:1c:d5:f8:bd:07:cc:94:db:36:79:
d2:d7:f3:15:f8:e9:20:fc:ff:f3:ec:f7:68:59:89:a5:b0:7b:
f7:4c:92:2f:4e:71:1a:ce:c3:df:95:46:9e:9b:be:13:5b:33:
66:98:03:2b:91:93:9d:3b:45:35:29:57:90:ee:f2:f0:cf:79:
8a:25:c4:b7:97:43:69:32:ad:6f:ad:42:59:46:3b:97:9d:a4:
c7:0a:c8:83:aa:30:4e:d9:77:b7:61:78:93:07:8c:54:02:07:
73:64:45:95:30:58:04:41:f5:ef:05:f7:59:71:6d:5d:3f:fc:
a8:49:fd:63:e9:97:1c:03:41:c3:61:95:c3:86:7e:e8:d9:75:
65:69:fd:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZX2JmyQcksCWejJPE2FYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZmFlZDRiNDAzMjM2ZTJjYThiZWI3MDkxY2JhMGUwNmE1
NDNkMGEwHhcNMjYwMzI5MDcwMTA4WhcNMjYwMzMwMDcwMTA4WjAzMTEwLwYDVQQD
EygxMjM4MTEwMDhkOTViZDNkYzkwYWZhM2FlMzNmMDcxMWQwMDFlN2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApa+FtJxZYslVlP2AXbKG7WFY32xJ
57zSvVhzLquNMLVCVyRK8qMoQdfEtiUnAzXUs9i05Uvo/hMo4q0a92Oe9BZyeRnL
YRqZLjDoFv0xfFhm6rjeiIfA89c92RSWGGrE69TXgc5GMq94AiqH/9d/c6fRx0AE
lHthL5OeVCq/VMvi4UPUed7TBCA5MC0exMh58IAqeHMm1Uea5kAvlu9JmewMCQW1
1lebjuRS1P5DITR/A5+eGaZ0x2B82wkvXgzhlbz/KcSEbW+K75USJ9qD1GtPgiO3
H1oKPb8T9j9ZGxS2/RoPVgGvQLutU/w+f2ZaVxjZIq2nik0EP6qcThyOFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBI4EQCNlb09yQr6OuM/BxHQAeepMB8GA1UdIwQY
MBaAFN367UtAMjbiyovrcJHLoOBqVD0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEt
YjkzN2QxMjA1YWIxLzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEtYjkzN2QxMjA1YWIx
LzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAod5xbN4N
auSflrDIJCS5cHcSwhjSTdAxkeKiERiy63u4hQQh7Ux0Q+RI3K0rjmjnI9W7mQbB
oKD7nd4/nHKnpZi7jIy6iwUPG+GdLaVYsQRANoGoVFkt8K8rhUuZXJwBvQ3v1J23
hbKMbcdL5WIcZFlbZnQc1fi9B8yU2zZ50tfzFfjpIPz/8+z3aFmJpbB790ySL05x
Gs7D35VGnpu+E1szZpgDK5GTnTtFNSlXkO7y8M95iiXEt5dDaTKtb61CWUY7l52k
xwrIg6owTtl3t2F4kweMVAIHc2RFlTBYBEH17wX3WXFtXT/8qEn9Y+mXHANBw2GV
w4Z+6Nl1ZWn9AQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:58:50 2026 by rpki-client