Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
File: PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json)
Hash identifier: bza0dKESdcxXOTMpuraAQ7bt7p3HCckRwntkqsbDC+c=
Subject key identifier: A8:79:51:76:5B:84:FB:65:6D:69:FA:04:3A:0C:49:DB:6F:65:1C:4C
Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
Certificate issuer: /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Certificate serial: 019D29CE46BAD0D7D0976A881C1343BE007E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
Manifest number: 1270
Signing time: Thu 26 Mar 2026 11:01:17 +0000
Manifest this update: Thu 26 Mar 2026 11:01:17 +0000
Manifest next update: Fri 27 Mar 2026 11:01:17 +0000
Files and hashes: 1: FU4n6XNa33EeNcK1pVjnryUAJ6g.roa (hash: vAyZ21gv2CupNTDwhYo/hiCxZiQKD0Xxe9J+fN5P0S8=)
2: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: KsdkCoPRnrRUzRFtpyTuuHPuXC78A/VaEHGiGEnt2eU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:46:ba:d0:d7:d0:97:6a:88:1c:13:43:be:00:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Validity
Not Before: Mar 26 11:01:17 2026 GMT
Not After : Mar 27 11:01:17 2026 GMT
Subject: CN=a87951765b84fb656d69fa043a0c49db6f651c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:cb:57:91:59:1b:79:df:83:1f:dc:0f:6a:ac:
a3:2a:89:23:d6:e5:19:ec:3a:6e:10:e5:b4:87:fc:
b0:04:0f:73:12:de:a0:9f:2c:bb:6d:a6:65:a0:90:
04:44:31:3d:04:53:21:b3:b4:52:76:cf:2a:17:42:
ce:d8:9b:db:e4:4a:62:8f:32:2f:3c:4f:d2:23:e4:
c4:72:29:e8:62:85:43:33:fb:d3:02:90:27:e5:ba:
a8:2c:ee:20:7e:14:ba:e4:b1:51:27:43:ca:ec:40:
61:d7:28:45:c7:2a:d7:b8:3a:60:c7:b3:cc:10:3e:
5a:c6:c3:15:6d:1b:35:55:b5:c3:1b:ed:64:83:08:
97:9f:97:2d:b7:c1:45:09:a3:d3:b4:56:64:08:4b:
e4:c3:c7:5f:78:8a:ca:fc:69:82:dd:35:63:97:40:
31:2d:68:c2:ed:48:83:1d:f4:a0:36:37:9c:34:7a:
14:bf:89:03:75:ab:6e:ff:b6:8b:30:76:00:0d:ac:
42:6e:5a:3f:db:23:84:a8:8c:03:76:01:cf:3d:85:
e2:47:26:39:d4:27:6a:8e:bc:12:43:f5:06:9c:c0:
cd:0c:65:f8:90:f3:37:cc:1a:cc:e1:b8:e4:f1:0a:
36:f5:9d:57:20:be:a3:dd:a8:6d:31:b0:41:4a:51:
66:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:79:51:76:5B:84:FB:65:6D:69:FA:04:3A:0C:49:DB:6F:65:1C:4C
X509v3 Authority Key Identifier:
keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:d1:60:cb:39:88:92:be:63:47:43:30:78:10:9c:ed:b5:60:
60:0d:26:46:bb:11:ba:40:19:b6:4c:d1:00:06:5d:6c:72:5a:
45:0e:e7:60:c2:0c:a1:61:4e:32:67:39:4f:66:89:bd:0c:af:
d0:b9:f1:e4:6e:4c:7a:ad:2a:c5:d0:7d:5a:a8:9b:27:0d:19:
21:4c:af:2e:33:df:72:77:46:92:43:1f:82:f4:b7:ca:85:4a:
bd:7b:da:71:13:4c:92:fa:33:8e:61:a0:47:21:84:e0:a2:6e:
99:68:a5:c4:4c:9b:b0:f2:82:66:d0:02:96:3f:c2:8d:37:aa:
f6:4f:13:db:15:de:4d:64:d3:e2:da:c8:55:2a:70:61:92:58:
f5:a4:32:79:59:78:05:6c:5e:c9:f4:9e:fa:b3:8d:e7:59:d2:
f0:69:b6:2c:f9:02:a4:7c:d9:c7:88:82:44:7d:45:42:f0:41:
f4:51:e1:d1:5f:74:1a:f1:ca:40:e0:47:da:ed:b9:53:6b:4e:
43:36:f0:29:4f:16:68:80:9f:75:c4:50:ec:2c:f9:6a:34:2e:
3c:f2:71:12:6f:25:84:ec:88:8d:4d:67:f3:4e:cb:2a:28:d9:
2c:84:da:2b:2c:5d:1e:0d:48:3c:6b:24:2f:88:9a:64:ec:7a:
96:c2:b6:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzka60NfQl2qIHBNDvgB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy
ZDMyYjYwHhcNMjYwMzI2MTEwMTE3WhcNMjYwMzI3MTEwMTE3WjAzMTEwLwYDVQQD
EyhhODc5NTE3NjViODRmYjY1NmQ2OWZhMDQzYTBjNDlkYjZmNjUxYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18tXkVkbed+DH9wPaqyjKokj1uUZ
7DpuEOW0h/ywBA9zEt6gnyy7baZloJAERDE9BFMhs7RSds8qF0LO2Jvb5EpijzIv
PE/SI+TEcinoYoVDM/vTApAn5bqoLO4gfhS65LFRJ0PK7EBh1yhFxyrXuDpgx7PM
ED5axsMVbRs1VbXDG+1kgwiXn5ctt8FFCaPTtFZkCEvkw8dfeIrK/GmC3TVjl0Ax
LWjC7UiDHfSgNjecNHoUv4kDdatu/7aLMHYADaxCblo/2yOEqIwDdgHPPYXiRyY5
1CdqjrwSQ/UGnMDNDGX4kPM3zBrM4bjk8Qo29Z1XIL6j3ahtMbBBSlFmEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKh5UXZbhPtlbWn6BDoMSdtvZRxMMB8GA1UdIwQY
MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt
MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl
LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO9FgyzmI
kr5jR0MweBCc7bVgYA0mRrsRukAZtkzRAAZdbHJaRQ7nYMIMoWFOMmc5T2aJvQyv
0Lnx5G5Meq0qxdB9WqibJw0ZIUyvLjPfcndGkkMfgvS3yoVKvXvacRNMkvozjmGg
RyGE4KJumWilxEybsPKCZtAClj/CjTeq9k8T2xXeTWTT4trIVSpwYZJY9aQyeVl4
BWxeyfSe+rON51nS8Gm2LPkCpHzZx4iCRH1FQvBB9FHh0V90GvHKQOBH2u25U2tO
QzbwKU8WaICfdcRQ7Cz5ajQuPPJxEm8lhOyIjU1n807LKijZLITaKyxdHg1IPGsk
L4iaZOx6lsK26g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:06:30 2026 by rpki-client