Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
File: PkJOJFpkMkpocx3SbzDGhbqopng.mft (raw, json)
Hash identifier: P8cja8vsulClZYhuHZwIgEgnnSaFkPLHHZgpW7+0R1c=
Subject key identifier: BE:2A:A4:B5:DE:88:63:C0:F2:C5:9C:85:E6:5C:8F:58:B6:67:75:56
Authority key identifier: 3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78
Certificate issuer: /CN=3e424e245a64324a68731dd26f30c685baa8a678
Certificate serial: 019CA9B3ABA2D9981DC76E994CEABF05C1BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
Manifest number: 1848
Signing time: Sun 01 Mar 2026 14:00:50 +0000
Manifest this update: Sun 01 Mar 2026 14:00:50 +0000
Manifest next update: Mon 02 Mar 2026 14:00:50 +0000
Files and hashes: 1: Cj8ujoa5KmTTSWCTdwnTGnYwzAk.roa (hash: M+8fZqB3T6uLKV8atcb+P0CXiywaKxIVWcjCJ6STrHE=)
2: PkJOJFpkMkpocx3SbzDGhbqopng.crl (hash: 0FqC4l0OF36kTqIl0SwzsDImZmgp5Q5gP2e8Pu03NEM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:b3:ab:a2:d9:98:1d:c7:6e:99:4c:ea:bf:05:c1:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e424e245a64324a68731dd26f30c685baa8a678
Validity
Not Before: Mar 1 14:00:50 2026 GMT
Not After : Mar 2 14:00:50 2026 GMT
Subject: CN=be2aa4b5de8863c0f2c59c85e65c8f58b6677556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9f:40:c1:90:33:8f:55:a3:a8:4a:c9:e0:d0:
ae:68:41:39:f9:c6:00:31:ea:9e:9c:b4:7c:c2:9b:
78:93:cb:b2:de:7e:14:fd:55:f3:1b:84:5a:a5:32:
fa:d0:22:6a:7f:19:87:f5:69:73:aa:f6:86:2c:81:
f4:4a:6a:78:2b:01:57:23:2e:23:15:1f:83:4b:25:
62:9a:7c:2f:1c:94:e4:29:a9:ee:65:45:9e:81:6c:
30:cb:44:3f:73:f9:9c:f3:02:7d:35:9a:f7:36:d0:
5c:2e:8c:8d:9e:ae:46:1b:99:e7:fd:85:24:ac:06:
f0:69:fe:af:c4:07:ce:9e:a9:82:af:b0:4e:e1:2e:
26:ad:33:73:b1:78:b6:cb:e2:79:f2:8b:a8:cc:57:
22:8c:09:b8:45:84:35:d3:ae:2a:b6:72:b4:d7:f7:
24:1c:8d:1c:74:3f:1b:89:da:78:18:83:ea:aa:47:
c9:83:c7:d2:ca:eb:e2:5e:3d:93:d9:1b:95:94:ee:
3b:83:60:b2:b3:41:7a:16:c4:6a:9d:7f:42:26:f7:
7e:1d:5a:e4:60:1c:f2:64:6e:28:77:86:33:d8:b2:
9a:24:04:e6:8e:3c:11:0f:cf:63:7b:85:b4:a6:52:
91:09:12:15:e4:9e:ec:ee:0c:39:87:37:21:6f:5e:
e0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:2A:A4:B5:DE:88:63:C0:F2:C5:9C:85:E6:5C:8F:58:B6:67:75:56
X509v3 Authority Key Identifier:
keyid:3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:35:52:cd:75:a0:29:9e:61:52:d2:19:c7:30:80:c4:a5:43:
0a:61:1d:55:80:02:32:6c:5d:ab:47:ab:82:99:15:2e:42:66:
e6:f7:9b:6e:9d:16:cb:57:62:a9:82:2c:0a:c1:20:17:30:82:
8a:d1:a1:ad:67:93:2b:6f:49:00:6c:2c:40:bf:29:69:69:60:
1e:d5:b7:92:f6:8b:5d:ef:1b:1d:ca:33:0f:a1:66:dd:ab:8e:
fc:69:9b:20:14:50:de:1b:e9:e4:e5:93:e7:65:06:37:82:15:
31:a5:25:89:25:a2:79:56:5f:a9:56:e6:53:9f:ef:3f:24:0a:
2c:fc:ce:ad:81:e4:83:b4:48:ea:b1:7e:94:b6:87:ee:15:8d:
5d:00:6f:99:9f:a2:f0:7c:60:4b:b6:9c:8c:c2:3a:95:bc:92:
f3:f6:66:90:3e:14:75:d1:a4:f8:93:42:1b:21:b2:7a:4d:22:
d3:ad:d1:78:59:3f:da:dc:06:93:c2:d0:9a:31:d5:bf:48:cc:
cb:4f:a8:ac:7a:3e:85:6e:aa:bc:a9:b1:31:1c:17:4c:7b:b0:
cf:ab:10:18:10:0e:59:77:16:90:83:31:4d:8e:3f:54:a0:c9:
99:81:e2:9a:bd:ef:92:9d:97:c0:29:84:78:3d:83:e4:4e:55:
04:4f:6e:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyps6ui2Zgdx26ZTOq/BcG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDI0ZTI0NWE2NDMyNGE2ODczMWRkMjZmMzBjNjg1YmFh
OGE2NzgwHhcNMjYwMzAxMTQwMDUwWhcNMjYwMzAyMTQwMDUwWjAzMTEwLwYDVQQD
EyhiZTJhYTRiNWRlODg2M2MwZjJjNTljODVlNjVjOGY1OGI2Njc3NTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZ9AwZAzj1WjqErJ4NCuaEE5+cYA
MeqenLR8wpt4k8uy3n4U/VXzG4RapTL60CJqfxmH9WlzqvaGLIH0Smp4KwFXIy4j
FR+DSyVimnwvHJTkKanuZUWegWwwy0Q/c/mc8wJ9NZr3NtBcLoyNnq5GG5nn/YUk
rAbwaf6vxAfOnqmCr7BO4S4mrTNzsXi2y+J58ouozFcijAm4RYQ1064qtnK01/ck
HI0cdD8bidp4GIPqqkfJg8fSyuviXj2T2RuVlO47g2Cys0F6FsRqnX9CJvd+HVrk
YBzyZG4od4Yz2LKaJATmjjwRD89je4W0plKRCRIV5J7s7gw5hzchb17gWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4qpLXeiGPA8sWcheZcj1i2Z3VWMB8GA1UdIwQY
MBaAFD5CTiRaZDJKaHMd0m8wxoW6qKZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQt
NTRkYTA0NjhmZGFkLzEvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQtNTRkYTA0NjhmZGFk
LzEvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqjVSzXWg
KZ5hUtIZxzCAxKVDCmEdVYACMmxdq0ergpkVLkJm5vebbp0Wy1diqYIsCsEgFzCC
itGhrWeTK29JAGwsQL8paWlgHtW3kvaLXe8bHcozD6Fm3auO/GmbIBRQ3hvp5OWT
52UGN4IVMaUliSWieVZfqVbmU5/vPyQKLPzOrYHkg7RI6rF+lLaH7hWNXQBvmZ+i
8HxgS7acjMI6lbyS8/ZmkD4UddGk+JNCGyGyek0i063ReFk/2twGk8LQmjHVv0jM
y0+orHo+hW6qvKmxMRwXTHuwz6sQGBAOWXcWkIMxTY4/VKDJmYHimr3vkp2XwCmE
eD2D5E5VBE9uZQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:40:26 2026 by rpki-client