Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
File: PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json)
Hash identifier: /17y0LxNt956/xraSV/xYzqYnw378BM5adn/6USKOHw=
Subject key identifier: 7A:69:EC:63:65:19:BF:9F:D3:A0:24:6F:7B:E7:DA:F8:FB:44:FD:1E
Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
Certificate issuer: /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Certificate serial: 019CAC473FB61F7A43C03757F590F4909BFD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
Manifest number: 122F
Signing time: Mon 02 Mar 2026 02:01:16 +0000
Manifest this update: Mon 02 Mar 2026 02:01:16 +0000
Manifest next update: Tue 03 Mar 2026 02:01:16 +0000
Files and hashes: 1: FU4n6XNa33EeNcK1pVjnryUAJ6g.roa (hash: vAyZ21gv2CupNTDwhYo/hiCxZiQKD0Xxe9J+fN5P0S8=)
2: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: rmnYzVj5VjLow/9zrI4vhBgIhbLTzIvh7ji5FGievuQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:47:3f:b6:1f:7a:43:c0:37:57:f5:90:f4:90:9b:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Validity
Not Before: Mar 2 02:01:16 2026 GMT
Not After : Mar 3 02:01:16 2026 GMT
Subject: CN=7a69ec636519bf9fd3a0246f7be7daf8fb44fd1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:97:95:31:ef:ec:c1:57:9f:47:0e:b4:68:de:
00:1e:fa:0d:08:0e:bc:76:c0:66:7a:55:d3:bd:e1:
01:8a:e5:7e:91:28:eb:12:ca:53:f9:ff:84:ee:49:
4d:8d:f1:26:80:92:7b:8e:74:3e:1f:15:41:03:2b:
47:78:e4:ab:25:c7:08:84:8e:9e:ed:be:ab:31:b3:
c7:6c:ca:2e:a6:6e:32:9b:21:38:7d:0d:4f:16:b3:
4c:c3:6f:e9:a1:f7:9e:48:b9:83:65:d1:50:c3:ac:
db:cd:07:27:36:fb:8d:3f:29:39:85:b4:59:49:a6:
b8:b3:3f:31:20:f2:11:75:e0:84:13:ad:8e:7f:ae:
26:4a:53:72:41:86:db:b9:f9:21:a5:be:23:81:5e:
eb:49:ef:fc:39:6a:f3:19:61:db:a6:a1:b9:f1:24:
7f:8a:bd:97:ea:fc:ab:bc:68:ef:48:5a:37:63:c1:
4a:6e:6e:22:e9:4e:e2:2d:80:f5:19:b1:48:e6:f1:
f6:96:f4:de:68:9d:8c:cc:ff:c6:a2:3a:4b:a6:ec:
eb:70:ec:6a:b4:2c:d7:c3:04:c1:0a:d0:23:89:60:
2f:5b:25:87:cd:0b:65:68:ca:7d:f9:69:3e:51:69:
29:a7:d9:55:6d:82:e2:01:c7:bb:e4:06:49:63:16:
ea:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:69:EC:63:65:19:BF:9F:D3:A0:24:6F:7B:E7:DA:F8:FB:44:FD:1E
X509v3 Authority Key Identifier:
keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:b7:cc:ed:3d:a3:3f:a6:66:23:a6:c0:56:6b:60:ea:f0:91:
4f:3c:d3:ec:b7:3b:97:c4:e3:1c:24:bd:9a:bd:eb:31:69:b5:
84:a6:25:c2:8e:02:63:e4:fb:5e:78:97:b9:78:21:ba:8b:f7:
54:18:99:75:bd:b3:11:d2:ad:eb:8c:10:17:9d:f2:53:60:27:
79:48:d1:17:87:33:f8:b9:ad:3f:dc:4f:f2:09:44:43:3d:fc:
bd:3c:94:99:a9:81:c6:34:9a:5a:4e:7f:5e:c9:a8:77:7d:f2:
f8:47:e7:a1:b2:fb:e0:f5:33:2f:07:e3:a7:15:a8:c7:eb:5a:
4b:fb:a8:37:5e:ef:50:58:20:c9:20:92:5f:d2:9a:95:a4:90:
09:5e:15:04:b6:5e:0b:18:44:46:51:0c:8c:37:f7:70:3f:4e:
57:3d:05:5d:7f:81:58:8c:28:75:a6:3b:df:a3:bb:ff:4e:11:
8a:86:17:a7:b9:a8:00:b1:06:6d:fb:93:c3:53:d9:2a:e8:1d:
e7:97:92:6d:81:2c:69:58:02:e4:13:aa:d1:00:6f:42:8b:d9:
9b:f1:ff:e0:cb:40:2a:65:eb:40:2d:d1:2a:a9:90:1e:8d:6e:
12:ed:3e:e8:2a:8d:38:1f:37:a0:37:b9:af:fc:0d:2f:a5:fb:
51:82:88:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRz+2H3pDwDdX9ZD0kJv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy
ZDMyYjYwHhcNMjYwMzAyMDIwMTE2WhcNMjYwMzAzMDIwMTE2WjAzMTEwLwYDVQQD
Eyg3YTY5ZWM2MzY1MTliZjlmZDNhMDI0NmY3YmU3ZGFmOGZiNDRmZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJeVMe/swVefRw60aN4AHvoNCA68
dsBmelXTveEBiuV+kSjrEspT+f+E7klNjfEmgJJ7jnQ+HxVBAytHeOSrJccIhI6e
7b6rMbPHbMoupm4ymyE4fQ1PFrNMw2/pofeeSLmDZdFQw6zbzQcnNvuNPyk5hbRZ
Saa4sz8xIPIRdeCEE62Of64mSlNyQYbbufkhpb4jgV7rSe/8OWrzGWHbpqG58SR/
ir2X6vyrvGjvSFo3Y8FKbm4i6U7iLYD1GbFI5vH2lvTeaJ2MzP/GojpLpuzrcOxq
tCzXwwTBCtAjiWAvWyWHzQtlaMp9+Wk+UWkpp9lVbYLiAce75AZJYxbqzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHpp7GNlGb+f06Akb3vn2vj7RP0eMB8GA1UdIwQY
MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt
MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl
LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW7fM7T2j
P6ZmI6bAVmtg6vCRTzzT7Lc7l8TjHCS9mr3rMWm1hKYlwo4CY+T7XniXuXghuov3
VBiZdb2zEdKt64wQF53yU2AneUjRF4cz+LmtP9xP8glEQz38vTyUmamBxjSaWk5/
Xsmod33y+EfnobL74PUzLwfjpxWox+taS/uoN17vUFggySCSX9KalaSQCV4VBLZe
CxhERlEMjDf3cD9OVz0FXX+BWIwodaY736O7/04RioYXp7moALEGbfuTw1PZKugd
55eSbYEsaVgC5BOq0QBvQovZm/H/4MtAKmXrQC3RKqmQHo1uEu0+6CqNOB83oDe5
r/wNL6X7UYKIZw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:16:35 2026 by rpki-client