Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.mft
File: pnQBXVCbXU85bqNjNp6ddP-tdZM.mft (raw, json)
Hash identifier: fVqYynvm940Wi83QLa0XIsFhG+VOga65ZRvlWxINbA4=
Subject key identifier: 09:AD:9E:8F:E8:B7:A6:E0:BB:CF:6D:7F:A0:7D:E6:39:3E:88:5C:18
Authority key identifier: A6:74:01:5D:50:9B:5D:4F:39:6E:A3:63:36:9E:9D:74:FF:AD:75:93
Certificate issuer: /CN=a674015d509b5d4f396ea363369e9d74ffad7593
Certificate serial: 019D27DFC6E7682ED4AE510E78104970FB82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.mft
Manifest number: 1720
Signing time: Thu 26 Mar 2026 02:01:10 +0000
Manifest this update: Thu 26 Mar 2026 02:01:10 +0000
Manifest next update: Fri 27 Mar 2026 02:01:10 +0000
Files and hashes: 1: aHohvmZrJOOZrpMAIOpcUZD835k.roa (hash: Lfp+q62MRXSn7ts6IZsilj9kYQPjsgFts0IvrL3U2wc=)
2: pnQBXVCbXU85bqNjNp6ddP-tdZM.crl (hash: Kab3DSLinFzKgxzr65Dbnu20Gl+U3CI4eisGYMX6LM4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.mft
rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 02:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:c6:e7:68:2e:d4:ae:51:0e:78:10:49:70:fb:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a674015d509b5d4f396ea363369e9d74ffad7593
Validity
Not Before: Mar 26 02:01:10 2026 GMT
Not After : Mar 27 02:01:10 2026 GMT
Subject: CN=09ad9e8fe8b7a6e0bbcf6d7fa07de6393e885c18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d5:a9:0d:95:39:3b:c5:eb:54:6e:7f:74:f3:
49:f8:35:1f:73:9e:0a:cf:41:2e:0a:ef:8e:a0:e7:
c0:b9:e7:d0:05:ad:21:98:5f:3c:1b:c7:43:5d:3d:
8d:7e:19:46:c5:dd:aa:89:bf:2a:e5:f3:98:61:45:
9f:9e:00:be:90:8b:dc:4d:45:1d:9c:03:81:e9:40:
31:2e:7c:d6:57:f2:7a:69:c4:ac:00:50:85:3f:2c:
5b:08:08:73:9e:50:fc:6b:99:9c:c6:93:a0:d2:9d:
b1:96:66:bf:50:e7:52:1a:7d:f1:b5:ef:5c:c5:a3:
f7:c9:6e:19:ef:df:75:0d:86:55:f1:6a:e6:29:14:
6a:7f:dc:39:81:a4:54:3a:d7:7b:00:c8:51:bd:96:
c0:59:02:3a:44:c4:a1:d6:ae:4f:cd:2c:04:68:bb:
19:cd:ac:ff:16:9d:d1:68:49:0a:e1:1a:af:92:af:
17:25:68:23:34:c3:3e:52:aa:53:6b:1d:d3:a9:4f:
1c:b0:20:09:2e:6b:e2:ce:0a:ab:07:f3:5e:17:a5:
a2:21:d7:c4:b0:40:c5:66:9a:e5:d6:8e:23:e4:9b:
53:d5:50:fe:9a:35:23:b0:41:15:b3:9f:9a:f6:16:
2a:e1:ab:bc:3d:47:f3:48:b9:e4:15:2d:5d:a3:e0:
dd:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:AD:9E:8F:E8:B7:A6:E0:BB:CF:6D:7F:A0:7D:E6:39:3E:88:5C:18
X509v3 Authority Key Identifier:
keyid:A6:74:01:5D:50:9B:5D:4F:39:6E:A3:63:36:9E:9D:74:FF:AD:75:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:ef:f0:d3:00:df:fa:97:41:b8:a4:f6:da:64:db:d5:f6:75:
c8:f4:a5:fa:d2:48:9f:60:e2:02:e8:94:fd:de:87:af:ff:92:
4e:ac:98:66:77:31:18:01:0c:17:5f:10:b3:52:09:de:ff:e4:
e8:28:ce:6c:a4:21:15:f6:a4:56:a4:aa:4d:be:a8:35:d9:8a:
69:7b:0d:5f:df:3c:d2:38:d2:5c:da:2e:f1:d2:bc:4e:e8:5e:
8c:37:2a:49:d4:81:ca:99:0a:a7:dc:27:36:4c:a8:a7:49:36:
bf:67:dc:28:71:e0:58:8c:0a:05:17:4a:99:3a:a2:28:93:5d:
b2:d5:f1:fa:0c:f0:92:70:9f:45:b9:9f:2c:46:f5:44:4a:20:
01:d0:da:4b:07:c5:32:7c:21:f3:0b:68:80:f4:9a:54:c5:0c:
79:75:6c:85:6f:e6:a8:a2:48:92:8a:7c:f6:49:e8:c4:df:88:
30:4c:01:ac:94:57:81:5b:e5:a3:fb:a6:65:f2:cb:a8:fb:07:
0a:1c:ef:3d:df:21:21:aa:ad:84:9f:fd:50:9d:b3:e5:47:84:
bf:10:cb:f7:a4:a8:2b:41:09:49:31:37:cb:54:27:44:ee:82:
97:19:29:95:d2:f4:a6:f4:31:dd:5b:75:f0:39:c8:c5:59:35:
90:ca:1b:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n38bnaC7UrlEOeBBJcPuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NzQwMTVkNTA5YjVkNGYzOTZlYTM2MzM2OWU5ZDc0ZmZh
ZDc1OTMwHhcNMjYwMzI2MDIwMTEwWhcNMjYwMzI3MDIwMTEwWjAzMTEwLwYDVQQD
EygwOWFkOWU4ZmU4YjdhNmUwYmJjZjZkN2ZhMDdkZTYzOTNlODg1YzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9WpDZU5O8XrVG5/dPNJ+DUfc54K
z0EuCu+OoOfAuefQBa0hmF88G8dDXT2NfhlGxd2qib8q5fOYYUWfngC+kIvcTUUd
nAOB6UAxLnzWV/J6acSsAFCFPyxbCAhznlD8a5mcxpOg0p2xlma/UOdSGn3xte9c
xaP3yW4Z7991DYZV8WrmKRRqf9w5gaRUOtd7AMhRvZbAWQI6RMSh1q5PzSwEaLsZ
zaz/Fp3RaEkK4Rqvkq8XJWgjNMM+UqpTax3TqU8csCAJLmvizgqrB/NeF6WiIdfE
sEDFZprl1o4j5JtT1VD+mjUjsEEVs5+a9hYq4au8PUfzSLnkFS1do+DdiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAmtno/ot6bgu89tf6B95jk+iFwYMB8GA1UdIwQY
MBaAFKZ0AV1Qm11POW6jYzaenXT/rXWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5RQlhWQ2JYVTg1YnFOak5wNmRkUC10ZFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82ODllNzAtZTM4ZC00ZmYxLWE5NzIt
NDExM2Q2ODZkZDY2LzEvcG5RQlhWQ2JYVTg1YnFOak5wNmRkUC10ZFpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82ODllNzAtZTM4ZC00ZmYxLWE5NzItNDExM2Q2ODZkZDY2
LzEvcG5RQlhWQ2JYVTg1YnFOak5wNmRkUC10ZFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo+/w0wDf
+pdBuKT22mTb1fZ1yPSl+tJIn2DiAuiU/d6Hr/+STqyYZncxGAEMF18Qs1IJ3v/k
6CjObKQhFfakVqSqTb6oNdmKaXsNX9880jjSXNou8dK8TuhejDcqSdSBypkKp9wn
Nkyop0k2v2fcKHHgWIwKBRdKmTqiKJNdstXx+gzwknCfRbmfLEb1REogAdDaSwfF
Mnwh8wtogPSaVMUMeXVshW/mqKJIkop89knoxN+IMEwBrJRXgVvlo/umZfLLqPsH
ChzvPd8hIaqthJ/9UJ2z5UeEvxDL96SoK0EJSTE3y1QnRO6ClxkpldL0pvQx3Vt1
8DnIxVk1kMobyw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:58:48 2026 by rpki-client