Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft
File: PE71UtfFcTYTTntE1pfLAs3n2H0.mft (raw, json)
Hash identifier: RthPHHDf5lX6jXiw8WWGWaPviRBmwxW8SElj8hujTsU=
Subject key identifier: 6A:63:7C:2C:5C:93:BC:AA:EE:9C:F1:6C:AE:56:8D:9F:E4:A4:98:47
Authority key identifier: 3C:4E:F5:52:D7:C5:71:36:13:4E:7B:44:D6:97:CB:02:CD:E7:D8:7D
Certificate issuer: /CN=3c4ef552d7c57136134e7b44d697cb02cde7d87d
Certificate serial: 019CAA8FB8A22B70FF96453CFE10F9297642
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE71UtfFcTYTTntE1pfLAs3n2H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft
Manifest number: 0CAB
Signing time: Sun 01 Mar 2026 18:01:11 +0000
Manifest this update: Sun 01 Mar 2026 18:01:11 +0000
Manifest next update: Mon 02 Mar 2026 18:01:11 +0000
Files and hashes: 1: M2fsMNeCLbSytrRdZXN8GNnfsT4.roa (hash: ZZlxpGml6cr7CGJbkVDdK84PY4ZB8pkla7yZE+pnKvI=)
2: PE71UtfFcTYTTntE1pfLAs3n2H0.crl (hash: fPZ2Q+zYPWJF1rVWoxPRLN8xDciBImCSdR1PluHwWwM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft
rsync://rpki.ripe.net/repository/DEFAULT/PE71UtfFcTYTTntE1pfLAs3n2H0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:b8:a2:2b:70:ff:96:45:3c:fe:10:f9:29:76:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ef552d7c57136134e7b44d697cb02cde7d87d
Validity
Not Before: Mar 1 18:01:11 2026 GMT
Not After : Mar 2 18:01:11 2026 GMT
Subject: CN=6a637c2c5c93bcaaee9cf16cae568d9fe4a49847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3f:e8:da:6b:62:c4:53:f3:37:d7:98:6b:df:
4e:d9:7c:c3:10:c8:ce:16:2a:ac:f1:dd:89:2d:c7:
78:62:fa:12:07:b3:6d:f0:99:15:39:ca:49:8f:fd:
4a:15:b6:ac:11:aa:4b:1a:13:3e:18:0b:78:48:b1:
ea:b2:46:a6:68:7e:65:3f:14:f4:34:a5:f4:98:6d:
e8:85:c3:e8:57:de:d8:6a:77:3d:98:01:4e:23:25:
4b:07:96:62:7d:d2:dc:58:f5:fc:a7:74:e6:18:6b:
d1:a5:78:0f:d1:1c:7f:11:b6:2d:22:fc:94:b6:20:
e2:ff:19:1b:12:b7:09:28:29:c5:b2:a9:98:ef:80:
e9:34:f1:fe:3c:f0:de:65:52:08:d9:a9:54:3e:3d:
fb:00:4a:50:11:6d:04:d9:bf:eb:de:03:c8:71:52:
97:c8:d6:e1:78:22:39:98:0a:97:49:ce:22:60:61:
93:d8:fa:69:83:d4:98:67:71:68:4f:f3:a0:79:69:
62:67:7c:7f:32:f4:65:d8:6f:fb:03:63:f5:6d:b4:
8f:da:5b:fe:16:0f:80:a5:6e:00:d1:21:1e:86:cf:
05:d2:b7:93:7a:f6:21:24:74:ad:b1:9f:13:30:ed:
85:38:38:e5:36:68:40:11:e1:41:98:84:0a:f7:78:
44:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:63:7C:2C:5C:93:BC:AA:EE:9C:F1:6C:AE:56:8D:9F:E4:A4:98:47
X509v3 Authority Key Identifier:
keyid:3C:4E:F5:52:D7:C5:71:36:13:4E:7B:44:D6:97:CB:02:CD:E7:D8:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE71UtfFcTYTTntE1pfLAs3n2H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:c1:a4:02:79:99:17:0f:d6:eb:ac:e3:3f:a7:02:c0:f8:f3:
c9:4c:a2:79:d8:59:08:b4:bf:4b:87:7e:79:3a:ba:43:ce:b8:
c3:d3:2d:ac:b9:4e:0a:f3:71:07:01:4c:1f:ba:6f:d6:cf:77:
a8:b4:08:d0:fa:0e:bc:cf:9e:62:a2:d1:87:19:55:44:85:db:
76:b4:80:76:5d:85:dc:0f:1e:71:2e:97:9c:cb:23:75:5e:72:
69:0f:1e:f1:3c:b0:60:3a:e0:1c:6a:41:8e:32:8e:d6:53:10:
8e:db:85:e3:e0:c2:f6:97:58:cb:f7:8a:d2:03:44:21:0a:6a:
59:ff:4e:08:fd:0f:01:f4:5a:4c:90:7b:1f:21:8c:64:8d:87:
84:2b:06:91:8e:11:4e:72:87:1e:40:f7:db:20:bc:5f:c4:89:
77:90:74:45:08:f9:f6:22:cc:d1:9c:d9:71:8b:22:45:17:5d:
07:cd:e4:45:0c:c3:55:c9:e9:8a:a9:fb:95:bf:4d:92:7f:3e:
65:76:3a:62:de:85:c7:81:bc:02:cb:1f:eb:6b:3e:d6:64:fa:
a7:c5:cc:f9:27:f6:62:39:53:e5:5a:41:9c:b3:4c:89:41:1c:
37:5f:c1:53:ed:58:99:96:4c:68:4c:6f:09:5c:2a:2e:8a:f0:
06:87:61:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj7iiK3D/lkU8/hD5KXZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVmNTUyZDdjNTcxMzYxMzRlN2I0NGQ2OTdjYjAyY2Rl
N2Q4N2QwHhcNMjYwMzAxMTgwMTExWhcNMjYwMzAyMTgwMTExWjAzMTEwLwYDVQQD
Eyg2YTYzN2MyYzVjOTNiY2FhZWU5Y2YxNmNhZTU2OGQ5ZmU0YTQ5ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT/o2mtixFPzN9eYa99O2XzDEMjO
Fiqs8d2JLcd4YvoSB7Nt8JkVOcpJj/1KFbasEapLGhM+GAt4SLHqskamaH5lPxT0
NKX0mG3ohcPoV97Yanc9mAFOIyVLB5ZifdLcWPX8p3TmGGvRpXgP0Rx/EbYtIvyU
tiDi/xkbErcJKCnFsqmY74DpNPH+PPDeZVII2alUPj37AEpQEW0E2b/r3gPIcVKX
yNbheCI5mAqXSc4iYGGT2Pppg9SYZ3FoT/OgeWliZ3x/MvRl2G/7A2P1bbSP2lv+
Fg+ApW4A0SEehs8F0reTevYhJHStsZ8TMO2FODjlNmhAEeFBmIQK93hEhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGpjfCxck7yq7pzxbK5WjZ/kpJhHMB8GA1UdIwQY
MBaAFDxO9VLXxXE2E057RNaXywLN59h9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3MVV0ZkZjVFlUVG50RTFwZkxBczNuMkgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iMzIxZDEtODE0Yi00Y2Y5LTlkMDct
MTE0NDFlMTZhMTM3LzEvUEU3MVV0ZkZjVFlUVG50RTFwZkxBczNuMkgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iMzIxZDEtODE0Yi00Y2Y5LTlkMDctMTE0NDFlMTZhMTM3
LzEvUEU3MVV0ZkZjVFlUVG50RTFwZkxBczNuMkgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFcGkAnmZ
Fw/W66zjP6cCwPjzyUyiedhZCLS/S4d+eTq6Q864w9MtrLlOCvNxBwFMH7pv1s93
qLQI0PoOvM+eYqLRhxlVRIXbdrSAdl2F3A8ecS6XnMsjdV5yaQ8e8TywYDrgHGpB
jjKO1lMQjtuF4+DC9pdYy/eK0gNEIQpqWf9OCP0PAfRaTJB7HyGMZI2HhCsGkY4R
TnKHHkD32yC8X8SJd5B0RQj59iLM0ZzZcYsiRRddB83kRQzDVcnpiqn7lb9Nkn8+
ZXY6Yt6Fx4G8Assf62s+1mT6p8XM+Sf2YjlT5VpBnLNMiUEcN1/BU+1YmZZMaExv
CVwqLorwBodhuA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:44:47 2026 by rpki-client