Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.mft
File: 3fCc-W5fyHTuk5CXxWUci9hC5q0.mft (raw, json)
Hash identifier: gCKDN5qo7rDkCScgwJiyPdWVGrzGhVUCynkvSV0ZF6Q=
Subject key identifier: 72:FB:F5:C6:69:46:D3:F8:D0:9A:0B:2F:AB:AB:CB:B6:33:5A:60:5E
Authority key identifier: DD:F0:9C:F9:6E:5F:C8:74:EE:93:90:97:C5:65:1C:8B:D8:42:E6:AD
Certificate issuer: /CN=ddf09cf96e5fc874ee939097c5651c8bd842e6ad
Certificate serial: 019CE3A307AB842DC393339EC0E55F34B14E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fCc-W5fyHTuk5CXxWUci9hC5q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.mft
Manifest number: 0596
Signing time: Thu 12 Mar 2026 20:00:38 +0000
Manifest this update: Thu 12 Mar 2026 20:00:38 +0000
Manifest next update: Fri 13 Mar 2026 20:00:38 +0000
Files and hashes: 1: 3fCc-W5fyHTuk5CXxWUci9hC5q0.crl (hash: p1Og2q9+BuNcTcCIo+8aRUJUUOtxTcv6YWgMEbQy2mk=)
2: C60VxSBJDSdFCd1k1UlGSCrwJvY.roa (hash: KibtnUkNqe/Q4+yRw8o2hlvC70cIKXb1SxvsmfXdEPk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.mft
rsync://rpki.ripe.net/repository/DEFAULT/3fCc-W5fyHTuk5CXxWUci9hC5q0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 15:04:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e3:a3:07:ab:84:2d:c3:93:33:9e:c0:e5:5f:34:b1:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf09cf96e5fc874ee939097c5651c8bd842e6ad
Validity
Not Before: Mar 12 20:00:38 2026 GMT
Not After : Mar 13 20:00:38 2026 GMT
Subject: CN=72fbf5c66946d3f8d09a0b2fababcbb6335a605e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f5:d6:f2:74:8d:26:e7:c9:cc:04:86:6b:15:
3b:bb:33:d0:98:a3:f4:89:34:e9:9c:c4:4d:b3:21:
ed:9a:01:8c:ab:16:7a:a0:5a:ed:c9:ef:38:ae:77:
f2:61:e6:ee:e3:4f:21:e6:db:29:82:42:4f:f2:1f:
d7:4d:d0:e0:fa:4e:d1:63:a9:45:da:a7:e7:53:c6:
52:21:ae:1b:de:6c:3a:5c:1c:94:f0:31:fa:da:84:
a8:cb:cc:36:9b:3b:f6:d7:63:db:41:e5:ec:04:8b:
08:a1:ed:3c:61:85:c3:27:4f:4d:ec:bd:04:ed:e3:
32:60:21:dc:0e:81:37:ff:bd:05:d9:42:ca:42:dd:
36:05:a3:8e:36:a8:fb:49:5e:bd:5d:70:05:e3:c7:
90:ad:a4:f4:13:f7:e2:8a:80:d8:7e:3f:1f:43:9c:
7f:73:87:b3:0c:a7:12:b7:e4:6d:59:bd:c2:86:af:
05:47:b6:f2:2d:26:50:34:42:ea:ef:2b:ad:f5:2c:
32:93:c4:bb:a5:dd:40:9b:60:92:df:74:af:f2:94:
6e:50:5c:ca:27:6d:fd:aa:46:95:51:42:99:62:5a:
9a:ee:a1:b6:55:ce:c2:41:68:97:a4:38:20:d2:21:
ad:bf:10:0a:07:b6:90:b7:1d:a2:8b:cd:b4:8c:fd:
f0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:FB:F5:C6:69:46:D3:F8:D0:9A:0B:2F:AB:AB:CB:B6:33:5A:60:5E
X509v3 Authority Key Identifier:
keyid:DD:F0:9C:F9:6E:5F:C8:74:EE:93:90:97:C5:65:1C:8B:D8:42:E6:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fCc-W5fyHTuk5CXxWUci9hC5q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ea:ae:bc:34:8e:d3:63:45:17:25:e6:89:09:78:d1:4c:a8:9c:
ba:32:83:10:d5:9f:3a:c2:9a:72:b3:39:72:84:db:5b:20:d4:
0e:0a:1f:f8:91:dd:ee:cc:70:a1:5b:b2:72:1b:ae:3a:7a:b1:
ae:65:3d:fa:7f:5e:69:5e:7d:a1:6e:5d:5c:40:3e:03:ed:87:
bc:57:11:33:3d:ad:06:79:c2:b0:6e:06:b9:e2:d3:c7:87:3b:
e6:43:e6:a2:ec:5a:33:78:70:29:fa:ae:53:c5:1f:7d:89:e9:
73:71:60:49:4b:1b:fa:0b:14:35:e5:57:d2:1a:31:2c:1c:1d:
39:c4:a1:7b:4d:77:b5:e9:69:b3:22:a2:81:c5:01:96:41:3a:
85:f8:b7:8d:36:52:2d:e8:28:ff:97:d1:ec:97:61:a0:3d:57:
4e:b1:75:d2:82:0c:9f:7f:61:87:98:81:75:c6:12:f0:40:2c:
0e:f7:3f:3a:08:de:69:b2:e3:19:b7:d9:8b:96:c6:fc:e2:fc:
88:ca:f9:8f:fa:66:a7:1e:ab:29:82:c3:db:31:1c:0f:60:9f:
a1:3a:8d:69:5b:1c:37:dd:b8:93:47:bf:03:92:62:3f:65:e7:
d7:0c:6b:6c:4d:da:5e:1e:17:91:6b:c9:7e:78:26:6c:0d:f6:
3b:56:b7:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzjowerhC3DkzOewOVfNLFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjA5Y2Y5NmU1ZmM4NzRlZTkzOTA5N2M1NjUxYzhiZDg0
MmU2YWQwHhcNMjYwMzEyMjAwMDM4WhcNMjYwMzEzMjAwMDM4WjAzMTEwLwYDVQQD
Eyg3MmZiZjVjNjY5NDZkM2Y4ZDA5YTBiMmZhYmFiY2JiNjMzNWE2MDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvXW8nSNJufJzASGaxU7uzPQmKP0
iTTpnMRNsyHtmgGMqxZ6oFrtye84rnfyYebu408h5tspgkJP8h/XTdDg+k7RY6lF
2qfnU8ZSIa4b3mw6XByU8DH62oSoy8w2mzv212PbQeXsBIsIoe08YYXDJ09N7L0E
7eMyYCHcDoE3/70F2ULKQt02BaOONqj7SV69XXAF48eQraT0E/fiioDYfj8fQ5x/
c4ezDKcSt+RtWb3Chq8FR7byLSZQNELq7yut9Swyk8S7pd1Am2CS33Sv8pRuUFzK
J239qkaVUUKZYlqa7qG2Vc7CQWiXpDgg0iGtvxAKB7aQtx2ii820jP3w7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHL79cZpRtP40JoLL6ury7YzWmBeMB8GA1UdIwQY
MBaAFN3wnPluX8h07pOQl8VlHIvYQuatMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZDYy1XNWZ5SFR1azVDWHhXVWNpOWhDNXEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wMDc5ZTgtYzI0Ni00YzM4LTkwNTIt
NjczNjcwZTZlZjA5LzEvM2ZDYy1XNWZ5SFR1azVDWHhXVWNpOWhDNXEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8wMDc5ZTgtYzI0Ni00YzM4LTkwNTItNjczNjcwZTZlZjA5
LzEvM2ZDYy1XNWZ5SFR1azVDWHhXVWNpOWhDNXEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA6q68NI7T
Y0UXJeaJCXjRTKicujKDENWfOsKacrM5coTbWyDUDgof+JHd7sxwoVuychuuOnqx
rmU9+n9eaV59oW5dXEA+A+2HvFcRMz2tBnnCsG4GueLTx4c75kPmouxaM3hwKfqu
U8UffYnpc3FgSUsb+gsUNeVX0hoxLBwdOcShe013telpsyKigcUBlkE6hfi3jTZS
Lego/5fR7JdhoD1XTrF10oIMn39hh5iBdcYS8EAsDvc/OgjeabLjGbfZi5bG/OL8
iMr5j/pmpx6rKYLD2zEcD2CfoTqNaVscN924k0e/A5JiP2Xn1wxrbE3aXh4XkWvJ
fngmbA32O1a3PA==
-----END CERTIFICATE-----
Generated at Thu Mar 12 22:56:28 2026 by rpki-client