Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/39bb72-f6af-4a67-9c44-ba881122ca63/1/PsfSv8P6eOcQChuJNZBa_3pJa8k.mft
File: PsfSv8P6eOcQChuJNZBa_3pJa8k.mft (raw, json)
Hash identifier: XdleI6LrdQwVgyHka0PtBkWTYbvlKuMpx4Z3vIg8eGY=
Subject key identifier: 35:C3:62:B3:4D:F9:C9:8F:B1:0A:7B:6E:3A:82:F2:DA:68:3F:3F:64
Authority key identifier: 3E:C7:D2:BF:C3:FA:78:E7:10:0A:1B:89:35:90:5A:FF:7A:49:6B:C9
Certificate issuer: /CN=3ec7d2bfc3fa78e7100a1b8935905aff7a496bc9
Certificate serial: 019E20FFF1C0A49CBA62EB7D54255F2D75B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsfSv8P6eOcQChuJNZBa_3pJa8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/39bb72-f6af-4a67-9c44-ba881122ca63/1/PsfSv8P6eOcQChuJNZBa_3pJa8k.mft
Manifest number: 0FB5
Signing time: Wed 13 May 2026 11:01:44 +0000
Manifest this update: Wed 13 May 2026 11:01:44 +0000
Manifest next update: Thu 14 May 2026 11:01:44 +0000
Files and hashes: 1: 4yIaOD2NMt2VBGmVwUq_OiRtg_A.roa (hash: kgy/jwMb361XAjDurvjXKgIsxESxjz3mkWg8JfDokdo=)
2: PsfSv8P6eOcQChuJNZBa_3pJa8k.crl (hash: oZZ+Gka/SvGPiQQNU4cWunNcYMW+AlDKv/roS5LU4zk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/39bb72-f6af-4a67-9c44-ba881122ca63/1/PsfSv8P6eOcQChuJNZBa_3pJa8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/39bb72-f6af-4a67-9c44-ba881122ca63/1/PsfSv8P6eOcQChuJNZBa_3pJa8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/PsfSv8P6eOcQChuJNZBa_3pJa8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:ff:f1:c0:a4:9c:ba:62:eb:7d:54:25:5f:2d:75:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec7d2bfc3fa78e7100a1b8935905aff7a496bc9
Validity
Not Before: May 13 11:01:44 2026 GMT
Not After : May 14 11:01:44 2026 GMT
Subject: CN=35c362b34df9c98fb10a7b6e3a82f2da683f3f64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4e:42:fe:ee:fd:5a:5d:a6:91:68:55:3a:b4:
df:eb:0f:70:52:25:6e:c5:08:09:4e:72:52:2a:68:
16:f1:ae:85:ef:32:e4:c1:13:66:09:21:aa:ef:21:
63:f6:6b:33:30:3b:97:18:bb:57:07:bf:d5:9e:a1:
49:fc:8f:b5:63:06:31:92:0c:19:7f:ee:36:c8:07:
63:22:31:67:87:ed:5c:e3:ea:b9:dd:bc:25:a4:19:
ba:91:ba:92:81:3e:44:f0:ed:f4:4f:e4:5b:63:be:
70:0b:71:c8:8f:cd:17:e3:7f:3b:c7:50:40:16:cb:
45:ff:78:5e:d7:16:e0:fd:79:4b:ed:fd:f7:a4:3e:
a9:c3:34:30:be:d2:74:17:6b:11:a2:9e:ee:de:cb:
73:6a:75:c5:58:e8:49:6e:20:08:17:a2:81:00:06:
63:b7:78:c7:71:68:5e:4c:d5:d4:d3:f2:fa:5c:80:
b2:2a:60:f6:a1:96:0f:fe:2a:bc:c7:b5:5c:f7:f9:
be:48:67:c3:fe:07:fd:89:52:8b:12:b7:4f:80:f8:
6e:3a:b2:a3:1a:1b:f1:82:31:5d:1f:8b:b2:46:61:
b5:27:f7:20:3a:38:c8:38:dd:20:2a:15:90:6a:b8:
40:02:82:14:91:66:93:a3:0c:c5:cf:ce:37:67:a7:
75:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C3:62:B3:4D:F9:C9:8F:B1:0A:7B:6E:3A:82:F2:DA:68:3F:3F:64
X509v3 Authority Key Identifier:
keyid:3E:C7:D2:BF:C3:FA:78:E7:10:0A:1B:89:35:90:5A:FF:7A:49:6B:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsfSv8P6eOcQChuJNZBa_3pJa8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/39bb72-f6af-4a67-9c44-ba881122ca63/1/PsfSv8P6eOcQChuJNZBa_3pJa8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/39bb72-f6af-4a67-9c44-ba881122ca63/1/PsfSv8P6eOcQChuJNZBa_3pJa8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:6a:04:a8:55:1f:3e:3c:31:2d:6d:cd:a1:92:f1:05:57:b4:
5b:de:33:66:a7:0c:97:3a:78:11:16:bc:19:cf:8f:b5:c2:ec:
7f:a0:7e:04:ba:b2:dd:00:25:16:ec:ea:c2:04:f8:3c:db:96:
4f:40:45:70:f5:c9:2e:92:31:f8:fa:60:a3:46:97:aa:ac:8d:
64:87:13:9f:b1:db:7a:ed:8e:76:28:33:e6:6e:75:66:e8:f1:
2c:b7:b3:14:a1:6e:91:d8:06:5d:2f:0f:7f:00:88:82:b3:64:
ff:5e:e1:5d:b2:6b:b6:4b:65:88:c8:c3:48:55:ab:f9:8c:9b:
8f:a2:b8:b8:15:70:4b:96:4a:9d:e1:be:28:4f:c4:3d:6e:a2:
01:49:f3:f8:0c:8b:1c:d9:4a:e2:5e:f4:85:d0:a2:17:dd:07:
55:44:25:38:e5:6d:bc:28:15:b2:4a:20:3d:af:1e:17:eb:f1:
47:b9:13:e0:6d:82:81:00:e4:a3:5b:31:df:f3:2e:05:af:97:
05:c0:17:63:9f:f1:d3:13:d8:22:52:b6:db:db:26:54:3d:c8:
12:c5:37:9f:65:e1:6e:1e:01:db:c1:48:9a:67:4f:c9:92:59:
69:3c:6e:25:a0:40:99:31:c0:c3:98:1e:ec:bf:f1:6e:fc:01:
e2:84:ea:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4g//HApJy6Yut9VCVfLXWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzdkMmJmYzNmYTc4ZTcxMDBhMWI4OTM1OTA1YWZmN2E0
OTZiYzkwHhcNMjYwNTEzMTEwMTQ0WhcNMjYwNTE0MTEwMTQ0WjAzMTEwLwYDVQQD
EygzNWMzNjJiMzRkZjljOThmYjEwYTdiNmUzYTgyZjJkYTY4M2YzZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU5C/u79Wl2mkWhVOrTf6w9wUiVu
xQgJTnJSKmgW8a6F7zLkwRNmCSGq7yFj9mszMDuXGLtXB7/VnqFJ/I+1YwYxkgwZ
f+42yAdjIjFnh+1c4+q53bwlpBm6kbqSgT5E8O30T+RbY75wC3HIj80X4387x1BA
FstF/3he1xbg/XlL7f33pD6pwzQwvtJ0F2sRop7u3stzanXFWOhJbiAIF6KBAAZj
t3jHcWheTNXU0/L6XICyKmD2oZYP/iq8x7Vc9/m+SGfD/gf9iVKLErdPgPhuOrKj
GhvxgjFdH4uyRmG1J/cgOjjION0gKhWQarhAAoIUkWaTowzFz843Z6d1CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDXDYrNN+cmPsQp7bjqC8tpoPz9kMB8GA1UdIwQY
MBaAFD7H0r/D+njnEAobiTWQWv96SWvJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNmU3Y4UDZlT2NRQ2h1Sk5aQmFfM3BKYThrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8zOWJiNzItZjZhZi00YTY3LTljNDQt
YmE4ODExMjJjYTYzLzEvUHNmU3Y4UDZlT2NRQ2h1Sk5aQmFfM3BKYThrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8zOWJiNzItZjZhZi00YTY3LTljNDQtYmE4ODExMjJjYTYz
LzEvUHNmU3Y4UDZlT2NRQ2h1Sk5aQmFfM3BKYThrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQGoEqFUf
PjwxLW3NoZLxBVe0W94zZqcMlzp4ERa8Gc+PtcLsf6B+BLqy3QAlFuzqwgT4PNuW
T0BFcPXJLpIx+Ppgo0aXqqyNZIcTn7Hbeu2Odigz5m51ZujxLLezFKFukdgGXS8P
fwCIgrNk/17hXbJrtktliMjDSFWr+Yybj6K4uBVwS5ZKneG+KE/EPW6iAUnz+AyL
HNlK4l70hdCiF90HVUQlOOVtvCgVskogPa8eF+vxR7kT4G2CgQDko1sx3/MuBa+X
BcAXY5/x0xPYIlK229smVD3IEsU3n2Xhbh4B28FImmdPyZJZaTxuJaBAmTHAw5ge
7L/xbvwB4oTqUA==
-----END CERTIFICATE-----
Generated at Wed May 13 13:51:38 2026 by rpki-client