Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
File: 3PhcNsaW1dssu0j9Q-ghc37jQic.mft (raw, json)
Hash identifier: nIjeEw9qD3betyncsVyqITwFLyzCQytgm9bKGug0t3k=
Subject key identifier: 86:B5:75:D7:95:22:C5:DF:11:65:69:69:DA:0F:3E:21:5E:20:E4:E4
Authority key identifier: DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
Certificate issuer: /CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Certificate serial: 019D378972B0FB09BE49C860664A5BD8E0F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
Manifest number: 12C9
Signing time: Sun 29 Mar 2026 03:00:47 +0000
Manifest this update: Sun 29 Mar 2026 03:00:47 +0000
Manifest next update: Mon 30 Mar 2026 03:00:47 +0000
Files and hashes: 1: 3PhcNsaW1dssu0j9Q-ghc37jQic.crl (hash: IKR5bUOMDfX4BiC10Oq9YWqcA0zMdSSVhKmsJynSRyk=)
2: aRFa0aicATO9EZ84Sd0rRZqpUDM.roa (hash: 3/X7mlyrk9jnsPYw8nohsn6KsOPiCxOy8zcW+IBYz8s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:72:b0:fb:09:be:49:c8:60:66:4a:5b:d8:e0:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Validity
Not Before: Mar 29 03:00:47 2026 GMT
Not After : Mar 30 03:00:47 2026 GMT
Subject: CN=86b575d79522c5df11656969da0f3e215e20e4e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:16:a0:10:d6:4f:43:c0:8b:1e:ed:a7:91:9a:
0a:83:94:f4:11:36:70:6a:c7:e7:71:45:95:19:e3:
d2:d0:7f:0f:f5:85:ba:6b:ba:94:2a:18:a6:16:7a:
55:95:3b:88:6a:f6:d5:88:9b:82:e5:77:ac:e9:4b:
d6:be:45:8f:aa:5b:6a:98:d9:99:c1:22:cb:bd:76:
ce:49:bf:5d:07:3d:ab:b1:70:4b:1b:9b:cd:39:c9:
bb:8a:ab:11:da:b2:c5:79:57:96:0d:4e:82:ec:b4:
34:ac:73:95:cb:00:30:56:5e:1a:bc:5e:2a:5f:2e:
dc:44:ca:65:8f:e4:ba:ff:b5:6b:51:22:8e:78:df:
5a:04:7d:bb:5a:bc:c3:de:96:ec:b9:c2:44:2c:e1:
0e:21:a6:81:9b:c3:df:ae:2d:34:0a:2b:7b:8f:37:
06:15:0a:df:a5:ee:3c:9c:09:bb:f0:24:01:db:d7:
6d:b3:d5:4f:29:c1:5f:da:21:6a:b7:38:c2:61:ff:
19:1c:fe:06:f9:c3:e2:80:df:69:e1:bd:b7:d3:7f:
13:62:1f:66:78:b5:6a:6f:d7:ea:a5:98:9f:d1:96:
80:60:aa:41:55:a4:d3:2f:4f:a5:20:a7:1e:46:ed:
3b:69:8f:60:8d:7a:ba:78:1f:67:4c:8c:0e:87:fc:
e6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B5:75:D7:95:22:C5:DF:11:65:69:69:DA:0F:3E:21:5E:20:E4:E4
X509v3 Authority Key Identifier:
keyid:DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:90:d2:33:0a:21:4f:7e:f7:d4:c0:3a:7f:ed:50:99:37:5a:
b8:be:a7:e7:13:00:7e:3f:73:17:e8:5f:0f:7f:b9:70:23:ad:
26:5c:ae:22:7d:09:1c:65:20:d0:2b:53:51:c1:51:4a:c4:f7:
f5:70:32:92:0b:be:71:d9:5d:20:b3:1c:a4:76:9e:f2:81:73:
72:f2:6d:4e:bf:9b:8b:71:f7:b6:38:4f:2f:d0:30:27:0e:31:
94:bd:70:bb:df:e4:0b:15:e9:54:8f:83:d3:25:4e:08:3f:a0:
6a:9b:7d:11:6b:36:14:8a:50:72:ff:84:35:1e:38:d2:2a:3f:
10:30:96:2b:5d:41:06:fa:5c:5c:f5:86:e9:59:56:e6:c0:dc:
2b:d4:88:36:6a:e6:b4:32:de:7b:e7:8f:4b:96:47:a4:a4:c8:
39:f9:b2:e2:54:31:f4:b7:43:c0:15:30:0f:ff:fb:b3:47:73:
f0:06:16:ba:e6:60:79:de:d2:f1:03:bd:38:40:45:42:24:27:
c2:59:01:24:ee:18:7a:aa:bc:6c:48:1a:bf:bd:9f:5d:bc:a4:
10:77:31:36:d7:04:39:28:eb:fc:60:09:26:3a:62:63:9b:e5:
3b:6c:95:6e:29:5c:c5:d5:95:4f:29:b0:4a:49:f9:7e:17:e2:
b3:b2:62:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iXKw+wm+SchgZkpb2ODxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZjg1YzM2YzY5NmQ1ZGIyY2JiNDhmZDQzZTgyMTczN2Vl
MzQyMjcwHhcNMjYwMzI5MDMwMDQ3WhcNMjYwMzMwMDMwMDQ3WjAzMTEwLwYDVQQD
Eyg4NmI1NzVkNzk1MjJjNWRmMTE2NTY5NjlkYTBmM2UyMTVlMjBlNGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RagENZPQ8CLHu2nkZoKg5T0ETZw
asfncUWVGePS0H8P9YW6a7qUKhimFnpVlTuIavbViJuC5Xes6UvWvkWPqltqmNmZ
wSLLvXbOSb9dBz2rsXBLG5vNOcm7iqsR2rLFeVeWDU6C7LQ0rHOVywAwVl4avF4q
Xy7cRMplj+S6/7VrUSKOeN9aBH27WrzD3pbsucJELOEOIaaBm8Pfri00Cit7jzcG
FQrfpe48nAm78CQB29dts9VPKcFf2iFqtzjCYf8ZHP4G+cPigN9p4b23038TYh9m
eLVqb9fqpZif0ZaAYKpBVaTTL0+lIKceRu07aY9gjXq6eB9nTIwOh/zmHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIa1ddeVIsXfEWVpadoPPiFeIOTkMB8GA1UdIwQY
MBaAFNz4XDbGltXbLLtI/UPoIXN+40InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzIt
MGY1MmY4NjcxNzhkLzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzItMGY1MmY4NjcxNzhk
LzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJpDSMwoh
T3731MA6f+1QmTdauL6n5xMAfj9zF+hfD3+5cCOtJlyuIn0JHGUg0CtTUcFRSsT3
9XAykgu+cdldILMcpHae8oFzcvJtTr+bi3H3tjhPL9AwJw4xlL1wu9/kCxXpVI+D
0yVOCD+gapt9EWs2FIpQcv+ENR440io/EDCWK11BBvpcXPWG6VlW5sDcK9SINmrm
tDLee+ePS5ZHpKTIOfmy4lQx9LdDwBUwD//7s0dz8AYWuuZged7S8QO9OEBFQiQn
wlkBJO4Yeqq8bEgav72fXbykEHcxNtcEOSjr/GAJJjpiY5vlO2yVbilcxdWVTymw
Skn5fhfis7Jizw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:50:14 2026 by rpki-client