Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
File: pukanXyu9IGGdMXWJigTYVyJ3lY.mft (raw, json)
Hash identifier: lvS0As9fSj1R5pCOtFjD9srI14KtJ4SGgIhTa/CiBnI=
Subject key identifier: 22:6D:E8:3E:FA:DA:BC:E3:24:1F:97:C0:64:0C:9B:8D:2B:99:CF:85
Authority key identifier: A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56
Certificate issuer: /CN=a6e91a9d7caef4818674c5d6262813615c89de56
Certificate serial: 019D98F4CA55C7EA8429127B3C090ECDB883
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
Manifest number: 1234
Signing time: Fri 17 Apr 2026 01:01:12 +0000
Manifest this update: Fri 17 Apr 2026 01:01:12 +0000
Manifest next update: Sat 18 Apr 2026 01:01:12 +0000
Files and hashes: 1: pukanXyu9IGGdMXWJigTYVyJ3lY.crl (hash: lCOayoCNtWFxmTCyTGURHj71WNOL0WmmRQG3P2wMcR0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 01:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:ca:55:c7:ea:84:29:12:7b:3c:09:0e:cd:b8:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6e91a9d7caef4818674c5d6262813615c89de56
Validity
Not Before: Apr 17 01:01:12 2026 GMT
Not After : Apr 18 01:01:12 2026 GMT
Subject: CN=226de83efadabce3241f97c0640c9b8d2b99cf85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3c:43:0c:70:83:89:88:86:05:14:da:c1:3f:
8f:63:76:99:08:28:8e:8e:33:8c:e4:c5:22:4d:35:
72:37:4b:c9:08:22:22:2e:97:0a:fe:40:0e:74:e5:
f4:c6:c1:7d:42:39:18:25:90:2d:8b:25:11:86:cf:
d8:ef:a4:69:fb:12:8f:b5:96:ef:e9:3f:fc:49:67:
b7:94:fb:c3:84:c7:0c:fa:5d:23:74:66:e9:54:50:
a7:b2:20:03:5b:69:2c:82:4a:13:b2:cd:ce:22:a7:
83:f9:5c:d0:e2:f6:cf:c9:30:7a:b3:17:ba:53:01:
ea:71:72:80:30:cd:82:b0:b0:09:d9:90:95:0c:3c:
65:40:df:ad:13:4b:86:83:cf:2c:68:ec:e9:32:e0:
f9:47:4c:05:af:b8:d9:f4:20:4c:94:fc:58:71:a2:
f9:96:64:be:e2:ff:f2:de:4c:57:80:a6:ee:00:57:
b6:a6:cc:dd:6f:a2:b1:26:da:40:e0:e2:a9:f9:97:
e6:1a:b2:e7:c9:09:05:0d:72:5c:4d:3d:f7:bf:a6:
c7:ef:ea:f8:10:53:7a:75:b3:a6:1d:30:90:72:52:
51:81:3c:73:05:5b:7d:68:83:c7:41:27:b4:47:44:
65:aa:ad:af:8a:e3:66:20:e2:6f:44:52:3c:19:c1:
a7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6D:E8:3E:FA:DA:BC:E3:24:1F:97:C0:64:0C:9B:8D:2B:99:CF:85
X509v3 Authority Key Identifier:
keyid:A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:67:c5:24:5a:c6:c1:22:f8:2a:a9:32:33:63:c0:d7:44:a4:
29:3f:8e:77:71:f9:d6:c4:e9:e2:b5:2e:de:5b:be:b0:cb:81:
ae:46:97:45:eb:41:30:6b:38:74:60:55:71:43:66:b9:80:67:
04:bb:62:8a:7f:1d:47:92:fe:1c:17:fa:0a:d7:c6:91:fb:b9:
39:04:7c:03:b9:d7:87:85:59:14:0b:9a:16:ff:34:95:df:2b:
2a:ca:33:7c:71:e2:d0:0d:2e:1f:52:5e:3c:28:9a:16:01:4b:
88:2b:52:7c:ef:cd:0b:88:e4:43:32:1e:1d:91:cd:fb:07:68:
fa:24:0f:9f:c4:87:35:73:46:f7:77:f7:c6:3a:20:ec:78:6c:
24:4c:2e:f8:14:b6:ef:99:9d:41:a1:e7:14:97:2c:77:81:69:
a4:5f:2c:72:08:ca:c3:b2:6e:52:c6:2e:7e:3d:34:16:3a:50:
4f:6c:53:d2:64:e0:1d:0e:22:66:b2:b6:f9:6b:ee:5f:cd:d5:
87:5e:de:73:5b:29:81:1a:56:10:25:39:bb:51:12:53:94:6c:
35:9a:53:68:2c:88:cc:bc:21:76:68:9a:07:ce:a2:4f:7b:4f:
70:00:75:63:22:dc:41:d4:30:63:73:16:44:ce:b8:ff:77:69:
8f:77:fc:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9MpVx+qEKRJ7PAkOzbiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZTkxYTlkN2NhZWY0ODE4Njc0YzVkNjI2MjgxMzYxNWM4
OWRlNTYwHhcNMjYwNDE3MDEwMTEyWhcNMjYwNDE4MDEwMTEyWjAzMTEwLwYDVQQD
EygyMjZkZTgzZWZhZGFiY2UzMjQxZjk3YzA2NDBjOWI4ZDJiOTljZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjxDDHCDiYiGBRTawT+PY3aZCCiO
jjOM5MUiTTVyN0vJCCIiLpcK/kAOdOX0xsF9QjkYJZAtiyURhs/Y76Rp+xKPtZbv
6T/8SWe3lPvDhMcM+l0jdGbpVFCnsiADW2ksgkoTss3OIqeD+VzQ4vbPyTB6sxe6
UwHqcXKAMM2CsLAJ2ZCVDDxlQN+tE0uGg88saOzpMuD5R0wFr7jZ9CBMlPxYcaL5
lmS+4v/y3kxXgKbuAFe2pszdb6KxJtpA4OKp+ZfmGrLnyQkFDXJcTT33v6bH7+r4
EFN6dbOmHTCQclJRgTxzBVt9aIPHQSe0R0Rlqq2viuNmIOJvRFI8GcGnAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJt6D762rzjJB+XwGQMm40rmc+FMB8GA1UdIwQY
MBaAFKbpGp18rvSBhnTF1iYoE2Fcid5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgt
NDA4MjI5ZjBiYWYxLzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgtNDA4MjI5ZjBiYWYx
LzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd2fFJFrG
wSL4KqkyM2PA10SkKT+Od3H51sTp4rUu3lu+sMuBrkaXRetBMGs4dGBVcUNmuYBn
BLtiin8dR5L+HBf6CtfGkfu5OQR8A7nXh4VZFAuaFv80ld8rKsozfHHi0A0uH1Je
PCiaFgFLiCtSfO/NC4jkQzIeHZHN+wdo+iQPn8SHNXNG93f3xjog7HhsJEwu+BS2
75mdQaHnFJcsd4FppF8scgjKw7JuUsYufj00FjpQT2xT0mTgHQ4iZrK2+WvuX83V
h17ec1spgRpWECU5u1ESU5RsNZpTaCyIzLwhdmiaB86iT3tPcAB1YyLcQdQwY3MW
RM64/3dpj3f8ow==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:10:19 2026 by rpki-client