Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft
File: pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft (raw, json)
Hash identifier: +A4FD5SMtlHIRSa6cX6da7TkfxVK6i+ODXDcfQW0F3k=
Subject key identifier: CF:92:9A:41:62:78:6C:8E:D8:E0:09:4F:DA:5A:F1:16:80:DA:E7:D7
Authority key identifier: A5:0C:D3:B9:FB:64:64:91:5A:D0:D3:76:09:34:C0:18:28:89:F1:FB
Certificate issuer: /CN=a50cd3b9fb6464915ad0d3760934c0182889f1fb
Certificate serial: 019D28BB2CD57E23BC3164E4558624804155
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft
Manifest number: 0D1A
Signing time: Thu 26 Mar 2026 06:00:48 +0000
Manifest this update: Thu 26 Mar 2026 06:00:48 +0000
Manifest next update: Fri 27 Mar 2026 06:00:48 +0000
Files and hashes: 1: 1-bShfWRGm-TQCjM_Y3n8hxLi1-I.roa (hash: wGYwNx5Kv0DKEFJu4HUzIBbe8JuzhGj3QdIJepSq7/Q=)
2: pQzTuftkZJFa0NN2CTTAGCiJ8fs.crl (hash: 1kIN3AglO4M/gdyWR4Z1mnbm7K34SJ5hFGlt1RiXTDw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:2c:d5:7e:23:bc:31:64:e4:55:86:24:80:41:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a50cd3b9fb6464915ad0d3760934c0182889f1fb
Validity
Not Before: Mar 26 06:00:48 2026 GMT
Not After : Mar 27 06:00:48 2026 GMT
Subject: CN=cf929a4162786c8ed8e0094fda5af11680dae7d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ba:f8:6e:b0:7d:1e:29:a4:2d:46:db:68:f3:
ad:e2:63:c7:35:4f:c6:8b:1a:e6:72:27:91:dc:24:
df:8f:2b:1f:a6:22:cb:91:48:77:e3:3a:61:0c:75:
f3:7d:ab:c3:d3:f0:85:c6:d9:6f:0d:64:b4:6e:1b:
80:38:75:a6:d7:7c:78:66:c7:4e:b2:a9:f2:97:eb:
d2:73:28:df:d7:7e:91:54:b6:54:b1:b4:43:0b:90:
61:a4:0c:bf:02:20:a9:e8:87:91:7b:7b:7c:7d:56:
b2:87:94:96:27:35:8e:45:de:0f:88:7a:97:06:15:
c8:7d:4c:37:15:e5:79:2e:98:4e:c9:59:b3:34:85:
e3:83:59:8b:cb:54:82:6e:82:ad:57:5b:46:97:4d:
ff:32:8b:d4:4c:dc:0e:47:46:52:a4:2a:b2:66:12:
a0:1e:a8:53:44:eb:cf:73:0f:e2:35:0d:be:58:e8:
e7:f6:4b:39:2b:d0:5d:13:81:0c:c4:84:e6:3e:69:
75:31:a1:88:a8:5e:be:d4:87:1d:bd:22:30:5e:00:
85:38:9c:e9:8b:7a:ab:d6:d5:f4:98:05:f3:fe:2a:
ce:00:ca:67:51:00:2e:fe:55:7a:6e:fe:12:ae:ba:
cb:6c:c7:0a:a4:7d:81:6f:98:36:50:2c:8d:f9:cf:
9c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:92:9A:41:62:78:6C:8E:D8:E0:09:4F:DA:5A:F1:16:80:DA:E7:D7
X509v3 Authority Key Identifier:
keyid:A5:0C:D3:B9:FB:64:64:91:5A:D0:D3:76:09:34:C0:18:28:89:F1:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:8b:08:3a:20:1a:e8:4b:27:d1:0d:71:7b:f1:4e:16:99:1e:
14:b0:fc:64:e9:e5:3c:0c:f4:f9:f7:4c:e3:bf:ea:f6:7f:55:
a8:c7:59:87:f8:10:94:90:19:ed:56:e1:92:77:c9:3b:9b:a1:
b8:3e:c6:f5:5a:5b:f0:01:85:d9:e1:ca:3d:8c:55:21:eb:03:
cd:0c:39:d7:80:c2:3b:0e:d7:44:61:6d:25:12:4e:84:90:a7:
49:3b:70:c9:ed:14:bb:2e:2a:af:5d:f5:0f:a0:87:ec:b7:98:
41:00:18:92:93:cc:d5:69:60:c4:5c:1c:cc:e2:15:73:70:f6:
df:75:f1:70:91:ad:2a:45:78:f1:17:41:f9:c2:27:85:3d:e2:
d0:6d:57:8c:a5:eb:25:fe:bf:6c:8b:5d:02:92:ce:03:0b:7a:
a8:a6:a0:a5:3b:fa:be:38:18:a0:2d:1a:5d:73:36:43:87:9e:
e9:85:ba:9f:2f:49:d6:fd:1e:00:db:8c:bf:74:00:8d:3d:a2:
f7:3e:dc:1b:f2:29:3a:87:ee:e2:8e:51:ec:22:b6:69:e7:9f:
f1:e3:d6:05:57:cc:cc:d0:a1:ef:ce:ae:18:81:bc:ac:d8:a2:
01:07:00:a1:6e:26:0d:c6:29:05:14:7f:89:94:69:06:a4:48:
15:96:38:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ouyzVfiO8MWTkVYYkgEFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MGNkM2I5ZmI2NDY0OTE1YWQwZDM3NjA5MzRjMDE4Mjg4
OWYxZmIwHhcNMjYwMzI2MDYwMDQ4WhcNMjYwMzI3MDYwMDQ4WjAzMTEwLwYDVQQD
EyhjZjkyOWE0MTYyNzg2YzhlZDhlMDA5NGZkYTVhZjExNjgwZGFlN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbr4brB9HimkLUbbaPOt4mPHNU/G
ixrmcieR3CTfjysfpiLLkUh34zphDHXzfavD0/CFxtlvDWS0bhuAOHWm13x4ZsdO
sqnyl+vScyjf136RVLZUsbRDC5BhpAy/AiCp6IeRe3t8fVayh5SWJzWORd4PiHqX
BhXIfUw3FeV5LphOyVmzNIXjg1mLy1SCboKtV1tGl03/MovUTNwOR0ZSpCqyZhKg
HqhTROvPcw/iNQ2+WOjn9ks5K9BdE4EMxITmPml1MaGIqF6+1IcdvSIwXgCFOJzp
i3qr1tX0mAXz/irOAMpnUQAu/lV6bv4SrrrLbMcKpH2Bb5g2UCyN+c+coQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+SmkFieGyO2OAJT9pa8RaA2ufXMB8GA1UdIwQY
MBaAFKUM07n7ZGSRWtDTdgk0wBgoifH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFF6VHVmdGtaSkZhME5OMkNUVEFHQ2lKOGZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zYzkyZmEtYzNkNS00YTM2LTllMTct
MzdlOWU4NmE5Mjc5LzEvcFF6VHVmdGtaSkZhME5OMkNUVEFHQ2lKOGZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zYzkyZmEtYzNkNS00YTM2LTllMTctMzdlOWU4NmE5Mjc5
LzEvcFF6VHVmdGtaSkZhME5OMkNUVEFHQ2lKOGZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj4sIOiAa
6Esn0Q1xe/FOFpkeFLD8ZOnlPAz0+fdM47/q9n9VqMdZh/gQlJAZ7VbhknfJO5uh
uD7G9Vpb8AGF2eHKPYxVIesDzQw514DCOw7XRGFtJRJOhJCnSTtwye0Uuy4qr131
D6CH7LeYQQAYkpPM1WlgxFwczOIVc3D233XxcJGtKkV48RdB+cInhT3i0G1XjKXr
Jf6/bItdApLOAwt6qKagpTv6vjgYoC0aXXM2Q4ee6YW6ny9J1v0eANuMv3QAjT2i
9z7cG/IpOofu4o5R7CK2aeef8ePWBVfMzNCh786uGIG8rNiiAQcAoW4mDcYpBRR/
iZRpBqRIFZY4MQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:17:29 2026 by rpki-client