Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/c3624b-9085-4589-bf4d-fefd943f16c9/1/3cf_z32PTDOExrKNBKESsh8jeRA.mft
File: 3cf_z32PTDOExrKNBKESsh8jeRA.mft (raw, json)
Hash identifier: R9BHMjDfpTwOTqEGTLljjuAG+RGVHGf7mhkDI9Y94Tg=
Subject key identifier: B6:C3:D9:D7:13:95:FD:32:25:AE:5D:D9:F3:5C:D8:7F:C2:DE:57:93
Authority key identifier: DD:C7:FF:CF:7D:8F:4C:33:84:C6:B2:8D:04:A1:12:B2:1F:23:79:10
Certificate issuer: /CN=ddc7ffcf7d8f4c3384c6b28d04a112b21f237910
Certificate serial: 019D389BDA04325B2CC594B574C747E21A82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3cf_z32PTDOExrKNBKESsh8jeRA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/c3624b-9085-4589-bf4d-fefd943f16c9/1/3cf_z32PTDOExrKNBKESsh8jeRA.mft
Manifest number: A3
Signing time: Sun 29 Mar 2026 08:00:31 +0000
Manifest this update: Sun 29 Mar 2026 08:00:31 +0000
Manifest next update: Mon 30 Mar 2026 08:00:31 +0000
Files and hashes: 1: 3cf_z32PTDOExrKNBKESsh8jeRA.crl (hash: PPo9x4Gn1lpIZJfpaV9AFizp/QihDXsJ0zz3H9R3dMI=)
2: BX4ECMa5PSwMxBNsjfnl8GRXj1s.asa (hash: wiV7d2L86p523gY92Ip5gfxBxVerpTdBSH5xKncDAqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/c3624b-9085-4589-bf4d-fefd943f16c9/1/3cf_z32PTDOExrKNBKESsh8jeRA.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/c3624b-9085-4589-bf4d-fefd943f16c9/1/3cf_z32PTDOExrKNBKESsh8jeRA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3cf_z32PTDOExrKNBKESsh8jeRA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:da:04:32:5b:2c:c5:94:b5:74:c7:47:e2:1a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddc7ffcf7d8f4c3384c6b28d04a112b21f237910
Validity
Not Before: Mar 29 08:00:31 2026 GMT
Not After : Mar 30 08:00:31 2026 GMT
Subject: CN=b6c3d9d71395fd3225ae5dd9f35cd87fc2de5793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:64:24:d5:97:c0:18:dd:41:33:3a:9c:a7:0d:
45:57:c7:93:be:bf:83:ad:7e:ba:44:c7:f6:9b:50:
9c:0c:58:75:14:a9:80:1b:6e:70:87:66:04:90:bd:
3f:21:3b:ce:bc:4f:5f:ad:56:0a:62:ce:01:19:bd:
eb:e0:95:05:6c:73:20:8d:4f:a2:46:c9:59:76:eb:
3b:69:a5:f9:ab:c3:9e:c7:ab:17:89:09:7d:4a:5a:
97:65:aa:19:78:cf:a1:f7:0d:76:76:99:a1:ce:09:
4d:01:cf:d3:8e:ea:ac:63:5d:fd:f8:1d:a9:bc:54:
dc:eb:50:7a:c4:ae:90:76:c1:21:c3:39:e2:ac:a8:
73:fb:88:8a:01:17:37:64:6a:e4:95:8a:3b:d3:92:
f2:58:e9:df:c1:75:cc:15:01:83:15:43:b7:18:fc:
63:8e:60:62:02:ac:ce:86:c6:22:e3:68:4a:f4:8c:
aa:52:5a:d3:b6:37:1d:87:48:b0:c2:5c:bb:cf:1d:
e8:88:b0:df:55:b6:f4:77:89:c5:b4:b6:8d:c1:d5:
bc:7e:66:92:5c:5d:6e:b1:38:64:00:a1:65:9d:85:
f1:2b:54:2e:91:48:63:40:cb:64:b7:ee:91:6f:0a:
73:08:d2:b7:0f:ae:45:1a:13:f4:2e:5a:f7:b5:57:
3a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C3:D9:D7:13:95:FD:32:25:AE:5D:D9:F3:5C:D8:7F:C2:DE:57:93
X509v3 Authority Key Identifier:
keyid:DD:C7:FF:CF:7D:8F:4C:33:84:C6:B2:8D:04:A1:12:B2:1F:23:79:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3cf_z32PTDOExrKNBKESsh8jeRA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c3624b-9085-4589-bf4d-fefd943f16c9/1/3cf_z32PTDOExrKNBKESsh8jeRA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c3624b-9085-4589-bf4d-fefd943f16c9/1/3cf_z32PTDOExrKNBKESsh8jeRA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:eb:87:d1:d5:17:b2:2a:e1:a1:1c:3b:b3:9c:a9:d3:01:5d:
8a:79:ee:6d:b3:71:e5:e7:35:4e:a4:ca:a9:59:91:a9:9a:92:
0d:c6:73:25:12:f1:b4:38:1c:24:74:19:17:0d:a0:5e:90:4a:
1f:c8:94:89:26:33:c2:a3:23:4b:dd:55:5d:df:f2:70:94:4b:
be:de:81:db:e7:84:fd:7d:4b:40:45:69:12:18:51:10:03:42:
45:e4:1b:0b:1b:74:52:c1:4e:b2:ef:43:6d:96:61:63:e5:01:
d6:85:1d:ee:b4:8a:a6:01:d8:7d:c6:ef:7c:10:84:e2:13:de:
28:70:7c:6c:c1:83:7f:bf:b2:18:fa:36:00:96:c9:16:71:eb:
1b:1c:45:55:7d:ce:fb:ff:d6:e5:97:b4:bc:fa:cf:70:8e:a5:
99:71:c1:9b:05:35:7c:a0:20:f3:78:e7:2f:98:4b:83:d0:1b:
2f:19:5d:c1:61:67:d5:7f:60:2c:2e:92:28:85:eb:72:b8:e8:
23:56:fc:d1:ad:c9:d3:d4:a9:ba:0f:13:fb:4f:32:ba:7f:f4:
8d:43:b9:c2:84:04:a0:47:eb:f4:67:23:f7:3f:b6:f8:c4:3a:
b1:a6:66:f8:28:90:a2:f6:3c:e7:29:c1:9b:0e:2f:c1:9d:16:
7c:0f:46:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m9oEMlssxZS1dMdH4hqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYzdmZmNmN2Q4ZjRjMzM4NGM2YjI4ZDA0YTExMmIyMWYy
Mzc5MTAwHhcNMjYwMzI5MDgwMDMxWhcNMjYwMzMwMDgwMDMxWjAzMTEwLwYDVQQD
EyhiNmMzZDlkNzEzOTVmZDMyMjVhZTVkZDlmMzVjZDg3ZmMyZGU1NzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGQk1ZfAGN1BMzqcpw1FV8eTvr+D
rX66RMf2m1CcDFh1FKmAG25wh2YEkL0/ITvOvE9frVYKYs4BGb3r4JUFbHMgjU+i
RslZdus7aaX5q8Oex6sXiQl9SlqXZaoZeM+h9w12dpmhzglNAc/TjuqsY139+B2p
vFTc61B6xK6QdsEhwznirKhz+4iKARc3ZGrklYo705LyWOnfwXXMFQGDFUO3GPxj
jmBiAqzOhsYi42hK9IyqUlrTtjcdh0iwwly7zx3oiLDfVbb0d4nFtLaNwdW8fmaS
XF1usThkAKFlnYXxK1QukUhjQMtkt+6RbwpzCNK3D65FGhP0Llr3tVc6AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLbD2dcTlf0yJa5d2fNc2H/C3leTMB8GA1UdIwQY
MBaAFN3H/899j0wzhMayjQShErIfI3kQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2NmX3ozMlBURE9FeHJLTkJLRVNzaDhqZVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9jMzYyNGItOTA4NS00NTg5LWJmNGQt
ZmVmZDk0M2YxNmM5LzEvM2NmX3ozMlBURE9FeHJLTkJLRVNzaDhqZVJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9jMzYyNGItOTA4NS00NTg5LWJmNGQtZmVmZDk0M2YxNmM5
LzEvM2NmX3ozMlBURE9FeHJLTkJLRVNzaDhqZVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqOuH0dUX
sirhoRw7s5yp0wFdinnubbNx5ec1TqTKqVmRqZqSDcZzJRLxtDgcJHQZFw2gXpBK
H8iUiSYzwqMjS91VXd/ycJRLvt6B2+eE/X1LQEVpEhhREANCReQbCxt0UsFOsu9D
bZZhY+UB1oUd7rSKpgHYfcbvfBCE4hPeKHB8bMGDf7+yGPo2AJbJFnHrGxxFVX3O
+//W5Ze0vPrPcI6lmXHBmwU1fKAg83jnL5hLg9AbLxldwWFn1X9gLC6SKIXrcrjo
I1b80a3J09Spug8T+08yun/0jUO5woQEoEfr9Gcj9z+2+MQ6saZm+CiQovY85ynB
mw4vwZ0WfA9GBg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:43:34 2026 by rpki-client