Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
File: 3z_cS_M72A_hKNdWhD9gs51b7uM.mft (raw, json)
Hash identifier: MTD4uIO1iflONbOugOKNP6Is9hlMoWyR/GVamZlUPNw=
Subject key identifier: 3F:5E:15:57:6B:A9:E4:32:11:DB:CC:14:62:13:66:38:DD:A6:C7:10
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 019EE7E95141920A51EC73836AA171C8419D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
Manifest number: 08E8
Signing time: Sun 21 Jun 2026 02:01:28 +0000
Manifest this update: Sun 21 Jun 2026 02:01:28 +0000
Manifest next update: Mon 22 Jun 2026 02:01:28 +0000
Files and hashes: 1: 3z_cS_M72A_hKNdWhD9gs51b7uM.crl (hash: W+5kfBXm2Oo9h4+aVoSFtRtduSOvXAefyzEOnniDgAc=)
2: 88lmdc-mnvLuh7LWT7ewTNitVbQ.roa (hash: 4ev2GHc0kZ6+DnkiGr59ZAC1o1ATDYyOeOGEjJWvhDk=)
3: iKuRCoQtqrfFDPhTIq-f2J6k_mI.roa (hash: 4bH7BrC7xILPkVZ3kcGwCvI7Oji+afFT1aTAsrKOTnM=)
4: mrolwK2KC0w8DkEJIzjFPnT8aDY.roa (hash: KWvJn4y2GSmF/qywBZLEL1QJaSchEcFy2JpZDDXnxyg=)
5: o4G9chIzN7uCnwtKmumyR2sTH_I.roa (hash: KfBs8CLUl46AX0/vUOMRNCDr9u0nNAN2TPcPPQgzWaA=)
6: oFfXrLBfH6lxJPqPhKKALIEnsRY.roa (hash: xv0fWfgOWHRGVoD3X/VZOFn9nwq6PPmmOVIp8EyiD2o=)
7: oovOX9XETodZiiuPtmCpoSGbNQc.roa (hash: P+TaVSkHOwUfOr3zgGexRmHGN3QYL0Fhy8MDYgpRxpU=)
8: yUZKLH7R2JtKQc0S4DdHsOUEQU0.roa (hash: wwrcXsGyyFttGj2nkBh3bs0XPOa0z7A1reDz9TIBgKo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 22 Jun 2026 02:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e7:e9:51:41:92:0a:51:ec:73:83:6a:a1:71:c8:41:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Jun 21 02:01:28 2026 GMT
Not After : Jun 22 02:01:28 2026 GMT
Subject: CN=3f5e15576ba9e43211dbcc1462136638dda6c710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ad:4f:3c:80:5b:d7:d6:b8:4e:74:db:82:5c:
52:d6:19:bb:06:15:79:d4:3a:f3:88:02:79:b6:57:
49:9d:0c:68:ca:c2:15:f8:f0:e9:1e:33:2a:35:4a:
02:be:9f:cb:e5:40:32:b8:b4:f7:4e:52:ca:92:e4:
1c:b3:cb:a1:e2:d5:cf:51:22:a1:92:2f:e3:f5:b2:
7d:07:ea:f6:5d:c4:f2:a4:9f:1e:08:9b:5a:27:49:
a8:7d:1f:7d:bb:a1:78:02:84:34:e4:4a:cf:e1:0f:
20:66:c1:6d:36:77:9f:f0:1f:04:7b:56:7a:f6:3e:
e0:de:7a:c1:7e:77:1f:bd:18:67:a0:3c:ff:29:e4:
52:42:48:b9:c0:cc:98:f2:4f:c1:ba:60:52:6e:b9:
52:8a:62:e6:a1:73:30:41:52:25:2c:27:76:a7:51:
c4:bb:75:45:4c:7a:28:40:fd:d4:1c:06:28:fc:6c:
79:dc:10:29:b9:2a:b4:8a:21:c5:66:82:19:9b:57:
be:40:a9:9f:69:bd:d6:3e:ce:3a:38:d4:aa:07:c3:
51:b7:92:93:dd:bf:9c:e1:e2:79:54:e4:78:b3:0e:
ef:29:a7:c0:4b:35:d3:1a:51:6a:53:9c:ce:aa:c0:
1d:0d:b2:54:0a:16:79:9e:43:2e:d4:34:5c:e1:9e:
51:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:5E:15:57:6B:A9:E4:32:11:DB:CC:14:62:13:66:38:DD:A6:C7:10
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:84:08:dc:4d:91:72:66:99:1a:d6:9a:da:49:cb:71:b3:bf:
7e:ac:1c:62:5d:a5:06:aa:7b:12:fe:01:38:94:a7:31:55:92:
2f:e7:12:e2:e8:43:c3:56:08:45:69:43:f0:67:d1:9f:a2:c2:
8a:e0:71:c2:d6:26:5a:1a:f7:3a:fd:00:ed:b7:3e:47:6e:48:
9f:f5:71:e6:a9:c5:29:38:29:78:55:07:2c:ce:68:ce:68:81:
0d:cb:a0:01:52:ad:a3:e5:ca:e7:6b:7a:a9:14:6e:0a:86:9b:
f5:56:8a:79:d5:79:9a:31:1c:00:ff:82:4a:c0:ec:96:8b:1c:
1a:41:a2:1e:e1:dc:2a:05:5b:14:67:f5:e0:92:63:69:75:bd:
ce:17:9f:cd:f7:92:3b:88:70:eb:fd:9a:c1:b3:72:4f:e7:3b:
20:82:76:db:0a:d1:ab:b9:d9:b1:3b:2b:57:d0:bb:2c:d1:de:
34:7a:66:63:08:c0:6b:f7:a7:4d:7c:07:98:74:70:95:1a:1e:
b9:fd:6e:09:de:ed:e9:76:c3:6d:3d:01:a5:a1:6e:e1:6f:0a:
30:94:e6:a5:c1:90:3e:ab:51:fd:1d:a5:e2:d4:ed:15:10:c9:
01:c6:9a:57:03:06:b7:ed:fa:41:7b:9e:8a:fe:01:4c:3f:4f:
b5:be:80:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7n6VFBkgpR7HODaqFxyEGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjYwNjIxMDIwMTI4WhcNMjYwNjIyMDIwMTI4WjAzMTEwLwYDVQQD
EygzZjVlMTU1NzZiYTllNDMyMTFkYmNjMTQ2MjEzNjYzOGRkYTZjNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs61PPIBb19a4TnTbglxS1hm7BhV5
1DrziAJ5tldJnQxoysIV+PDpHjMqNUoCvp/L5UAyuLT3TlLKkuQcs8uh4tXPUSKh
ki/j9bJ9B+r2XcTypJ8eCJtaJ0mofR99u6F4AoQ05ErP4Q8gZsFtNnef8B8Ee1Z6
9j7g3nrBfncfvRhnoDz/KeRSQki5wMyY8k/BumBSbrlSimLmoXMwQVIlLCd2p1HE
u3VFTHooQP3UHAYo/Gx53BApuSq0iiHFZoIZm1e+QKmfab3WPs46ONSqB8NRt5KT
3b+c4eJ5VOR4sw7vKafASzXTGlFqU5zOqsAdDbJUChZ5nkMu1DRc4Z5R0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9eFVdrqeQyEdvMFGITZjjdpscQMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASYQI3E2R
cmaZGtaa2knLcbO/fqwcYl2lBqp7Ev4BOJSnMVWSL+cS4uhDw1YIRWlD8GfRn6LC
iuBxwtYmWhr3Ov0A7bc+R25In/Vx5qnFKTgpeFUHLM5ozmiBDcugAVKto+XK52t6
qRRuCoab9VaKedV5mjEcAP+CSsDsloscGkGiHuHcKgVbFGf14JJjaXW9zhefzfeS
O4hw6/2awbNyT+c7IIJ22wrRq7nZsTsrV9C7LNHeNHpmYwjAa/enTXwHmHRwlRoe
uf1uCd7t6XbDbT0BpaFu4W8KMJTmpcGQPqtR/R2l4tTtFRDJAcaaVwMGt+36QXue
iv4BTD9Ptb6AGg==
-----END CERTIFICATE-----
Generated at Sun Jun 21 11:12:34 2026 by rpki-client