Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.mft
File: pKuvHTfwoUGoFMoC_AHj2WIcc9k.mft (raw, json)
Hash identifier: rOnwu1iEGLshK7KA+nYBhLgtQfaEDgEKaBvLVzez4Lo=
Subject key identifier: A1:3E:28:54:06:66:24:F0:54:0F:6E:32:90:E0:96:E2:40:AB:EA:A9
Authority key identifier: A4:AB:AF:1D:37:F0:A1:41:A8:14:CA:02:FC:01:E3:D9:62:1C:73:D9
Certificate issuer: /CN=a4abaf1d37f0a141a814ca02fc01e3d9621c73d9
Certificate serial: 019CAB3447FBC35014E2F822148B98B446A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pKuvHTfwoUGoFMoC_AHj2WIcc9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.mft
Manifest number: 17D7
Signing time: Sun 01 Mar 2026 21:00:55 +0000
Manifest this update: Sun 01 Mar 2026 21:00:55 +0000
Manifest next update: Mon 02 Mar 2026 21:00:55 +0000
Files and hashes: 1: RI1PUJj0Q_MD3P8uweukuXuYhlU.roa (hash: Udb4Yel6QV6x+EojTVD0SPU2vkANJh/DkSOzlaEFuOQ=)
2: pKuvHTfwoUGoFMoC_AHj2WIcc9k.crl (hash: jJMhYAYUl7wQxcJjiGUzdGiPBiejw0dO6Iqa8dwXYoE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/pKuvHTfwoUGoFMoC_AHj2WIcc9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:47:fb:c3:50:14:e2:f8:22:14:8b:98:b4:46:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4abaf1d37f0a141a814ca02fc01e3d9621c73d9
Validity
Not Before: Mar 1 21:00:55 2026 GMT
Not After : Mar 2 21:00:55 2026 GMT
Subject: CN=a13e2854066624f0540f6e3290e096e240abeaa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5b:91:09:7f:2b:17:d9:32:41:7a:30:39:8d:
3f:8a:7e:63:26:d4:78:10:97:d5:13:9c:32:c3:32:
37:3f:85:54:95:d8:77:5f:2f:26:d1:4d:9b:44:24:
2f:72:8a:bb:8e:a5:72:ff:0e:33:03:85:4e:fb:fc:
25:fd:0d:d3:62:bd:20:de:00:6a:2f:7b:4a:49:17:
79:67:f6:b9:18:3a:b1:28:c0:8a:21:a9:4f:96:a0:
db:81:20:2d:3d:d6:8f:e1:02:e3:8c:81:1b:1a:1a:
7e:9c:4c:27:a7:f3:c4:d0:32:46:e4:af:97:6b:e0:
69:0e:5c:15:b5:2c:6a:2a:c9:0c:14:43:0b:73:4c:
30:0a:67:88:08:92:1f:06:c3:b6:75:ff:f6:9d:b6:
16:62:83:bd:34:5d:28:e2:35:d6:19:f4:46:35:0d:
9e:a4:1e:f6:ea:b9:e3:95:9b:b6:f9:b3:1f:5f:81:
dd:8b:5b:92:b2:87:24:8c:86:43:aa:23:c9:d0:3d:
48:44:de:45:61:25:43:53:37:7c:47:8c:a2:09:84:
1b:a2:8c:63:e0:42:d3:6d:46:39:b6:22:98:dc:75:
8b:b5:78:a1:4e:22:7d:f2:08:da:1c:2b:58:11:d8:
76:3a:6b:d9:f0:5c:b9:7f:87:ee:b8:19:1a:f0:a1:
2e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:3E:28:54:06:66:24:F0:54:0F:6E:32:90:E0:96:E2:40:AB:EA:A9
X509v3 Authority Key Identifier:
keyid:A4:AB:AF:1D:37:F0:A1:41:A8:14:CA:02:FC:01:E3:D9:62:1C:73:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKuvHTfwoUGoFMoC_AHj2WIcc9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:31:7c:d1:1a:61:c6:a1:52:1b:94:f9:33:f3:0b:b3:2a:24:
f6:6c:ce:76:82:be:1f:2e:9c:a3:f6:ca:90:6f:a5:39:53:ce:
06:ed:f7:73:0d:ef:e6:24:8a:46:02:0b:a8:8c:3a:e0:4c:d4:
7e:33:c9:ee:a4:08:d6:d6:76:76:3a:a8:bb:e0:8c:6a:2d:4c:
38:f8:6f:5d:0f:90:de:e1:a3:26:21:f4:d9:41:89:03:c1:26:
19:1a:41:cd:40:44:90:02:43:76:80:01:93:93:bc:f0:07:63:
7f:ec:46:f0:a9:83:be:5b:9b:04:ba:af:0e:3b:98:a9:17:f3:
88:c0:90:57:24:7f:d9:38:c9:58:e1:7c:ae:f3:42:e5:11:74:
ea:90:cc:43:f5:96:80:b1:88:d4:91:64:73:96:e8:87:a2:54:
ac:55:ac:6e:de:c6:ad:53:7f:e2:ab:ba:ff:6b:af:46:07:cd:
c0:30:ac:38:e3:17:26:14:33:af:47:bb:74:48:d1:d4:34:f8:
1c:00:1e:59:23:14:d7:c3:3e:35:c7:23:8e:f8:b1:e6:41:26:
6a:c8:7c:1c:c5:54:f9:81:e7:7a:03:3c:84:cf:46:3e:90:84:
82:92:2d:45:68:10:35:36:59:7d:94:de:77:46:b4:73:da:27:
8d:ca:f3:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNEf7w1AU4vgiFIuYtEajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YWJhZjFkMzdmMGExNDFhODE0Y2EwMmZjMDFlM2Q5NjIx
YzczZDkwHhcNMjYwMzAxMjEwMDU1WhcNMjYwMzAyMjEwMDU1WjAzMTEwLwYDVQQD
EyhhMTNlMjg1NDA2NjYyNGYwNTQwZjZlMzI5MGUwOTZlMjQwYWJlYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxluRCX8rF9kyQXowOY0/in5jJtR4
EJfVE5wywzI3P4VUldh3Xy8m0U2bRCQvcoq7jqVy/w4zA4VO+/wl/Q3TYr0g3gBq
L3tKSRd5Z/a5GDqxKMCKIalPlqDbgSAtPdaP4QLjjIEbGhp+nEwnp/PE0DJG5K+X
a+BpDlwVtSxqKskMFEMLc0wwCmeICJIfBsO2df/2nbYWYoO9NF0o4jXWGfRGNQ2e
pB726rnjlZu2+bMfX4Hdi1uSsockjIZDqiPJ0D1IRN5FYSVDUzd8R4yiCYQbooxj
4ELTbUY5tiKY3HWLtXihTiJ98gjaHCtYEdh2OmvZ8Fy5f4fuuBka8KEu1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKE+KFQGZiTwVA9uMpDgluJAq+qpMB8GA1UdIwQY
MBaAFKSrrx038KFBqBTKAvwB49liHHPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEt1dkhUZndvVUdvRk1vQ19BSGoyV0ljYzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xNTViZGMtYjU3NC00N2Y5LWIzNDgt
OTNjZjY0Zjg4OTkwLzEvcEt1dkhUZndvVUdvRk1vQ19BSGoyV0ljYzlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xNTViZGMtYjU3NC00N2Y5LWIzNDgtOTNjZjY0Zjg4OTkw
LzEvcEt1dkhUZndvVUdvRk1vQ19BSGoyV0ljYzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbTF80Rph
xqFSG5T5M/MLsyok9mzOdoK+Hy6co/bKkG+lOVPOBu33cw3v5iSKRgILqIw64EzU
fjPJ7qQI1tZ2djqou+CMai1MOPhvXQ+Q3uGjJiH02UGJA8EmGRpBzUBEkAJDdoAB
k5O88Adjf+xG8KmDvlubBLqvDjuYqRfziMCQVyR/2TjJWOF8rvNC5RF06pDMQ/WW
gLGI1JFkc5boh6JUrFWsbt7GrVN/4qu6/2uvRgfNwDCsOOMXJhQzr0e7dEjR1DT4
HAAeWSMU18M+Nccjjvix5kEmash8HMVU+YHnegM8hM9GPpCEgpItRWgQNTZZfZTe
d0a0c9onjcrzvg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:50:49 2026 by rpki-client