Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
File: PUM0D60kZGXejmFNA5VjppllfY0.mft (raw, json)
Hash identifier: xC5ucthvw8s1QYpTDjfivD8POVx9UmtWfF6RMyaL6z8=
Subject key identifier: 89:55:25:05:5C:8B:B5:E2:F1:EA:53:A3:B0:EB:F0:70:CD:34:2C:9A
Authority key identifier: 3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D
Certificate issuer: /CN=3d43340fad246465de8e614d039563a699657d8d
Certificate serial: 019D9EBFF3918B5E4A56AEBE382258FE0481
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
Manifest number: 0355
Signing time: Sat 18 Apr 2026 04:01:12 +0000
Manifest this update: Sat 18 Apr 2026 04:01:12 +0000
Manifest next update: Sun 19 Apr 2026 04:01:12 +0000
Files and hashes: 1: PUM0D60kZGXejmFNA5VjppllfY0.crl (hash: 7COmEb7ZlD5jBHakVOKS+NXHhADSEGXzUnTKG85eFzQ=)
2: tW6tlYVnkXnq9oP8owXcbYW47kU.roa (hash: g2+Pc2wN2E52WWpsZZidSy7PbjRy5/I1OGghh4rSkGE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 21:23:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9e:bf:f3:91:8b:5e:4a:56:ae:be:38:22:58:fe:04:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d43340fad246465de8e614d039563a699657d8d
Validity
Not Before: Apr 18 04:01:12 2026 GMT
Not After : Apr 19 04:01:12 2026 GMT
Subject: CN=895525055c8bb5e2f1ea53a3b0ebf070cd342c9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:05:7d:07:71:af:37:b1:a8:3b:87:c1:cc:95:
0e:b3:df:fd:d7:bb:67:b5:6e:89:bf:41:ce:d4:01:
89:31:f3:9c:21:4b:93:34:c8:2b:bf:6d:f4:2d:53:
ac:d3:13:63:28:00:d4:7e:eb:a8:75:6c:21:74:80:
86:06:00:2e:e0:a0:f4:3c:02:3e:5e:7c:63:64:cb:
43:34:c2:c1:99:4c:0f:ef:91:49:9b:42:70:1c:24:
21:9b:c3:14:3b:c6:95:32:87:30:10:b7:5d:94:47:
bb:45:e4:be:1f:62:79:78:d9:9d:3f:f1:77:c6:a6:
c3:ff:f0:8d:02:c9:3d:3c:7c:d4:87:ae:f8:33:3f:
c0:30:b2:41:37:28:a9:0c:2a:37:fd:5e:44:d3:5a:
ec:2c:90:de:31:37:3e:af:a4:9a:9d:bd:b6:5f:eb:
2b:ff:19:6f:95:43:13:8d:c7:1d:e8:47:b6:74:30:
95:46:ad:4b:dd:5f:5f:3c:cf:df:9c:64:6e:30:36:
e8:3b:40:10:66:30:dc:53:8f:8d:ba:af:43:ef:90:
3b:4e:0d:8b:45:d7:d0:c5:22:51:cb:71:ec:0c:1a:
e5:28:37:fd:6b:a5:1a:29:1c:1f:a2:ae:ed:ab:e5:
ec:8b:92:08:05:3f:04:c1:6b:57:19:85:b0:e0:ad:
e7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:55:25:05:5C:8B:B5:E2:F1:EA:53:A3:B0:EB:F0:70:CD:34:2C:9A
X509v3 Authority Key Identifier:
keyid:3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:ef:42:82:1c:cf:39:37:8a:1c:60:16:ce:c7:c8:05:4a:6c:
3d:4e:0b:a4:6c:2c:1d:5e:9f:9c:4e:b7:ad:ad:1f:58:a2:0a:
11:90:14:37:db:ba:87:91:d9:dc:32:6f:09:ff:dd:b3:6f:fe:
44:d6:ca:3e:56:87:6a:a2:10:9e:df:32:44:fb:77:b9:53:7a:
d7:e1:da:29:16:b5:b4:a6:61:7f:5f:2f:e9:2a:3b:4a:8e:e8:
9d:7b:c9:5c:5a:d0:fa:81:d8:f4:16:7d:53:3c:6a:26:6c:81:
e7:ef:3e:61:6c:dd:ca:50:d7:28:d9:79:41:32:a7:ca:90:42:
2a:6a:5f:88:4d:2e:c1:5e:3c:21:a0:0f:01:3d:a6:6e:9a:f2:
0f:4e:f3:15:3c:fe:b2:3c:07:f5:13:33:bb:25:de:0b:19:47:
6d:cf:5f:69:82:85:ff:5f:5e:bd:b0:ad:98:c8:22:c2:21:84:
b4:06:fb:74:e1:d3:49:68:4f:8c:26:b5:5a:fa:4a:b1:97:f4:
f2:ba:8d:b4:22:0b:2d:96:30:e4:b3:5a:c4:18:16:04:37:de:
4f:b9:ec:bb:16:05:e7:30:f3:1d:9b:77:47:32:b5:f7:27:f5:
6f:99:d8:3a:8c:a4:60:75:c7:c6:3e:3e:46:aa:91:b9:56:ec:
3f:59:80:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ev/ORi15KVq6+OCJY/gSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNDMzNDBmYWQyNDY0NjVkZThlNjE0ZDAzOTU2M2E2OTk2
NTdkOGQwHhcNMjYwNDE4MDQwMTEyWhcNMjYwNDE5MDQwMTEyWjAzMTEwLwYDVQQD
Eyg4OTU1MjUwNTVjOGJiNWUyZjFlYTUzYTNiMGViZjA3MGNkMzQyYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wV9B3GvN7GoO4fBzJUOs9/917tn
tW6Jv0HO1AGJMfOcIUuTNMgrv230LVOs0xNjKADUfuuodWwhdICGBgAu4KD0PAI+
XnxjZMtDNMLBmUwP75FJm0JwHCQhm8MUO8aVMocwELddlEe7ReS+H2J5eNmdP/F3
xqbD//CNAsk9PHzUh674Mz/AMLJBNyipDCo3/V5E01rsLJDeMTc+r6Sanb22X+sr
/xlvlUMTjccd6Ee2dDCVRq1L3V9fPM/fnGRuMDboO0AQZjDcU4+Nuq9D75A7Tg2L
RdfQxSJRy3HsDBrlKDf9a6UaKRwfoq7tq+Xsi5IIBT8EwWtXGYWw4K3niwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIlVJQVci7Xi8epTo7Dr8HDNNCyaMB8GA1UdIwQY
MBaAFD1DNA+tJGRl3o5hTQOVY6aZZX2NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYt
YTQzN2NlODkyODQxLzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYtYTQzN2NlODkyODQx
LzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr+9CghzP
OTeKHGAWzsfIBUpsPU4LpGwsHV6fnE63ra0fWKIKEZAUN9u6h5HZ3DJvCf/ds2/+
RNbKPlaHaqIQnt8yRPt3uVN61+HaKRa1tKZhf18v6So7So7onXvJXFrQ+oHY9BZ9
UzxqJmyB5+8+YWzdylDXKNl5QTKnypBCKmpfiE0uwV48IaAPAT2mbpryD07zFTz+
sjwH9RMzuyXeCxlHbc9faYKF/19evbCtmMgiwiGEtAb7dOHTSWhPjCa1WvpKsZf0
8rqNtCILLZYw5LNaxBgWBDfeT7nsuxYF5zDzHZt3RzK19yf1b5nYOoykYHXHxj4+
RqqRuVbsP1mAoQ==
-----END CERTIFICATE-----
Generated at Sat Apr 18 06:16:28 2026 by rpki-client