Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
File: pCNxKB3-GQctEzndBIKyqvrVQs4.mft (raw, json)
Hash identifier: eLed3d42BtU4ardjzys2SjwDxzWdcLk5fzewhK4xtOA=
Subject key identifier: 2A:30:4F:90:C3:47:DC:83:AB:46:E4:A7:2A:60:3B:47:72:EA:9A:2E
Authority key identifier: A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
Certificate issuer: /CN=a42371281dfe19072d1339dd0482b2aafad542ce
Certificate serial: 019CABA1D719F4D403EC7CB9CDDDAAB3CD0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
Manifest number: 0B21
Signing time: Sun 01 Mar 2026 23:00:36 +0000
Manifest this update: Sun 01 Mar 2026 23:00:36 +0000
Manifest next update: Mon 02 Mar 2026 23:00:36 +0000
Files and hashes: 1: 5-fSRldHA_TyCo0Af_n4H7VHHoo.roa (hash: n/VVjN3d2+A+fBj8+Kv149bG42PjdEV7GiSsjv6L+Uw=)
2: pCNxKB3-GQctEzndBIKyqvrVQs4.crl (hash: nECcwjZ6n705w/82610VKmVtNWJMLqnTTGfJ6cG1TEQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a1:d7:19:f4:d4:03:ec:7c:b9:cd:dd:aa:b3:cd:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42371281dfe19072d1339dd0482b2aafad542ce
Validity
Not Before: Mar 1 23:00:36 2026 GMT
Not After : Mar 2 23:00:36 2026 GMT
Subject: CN=2a304f90c347dc83ab46e4a72a603b4772ea9a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:88:03:bd:0d:c8:b9:31:21:7c:e7:94:b0:f5:
6d:b6:a4:fc:6c:8b:6f:14:69:d4:62:d0:bd:f2:a8:
28:27:18:a1:18:76:2c:74:fd:42:dd:fb:8c:c9:f5:
74:56:03:f8:91:a9:07:86:eb:5e:b8:68:46:43:18:
ce:16:92:d7:3d:a8:9c:04:9f:38:24:fb:97:10:27:
a7:63:78:4b:74:3f:f5:fe:8f:48:c5:81:a3:45:7b:
2f:ff:7d:ce:6a:ee:2c:28:37:3a:24:53:8d:c9:c3:
fa:6c:94:fd:e2:53:b5:50:71:82:e1:44:16:0b:76:
22:c9:f7:d6:76:05:76:77:c9:01:61:3c:ff:9b:71:
97:2c:09:18:2d:79:7a:41:7c:a3:0d:d0:21:56:ec:
b6:ea:7a:84:a8:60:44:59:1d:f2:72:93:b4:3b:75:
a0:e0:0d:cc:46:bc:65:44:3a:55:c4:36:c8:bf:72:
59:ae:a4:54:1d:0c:b8:2c:d5:dd:9d:ec:c2:79:eb:
e0:e9:01:27:12:8e:f2:f1:05:3f:bb:85:df:a7:51:
6a:5a:e9:cd:e5:19:ea:ee:28:e2:06:59:f3:43:5d:
47:9f:27:31:cd:2d:7f:f7:3d:11:28:01:e4:35:79:
5e:9f:c2:e5:56:29:a4:56:fa:1b:f2:ce:50:f6:54:
e3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:30:4F:90:C3:47:DC:83:AB:46:E4:A7:2A:60:3B:47:72:EA:9A:2E
X509v3 Authority Key Identifier:
keyid:A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:70:1b:3e:34:d4:02:2c:47:a2:b8:f2:6b:3b:21:97:11:14:
ae:0a:cd:f3:86:94:b1:16:57:04:9b:d2:88:82:17:4b:ed:4e:
ba:89:52:59:75:0e:00:4f:7b:45:e2:d4:b8:f8:fa:4b:f9:4a:
bc:db:13:9b:96:af:00:fb:73:0d:d5:24:e0:f2:6e:9c:4a:50:
ae:97:21:d9:cb:85:ce:70:76:0b:bf:c7:98:fe:3d:75:9d:e6:
1c:01:0c:7d:75:9d:a9:6b:d6:ce:a6:75:00:62:93:93:31:ce:
db:26:ed:58:a4:91:64:4a:22:6a:3c:1d:9a:55:76:fa:97:35:
d1:d5:76:20:4d:9a:0d:49:1a:78:2e:5d:c2:54:5f:81:d2:26:
61:0d:80:b2:5a:31:69:d7:bc:a9:84:c5:41:6e:1f:af:82:fa:
b2:6f:dc:cd:ed:4b:dc:62:d9:96:09:1a:88:36:10:9d:45:24:
7c:9e:87:dd:d3:3e:ce:a6:7b:8f:3e:12:95:ba:05:60:0b:cf:
f9:a5:32:2c:a2:1c:bf:1f:6e:dd:18:06:45:68:22:75:b2:4e:
c4:0a:26:2e:46:38:8a:a5:fe:56:44:d5:dc:b7:5f:45:c3:8f:
8c:f7:e8:de:78:e0:c5:f6:53:ae:3b:1d:0f:47:09:31:73:34:
90:d0:7c:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrodcZ9NQD7Hy5zd2qs80OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MjM3MTI4MWRmZTE5MDcyZDEzMzlkZDA0ODJiMmFhZmFk
NTQyY2UwHhcNMjYwMzAxMjMwMDM2WhcNMjYwMzAyMjMwMDM2WjAzMTEwLwYDVQQD
EygyYTMwNGY5MGMzNDdkYzgzYWI0NmU0YTcyYTYwM2I0NzcyZWE5YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqogDvQ3IuTEhfOeUsPVttqT8bItv
FGnUYtC98qgoJxihGHYsdP1C3fuMyfV0VgP4kakHhuteuGhGQxjOFpLXPaicBJ84
JPuXECenY3hLdD/1/o9IxYGjRXsv/33Oau4sKDc6JFONycP6bJT94lO1UHGC4UQW
C3YiyffWdgV2d8kBYTz/m3GXLAkYLXl6QXyjDdAhVuy26nqEqGBEWR3ycpO0O3Wg
4A3MRrxlRDpVxDbIv3JZrqRUHQy4LNXdnezCeevg6QEnEo7y8QU/u4Xfp1FqWunN
5Rnq7ijiBlnzQ11HnycxzS1/9z0RKAHkNXlen8LlVimkVvob8s5Q9lTjeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCowT5DDR9yDq0bkpypgO0dy6pouMB8GA1UdIwQY
MBaAFKQjcSgd/hkHLRM53QSCsqr61ULOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgt
OTkwNjBlMjQ1OGVjLzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgtOTkwNjBlMjQ1OGVj
LzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHnAbPjTU
AixHorjyazshlxEUrgrN84aUsRZXBJvSiIIXS+1OuolSWXUOAE97ReLUuPj6S/lK
vNsTm5avAPtzDdUk4PJunEpQrpch2cuFznB2C7/HmP49dZ3mHAEMfXWdqWvWzqZ1
AGKTkzHO2ybtWKSRZEoiajwdmlV2+pc10dV2IE2aDUkaeC5dwlRfgdImYQ2Aslox
ade8qYTFQW4fr4L6sm/cze1L3GLZlgkaiDYQnUUkfJ6H3dM+zqZ7jz4SlboFYAvP
+aUyLKIcvx9u3RgGRWgidbJOxAomLkY4iqX+VkTV3LdfRcOPjPfo3njgxfZTrjsd
D0cJMXM0kNB8/Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:52:59 2026 by rpki-client