Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
File: PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json)
Hash identifier: okjVJt9bzhUqMXFJIMvkoxvqZYviZ8LAVAvTzMRyPMs=
Subject key identifier: 96:AA:9E:7C:82:AF:5A:2B:25:34:D4:7C:BB:3D:1B:15:B6:61:A9:56
Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
Certificate issuer: /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Certificate serial: 019D9BBED3429308A742DC66D7FE9B8EBC79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
Manifest number: 12AB
Signing time: Fri 17 Apr 2026 14:01:07 +0000
Manifest this update: Fri 17 Apr 2026 14:01:07 +0000
Manifest next update: Sat 18 Apr 2026 14:01:07 +0000
Files and hashes: 1: FU4n6XNa33EeNcK1pVjnryUAJ6g.roa (hash: vAyZ21gv2CupNTDwhYo/hiCxZiQKD0Xxe9J+fN5P0S8=)
2: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: Ktst6yIsC+dqwCU7HH004k8chTkqJ8eBpUnFlA+hpgk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:be:d3:42:93:08:a7:42:dc:66:d7:fe:9b:8e:bc:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Validity
Not Before: Apr 17 14:01:07 2026 GMT
Not After : Apr 18 14:01:07 2026 GMT
Subject: CN=96aa9e7c82af5a2b2534d47cbb3d1b15b661a956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:78:cd:34:bf:0f:ff:fb:8b:fb:ee:ef:fa:d7:
fa:31:96:4d:a8:4c:77:7d:2e:aa:b4:a3:b7:b7:44:
0c:cd:5d:91:c7:a9:ca:81:40:5c:b3:2a:6a:73:7a:
09:3e:cc:f8:8c:4a:18:02:e4:b1:b2:43:75:a5:84:
15:c6:a8:e3:ef:a0:ad:12:c9:ca:12:98:bf:53:28:
86:f3:79:26:f9:d4:84:af:dd:6e:c5:92:ae:4f:f5:
11:b9:5e:b3:8a:d0:e7:77:94:2f:7a:77:a2:d4:ad:
cb:30:4c:06:95:fc:d2:4f:e2:45:67:52:b6:b2:31:
04:32:6e:8d:dc:81:84:c2:39:0b:6a:da:52:39:f2:
e3:61:2b:cf:71:e3:e7:94:e3:9b:71:28:ae:8c:96:
da:1f:33:6b:8b:63:64:3f:b3:cb:05:1a:9a:38:f6:
49:1e:79:e0:61:02:cc:41:cc:3f:a5:b7:d4:ba:c6:
5d:85:50:33:3e:b9:a7:2d:f2:79:25:98:24:ca:08:
79:38:d5:0e:ae:54:4c:17:71:0a:44:69:53:0a:17:
d9:05:a3:37:47:dc:89:bc:c7:8e:88:e7:73:cb:2d:
03:c7:8a:03:40:bd:ad:48:63:11:fa:11:75:cf:f1:
fc:9f:88:f2:f7:48:83:28:8c:56:35:99:ab:d3:21:
82:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:AA:9E:7C:82:AF:5A:2B:25:34:D4:7C:BB:3D:1B:15:B6:61:A9:56
X509v3 Authority Key Identifier:
keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:1e:f3:54:84:8c:3a:af:7b:55:5e:14:dd:6e:d4:c9:99:ee:
1e:12:e7:4c:93:43:c3:08:c5:a0:80:8a:a2:a7:07:d9:d9:19:
de:14:a0:43:3a:1b:c7:69:d7:a2:79:34:60:00:c3:60:dc:e8:
95:1d:f0:a9:9f:80:95:41:16:41:ba:42:63:95:e3:65:1f:a2:
60:ca:3b:61:b4:43:31:ec:66:73:89:a0:4e:ef:07:58:2a:74:
04:57:cb:af:d1:2c:c5:b0:c2:71:0e:85:c5:5d:c7:2c:9a:45:
52:1d:fc:1f:6e:4c:cd:48:71:ce:66:06:87:77:f8:ad:56:04:
a2:3d:ac:74:fa:01:92:af:30:10:74:67:97:c0:e7:c1:87:2a:
9d:e3:c6:03:59:ef:0e:7c:e0:fa:23:f7:1c:a8:6d:27:24:f4:
86:bd:20:5d:e0:fe:b1:81:ff:72:e3:8f:c0:f1:05:e2:20:1b:
8d:3f:23:f7:ee:e7:e0:4c:e8:51:d0:cf:e2:48:64:d9:ab:8e:
93:78:f9:5e:ea:0a:ea:7d:3d:27:00:d6:14:14:23:9d:fc:b4:
1d:26:fc:ad:7b:a5:93:77:ad:3f:04:d9:e9:fc:47:17:5a:60:
a4:c1:92:4d:03:ad:b2:d9:3b:b4:a6:34:68:d9:ad:c3:6d:bc:
48:72:b4:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvtNCkwinQtxm1/6bjrx5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy
ZDMyYjYwHhcNMjYwNDE3MTQwMTA3WhcNMjYwNDE4MTQwMTA3WjAzMTEwLwYDVQQD
Eyg5NmFhOWU3YzgyYWY1YTJiMjUzNGQ0N2NiYjNkMWIxNWI2NjFhOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3jNNL8P//uL++7v+tf6MZZNqEx3
fS6qtKO3t0QMzV2Rx6nKgUBcsypqc3oJPsz4jEoYAuSxskN1pYQVxqjj76CtEsnK
Epi/UyiG83km+dSEr91uxZKuT/URuV6zitDnd5Qvenei1K3LMEwGlfzST+JFZ1K2
sjEEMm6N3IGEwjkLatpSOfLjYSvPcePnlOObcSiujJbaHzNri2NkP7PLBRqaOPZJ
HnngYQLMQcw/pbfUusZdhVAzPrmnLfJ5JZgkygh5ONUOrlRMF3EKRGlTChfZBaM3
R9yJvMeOiOdzyy0Dx4oDQL2tSGMR+hF1z/H8n4jy90iDKIxWNZmr0yGCXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJaqnnyCr1orJTTUfLs9GxW2YalWMB8GA1UdIwQY
MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt
MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl
LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnh7zVISM
Oq97VV4U3W7UyZnuHhLnTJNDwwjFoICKoqcH2dkZ3hSgQzobx2nXonk0YADDYNzo
lR3wqZ+AlUEWQbpCY5XjZR+iYMo7YbRDMexmc4mgTu8HWCp0BFfLr9EsxbDCcQ6F
xV3HLJpFUh38H25MzUhxzmYGh3f4rVYEoj2sdPoBkq8wEHRnl8DnwYcqnePGA1nv
Dnzg+iP3HKhtJyT0hr0gXeD+sYH/cuOPwPEF4iAbjT8j9+7n4EzoUdDP4khk2auO
k3j5XuoK6n09JwDWFBQjnfy0HSb8rXulk3etPwTZ6fxHF1pgpMGSTQOtstk7tKY0
aNmtw228SHK0NA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:10:21 2026 by rpki-client