Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/to-PMlFKGD6Xejx982Rz1WJgxKQ.mft
File: to-PMlFKGD6Xejx982Rz1WJgxKQ.mft (raw, json)
Hash identifier: Q4PnTVvgnZWBfvSxct355OQ1LYOUHdRQc3nh0jzjo7A=
Subject key identifier: 1F:13:F7:DC:0B:91:2E:81:86:19:AD:48:CA:82:DC:31:49:6B:29:B2
Authority key identifier: B6:8F:8F:32:51:4A:18:3E:97:7A:3C:7D:F3:64:73:D5:62:60:C4:A4
Certificate issuer: /CN=b68f8f32514a183e977a3c7df36473d56260c4a4
Certificate serial: 019CAA58C3F625A3251CF7EDFC89E8D70AF3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/to-PMlFKGD6Xejx982Rz1WJgxKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/to-PMlFKGD6Xejx982Rz1WJgxKQ.mft
Manifest number: 0CA7
Signing time: Sun 01 Mar 2026 17:01:09 +0000
Manifest this update: Sun 01 Mar 2026 17:01:09 +0000
Manifest next update: Mon 02 Mar 2026 17:01:09 +0000
Files and hashes: 1: UycNDBh6XIKJ82eOMM9nsWm3RUU.roa (hash: j5CuV0Ecvfd3t9K7/xrfKK4OIBdyHHKPYNpzUJ5l9jc=)
2: to-PMlFKGD6Xejx982Rz1WJgxKQ.crl (hash: Ji9N6riUrTYzb9MfrRZyUur0tDkuc51x2apeC+V7An8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/to-PMlFKGD6Xejx982Rz1WJgxKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/to-PMlFKGD6Xejx982Rz1WJgxKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/to-PMlFKGD6Xejx982Rz1WJgxKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:c3:f6:25:a3:25:1c:f7:ed:fc:89:e8:d7:0a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b68f8f32514a183e977a3c7df36473d56260c4a4
Validity
Not Before: Mar 1 17:01:09 2026 GMT
Not After : Mar 2 17:01:09 2026 GMT
Subject: CN=1f13f7dc0b912e818619ad48ca82dc31496b29b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:50:89:f0:cc:c3:f6:43:46:bb:0a:6d:f9:7a:
11:81:ed:1f:3a:8c:0c:e1:04:18:a1:8d:0d:e2:26:
55:3a:e7:4c:fd:2b:e4:17:6e:2a:90:37:98:4f:9f:
25:95:74:ce:eb:ab:c3:b0:40:74:63:46:36:1b:1d:
d7:1f:24:cd:18:f9:92:d0:f7:cb:db:5c:a9:be:fe:
16:9b:7b:fa:74:aa:f5:7c:fc:0c:34:ad:da:4f:5c:
8f:74:32:c8:fd:ba:bd:38:cc:d6:f2:ab:5f:f2:94:
ea:25:3f:58:15:64:38:a0:1a:92:56:13:31:4a:a8:
66:a1:03:24:a9:98:ab:4c:fb:b4:06:19:f7:53:51:
e6:16:92:44:f6:c8:d8:b7:ef:6d:7c:26:6f:45:24:
c7:35:85:57:f3:9f:86:63:9e:a9:d9:5d:8a:6e:c0:
90:8a:71:4f:79:2e:82:25:20:e9:33:e8:3e:10:a8:
a1:48:69:37:d5:7f:83:8a:31:dc:35:77:d7:0a:65:
5c:e0:a0:b2:78:31:99:58:ce:e5:0b:3b:15:38:f0:
2c:ab:10:ec:3d:e1:f9:6e:05:f3:e6:ad:8a:98:b5:
2d:9c:de:e5:24:f1:cc:2a:2a:31:3c:34:12:a7:08:
cf:b1:57:af:82:40:e3:06:40:f9:26:59:f4:34:23:
d9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:13:F7:DC:0B:91:2E:81:86:19:AD:48:CA:82:DC:31:49:6B:29:B2
X509v3 Authority Key Identifier:
keyid:B6:8F:8F:32:51:4A:18:3E:97:7A:3C:7D:F3:64:73:D5:62:60:C4:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/to-PMlFKGD6Xejx982Rz1WJgxKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/to-PMlFKGD6Xejx982Rz1WJgxKQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/to-PMlFKGD6Xejx982Rz1WJgxKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:1c:f8:bd:26:02:47:ad:47:cf:68:16:42:e0:61:43:a3:03:
f7:56:b5:76:44:f5:56:7e:c3:15:d9:26:8a:fe:a2:67:d1:61:
81:86:0f:da:49:de:d4:c6:bc:03:36:c8:a1:13:76:d2:35:78:
2e:b4:e2:17:d2:96:ab:f3:49:62:ea:b7:9c:83:1f:b9:6d:27:
ac:33:56:ad:c7:45:9c:11:5b:bc:81:d0:bc:45:2b:68:7d:16:
ae:b5:63:48:1b:e9:78:05:c6:24:3a:e8:d9:f1:a7:f4:34:19:
ae:0e:1f:40:bb:a5:c8:f8:39:1b:23:08:4a:bd:76:05:88:d5:
75:32:3c:32:2f:3d:e4:75:fb:48:fa:0d:37:1b:01:ba:ed:7d:
9c:d4:31:8e:18:7e:d7:d1:e1:72:90:31:09:cc:c2:e2:c2:51:
4e:df:db:39:20:af:37:95:c8:74:23:d3:f7:06:c5:96:74:b7:
f8:cf:06:ac:18:07:2f:6d:d0:de:07:60:5c:c1:93:c6:62:80:
06:e6:48:88:a8:59:96:fc:3b:4d:a6:cb:11:e0:5d:65:0e:55:
72:0a:d7:5d:bc:62:39:fe:f8:04:b5:91:94:38:99:ba:22:e9:
ee:99:35:4e:6f:c4:35:a6:af:49:a8:91:20:9c:5b:4a:5e:f1:
43:30:4c:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWMP2JaMlHPft/Ino1wrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OGY4ZjMyNTE0YTE4M2U5NzdhM2M3ZGYzNjQ3M2Q1NjI2
MGM0YTQwHhcNMjYwMzAxMTcwMTA5WhcNMjYwMzAyMTcwMTA5WjAzMTEwLwYDVQQD
EygxZjEzZjdkYzBiOTEyZTgxODYxOWFkNDhjYTgyZGMzMTQ5NmIyOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1CJ8MzD9kNGuwpt+XoRge0fOowM
4QQYoY0N4iZVOudM/SvkF24qkDeYT58llXTO66vDsEB0Y0Y2Gx3XHyTNGPmS0PfL
21ypvv4Wm3v6dKr1fPwMNK3aT1yPdDLI/bq9OMzW8qtf8pTqJT9YFWQ4oBqSVhMx
SqhmoQMkqZirTPu0Bhn3U1HmFpJE9sjYt+9tfCZvRSTHNYVX85+GY56p2V2KbsCQ
inFPeS6CJSDpM+g+EKihSGk31X+DijHcNXfXCmVc4KCyeDGZWM7lCzsVOPAsqxDs
PeH5bgXz5q2KmLUtnN7lJPHMKioxPDQSpwjPsVevgkDjBkD5Jln0NCPZTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8T99wLkS6BhhmtSMqC3DFJaymyMB8GA1UdIwQY
MBaAFLaPjzJRShg+l3o8ffNkc9ViYMSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG8tUE1sRktHRDZYZWp4OTgyUnoxV0pneEtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8zODg3ZTQtYjU5OC00NWUzLThkODUt
MjIxMGVkOWQwODYxLzEvdG8tUE1sRktHRDZYZWp4OTgyUnoxV0pneEtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8zODg3ZTQtYjU5OC00NWUzLThkODUtMjIxMGVkOWQwODYx
LzEvdG8tUE1sRktHRDZYZWp4OTgyUnoxV0pneEtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdhz4vSYC
R61Hz2gWQuBhQ6MD91a1dkT1Vn7DFdkmiv6iZ9FhgYYP2kne1Ma8AzbIoRN20jV4
LrTiF9KWq/NJYuq3nIMfuW0nrDNWrcdFnBFbvIHQvEUraH0WrrVjSBvpeAXGJDro
2fGn9DQZrg4fQLulyPg5GyMISr12BYjVdTI8Mi895HX7SPoNNxsBuu19nNQxjhh+
19HhcpAxCczC4sJRTt/bOSCvN5XIdCPT9wbFlnS3+M8GrBgHL23Q3gdgXMGTxmKA
BuZIiKhZlvw7TabLEeBdZQ5VcgrXXbxiOf74BLWRlDiZuiLp7pk1Tm/ENaavSaiR
IJxbSl7xQzBMEw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:37:10 2026 by rpki-client