Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/c3624b-9085-4589-bf4d-fefd943f16c9/1/3cf_z32PTDOExrKNBKESsh8jeRA.mft
File: 3cf_z32PTDOExrKNBKESsh8jeRA.mft (raw, json)
Hash identifier: 0HHkS87IglKj6TQ4SshhMclMzfSRIyReubupENjSvu4=
Subject key identifier: 5B:D2:C6:BB:0C:9C:26:D5:36:93:95:B7:95:F4:88:69:AE:A5:B8:43
Authority key identifier: DD:C7:FF:CF:7D:8F:4C:33:84:C6:B2:8D:04:A1:12:B2:1F:23:79:10
Certificate issuer: /CN=ddc7ffcf7d8f4c3384c6b28d04a112b21f237910
Certificate serial: 019EFC843E6087642E7C4A2812B7C3A8588A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3cf_z32PTDOExrKNBKESsh8jeRA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/c3624b-9085-4589-bf4d-fefd943f16c9/1/3cf_z32PTDOExrKNBKESsh8jeRA.mft
Manifest number: 018D
Signing time: Thu 25 Jun 2026 02:03:05 +0000
Manifest this update: Thu 25 Jun 2026 02:03:05 +0000
Manifest next update: Fri 26 Jun 2026 02:03:05 +0000
Files and hashes: 1: 3cf_z32PTDOExrKNBKESsh8jeRA.crl (hash: H/D/MIzTAYWlwJB60QfvqJsUHIG7Ecy2dOInXWaKHak=)
2: BX4ECMa5PSwMxBNsjfnl8GRXj1s.asa (hash: wiV7d2L86p523gY92Ip5gfxBxVerpTdBSH5xKncDAqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/c3624b-9085-4589-bf4d-fefd943f16c9/1/3cf_z32PTDOExrKNBKESsh8jeRA.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/c3624b-9085-4589-bf4d-fefd943f16c9/1/3cf_z32PTDOExrKNBKESsh8jeRA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3cf_z32PTDOExrKNBKESsh8jeRA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Jun 2026 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:fc:84:3e:60:87:64:2e:7c:4a:28:12:b7:c3:a8:58:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddc7ffcf7d8f4c3384c6b28d04a112b21f237910
Validity
Not Before: Jun 25 02:03:05 2026 GMT
Not After : Jun 26 02:03:05 2026 GMT
Subject: CN=5bd2c6bb0c9c26d5369395b795f48869aea5b843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ca:5c:26:e9:21:7f:01:8c:ec:38:84:1e:16:
60:10:63:45:1e:dd:e2:7e:01:19:ad:30:ac:a5:57:
aa:5e:3a:f9:0a:0b:13:37:9b:cb:88:d6:9a:eb:77:
49:8b:ff:d4:4c:59:e1:30:8a:97:24:a4:6c:fc:4f:
bf:9c:1c:d0:02:7d:94:41:f8:21:dc:77:15:b5:69:
bb:7d:cf:5c:b0:70:2a:7d:1f:30:49:7b:f1:5d:70:
d0:b0:b6:52:37:8c:08:8a:27:88:cb:a7:ff:6e:e5:
99:9a:47:56:2f:6a:92:4e:16:93:83:60:ca:ff:19:
52:d1:e7:66:e1:d7:2b:12:6b:46:7b:79:9d:37:f4:
0f:03:3f:d8:45:03:bb:4f:24:16:e6:91:39:ca:ab:
85:08:d1:c8:ab:c2:eb:8b:23:56:44:d3:03:14:d8:
35:7b:67:99:ab:74:e5:b5:6c:34:f5:a5:d7:76:7a:
47:10:e1:93:28:b8:16:e3:41:a3:41:3f:4e:f7:fc:
0a:01:d3:c9:6f:95:78:5b:47:60:02:b1:11:d2:30:
8c:9b:d5:48:b4:68:86:90:24:1a:ec:1d:a9:00:d1:
0b:98:4d:ef:e9:66:a8:95:0c:ce:35:36:66:da:63:
02:fe:58:95:22:bc:fa:2a:d5:9f:bc:a3:0d:ea:cb:
2e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D2:C6:BB:0C:9C:26:D5:36:93:95:B7:95:F4:88:69:AE:A5:B8:43
X509v3 Authority Key Identifier:
keyid:DD:C7:FF:CF:7D:8F:4C:33:84:C6:B2:8D:04:A1:12:B2:1F:23:79:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3cf_z32PTDOExrKNBKESsh8jeRA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c3624b-9085-4589-bf4d-fefd943f16c9/1/3cf_z32PTDOExrKNBKESsh8jeRA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c3624b-9085-4589-bf4d-fefd943f16c9/1/3cf_z32PTDOExrKNBKESsh8jeRA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:f4:37:a9:e4:90:9c:6e:6e:63:de:33:25:13:b6:b7:66:a1:
7e:f6:2a:66:46:28:56:bc:6a:37:12:d9:5b:e0:6e:df:47:15:
82:a4:1f:74:a6:79:d4:8b:5c:47:c7:57:a3:31:28:43:e3:27:
71:07:1f:98:07:9d:e8:ce:bc:98:4c:ef:d5:e3:31:8a:4f:98:
da:44:61:f4:00:12:e6:87:0f:11:7d:67:98:e4:7c:23:d8:18:
8a:bd:d7:bb:43:db:7c:e6:58:49:fd:be:5a:45:ea:94:40:b1:
b0:31:e4:8b:9c:ae:5d:f5:18:b2:51:da:69:73:1f:49:22:52:
25:3e:c9:43:da:dd:6c:a1:07:50:11:7c:02:44:bf:95:2a:4b:
74:bd:8a:76:9f:93:c5:2a:84:51:79:07:82:c5:1f:a2:66:4a:
cc:1f:9f:50:a1:26:39:b4:52:95:cd:ef:3c:45:4a:b5:89:9a:
87:24:a6:e3:57:67:3b:d8:5b:b1:aa:52:4c:37:4d:6d:79:4f:
c0:d5:2a:dd:46:fa:fb:78:77:51:a1:49:16:99:22:dd:fa:dc:
d3:af:a2:94:ab:82:96:63:36:86:28:0f:b9:96:12:75:18:8a:
29:0c:f4:3a:41:74:9f:7f:c2:27:5d:15:59:4f:f5:0e:73:31:
64:24:16:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ78hD5gh2QufEooErfDqFiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYzdmZmNmN2Q4ZjRjMzM4NGM2YjI4ZDA0YTExMmIyMWYy
Mzc5MTAwHhcNMjYwNjI1MDIwMzA1WhcNMjYwNjI2MDIwMzA1WjAzMTEwLwYDVQQD
Eyg1YmQyYzZiYjBjOWMyNmQ1MzY5Mzk1Yjc5NWY0ODg2OWFlYTViODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMpcJukhfwGM7DiEHhZgEGNFHt3i
fgEZrTCspVeqXjr5CgsTN5vLiNaa63dJi//UTFnhMIqXJKRs/E+/nBzQAn2UQfgh
3HcVtWm7fc9csHAqfR8wSXvxXXDQsLZSN4wIiieIy6f/buWZmkdWL2qSThaTg2DK
/xlS0edm4dcrEmtGe3mdN/QPAz/YRQO7TyQW5pE5yquFCNHIq8LriyNWRNMDFNg1
e2eZq3TltWw09aXXdnpHEOGTKLgW40GjQT9O9/wKAdPJb5V4W0dgArER0jCMm9VI
tGiGkCQa7B2pANELmE3v6WaolQzONTZm2mMC/liVIrz6KtWfvKMN6ssuKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvSxrsMnCbVNpOVt5X0iGmupbhDMB8GA1UdIwQY
MBaAFN3H/899j0wzhMayjQShErIfI3kQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2NmX3ozMlBURE9FeHJLTkJLRVNzaDhqZVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9jMzYyNGItOTA4NS00NTg5LWJmNGQt
ZmVmZDk0M2YxNmM5LzEvM2NmX3ozMlBURE9FeHJLTkJLRVNzaDhqZVJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9jMzYyNGItOTA4NS00NTg5LWJmNGQtZmVmZDk0M2YxNmM5
LzEvM2NmX3ozMlBURE9FeHJLTkJLRVNzaDhqZVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnfQ3qeSQ
nG5uY94zJRO2t2ahfvYqZkYoVrxqNxLZW+Bu30cVgqQfdKZ51ItcR8dXozEoQ+Mn
cQcfmAed6M68mEzv1eMxik+Y2kRh9AAS5ocPEX1nmOR8I9gYir3Xu0PbfOZYSf2+
WkXqlECxsDHki5yuXfUYslHaaXMfSSJSJT7JQ9rdbKEHUBF8AkS/lSpLdL2Kdp+T
xSqEUXkHgsUfomZKzB+fUKEmObRSlc3vPEVKtYmahySm41dnO9hbsapSTDdNbXlP
wNUq3Ub6+3h3UaFJFpki3frc06+ilKuClmM2higPuZYSdRiKKQz0OkF0n3/CJ10V
WU/1DnMxZCQWQA==
-----END CERTIFICATE-----
Generated at Thu Jun 25 09:38:52 2026 by rpki-client