Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.mft
File: PxyTi7IGo4ltBkwIUvqYhf8s69k.mft (raw, json)
Hash identifier: zyRBv4BV2crPNGreZZZvCTh4SEZnWBqgX7BC+CRg6Hs=
Subject key identifier: 3B:8B:5B:ED:17:AF:68:33:E8:BE:8F:D2:2A:D1:AE:C8:77:2A:64:63
Authority key identifier: 3F:1C:93:8B:B2:06:A3:89:6D:06:4C:08:52:FA:98:85:FF:2C:EB:D9
Certificate issuer: /CN=3f1c938bb206a3896d064c0852fa9885ff2cebd9
Certificate serial: 019D38D3B9F5411F6D570F3E0A77C2536335
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PxyTi7IGo4ltBkwIUvqYhf8s69k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.mft
Manifest number: 05BF
Signing time: Sun 29 Mar 2026 09:01:32 +0000
Manifest this update: Sun 29 Mar 2026 09:01:32 +0000
Manifest next update: Mon 30 Mar 2026 09:01:32 +0000
Files and hashes: 1: PxyTi7IGo4ltBkwIUvqYhf8s69k.crl (hash: WyAJ/Opg7vytM6xktbtGgr6e40DeA61000mE8wnf/RA=)
2: gJih9xv-CWYQaALlecQOJ_TACmo.roa (hash: 9e9Q4Zs2imMTV1ntB9s+yN3H0/1A7f9/M0HJ8dsTuhg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.mft
rsync://rpki.ripe.net/repository/DEFAULT/PxyTi7IGo4ltBkwIUvqYhf8s69k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:b9:f5:41:1f:6d:57:0f:3e:0a:77:c2:53:63:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f1c938bb206a3896d064c0852fa9885ff2cebd9
Validity
Not Before: Mar 29 09:01:32 2026 GMT
Not After : Mar 30 09:01:32 2026 GMT
Subject: CN=3b8b5bed17af6833e8be8fd22ad1aec8772a6463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f7:14:ed:48:6a:53:55:22:25:77:91:65:51:
be:f0:b0:d6:d1:48:02:41:4a:89:39:4f:f8:66:a2:
6c:38:2b:33:fe:f7:e4:08:63:00:f6:89:fa:fa:1b:
94:dc:37:ca:73:0c:ca:05:8d:7b:ac:5d:83:9d:64:
97:9b:d5:10:43:54:65:44:f0:98:2a:8d:0c:ad:58:
45:72:d4:7b:72:44:d9:dd:46:65:e5:a9:62:87:9c:
f9:a7:a1:0c:19:ff:d6:4c:8b:d2:0a:b0:76:f6:a8:
4f:ea:b6:82:dc:66:a9:7d:cb:8d:94:a4:d6:0f:bb:
6c:02:e0:13:2d:c3:95:0a:f4:18:6f:d3:26:89:b6:
ab:40:12:27:40:1e:6a:d8:31:2e:e8:e5:a8:6e:ca:
a8:b5:7e:cf:c2:ec:b0:93:67:4e:d6:0e:21:cc:d6:
5c:ed:ec:cf:68:7e:b9:3f:34:b6:34:f3:d7:a6:78:
ae:d2:a5:2c:2b:06:ac:46:c5:a1:22:6a:83:ca:38:
bd:97:59:40:8d:f3:a3:7b:41:81:9d:96:e8:e6:49:
46:a7:d1:73:1e:07:27:97:f5:a2:c5:20:2e:09:ee:
3e:fa:f4:24:43:3f:12:df:ce:06:27:53:2a:e1:0b:
85:55:6c:aa:42:f6:3b:5b:8d:17:13:74:e9:05:0f:
53:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:8B:5B:ED:17:AF:68:33:E8:BE:8F:D2:2A:D1:AE:C8:77:2A:64:63
X509v3 Authority Key Identifier:
keyid:3F:1C:93:8B:B2:06:A3:89:6D:06:4C:08:52:FA:98:85:FF:2C:EB:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PxyTi7IGo4ltBkwIUvqYhf8s69k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:56:64:b3:62:75:8d:a1:5e:be:f9:e7:66:16:f2:0d:7e:f5:
d2:d7:50:cd:36:1d:94:5b:74:56:3a:97:f9:b1:9c:aa:05:ca:
a3:15:60:57:61:d9:ad:ef:5b:cc:98:46:ac:51:ee:f3:29:27:
0e:93:67:dc:92:9d:f8:9b:1a:c6:a4:08:46:19:62:74:f6:d9:
bc:a6:dc:5b:db:95:79:98:1e:0c:05:02:8d:d8:a1:f9:88:df:
69:6f:08:42:e3:3f:b6:e7:57:87:2f:d0:57:b3:76:c5:17:a9:
c6:50:81:61:31:03:e8:43:54:e6:14:34:16:95:d7:46:af:02:
34:29:dc:02:cd:99:01:bb:23:5e:d7:0f:d8:2e:5c:02:c7:fd:
5f:23:a7:8b:5e:06:4d:7a:2d:51:1f:0e:91:70:a7:2d:d9:f2:
37:1d:ab:c8:3d:d5:fb:c9:45:9d:10:03:f6:ab:fd:2e:8a:2d:
d9:eb:9b:6f:aa:0a:88:1f:49:23:63:95:f8:3a:b0:ca:f2:21:
59:94:0f:2e:ba:b9:b7:00:9e:f0:66:17:0d:08:76:90:be:19:
9d:0a:a4:5e:22:ca:f0:b8:e3:07:68:b5:de:9a:cf:a3:88:3f:
fc:ae:52:87:23:d8:4b:12:21:b2:6f:96:64:b7:4f:47:59:a7:
d9:72:6d:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407n1QR9tVw8+CnfCU2M1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMWM5MzhiYjIwNmEzODk2ZDA2NGMwODUyZmE5ODg1ZmYy
Y2ViZDkwHhcNMjYwMzI5MDkwMTMyWhcNMjYwMzMwMDkwMTMyWjAzMTEwLwYDVQQD
EygzYjhiNWJlZDE3YWY2ODMzZThiZThmZDIyYWQxYWVjODc3MmE2NDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPcU7UhqU1UiJXeRZVG+8LDW0UgC
QUqJOU/4ZqJsOCsz/vfkCGMA9on6+huU3DfKcwzKBY17rF2DnWSXm9UQQ1RlRPCY
Ko0MrVhFctR7ckTZ3UZl5alih5z5p6EMGf/WTIvSCrB29qhP6raC3GapfcuNlKTW
D7tsAuATLcOVCvQYb9MmibarQBInQB5q2DEu6OWobsqotX7Pwuywk2dO1g4hzNZc
7ezPaH65PzS2NPPXpniu0qUsKwasRsWhImqDyji9l1lAjfOje0GBnZbo5klGp9Fz
Hgcnl/WixSAuCe4++vQkQz8S384GJ1Mq4QuFVWyqQvY7W40XE3TpBQ9TAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDuLW+0Xr2gz6L6P0irRrsh3KmRjMB8GA1UdIwQY
MBaAFD8ck4uyBqOJbQZMCFL6mIX/LOvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHh5VGk3SUdvNGx0Qmt3SVV2cVloZjhzNjlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zYjI0OWMtYjQwZS00ZmI5LThmZjQt
ZTA1MjYwMzNhNDg0LzEvUHh5VGk3SUdvNGx0Qmt3SVV2cVloZjhzNjlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zYjI0OWMtYjQwZS00ZmI5LThmZjQtZTA1MjYwMzNhNDg0
LzEvUHh5VGk3SUdvNGx0Qmt3SVV2cVloZjhzNjlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqFZks2J1
jaFevvnnZhbyDX710tdQzTYdlFt0VjqX+bGcqgXKoxVgV2HZre9bzJhGrFHu8ykn
DpNn3JKd+JsaxqQIRhlidPbZvKbcW9uVeZgeDAUCjdih+YjfaW8IQuM/tudXhy/Q
V7N2xRepxlCBYTED6ENU5hQ0FpXXRq8CNCncAs2ZAbsjXtcP2C5cAsf9XyOni14G
TXotUR8OkXCnLdnyNx2ryD3V+8lFnRAD9qv9Loot2eubb6oKiB9JI2OV+DqwyvIh
WZQPLrq5twCe8GYXDQh2kL4ZnQqkXiLK8LjjB2i13prPo4g//K5ShyPYSxIhsm+W
ZLdPR1mn2XJtxA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:55 2026 by rpki-client