Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
File: PEHqRBeKcCxQcAACPRSp-cRyYOY.mft (raw, json)
Hash identifier: 8LlP61IbV99/v6esTCmZi5Axl5gcYIjuiqvCRwPdcTc=
Subject key identifier: 4F:CF:FC:A0:8B:42:13:89:2A:D2:38:CA:11:2A:E4:AF:FB:F4:A8:FA
Authority key identifier: 3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6
Certificate issuer: /CN=3c41ea44178a702c507000023d14a9f9c47260e6
Certificate serial: 019D9AE3A150D6AF4A568F2B055A45E9F48A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
Manifest number: 12C6
Signing time: Fri 17 Apr 2026 10:01:42 +0000
Manifest this update: Fri 17 Apr 2026 10:01:42 +0000
Manifest next update: Sat 18 Apr 2026 10:01:42 +0000
Files and hashes: 1: PEHqRBeKcCxQcAACPRSp-cRyYOY.crl (hash: 206XbxTpNlzddvMmn6uzqjQkQn60/Vq7Y5yKtj4qeg8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e3:a1:50:d6:af:4a:56:8f:2b:05:5a:45:e9:f4:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c41ea44178a702c507000023d14a9f9c47260e6
Validity
Not Before: Apr 17 10:01:42 2026 GMT
Not After : Apr 18 10:01:42 2026 GMT
Subject: CN=4fcffca08b4213892ad238ca112ae4affbf4a8fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e6:05:e3:ed:e6:a4:e1:47:7f:14:a1:11:f5:
53:f2:44:15:d0:f4:34:d9:ed:48:a4:36:c9:be:36:
57:43:43:5c:4a:44:f6:2d:d5:bd:37:23:d0:97:4f:
e1:60:1c:17:e7:3e:0b:dd:aa:53:13:e5:62:2d:84:
b3:13:ef:53:ef:22:35:78:2a:30:0c:ac:12:97:f7:
fd:cf:e5:8e:af:2e:3b:8e:79:c5:da:59:ec:fe:d6:
0b:f3:79:bb:0b:e4:75:32:c0:96:66:38:5f:d0:68:
5b:90:87:76:7c:3d:3a:cc:2c:ed:d1:09:59:41:37:
95:8d:ba:e6:12:59:82:90:73:17:94:75:ff:05:82:
f0:ac:12:cf:6a:09:00:90:ce:99:85:f2:d9:d1:28:
4c:0e:74:f8:6f:0f:dc:90:ea:42:bb:8b:5c:82:d0:
f4:c0:07:1f:4a:e0:46:68:1d:da:81:91:34:8b:ff:
34:da:b2:8f:26:72:52:a0:d6:5b:e7:14:87:3d:99:
3b:5c:b3:3e:46:05:d8:1a:33:26:d1:96:33:6f:fa:
20:d6:a7:11:ab:47:a1:c8:df:ea:1e:98:bb:07:0c:
59:af:00:22:0b:20:e5:04:d7:9c:c9:9d:91:5e:08:
be:01:54:94:3c:de:1a:cd:d6:d5:b6:55:0e:2a:c4:
be:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:CF:FC:A0:8B:42:13:89:2A:D2:38:CA:11:2A:E4:AF:FB:F4:A8:FA
X509v3 Authority Key Identifier:
keyid:3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:09:58:44:40:ba:03:12:54:e5:f2:f2:45:97:b5:e5:74:a3:
92:ea:24:0a:a5:9e:58:5d:e2:7d:f7:2c:3e:20:d1:4b:17:20:
97:b9:9f:e8:c3:04:c7:0d:91:bc:78:ca:31:f5:60:5b:55:c8:
b8:08:e1:6c:ee:75:bd:bb:45:ac:6d:10:06:03:ee:c4:25:9b:
31:94:9e:ef:01:0e:f1:56:8f:a3:db:1f:ae:16:ee:0d:00:29:
b1:ac:ad:81:39:ab:87:26:e6:38:44:57:87:f1:0f:46:a3:3f:
3e:06:6e:0d:5a:6d:f6:4c:13:75:48:c0:8e:18:52:a8:6e:62:
27:d2:e2:8f:be:38:02:87:90:1e:81:fa:d8:51:24:bd:9b:d0:
6e:83:2c:b6:f6:d0:92:68:20:6d:9d:1b:77:92:c8:b6:64:7b:
a6:73:cb:2e:cd:1e:00:c1:ba:0b:9a:47:f0:37:91:1e:3c:0b:
e0:9a:f4:de:02:9f:59:ca:cc:5e:43:4b:fd:d5:93:ec:b0:1e:
ea:63:a5:36:0e:76:73:11:52:1d:e5:3b:63:e5:ff:f2:e7:0d:
7d:b2:ed:8c:29:df:fe:5b:4a:fe:03:d3:cc:2f:5c:c6:ca:86:
9c:75:ef:b0:a4:70:8e:8d:32:69:59:70:2e:18:e2:c3:2d:92:
d1:3f:b7:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a46FQ1q9KVo8rBVpF6fSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNDFlYTQ0MTc4YTcwMmM1MDcwMDAwMjNkMTRhOWY5YzQ3
MjYwZTYwHhcNMjYwNDE3MTAwMTQyWhcNMjYwNDE4MTAwMTQyWjAzMTEwLwYDVQQD
Eyg0ZmNmZmNhMDhiNDIxMzg5MmFkMjM4Y2ExMTJhZTRhZmZiZjRhOGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweYF4+3mpOFHfxShEfVT8kQV0PQ0
2e1IpDbJvjZXQ0NcSkT2LdW9NyPQl0/hYBwX5z4L3apTE+ViLYSzE+9T7yI1eCow
DKwSl/f9z+WOry47jnnF2lns/tYL83m7C+R1MsCWZjhf0GhbkId2fD06zCzt0QlZ
QTeVjbrmElmCkHMXlHX/BYLwrBLPagkAkM6ZhfLZ0ShMDnT4bw/ckOpCu4tcgtD0
wAcfSuBGaB3agZE0i/802rKPJnJSoNZb5xSHPZk7XLM+RgXYGjMm0ZYzb/og1qcR
q0ehyN/qHpi7BwxZrwAiCyDlBNecyZ2RXgi+AVSUPN4azdbVtlUOKsS+NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/P/KCLQhOJKtI4yhEq5K/79Kj6MB8GA1UdIwQY
MBaAFDxB6kQXinAsUHAAAj0UqfnEcmDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzIt
NzQ3MjUxZTQ5MjQyLzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzItNzQ3MjUxZTQ5MjQy
LzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABAlYREC6
AxJU5fLyRZe15XSjkuokCqWeWF3iffcsPiDRSxcgl7mf6MMExw2RvHjKMfVgW1XI
uAjhbO51vbtFrG0QBgPuxCWbMZSe7wEO8VaPo9sfrhbuDQApsaytgTmrhybmOERX
h/EPRqM/PgZuDVpt9kwTdUjAjhhSqG5iJ9Lij744AoeQHoH62FEkvZvQboMstvbQ
kmggbZ0bd5LItmR7pnPLLs0eAMG6C5pH8DeRHjwL4Jr03gKfWcrMXkNL/dWT7LAe
6mOlNg52cxFSHeU7Y+X/8ucNfbLtjCnf/ltK/gPTzC9cxsqGnHXvsKRwjo0yaVlw
Lhjiwy2S0T+3eg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:27:26 2026 by rpki-client