Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
File: 3z_cS_M72A_hKNdWhD9gs51b7uM.mft (raw, json)
Hash identifier: qEkbGLsJG+CTr3uUXQcNa5rKZoj6KFG+cu8eVdGRNC0=
Subject key identifier: BA:31:B3:06:98:39:58:90:44:F9:7A:5A:48:CD:55:96:69:EF:A8:0A
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 019DE52165912779F1BCBF8AA0D9B12DF5FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
Manifest number: 0862
Signing time: Fri 01 May 2026 20:01:04 +0000
Manifest this update: Fri 01 May 2026 20:01:04 +0000
Manifest next update: Sat 02 May 2026 20:01:04 +0000
Files and hashes: 1: 3z_cS_M72A_hKNdWhD9gs51b7uM.crl (hash: qli6FiIL01FnevXdeNESMvYttX78og60zQTDBleU4kQ=)
2: 88lmdc-mnvLuh7LWT7ewTNitVbQ.roa (hash: 4ev2GHc0kZ6+DnkiGr59ZAC1o1ATDYyOeOGEjJWvhDk=)
3: iKuRCoQtqrfFDPhTIq-f2J6k_mI.roa (hash: 4bH7BrC7xILPkVZ3kcGwCvI7Oji+afFT1aTAsrKOTnM=)
4: mrolwK2KC0w8DkEJIzjFPnT8aDY.roa (hash: KWvJn4y2GSmF/qywBZLEL1QJaSchEcFy2JpZDDXnxyg=)
5: o4G9chIzN7uCnwtKmumyR2sTH_I.roa (hash: KfBs8CLUl46AX0/vUOMRNCDr9u0nNAN2TPcPPQgzWaA=)
6: oFfXrLBfH6lxJPqPhKKALIEnsRY.roa (hash: xv0fWfgOWHRGVoD3X/VZOFn9nwq6PPmmOVIp8EyiD2o=)
7: oovOX9XETodZiiuPtmCpoSGbNQc.roa (hash: P+TaVSkHOwUfOr3zgGexRmHGN3QYL0Fhy8MDYgpRxpU=)
8: yUZKLH7R2JtKQc0S4DdHsOUEQU0.roa (hash: wwrcXsGyyFttGj2nkBh3bs0XPOa0z7A1reDz9TIBgKo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 02 May 2026 17:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e5:21:65:91:27:79:f1:bc:bf:8a:a0:d9:b1:2d:f5:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: May 1 20:01:04 2026 GMT
Not After : May 2 20:01:04 2026 GMT
Subject: CN=ba31b3069839589044f97a5a48cd559669efa80a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:64:2c:47:b2:a6:84:6f:cf:54:e0:eb:9d:09:
b8:6d:16:7f:dd:81:29:fc:0e:9f:77:8b:28:ef:9c:
9d:ba:bd:31:e7:b1:7f:24:54:30:4a:39:3c:d7:5a:
79:10:a8:5c:06:87:ac:7d:57:9d:e1:df:1a:b8:16:
86:ed:50:fa:9b:36:80:03:61:b1:e8:e1:e6:94:d8:
4e:d6:34:ba:83:07:c2:a7:57:03:79:99:b7:d9:98:
57:4c:0b:e0:54:55:0f:c8:92:af:6a:00:74:af:c3:
37:30:4c:5b:c3:2c:21:ab:6e:99:ed:da:36:bc:3e:
11:9d:98:79:51:96:8d:99:6f:dc:83:f1:c7:9b:6e:
c9:46:5c:04:8a:ba:c3:c3:fc:b8:22:f2:29:97:22:
67:a2:a7:ea:c4:a3:b7:f4:c3:ac:28:31:9a:2a:f2:
c3:39:97:61:9c:eb:b6:38:d7:43:9d:70:00:57:8c:
7a:fc:0a:c4:21:35:3e:f3:cf:96:56:5c:fe:9c:7a:
1f:ef:80:f8:82:60:92:a2:c8:34:05:14:67:6b:dd:
ee:4b:3d:40:4e:0f:5b:ae:62:a3:7a:f2:00:ff:3f:
4e:4c:e6:c0:ba:d0:98:3a:b8:3a:43:e3:38:af:4a:
46:08:67:68:5a:a9:79:82:b5:af:99:11:35:7b:b1:
8b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:31:B3:06:98:39:58:90:44:F9:7A:5A:48:CD:55:96:69:EF:A8:0A
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:8e:33:f2:77:f1:22:55:66:85:83:22:2f:78:cb:02:58:ab:
dd:fd:b3:e9:98:c9:37:59:eb:90:f4:5c:61:ec:ed:e5:8d:5d:
a6:e3:7b:64:d1:50:2c:14:62:98:6c:76:38:fd:71:5a:af:61:
50:c6:fb:db:5c:fd:4b:ab:97:9e:29:8e:c2:20:da:34:c0:e0:
8b:1b:12:a6:9a:7c:1d:8a:ea:ec:87:ec:aa:0e:1a:ae:87:da:
60:01:be:bc:5b:56:81:3c:60:13:3b:97:b8:e3:b7:45:cd:23:
f9:94:b6:9d:e1:5f:76:36:72:e6:56:fb:a3:ae:f8:ea:ab:b2:
de:49:d7:54:f6:5d:ff:1b:17:6d:38:31:c2:e5:c2:5f:d2:11:
02:a4:e7:b4:48:4d:c1:ec:f4:f6:a1:29:2f:3c:07:7d:97:97:
6f:d9:ba:92:0b:f5:7e:94:b3:0b:b0:72:5d:1b:dc:be:be:23:
b2:fc:a3:03:96:ec:55:b6:90:d2:5b:90:f6:a2:5e:cd:5c:90:
07:9b:62:1e:3c:0f:4b:f0:5f:e9:0b:15:f8:8a:74:8b:d3:44:
d2:f1:71:44:a1:c9:9d:e1:6f:8a:c7:08:d4:5a:dd:90:6d:aa:
51:78:85:56:30:1a:33:16:3b:c2:d5:32:79:5f:7c:c7:d9:db:
49:7a:48:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3lIWWRJ3nxvL+KoNmxLfX7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjYwNTAxMjAwMTA0WhcNMjYwNTAyMjAwMTA0WjAzMTEwLwYDVQQD
EyhiYTMxYjMwNjk4Mzk1ODkwNDRmOTdhNWE0OGNkNTU5NjY5ZWZhODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02QsR7KmhG/PVODrnQm4bRZ/3YEp
/A6fd4so75ydur0x57F/JFQwSjk811p5EKhcBoesfVed4d8auBaG7VD6mzaAA2Gx
6OHmlNhO1jS6gwfCp1cDeZm32ZhXTAvgVFUPyJKvagB0r8M3MExbwywhq26Z7do2
vD4RnZh5UZaNmW/cg/HHm27JRlwEirrDw/y4IvIplyJnoqfqxKO39MOsKDGaKvLD
OZdhnOu2ONdDnXAAV4x6/ArEITU+88+WVlz+nHof74D4gmCSosg0BRRna93uSz1A
Tg9brmKjevIA/z9OTObAutCYOrg6Q+M4r0pGCGdoWql5grWvmRE1e7GLUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLoxswaYOViQRPl6WkjNVZZp76gKMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG44z8nfx
IlVmhYMiL3jLAlir3f2z6ZjJN1nrkPRcYezt5Y1dpuN7ZNFQLBRimGx2OP1xWq9h
UMb721z9S6uXnimOwiDaNMDgixsSppp8HYrq7Ifsqg4arofaYAG+vFtWgTxgEzuX
uOO3Rc0j+ZS2neFfdjZy5lb7o6746quy3knXVPZd/xsXbTgxwuXCX9IRAqTntEhN
wez09qEpLzwHfZeXb9m6kgv1fpSzC7ByXRvcvr4jsvyjA5bsVbaQ0luQ9qJezVyQ
B5tiHjwPS/Bf6QsV+Ip0i9NE0vFxRKHJneFviscI1FrdkG2qUXiFVjAaMxY7wtUy
eV98x9nbSXpI7w==
-----END CERTIFICATE-----
Generated at Fri May 1 23:00:00 2026 by rpki-client