Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
File: 3z_cS_M72A_hKNdWhD9gs51b7uM.mft (raw, json)
Hash identifier: sh7IOqp1abkXXRrQmyRoKyESm34aW6BsltA8GO5+jmE=
Subject key identifier: 43:A6:7B:76:92:69:AB:3A:E5:F6:29:09:74:83:29:72:F7:E9:C2:F3
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 019CFB74E9C95734848790050946F998EF03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
Manifest number: 07E9
Signing time: Tue 17 Mar 2026 11:01:09 +0000
Manifest this update: Tue 17 Mar 2026 11:01:09 +0000
Manifest next update: Wed 18 Mar 2026 11:01:09 +0000
Files and hashes: 1: 3z_cS_M72A_hKNdWhD9gs51b7uM.crl (hash: zMrR6/eqo7kHccHRzZBsgXgGvnQ1Osdl2POgqcGDAlg=)
2: 88lmdc-mnvLuh7LWT7ewTNitVbQ.roa (hash: 4ev2GHc0kZ6+DnkiGr59ZAC1o1ATDYyOeOGEjJWvhDk=)
3: iKuRCoQtqrfFDPhTIq-f2J6k_mI.roa (hash: 4bH7BrC7xILPkVZ3kcGwCvI7Oji+afFT1aTAsrKOTnM=)
4: mrolwK2KC0w8DkEJIzjFPnT8aDY.roa (hash: KWvJn4y2GSmF/qywBZLEL1QJaSchEcFy2JpZDDXnxyg=)
5: o4G9chIzN7uCnwtKmumyR2sTH_I.roa (hash: KfBs8CLUl46AX0/vUOMRNCDr9u0nNAN2TPcPPQgzWaA=)
6: oFfXrLBfH6lxJPqPhKKALIEnsRY.roa (hash: xv0fWfgOWHRGVoD3X/VZOFn9nwq6PPmmOVIp8EyiD2o=)
7: oovOX9XETodZiiuPtmCpoSGbNQc.roa (hash: P+TaVSkHOwUfOr3zgGexRmHGN3QYL0Fhy8MDYgpRxpU=)
8: yUZKLH7R2JtKQc0S4DdHsOUEQU0.roa (hash: wwrcXsGyyFttGj2nkBh3bs0XPOa0z7A1reDz9TIBgKo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Mar 2026 09:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fb:74:e9:c9:57:34:84:87:90:05:09:46:f9:98:ef:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Mar 17 11:01:09 2026 GMT
Not After : Mar 18 11:01:09 2026 GMT
Subject: CN=43a67b769269ab3ae5f6290974832972f7e9c2f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a0:04:8f:01:b8:16:16:7d:bb:00:e8:0d:e5:
4b:e5:fd:66:5b:31:4a:6b:29:69:ad:0e:0a:c0:67:
51:cc:56:e4:6a:d1:a3:ed:73:38:65:51:be:55:eb:
91:e5:d4:83:12:69:33:1d:55:1c:48:3e:82:be:44:
6c:ad:7d:5e:21:60:bd:f7:dd:57:6f:14:79:43:24:
6e:8e:21:5b:c6:83:e6:06:e4:1c:75:87:74:59:94:
7b:7d:8b:25:2e:3c:f7:79:62:87:d5:77:c2:06:50:
b2:d0:96:df:0b:71:f5:6d:86:3b:bd:7c:d8:5d:1f:
f2:1f:f9:32:8e:e1:0a:ad:58:3c:10:6d:ad:61:44:
e3:3d:6d:dd:e1:64:7c:5a:c8:1e:43:ed:36:34:f8:
35:68:e9:da:a7:c2:b6:4b:ac:69:63:9d:1b:b6:b1:
51:8c:4a:01:90:2e:d6:b0:6f:5e:40:67:68:99:3e:
28:fc:3e:50:5f:e3:88:17:54:02:30:b3:6f:40:82:
d4:14:bc:c2:9d:5f:cc:ab:4f:56:f6:e6:8d:63:7e:
cb:38:18:e0:5d:f7:6a:b2:27:45:5b:7e:85:7d:9d:
c2:5c:50:ff:8d:25:f9:67:82:db:32:6b:ba:49:af:
ba:f0:c4:e3:69:4b:12:ef:58:d4:f0:f9:db:72:93:
d0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A6:7B:76:92:69:AB:3A:E5:F6:29:09:74:83:29:72:F7:E9:C2:F3
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:93:5c:8f:52:3b:54:39:5d:67:67:a2:82:1b:e0:96:c4:01:
b9:76:3d:44:15:1e:22:f8:e0:b7:d2:ae:00:a8:24:44:42:f9:
8e:72:31:bd:69:a2:06:58:1c:56:db:f3:ec:b3:d2:7f:21:3f:
e2:10:7b:f6:62:ff:b0:5a:5e:c3:8f:a0:e3:6a:32:6c:d4:f8:
2e:99:db:91:5a:64:13:29:c8:d8:3f:93:7f:45:67:35:c1:a7:
6f:69:56:e3:be:69:a0:97:dc:f9:48:71:f1:95:d0:45:a2:69:
c8:2b:e7:0e:f8:4f:a2:44:73:fc:88:74:82:f6:e4:4a:1f:05:
bd:6d:dd:2b:49:aa:2d:b7:f7:22:70:c5:06:77:d2:6d:86:15:
76:ad:b9:fe:ef:42:61:7a:73:7b:0f:6c:4a:41:a1:67:4d:db:
dc:b4:57:c1:91:3e:b0:23:7f:2f:14:f5:3b:55:c7:83:8f:cf:
8d:20:56:a6:7a:f4:50:e7:c8:5d:67:fa:03:fa:d5:0b:c5:08:
4a:5c:12:36:24:11:47:2e:b6:bc:31:92:ce:d2:10:44:fb:5c:
5a:52:0f:97:75:7e:9c:b9:d9:f5:30:f9:81:92:d8:d1:da:6f:
dc:d1:d5:76:d7:45:5a:4e:19:88:f7:8e:fd:9d:f3:39:0b:76:
2b:97:d7:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZz7dOnJVzSEh5AFCUb5mO8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjYwMzE3MTEwMTA5WhcNMjYwMzE4MTEwMTA5WjAzMTEwLwYDVQQD
Eyg0M2E2N2I3NjkyNjlhYjNhZTVmNjI5MDk3NDgzMjk3MmY3ZTljMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKAEjwG4FhZ9uwDoDeVL5f1mWzFK
aylprQ4KwGdRzFbkatGj7XM4ZVG+VeuR5dSDEmkzHVUcSD6CvkRsrX1eIWC9991X
bxR5QyRujiFbxoPmBuQcdYd0WZR7fYslLjz3eWKH1XfCBlCy0JbfC3H1bYY7vXzY
XR/yH/kyjuEKrVg8EG2tYUTjPW3d4WR8WsgeQ+02NPg1aOnap8K2S6xpY50btrFR
jEoBkC7WsG9eQGdomT4o/D5QX+OIF1QCMLNvQILUFLzCnV/Mq09W9uaNY37LOBjg
XfdqsidFW36FfZ3CXFD/jSX5Z4LbMmu6Sa+68MTjaUsS71jU8PnbcpPQ9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEOme3aSaas65fYpCXSDKXL36cLzMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV5Ncj1I7
VDldZ2eighvglsQBuXY9RBUeIvjgt9KuAKgkREL5jnIxvWmiBlgcVtvz7LPSfyE/
4hB79mL/sFpew4+g42oybNT4LpnbkVpkEynI2D+Tf0VnNcGnb2lW475poJfc+Uhx
8ZXQRaJpyCvnDvhPokRz/Ih0gvbkSh8FvW3dK0mqLbf3InDFBnfSbYYVdq25/u9C
YXpzew9sSkGhZ03b3LRXwZE+sCN/LxT1O1XHg4/PjSBWpnr0UOfIXWf6A/rVC8UI
SlwSNiQRRy62vDGSztIQRPtcWlIPl3V+nLnZ9TD5gZLY0dpv3NHVdtdFWk4ZiPeO
/Z3zOQt2K5fXMQ==
-----END CERTIFICATE-----
Generated at Tue Mar 17 14:08:52 2026 by rpki-client