Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.mft
File: 3fCc-W5fyHTuk5CXxWUci9hC5q0.mft (raw, json)
Hash identifier: oNM/kZzUoBLDlnv244EcJzRyBtv96hoJk2YsijEKVUQ=
Subject key identifier: 31:18:2B:45:C9:05:84:BB:20:C8:D6:80:34:E9:53:1D:39:65:13:D3
Authority key identifier: DD:F0:9C:F9:6E:5F:C8:74:EE:93:90:97:C5:65:1C:8B:D8:42:E6:AD
Certificate issuer: /CN=ddf09cf96e5fc874ee939097c5651c8bd842e6ad
Certificate serial: 019DCD4FA2639E2EBAACFB4635188F5F02FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fCc-W5fyHTuk5CXxWUci9hC5q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.mft
Manifest number: 060F
Signing time: Mon 27 Apr 2026 05:00:41 +0000
Manifest this update: Mon 27 Apr 2026 05:00:41 +0000
Manifest next update: Tue 28 Apr 2026 05:00:41 +0000
Files and hashes: 1: 3fCc-W5fyHTuk5CXxWUci9hC5q0.crl (hash: fWJw7CzlK3CdLw2cGx4qjqJB4NFUbOMExdtxsS2Gutc=)
2: C60VxSBJDSdFCd1k1UlGSCrwJvY.roa (hash: KibtnUkNqe/Q4+yRw8o2hlvC70cIKXb1SxvsmfXdEPk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.mft
rsync://rpki.ripe.net/repository/DEFAULT/3fCc-W5fyHTuk5CXxWUci9hC5q0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 05:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cd:4f:a2:63:9e:2e:ba:ac:fb:46:35:18:8f:5f:02:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf09cf96e5fc874ee939097c5651c8bd842e6ad
Validity
Not Before: Apr 27 05:00:41 2026 GMT
Not After : Apr 28 05:00:41 2026 GMT
Subject: CN=31182b45c90584bb20c8d68034e9531d396513d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:e0:1a:84:b2:fe:9c:5d:94:de:03:e8:53:f0:
f3:c3:be:06:e8:3f:92:94:2a:e2:f1:de:9a:e5:ec:
7b:00:fc:83:e8:c0:ff:f4:36:7d:5e:67:1d:ce:6f:
ff:5f:75:25:53:f2:ef:06:5a:df:b2:68:f6:f8:aa:
cc:90:36:2f:8f:ca:11:bb:a8:ed:d2:d8:29:56:30:
4a:ec:41:cb:2e:a5:d8:07:a5:ff:09:77:f4:cc:03:
f4:6a:73:86:5a:1d:65:42:d3:c4:fc:19:fb:e2:a4:
d5:74:37:fe:4f:a7:46:8f:07:d2:98:ef:94:59:d5:
8e:ab:79:a2:b6:7e:21:2f:70:7d:40:11:2a:03:d7:
d7:ff:ff:b4:cd:17:ea:57:36:05:6d:b6:b1:ca:ed:
a4:96:4f:0b:a6:d9:8b:d0:2a:cb:4b:6e:15:f6:2a:
1b:0b:b2:0d:03:c8:72:11:14:a8:a9:45:7c:3e:04:
95:54:7f:87:d9:77:d1:ac:c0:f8:53:a1:0f:9b:90:
96:37:7f:e2:b2:87:2d:89:70:3a:1b:ce:cf:e1:f4:
39:5c:6d:a4:7d:90:63:db:44:27:08:33:cb:27:b9:
d1:b1:c7:31:49:66:63:18:47:fb:8c:92:9b:e0:6a:
40:a6:e8:36:8d:75:bb:c5:ff:3c:46:11:4c:1e:45:
00:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:18:2B:45:C9:05:84:BB:20:C8:D6:80:34:E9:53:1D:39:65:13:D3
X509v3 Authority Key Identifier:
keyid:DD:F0:9C:F9:6E:5F:C8:74:EE:93:90:97:C5:65:1C:8B:D8:42:E6:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fCc-W5fyHTuk5CXxWUci9hC5q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:eb:e5:c4:0b:3c:ed:61:dc:aa:d7:97:17:55:36:62:8c:21:
cf:9e:d4:c9:72:cb:3b:23:cc:d5:fc:18:5a:cd:1f:46:03:e6:
91:cd:28:03:25:9d:c5:45:8f:ac:3e:3c:66:93:ba:7b:82:c9:
05:67:b7:33:41:85:d1:bc:e2:1f:3f:92:61:65:86:cf:de:67:
0f:9d:d1:7a:ba:81:01:7f:c3:81:8e:90:c5:65:92:f7:ef:fa:
cc:8c:16:04:47:2f:99:47:3a:cb:b4:20:8a:f5:10:23:57:cc:
be:e7:d6:5b:4e:3f:6f:a2:d7:c8:2c:ce:b1:68:03:af:3f:01:
2b:47:19:cb:77:4a:8a:d8:66:f8:e1:0b:04:9f:d9:36:d1:47:
90:40:5a:bc:5f:a4:7d:45:d3:cf:56:b3:c5:ee:ed:55:f5:b8:
47:f2:8d:12:7a:aa:34:f5:10:70:f1:e9:53:d1:a1:fb:a6:83:
7a:42:74:e8:1b:87:f8:c3:4d:51:c5:ba:98:19:c2:9c:12:9a:
c7:a5:af:c5:a2:63:67:d9:c6:66:85:a9:06:4c:4d:86:88:69:
8f:4d:1b:79:88:28:86:26:9f:c3:82:e8:3f:91:dc:e6:52:af:
2f:15:95:cb:4b:5a:60:34:89:5e:bf:82:c8:0e:7a:92:6c:0f:
79:10:9a:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3NT6Jjni66rPtGNRiPXwL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjA5Y2Y5NmU1ZmM4NzRlZTkzOTA5N2M1NjUxYzhiZDg0
MmU2YWQwHhcNMjYwNDI3MDUwMDQxWhcNMjYwNDI4MDUwMDQxWjAzMTEwLwYDVQQD
EygzMTE4MmI0NWM5MDU4NGJiMjBjOGQ2ODAzNGU5NTMxZDM5NjUxM2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+OAahLL+nF2U3gPoU/Dzw74G6D+S
lCri8d6a5ex7APyD6MD/9DZ9Xmcdzm//X3UlU/LvBlrfsmj2+KrMkDYvj8oRu6jt
0tgpVjBK7EHLLqXYB6X/CXf0zAP0anOGWh1lQtPE/Bn74qTVdDf+T6dGjwfSmO+U
WdWOq3mitn4hL3B9QBEqA9fX//+0zRfqVzYFbbaxyu2klk8LptmL0CrLS24V9iob
C7INA8hyERSoqUV8PgSVVH+H2XfRrMD4U6EPm5CWN3/isoctiXA6G87P4fQ5XG2k
fZBj20QnCDPLJ7nRsccxSWZjGEf7jJKb4GpApug2jXW7xf88RhFMHkUA7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDEYK0XJBYS7IMjWgDTpUx05ZRPTMB8GA1UdIwQY
MBaAFN3wnPluX8h07pOQl8VlHIvYQuatMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZDYy1XNWZ5SFR1azVDWHhXVWNpOWhDNXEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wMDc5ZTgtYzI0Ni00YzM4LTkwNTIt
NjczNjcwZTZlZjA5LzEvM2ZDYy1XNWZ5SFR1azVDWHhXVWNpOWhDNXEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8wMDc5ZTgtYzI0Ni00YzM4LTkwNTItNjczNjcwZTZlZjA5
LzEvM2ZDYy1XNWZ5SFR1azVDWHhXVWNpOWhDNXEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoevlxAs8
7WHcqteXF1U2Yowhz57UyXLLOyPM1fwYWs0fRgPmkc0oAyWdxUWPrD48ZpO6e4LJ
BWe3M0GF0bziHz+SYWWGz95nD53RerqBAX/DgY6QxWWS9+/6zIwWBEcvmUc6y7Qg
ivUQI1fMvufWW04/b6LXyCzOsWgDrz8BK0cZy3dKithm+OELBJ/ZNtFHkEBavF+k
fUXTz1azxe7tVfW4R/KNEnqqNPUQcPHpU9Gh+6aDekJ06BuH+MNNUcW6mBnCnBKa
x6WvxaJjZ9nGZoWpBkxNhohpj00beYgohiafw4LoP5Hc5lKvLxWVy0taYDSJXr+C
yA56kmwPeRCasA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 11:59:23 2026 by rpki-client