Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
File: PUM0D60kZGXejmFNA5VjppllfY0.mft (raw, json)
Hash identifier: UFBXh8voMv8T2I2o9mfxOBamkTzSgzFqMTkfCToiK3g=
Subject key identifier: 5A:DC:3F:0C:09:BA:1B:5B:08:91:BA:EC:75:0B:1D:1B:38:2C:27:16
Authority key identifier: 3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D
Certificate issuer: /CN=3d43340fad246465de8e614d039563a699657d8d
Certificate serial: 019D27041A375E2DF1261B36245AE8717E89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
Manifest number: 0317
Signing time: Wed 25 Mar 2026 22:01:13 +0000
Manifest this update: Wed 25 Mar 2026 22:01:13 +0000
Manifest next update: Thu 26 Mar 2026 22:01:13 +0000
Files and hashes: 1: PUM0D60kZGXejmFNA5VjppllfY0.crl (hash: ZWfHHMC7JugfU9oBF1AKzJ+QpCoA4jTad3uNwlwV8js=)
2: tW6tlYVnkXnq9oP8owXcbYW47kU.roa (hash: g2+Pc2wN2E52WWpsZZidSy7PbjRy5/I1OGghh4rSkGE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:1a:37:5e:2d:f1:26:1b:36:24:5a:e8:71:7e:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d43340fad246465de8e614d039563a699657d8d
Validity
Not Before: Mar 25 22:01:13 2026 GMT
Not After : Mar 26 22:01:13 2026 GMT
Subject: CN=5adc3f0c09ba1b5b0891baec750b1d1b382c2716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:22:75:12:6e:c9:05:15:e6:98:43:a6:7a:f6:
2e:e8:a1:54:bf:4c:eb:43:33:9d:88:90:33:49:cf:
55:1c:6c:81:39:ef:ed:cb:da:30:ad:2d:13:fd:79:
a3:8f:df:6d:85:f9:25:79:19:c2:5a:b1:f6:3a:61:
30:27:88:cd:26:9e:f3:03:2f:a1:97:d8:3d:42:c7:
95:de:7e:95:0c:f2:7b:15:e4:e5:1f:69:7a:1a:9b:
0d:db:e2:df:e3:43:4f:76:95:14:85:96:86:81:5d:
ac:b2:90:f1:74:1a:46:ad:f4:a3:f9:f5:68:48:b8:
5a:fe:99:c5:91:18:1b:77:0d:d0:72:71:93:66:c3:
44:ab:00:dd:9f:71:55:68:48:48:84:6a:b9:a0:43:
b7:a7:c5:a7:95:02:27:96:1f:29:e3:3e:f3:29:57:
82:d2:fe:b9:83:6f:9e:b9:61:63:2f:3e:8e:6e:5a:
ce:90:ca:8e:20:c3:9e:65:90:e3:3e:85:c5:59:18:
e7:e0:b7:98:74:24:2d:96:7b:a8:ee:3f:aa:80:80:
61:9e:60:02:5d:62:4d:b4:47:e6:f7:fc:2b:e8:9b:
61:ff:0d:b3:40:0d:58:25:0e:de:44:32:5c:7e:db:
dd:bc:b2:0a:12:9c:0d:bc:ee:d4:79:47:ab:79:4b:
b4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:DC:3F:0C:09:BA:1B:5B:08:91:BA:EC:75:0B:1D:1B:38:2C:27:16
X509v3 Authority Key Identifier:
keyid:3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:25:12:22:67:60:89:a7:f3:61:d8:0c:1d:03:b7:bc:03:2e:
a4:fa:9e:63:2b:7c:4f:05:d2:0a:cb:72:0a:b9:cf:fa:8e:52:
c7:e7:ae:47:5d:b7:8f:22:59:46:b1:e2:38:99:a7:13:2c:98:
a4:54:db:2a:46:ca:31:56:17:84:79:0b:ca:76:be:6a:24:a1:
af:0f:ac:4a:c2:99:cc:75:1c:cd:a5:16:95:c4:47:de:5f:7d:
cf:84:d4:1f:5f:9b:c9:79:bc:d0:d9:7d:c0:85:ad:09:de:e3:
ae:55:14:72:7d:d5:70:1a:be:17:91:ba:75:b5:bf:c0:a9:50:
b8:a5:97:fb:e5:d4:fc:34:4e:10:83:7f:4d:d2:17:32:8e:62:
81:40:fc:5a:52:ba:c6:c7:3c:b9:5b:79:69:50:d5:f2:fe:85:
c3:6f:8e:38:67:d2:1f:15:0b:c8:f4:e3:1e:78:7e:55:6c:0a:
80:ee:de:e8:a8:53:14:10:a4:3f:df:b6:82:77:07:7d:19:d4:
71:eb:27:98:29:ff:40:46:59:a3:b2:75:1c:ed:94:f6:f5:a5:
ee:c2:99:f1:3f:62:1f:fe:e3:9d:7a:41:21:d7:95:d0:af:00:
38:c5:c7:44:30:fd:9c:c4:78:20:f8:b7:99:5a:6a:ea:b9:12:
45:58:2a:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBBo3Xi3xJhs2JFrocX6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNDMzNDBmYWQyNDY0NjVkZThlNjE0ZDAzOTU2M2E2OTk2
NTdkOGQwHhcNMjYwMzI1MjIwMTEzWhcNMjYwMzI2MjIwMTEzWjAzMTEwLwYDVQQD
Eyg1YWRjM2YwYzA5YmExYjViMDg5MWJhZWM3NTBiMWQxYjM4MmMyNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyJ1Em7JBRXmmEOmevYu6KFUv0zr
QzOdiJAzSc9VHGyBOe/ty9owrS0T/Xmjj99thfkleRnCWrH2OmEwJ4jNJp7zAy+h
l9g9QseV3n6VDPJ7FeTlH2l6GpsN2+Lf40NPdpUUhZaGgV2sspDxdBpGrfSj+fVo
SLha/pnFkRgbdw3QcnGTZsNEqwDdn3FVaEhIhGq5oEO3p8WnlQInlh8p4z7zKVeC
0v65g2+euWFjLz6OblrOkMqOIMOeZZDjPoXFWRjn4LeYdCQtlnuo7j+qgIBhnmAC
XWJNtEfm9/wr6Jth/w2zQA1YJQ7eRDJcftvdvLIKEpwNvO7UeUereUu0MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrcPwwJuhtbCJG67HULHRs4LCcWMB8GA1UdIwQY
MBaAFD1DNA+tJGRl3o5hTQOVY6aZZX2NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYt
YTQzN2NlODkyODQxLzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYtYTQzN2NlODkyODQx
LzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAriUSImdg
iafzYdgMHQO3vAMupPqeYyt8TwXSCstyCrnP+o5Sx+euR123jyJZRrHiOJmnEyyY
pFTbKkbKMVYXhHkLyna+aiShrw+sSsKZzHUczaUWlcRH3l99z4TUH1+byXm80Nl9
wIWtCd7jrlUUcn3VcBq+F5G6dbW/wKlQuKWX++XU/DROEIN/TdIXMo5igUD8WlK6
xsc8uVt5aVDV8v6Fw2+OOGfSHxULyPTjHnh+VWwKgO7e6KhTFBCkP9+2gncHfRnU
cesnmCn/QEZZo7J1HO2U9vWl7sKZ8T9iH/7jnXpBIdeV0K8AOMXHRDD9nMR4IPi3
mVpq6rkSRVgqIw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:14:26 2026 by rpki-client