Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
File: PnFWq-5roji5BzFd-cVShlrc2ug.mft (raw, json)
Hash identifier: 3wQjl9WtLhmtlrOnYMGEuk43TIa5mmDpilq4ebHG+g0=
Subject key identifier: 2F:06:FC:88:77:80:DC:36:C9:B1:6F:31:50:5F:25:9A:66:80:18:AA
Authority key identifier: 3E:71:56:AB:EE:6B:A2:38:B9:07:31:5D:F9:C5:52:86:5A:DC:DA:E8
Certificate issuer: /CN=3e7156abee6ba238b907315df9c552865adcdae8
Certificate serial: 019D273AA301B4793087B5CD86C38C3F7787
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
Manifest number: 0AF8
Signing time: Wed 25 Mar 2026 23:00:47 +0000
Manifest this update: Wed 25 Mar 2026 23:00:47 +0000
Manifest next update: Thu 26 Mar 2026 23:00:47 +0000
Files and hashes: 1: 1_igJmtMDXKz9bhBLaRP5dFDztQ.roa (hash: JOImpk+FDhBna11hSj1TGTrJNMUKv4JDlCeaLCzdNVU=)
2: PnFWq-5roji5BzFd-cVShlrc2ug.crl (hash: 1HV9wfeX0q6U8kbINunrB3aXGWc7zB/2Gdqr06lNp10=)
3: X4LcadFcj7rRiTLEgHHTLMKNzsU.roa (hash: Cf5UA76UUfIOCKC2kd8gwCuNI+KqNFW/rTGifC2FORk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3a:a3:01:b4:79:30:87:b5:cd:86:c3:8c:3f:77:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e7156abee6ba238b907315df9c552865adcdae8
Validity
Not Before: Mar 25 23:00:47 2026 GMT
Not After : Mar 26 23:00:47 2026 GMT
Subject: CN=2f06fc887780dc36c9b16f31505f259a668018aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d9:79:be:62:44:bf:95:30:b5:a5:3c:ab:44:
12:08:80:e6:4b:21:98:3d:98:ef:07:28:b5:4a:64:
cf:d3:5f:55:95:52:1d:7e:4f:8f:38:00:64:6f:bf:
ba:07:a6:40:35:ec:72:ca:1b:39:48:49:ce:ab:a4:
b0:09:fe:30:47:fd:6b:24:da:ba:b7:f4:65:0d:c9:
9d:19:b9:f9:4c:9f:b2:84:ec:d6:5e:a3:99:0d:2c:
4b:0b:b0:d4:f6:8d:1e:42:b8:31:41:e5:3d:0b:4d:
6e:52:21:f8:b0:33:42:6e:75:aa:84:dd:3c:b8:ed:
3a:11:c4:68:18:68:d7:d9:46:04:91:93:19:e8:60:
37:44:71:4c:76:7a:f0:ab:ed:28:29:e1:70:b3:e7:
0b:a1:19:2d:a4:a9:b0:52:ce:21:8e:1d:26:a3:17:
6f:33:6d:3f:8f:b7:1e:be:00:3f:51:d9:28:20:2a:
d5:2a:af:ab:d0:c1:74:ec:4b:c2:57:2c:aa:39:d9:
d1:c3:91:2a:3c:24:55:ce:32:0b:2b:f9:29:1e:b0:
5b:54:39:5b:6d:a9:27:b0:76:8e:4d:33:d5:54:ed:
32:6f:89:96:57:92:a6:cd:d8:df:7d:09:73:93:ea:
84:34:b6:94:f4:08:d5:44:13:e4:cd:57:2e:33:fd:
47:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:06:FC:88:77:80:DC:36:C9:B1:6F:31:50:5F:25:9A:66:80:18:AA
X509v3 Authority Key Identifier:
keyid:3E:71:56:AB:EE:6B:A2:38:B9:07:31:5D:F9:C5:52:86:5A:DC:DA:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:e7:d6:16:e9:ee:f2:26:9d:07:59:bf:8a:c7:c7:32:65:85:
15:89:84:b0:f7:1f:75:92:bb:f3:06:64:4e:c2:b7:6b:dc:3a:
16:58:96:d6:17:33:e9:1f:4f:02:f1:95:31:e6:7b:ab:24:61:
55:40:9c:c2:49:71:99:90:f2:38:0e:b7:12:eb:e9:d4:69:64:
fb:60:38:3c:14:f5:ef:fd:9e:56:26:8b:cd:65:9a:9c:a3:cd:
ee:92:31:99:e8:95:86:62:ad:2d:39:8d:1a:e2:f2:53:01:7d:
70:77:1a:a1:69:0a:02:79:a0:26:b1:00:c9:3b:02:5f:44:ae:
b7:52:98:9f:22:18:22:56:35:8f:31:da:cd:bc:c7:24:d2:cf:
72:5f:62:7c:08:a7:a6:c6:db:93:26:54:ed:29:4b:83:fd:61:
eb:2f:35:5c:d2:54:10:05:b2:0d:b3:1f:6f:54:01:bf:17:d4:
14:f3:c8:3e:10:df:ec:f0:9e:28:65:44:f5:e0:dc:bb:c8:53:
00:0c:8f:45:07:1d:bb:f3:75:91:c4:81:85:bd:2f:dc:2d:b9:
3b:02:23:4a:77:3a:47:14:73:70:b8:8f:b6:80:60:e0:15:d8:
d5:07:23:11:be:37:44:b2:6e:58:a7:78:24:eb:70:d2:48:bb:
0d:34:8c:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOqMBtHkwh7XNhsOMP3eHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNzE1NmFiZWU2YmEyMzhiOTA3MzE1ZGY5YzU1Mjg2NWFk
Y2RhZTgwHhcNMjYwMzI1MjMwMDQ3WhcNMjYwMzI2MjMwMDQ3WjAzMTEwLwYDVQQD
EygyZjA2ZmM4ODc3ODBkYzM2YzliMTZmMzE1MDVmMjU5YTY2ODAxOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9l5vmJEv5UwtaU8q0QSCIDmSyGY
PZjvByi1SmTP019VlVIdfk+POABkb7+6B6ZANexyyhs5SEnOq6SwCf4wR/1rJNq6
t/RlDcmdGbn5TJ+yhOzWXqOZDSxLC7DU9o0eQrgxQeU9C01uUiH4sDNCbnWqhN08
uO06EcRoGGjX2UYEkZMZ6GA3RHFMdnrwq+0oKeFws+cLoRktpKmwUs4hjh0moxdv
M20/j7cevgA/UdkoICrVKq+r0MF07EvCVyyqOdnRw5EqPCRVzjILK/kpHrBbVDlb
baknsHaOTTPVVO0yb4mWV5KmzdjffQlzk+qENLaU9AjVRBPkzVcuM/1HJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC8G/Ih3gNw2ybFvMVBfJZpmgBiqMB8GA1UdIwQY
MBaAFD5xVqvua6I4uQcxXfnFUoZa3NroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hNGEwZjctN2RiZC00YjAzLWI3Zjkt
NThmMmQ0NGZmMjgxLzEvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hNGEwZjctN2RiZC00YjAzLWI3ZjktNThmMmQ0NGZmMjgx
LzEvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP+fWFunu
8iadB1m/isfHMmWFFYmEsPcfdZK78wZkTsK3a9w6FliW1hcz6R9PAvGVMeZ7qyRh
VUCcwklxmZDyOA63Euvp1Glk+2A4PBT17/2eViaLzWWanKPN7pIxmeiVhmKtLTmN
GuLyUwF9cHcaoWkKAnmgJrEAyTsCX0Sut1KYnyIYIlY1jzHazbzHJNLPcl9ifAin
psbbkyZU7SlLg/1h6y81XNJUEAWyDbMfb1QBvxfUFPPIPhDf7PCeKGVE9eDcu8hT
AAyPRQcdu/N1kcSBhb0v3C25OwIjSnc6RxRzcLiPtoBg4BXY1QcjEb43RLJuWKd4
JOtw0ki7DTSMPg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:52:46 2026 by rpki-client