Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft
File: PxckOVmdfaUleXiZvyE7jmNVSRQ.mft (raw, json)
Hash identifier: 3yF4Vt4NXncvma/i6Tm5GHd9iJ5pRKxVso7QUH+dWT4=
Subject key identifier: 0F:FC:82:B4:7D:E7:09:3A:5D:F4:99:22:24:BC:A3:B9:ED:CA:AF:A4
Authority key identifier: 3F:17:24:39:59:9D:7D:A5:25:79:78:99:BF:21:3B:8E:63:55:49:14
Certificate issuer: /CN=3f172439599d7da525797899bf213b8e63554914
Certificate serial: 019CE6367736CC9C5B6FE31B6BCD1FB1BF47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft
Manifest number: 17F6
Signing time: Fri 13 Mar 2026 08:00:54 +0000
Manifest this update: Fri 13 Mar 2026 08:00:54 +0000
Manifest next update: Sat 14 Mar 2026 08:00:54 +0000
Files and hashes: 1: 2dj72cUvrZqEtdbBtFlSnYa4QKM.roa (hash: 0SrJodFZpH/UDhRtcg5lODDwzwQCCfVOAxUCuTTXZOI=)
2: PxckOVmdfaUleXiZvyE7jmNVSRQ.crl (hash: vWigjq/IaQF7lb/Rn51Jzh90ZNxb6WrJqHKjhXlbHXU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:36:77:36:cc:9c:5b:6f:e3:1b:6b:cd:1f:b1:bf:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f172439599d7da525797899bf213b8e63554914
Validity
Not Before: Mar 13 08:00:54 2026 GMT
Not After : Mar 14 08:00:54 2026 GMT
Subject: CN=0ffc82b47de7093a5df4992224bca3b9edcaafa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ae:7c:c4:ae:06:9c:44:ae:ec:3f:c4:e0:28:
ef:27:5a:18:c9:da:bf:ae:b1:d8:5d:8d:3e:18:36:
9e:37:39:64:f5:c4:d5:5b:77:ae:be:cd:fd:19:8d:
5b:3d:f5:d9:d2:15:42:d6:96:f3:7c:6d:a0:7c:66:
ab:b1:56:b9:e0:36:49:b1:9b:da:24:d9:10:3d:e4:
97:68:c3:19:e8:1b:c0:89:62:04:4a:79:e6:40:6d:
56:f8:35:5f:21:69:7e:e1:a5:db:c0:d2:17:88:3f:
7f:62:89:59:46:70:1c:87:30:61:cf:41:0a:58:93:
4b:37:0c:d0:92:43:59:16:3d:65:b0:b0:df:66:74:
f0:58:1e:61:bd:cc:ae:e0:87:d5:63:98:fa:e3:02:
7a:af:36:63:68:a0:62:17:15:1a:48:07:31:79:be:
1a:3a:fb:13:f6:59:6d:fc:b4:80:c7:42:7b:a8:21:
82:68:c7:20:8d:7c:63:17:56:fe:2c:a7:9a:27:db:
de:3a:64:23:49:39:ef:4d:39:f1:e6:3a:a9:21:fa:
27:36:88:73:a0:58:12:3f:0e:49:68:72:53:16:49:
ce:23:b3:8f:0a:a1:ae:b4:06:5d:ef:d0:02:a5:f0:
f7:87:7e:f0:23:d2:f4:0b:92:49:73:09:11:b3:01:
2e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:FC:82:B4:7D:E7:09:3A:5D:F4:99:22:24:BC:A3:B9:ED:CA:AF:A4
X509v3 Authority Key Identifier:
keyid:3F:17:24:39:59:9D:7D:A5:25:79:78:99:BF:21:3B:8E:63:55:49:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:ce:38:91:5c:7a:a4:58:57:f1:92:86:f5:3a:e6:72:fe:e4:
5b:b3:3e:10:8f:1f:41:cc:bd:93:1e:d3:24:d5:a6:a4:ce:49:
34:7b:9a:f7:d1:e2:f0:fe:dd:a8:d2:97:de:8a:6f:c6:df:af:
d1:59:93:81:22:11:44:53:ae:8d:61:02:bb:6d:23:ab:41:9b:
93:1a:16:e4:97:a0:ee:2a:df:a3:3b:6d:6b:08:d6:e4:3b:55:
d6:af:00:52:b4:fa:f5:6d:2c:c2:44:94:10:80:7a:3c:73:7a:
b8:61:50:ee:de:61:ed:b9:6f:48:5b:2f:68:d6:a5:c4:cf:1a:
ef:5c:fe:bb:be:53:6e:5e:7b:7e:40:d2:06:b9:b9:de:64:58:
1c:29:18:9a:d8:95:25:0e:34:e0:d7:4f:1e:f1:b0:d9:3d:9e:
17:87:be:a6:82:e0:1e:c0:82:53:61:8c:1e:40:98:74:57:54:
b8:11:9d:90:81:a3:81:66:8b:43:12:79:c3:84:ec:a8:e7:e0:
c2:48:26:07:8e:87:5d:38:5d:84:c3:3f:da:21:20:a6:10:50:
82:49:de:92:2b:d2:6f:6c:9d:e6:07:d0:c4:9a:39:1f:72:66:
cb:e9:21:9e:05:9b:7f:ac:63:df:9e:dc:c1:a5:e4:90:ab:55:
bf:5e:8b:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzmNnc2zJxbb+Mba80fsb9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMTcyNDM5NTk5ZDdkYTUyNTc5Nzg5OWJmMjEzYjhlNjM1
NTQ5MTQwHhcNMjYwMzEzMDgwMDU0WhcNMjYwMzE0MDgwMDU0WjAzMTEwLwYDVQQD
EygwZmZjODJiNDdkZTcwOTNhNWRmNDk5MjIyNGJjYTNiOWVkY2FhZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1K58xK4GnESu7D/E4CjvJ1oYydq/
rrHYXY0+GDaeNzlk9cTVW3euvs39GY1bPfXZ0hVC1pbzfG2gfGarsVa54DZJsZva
JNkQPeSXaMMZ6BvAiWIESnnmQG1W+DVfIWl+4aXbwNIXiD9/YolZRnAchzBhz0EK
WJNLNwzQkkNZFj1lsLDfZnTwWB5hvcyu4IfVY5j64wJ6rzZjaKBiFxUaSAcxeb4a
OvsT9llt/LSAx0J7qCGCaMcgjXxjF1b+LKeaJ9veOmQjSTnvTTnx5jqpIfonNohz
oFgSPw5JaHJTFknOI7OPCqGutAZd79ACpfD3h37wI9L0C5JJcwkRswEumwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/8grR95wk6XfSZIiS8o7ntyq+kMB8GA1UdIwQY
MBaAFD8XJDlZnX2lJXl4mb8hO45jVUkUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi85ZjlhYTktMDljMC00OGNjLWIwYTEt
ODg3MzMxZWZiNzE1LzEvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi85ZjlhYTktMDljMC00OGNjLWIwYTEtODg3MzMxZWZiNzE1
LzEvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFc44kVx6
pFhX8ZKG9Trmcv7kW7M+EI8fQcy9kx7TJNWmpM5JNHua99Hi8P7dqNKX3opvxt+v
0VmTgSIRRFOujWECu20jq0GbkxoW5Jeg7irfozttawjW5DtV1q8AUrT69W0swkSU
EIB6PHN6uGFQ7t5h7blvSFsvaNalxM8a71z+u75Tbl57fkDSBrm53mRYHCkYmtiV
JQ404NdPHvGw2T2eF4e+poLgHsCCU2GMHkCYdFdUuBGdkIGjgWaLQxJ5w4TsqOfg
wkgmB46HXThdhMM/2iEgphBQgknekivSb2yd5gfQxJo5H3Jmy+khngWbf6xj357c
waXkkKtVv16LIg==
-----END CERTIFICATE-----
Generated at Fri Mar 13 11:18:20 2026 by rpki-client