Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
File: PuzIGOGpxqhRe81paldEKNbRekQ.mft (raw, json)
Hash identifier: z2kuD3/1HgKjimbIzQL1GO6/Ey6bzsu6NHJcjg69xGY=
Subject key identifier: 24:1A:31:A6:65:D8:60:6C:CE:98:87:8B:EF:0F:9F:80:23:BE:04:5F
Authority key identifier: 3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44
Certificate issuer: /CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
Certificate serial: 019B91AE2B50821416A7302D12115FB5FF50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
Manifest number: 0663
Signing time: Tue 06 Jan 2026 05:01:09 +0000
Manifest this update: Tue 06 Jan 2026 05:01:09 +0000
Manifest next update: Wed 07 Jan 2026 05:01:09 +0000
Files and hashes: 1: PuzIGOGpxqhRe81paldEKNbRekQ.crl (hash: eA11EzrWDsVXrJzTYCLbPGc0pWKMLCgTzWw5sh8DW78=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:91:ae:2b:50:82:14:16:a7:30:2d:12:11:5f:b5:ff:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
Validity
Not Before: Jan 6 05:01:09 2026 GMT
Not After : Jan 7 05:01:09 2026 GMT
Subject: CN=241a31a665d8606cce98878bef0f9f8023be045f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7f:87:32:c1:85:87:5c:50:93:8a:84:f0:58:
58:93:57:68:cb:9b:8e:30:a7:e9:76:d3:db:31:f8:
11:57:d1:f6:4a:a4:e0:54:29:9d:3b:94:29:42:ac:
68:23:41:50:9c:01:07:cc:09:e0:ca:17:eb:1b:d0:
a6:58:74:32:71:2a:82:ca:10:83:7e:d0:08:e6:4e:
98:2e:64:76:db:3e:a6:a3:55:35:60:f1:75:90:30:
cd:fe:1e:37:d2:eb:8c:c7:1c:dc:c8:62:01:57:44:
3b:8a:5a:65:4f:8b:05:fd:4d:2d:32:7e:52:94:20:
f2:16:e1:10:37:ee:cc:c4:22:26:b7:2b:cc:c3:d4:
91:95:78:b5:bc:1a:d3:e8:9b:6a:8a:ec:78:b6:b4:
83:0e:03:08:fb:7b:61:97:66:8f:17:24:98:e1:64:
8b:3d:3d:1e:cc:96:d5:84:1b:b9:c2:c5:95:ad:9d:
55:ee:c6:1f:ed:1f:f0:8d:7d:52:4a:d3:b5:10:cb:
4b:49:78:63:f9:63:c5:40:48:2a:1d:5c:57:d4:de:
ce:0e:b5:0f:eb:09:ba:d8:ab:3c:fd:db:a8:c1:07:
39:7f:6a:60:5e:2b:b3:52:e3:e8:ea:20:90:93:c4:
13:e5:05:e2:48:21:2a:8b:72:0f:2f:fd:94:71:80:
52:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:1A:31:A6:65:D8:60:6C:CE:98:87:8B:EF:0F:9F:80:23:BE:04:5F
X509v3 Authority Key Identifier:
keyid:3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:de:0b:ef:2a:75:86:8a:90:fd:f9:bd:b3:bd:18:65:1c:9a:
75:d0:56:c1:58:d7:6d:a6:e1:4c:86:68:e8:e6:15:aa:48:c1:
82:46:5a:ba:ad:93:80:6e:f7:14:9b:33:19:c5:e7:9e:3e:ff:
fd:17:03:bb:08:e5:05:cf:88:4a:27:54:1a:5c:7a:60:ae:d4:
f9:26:f3:9e:08:78:ee:3e:3c:67:ec:eb:4c:dc:51:ff:d0:c2:
86:19:fb:6d:f6:7d:ac:3e:2e:69:b7:46:87:e8:ec:bb:22:81:
af:a7:e9:b8:db:3a:55:f0:e6:5c:ee:f7:c0:0d:79:c7:ca:47:
78:63:cb:3f:56:be:00:2f:8e:85:06:56:60:e6:99:09:92:00:
71:eb:72:74:d1:ca:e2:1c:e0:98:ed:22:ac:b3:06:73:1f:85:
13:f3:40:d6:79:b3:c6:c7:57:5e:35:88:c1:e7:07:77:12:b1:
88:ee:f8:63:03:fa:08:8b:5f:8b:b6:c1:3f:1c:5b:89:0b:b4:
c8:11:15:98:fb:9c:9c:cc:dd:06:91:6d:1c:a1:99:63:11:56:
c9:a4:c3:f3:d6:64:31:6f:c1:6d:2d:b6:da:2d:d9:eb:d9:ef:
d4:72:56:6b:44:9b:20:c3:e9:9a:bd:80:6b:34:48:a1:13:91:
68:32:59:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZuRritQghQWpzAtEhFftf9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZWNjODE4ZTFhOWM2YTg1MTdiY2Q2OTZhNTc0NDI4ZDZk
MTdhNDQwHhcNMjYwMTA2MDUwMTA5WhcNMjYwMTA3MDUwMTA5WjAzMTEwLwYDVQQD
EygyNDFhMzFhNjY1ZDg2MDZjY2U5ODg3OGJlZjBmOWY4MDIzYmUwNDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3+HMsGFh1xQk4qE8FhYk1doy5uO
MKfpdtPbMfgRV9H2SqTgVCmdO5QpQqxoI0FQnAEHzAngyhfrG9CmWHQycSqCyhCD
ftAI5k6YLmR22z6mo1U1YPF1kDDN/h430uuMxxzcyGIBV0Q7ilplT4sF/U0tMn5S
lCDyFuEQN+7MxCImtyvMw9SRlXi1vBrT6Jtqiux4trSDDgMI+3thl2aPFySY4WSL
PT0ezJbVhBu5wsWVrZ1V7sYf7R/wjX1SStO1EMtLSXhj+WPFQEgqHVxX1N7ODrUP
6wm62Ks8/duowQc5f2pgXiuzUuPo6iCQk8QT5QXiSCEqi3IPL/2UcYBSqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQaMaZl2GBszpiHi+8Pn4AjvgRfMB8GA1UdIwQY
MBaAFD7syBjhqcaoUXvNaWpXRCjW0XpEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2Ut
OGQzZDUwNDgwZDlkLzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2UtOGQzZDUwNDgwZDlk
LzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACd4L7yp1
hoqQ/fm9s70YZRyaddBWwVjXbabhTIZo6OYVqkjBgkZauq2TgG73FJszGcXnnj7/
/RcDuwjlBc+ISidUGlx6YK7U+Sbzngh47j48Z+zrTNxR/9DChhn7bfZ9rD4uabdG
h+jsuyKBr6fpuNs6VfDmXO73wA15x8pHeGPLP1a+AC+OhQZWYOaZCZIAcetydNHK
4hzgmO0irLMGcx+FE/NA1nmzxsdXXjWIwecHdxKxiO74YwP6CItfi7bBPxxbiQu0
yBEVmPucnMzdBpFtHKGZYxFWyaTD89ZkMW/BbS222i3Z69nv1HJWa0SbIMPpmr2A
azRIoRORaDJZgQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:25:32 2026 by rpki-client