Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
File: PUM0D60kZGXejmFNA5VjppllfY0.mft (raw, json)
Hash identifier: 5JhQArm3Ocwon7sQH9SHvIkIzmzRH+RHSFjfVpb2Ek4=
Subject key identifier: 60:D1:59:B8:57:13:28:AF:C2:A9:A2:F2:24:B3:36:CA:58:5E:32:95
Authority key identifier: 3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D
Certificate issuer: /CN=3d43340fad246465de8e614d039563a699657d8d
Certificate serial: 019CA97CC7031C87EB0C5849E3BA740B660C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
Manifest number: 02D6
Signing time: Sun 01 Mar 2026 13:00:52 +0000
Manifest this update: Sun 01 Mar 2026 13:00:52 +0000
Manifest next update: Mon 02 Mar 2026 13:00:52 +0000
Files and hashes: 1: PUM0D60kZGXejmFNA5VjppllfY0.crl (hash: cNOmGxTuyPEcCjiamd23RdtvyPweBJ0u62ZZ+sDEL88=)
2: tW6tlYVnkXnq9oP8owXcbYW47kU.roa (hash: g2+Pc2wN2E52WWpsZZidSy7PbjRy5/I1OGghh4rSkGE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:7c:c7:03:1c:87:eb:0c:58:49:e3:ba:74:0b:66:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d43340fad246465de8e614d039563a699657d8d
Validity
Not Before: Mar 1 13:00:52 2026 GMT
Not After : Mar 2 13:00:52 2026 GMT
Subject: CN=60d159b8571328afc2a9a2f224b336ca585e3295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:89:0e:98:84:c7:09:7b:ec:1b:37:63:c5:04:
b9:33:26:22:94:ba:12:77:ee:bd:e1:7a:a6:35:d0:
e7:a0:e0:b2:c9:5c:95:78:a1:c2:56:c2:b4:b2:79:
f3:80:21:d9:41:2f:ec:fa:e2:38:c0:46:bc:45:ba:
c4:cf:65:46:01:37:a2:0b:21:3b:aa:6b:ed:90:be:
2a:9a:04:1f:1f:e4:c3:75:17:50:c4:d0:28:49:b8:
8a:ef:33:6b:9b:08:28:70:04:ae:72:e5:75:6f:c7:
67:1c:a6:1c:52:ff:09:6d:5f:35:c2:a8:a5:46:63:
15:0e:96:96:a2:2c:6e:83:23:3e:53:86:58:28:5b:
e5:0b:2f:2b:5e:58:62:03:8f:0c:84:7f:49:80:71:
8b:9a:40:bd:b6:d2:eb:67:af:ac:60:9a:81:d8:56:
f1:81:05:d8:de:4d:c3:38:6b:04:e4:fb:cc:6f:84:
05:6f:a8:85:1a:c8:bf:73:8d:a1:e3:e5:f0:ee:1d:
2a:fa:5b:4e:c1:07:f5:96:3c:34:44:b6:b3:18:b4:
1f:b3:83:54:8b:6c:5d:cf:27:02:8e:da:56:35:d0:
0a:21:2c:5e:1b:10:85:e3:3e:15:0c:62:75:68:bc:
a6:ab:1f:9d:e6:16:c0:20:9d:2d:00:a8:d9:9a:b7:
39:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D1:59:B8:57:13:28:AF:C2:A9:A2:F2:24:B3:36:CA:58:5E:32:95
X509v3 Authority Key Identifier:
keyid:3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:f1:35:1a:ab:2b:8f:61:7b:df:ec:5b:37:3b:de:7e:3a:50:
32:1f:7b:c6:8d:4e:24:b7:6f:d6:6e:a0:4f:55:99:06:e4:36:
3a:bb:1c:3e:dc:6e:02:12:18:97:15:55:15:17:03:b6:a5:e6:
0e:d6:e2:30:3f:b7:7e:a1:32:bc:4f:24:21:da:ce:56:ac:c2:
d7:cf:cd:46:05:9e:36:be:25:37:37:fa:85:3f:11:9c:f0:51:
e0:2e:c3:e9:fa:69:e8:1a:f7:fc:69:80:76:28:24:2e:63:44:
23:4b:cf:81:63:82:af:bb:ed:c6:e3:d1:26:e4:74:ac:30:1b:
0d:a9:62:06:c4:6e:98:60:c3:bf:33:6f:bc:4a:8c:be:d8:74:
21:e9:86:c9:7d:9a:83:52:32:0c:13:02:a0:c5:f7:16:75:98:
e6:cb:3e:48:ef:ef:7c:fc:c4:c1:30:db:7a:9f:32:3e:3d:7f:
6d:a1:ed:b8:62:29:d4:9e:d3:dc:65:d5:21:7d:f7:20:29:49:
7f:ef:9b:b4:4b:85:b1:2f:f5:6c:64:42:5b:47:e6:17:82:55:
14:76:3a:38:51:30:7d:e6:89:08:d6:db:1c:15:e7:b9:77:ed:
ad:c2:46:02:10:5c:97:2c:99:44:71:52:33:3e:50:c8:95:4d:
af:fd:6d:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfMcDHIfrDFhJ47p0C2YMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNDMzNDBmYWQyNDY0NjVkZThlNjE0ZDAzOTU2M2E2OTk2
NTdkOGQwHhcNMjYwMzAxMTMwMDUyWhcNMjYwMzAyMTMwMDUyWjAzMTEwLwYDVQQD
Eyg2MGQxNTliODU3MTMyOGFmYzJhOWEyZjIyNGIzMzZjYTU4NWUzMjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIkOmITHCXvsGzdjxQS5MyYilLoS
d+694XqmNdDnoOCyyVyVeKHCVsK0snnzgCHZQS/s+uI4wEa8RbrEz2VGATeiCyE7
qmvtkL4qmgQfH+TDdRdQxNAoSbiK7zNrmwgocASucuV1b8dnHKYcUv8JbV81wqil
RmMVDpaWoixugyM+U4ZYKFvlCy8rXlhiA48MhH9JgHGLmkC9ttLrZ6+sYJqB2Fbx
gQXY3k3DOGsE5PvMb4QFb6iFGsi/c42h4+Xw7h0q+ltOwQf1ljw0RLazGLQfs4NU
i2xdzycCjtpWNdAKISxeGxCF4z4VDGJ1aLymqx+d5hbAIJ0tAKjZmrc5FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDRWbhXEyivwqmi8iSzNspYXjKVMB8GA1UdIwQY
MBaAFD1DNA+tJGRl3o5hTQOVY6aZZX2NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYt
YTQzN2NlODkyODQxLzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYtYTQzN2NlODkyODQx
LzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEPE1Gqsr
j2F73+xbNzvefjpQMh97xo1OJLdv1m6gT1WZBuQ2OrscPtxuAhIYlxVVFRcDtqXm
DtbiMD+3fqEyvE8kIdrOVqzC18/NRgWeNr4lNzf6hT8RnPBR4C7D6fpp6Br3/GmA
digkLmNEI0vPgWOCr7vtxuPRJuR0rDAbDaliBsRumGDDvzNvvEqMvth0IemGyX2a
g1IyDBMCoMX3FnWY5ss+SO/vfPzEwTDbep8yPj1/baHtuGIp1J7T3GXVIX33IClJ
f++btEuFsS/1bGRCW0fmF4JVFHY6OFEwfeaJCNbbHBXnuXftrcJGAhBclyyZRHFS
Mz5QyJVNr/1tyg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:37:39 2026 by rpki-client