Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
File: PkJOJFpkMkpocx3SbzDGhbqopng.mft (raw, json)
Hash identifier: tCJH0CcVH9HAtC0tNQ9iAkeYAsqAd4qjh4+tswX8Dw8=
Subject key identifier: F4:23:2A:C0:F1:F3:26:F9:33:41:7D:2F:1D:1C:D7:A2:2D:D8:B8:C0
Authority key identifier: 3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78
Certificate issuer: /CN=3e424e245a64324a68731dd26f30c685baa8a678
Certificate serial: 019D29296D43E3DA1651D6B8C4A72C2DEC2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
Manifest number: 188A
Signing time: Thu 26 Mar 2026 08:01:13 +0000
Manifest this update: Thu 26 Mar 2026 08:01:13 +0000
Manifest next update: Fri 27 Mar 2026 08:01:13 +0000
Files and hashes: 1: Cj8ujoa5KmTTSWCTdwnTGnYwzAk.roa (hash: M+8fZqB3T6uLKV8atcb+P0CXiywaKxIVWcjCJ6STrHE=)
2: PkJOJFpkMkpocx3SbzDGhbqopng.crl (hash: pddQe3ZKNL4mFCe+flsJpwCNCROuDpbTMEXyme7SklI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:6d:43:e3:da:16:51:d6:b8:c4:a7:2c:2d:ec:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e424e245a64324a68731dd26f30c685baa8a678
Validity
Not Before: Mar 26 08:01:13 2026 GMT
Not After : Mar 27 08:01:13 2026 GMT
Subject: CN=f4232ac0f1f326f933417d2f1d1cd7a22dd8b8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:9e:bb:d4:34:37:5b:95:41:f7:23:99:d6:c5:
02:73:a5:28:2e:03:87:6f:51:6e:a3:59:f7:d2:be:
db:3e:59:0b:d0:1f:13:ad:f6:bd:24:c2:11:54:34:
17:0a:12:c8:cc:02:9e:78:97:36:92:c8:0e:7d:48:
24:d5:3a:a2:82:da:8c:32:d8:fe:0a:9f:81:c7:2f:
f6:14:a8:ae:67:ff:38:05:b2:1c:2d:f2:7f:9b:4a:
53:cc:07:3d:f4:7e:86:93:d1:e5:e6:b0:94:b5:37:
fc:8b:4c:01:7a:ff:e3:e5:12:3a:6e:c3:a0:7c:f4:
0f:1a:63:f6:bc:ad:0f:0c:21:d8:6d:2f:c8:13:8f:
74:dc:61:99:93:4b:86:89:e3:1e:ea:d7:7d:20:e1:
df:cd:a3:22:86:63:38:3e:9a:04:71:c9:b6:60:2f:
61:e9:fb:d9:1d:e1:32:03:30:b9:73:ce:10:cf:c8:
bd:1a:7e:36:d3:c9:a7:39:b9:03:0a:a7:9e:29:96:
22:e4:8d:46:2e:26:cf:26:4e:17:35:70:c8:be:a3:
f9:9c:0c:f5:37:22:fb:b4:42:3f:cc:88:60:5d:dc:
55:83:7c:d4:bd:11:ba:a3:0c:b4:c7:e1:ab:f3:4e:
f3:79:98:e1:b2:88:72:f2:0c:7c:38:ff:e8:6d:32:
0e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:23:2A:C0:F1:F3:26:F9:33:41:7D:2F:1D:1C:D7:A2:2D:D8:B8:C0
X509v3 Authority Key Identifier:
keyid:3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:86:88:76:2f:cd:06:48:f3:1b:96:68:a9:76:26:82:33:9b:
f3:60:c3:59:04:d2:45:9d:4f:c4:4d:52:11:f2:a9:6a:98:21:
77:83:93:ab:bf:1c:30:0b:de:e1:a3:1d:78:4c:e0:cf:b0:e4:
1b:0f:1f:42:75:ff:1a:ab:a4:03:4d:8b:85:19:40:e3:cf:9e:
a8:25:a2:e5:2b:fe:e2:fb:f1:da:4d:40:59:70:67:71:a6:5e:
a0:54:e8:f1:c5:4d:fc:ba:12:05:94:b0:32:fe:62:38:03:63:
23:95:22:1a:3d:98:99:bf:45:5a:71:40:a3:5d:9a:52:b3:88:
bf:06:f8:e7:1f:d4:65:e6:3b:86:17:6a:d4:d5:32:fd:fe:94:
fe:eb:01:2e:b5:61:55:f1:6c:bc:76:20:b3:6b:2a:96:23:bc:
6d:e5:a5:a1:aa:a1:87:f3:04:a9:1f:89:f6:f9:40:ed:b8:53:
1f:1c:65:77:f5:9a:c3:30:69:64:3d:10:2b:35:e1:bb:5e:f8:
33:41:24:3d:cd:89:4d:26:e8:03:fd:1e:87:7a:33:56:a5:38:
80:ee:fd:93:2e:5b:40:73:73:6e:76:6f:c5:46:76:c3:58:12:
64:45:ea:3d:f2:b4:78:80:a2:01:67:1d:05:c0:43:bc:bd:1f:
9a:23:e8:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKW1D49oWUda4xKcsLewtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDI0ZTI0NWE2NDMyNGE2ODczMWRkMjZmMzBjNjg1YmFh
OGE2NzgwHhcNMjYwMzI2MDgwMTEzWhcNMjYwMzI3MDgwMTEzWjAzMTEwLwYDVQQD
EyhmNDIzMmFjMGYxZjMyNmY5MzM0MTdkMmYxZDFjZDdhMjJkZDhiOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Z671DQ3W5VB9yOZ1sUCc6UoLgOH
b1Fuo1n30r7bPlkL0B8Trfa9JMIRVDQXChLIzAKeeJc2ksgOfUgk1TqigtqMMtj+
Cp+Bxy/2FKiuZ/84BbIcLfJ/m0pTzAc99H6Gk9Hl5rCUtTf8i0wBev/j5RI6bsOg
fPQPGmP2vK0PDCHYbS/IE4903GGZk0uGieMe6td9IOHfzaMihmM4PpoEccm2YC9h
6fvZHeEyAzC5c84Qz8i9Gn4208mnObkDCqeeKZYi5I1GLibPJk4XNXDIvqP5nAz1
NyL7tEI/zIhgXdxVg3zUvRG6owy0x+Gr807zeZjhsohy8gx8OP/obTIOnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQjKsDx8yb5M0F9Lx0c16It2LjAMB8GA1UdIwQY
MBaAFD5CTiRaZDJKaHMd0m8wxoW6qKZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQt
NTRkYTA0NjhmZGFkLzEvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQtNTRkYTA0NjhmZGFk
LzEvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOYaIdi/N
BkjzG5ZoqXYmgjOb82DDWQTSRZ1PxE1SEfKpapghd4OTq78cMAve4aMdeEzgz7Dk
Gw8fQnX/GqukA02LhRlA48+eqCWi5Sv+4vvx2k1AWXBncaZeoFTo8cVN/LoSBZSw
Mv5iOANjI5UiGj2Ymb9FWnFAo12aUrOIvwb45x/UZeY7hhdq1NUy/f6U/usBLrVh
VfFsvHYgs2sqliO8beWloaqhh/MEqR+J9vlA7bhTHxxld/WawzBpZD0QKzXhu174
M0EkPc2JTSboA/0eh3ozVqU4gO79ky5bQHNzbnZvxUZ2w1gSZEXqPfK0eICiAWcd
BcBDvL0fmiPodg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:36:52 2026 by rpki-client