Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
File: pxErNcd6Sxb761YSHJdNWdVmeEs.mft (raw, json)
Hash identifier: 7Rn4l2PBNGBYa6B8AEQzxxDs7KRn4bWaKyvROsxChgY=
Subject key identifier: F6:44:DD:A9:BD:7B:7F:83:95:C3:FA:8F:A3:0E:BB:12:12:6A:D3:E9
Authority key identifier: A7:11:2B:35:C7:7A:4B:16:FB:EB:56:12:1C:97:4D:59:D5:66:78:4B
Certificate issuer: /CN=a7112b35c77a4b16fbeb56121c974d59d566784b
Certificate serial: 019D390A00B4B8D005EAC196C000CE758264
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
Manifest number: 188E
Signing time: Sun 29 Mar 2026 10:00:50 +0000
Manifest this update: Sun 29 Mar 2026 10:00:50 +0000
Manifest next update: Mon 30 Mar 2026 10:00:50 +0000
Files and hashes: 1: j__VlCB-Iaahq6iSGXf82aRhFjE.roa (hash: ZAd0hpXPQxe82r5ai9UhJXs41uTHJvAdkg2oVHWXLpQ=)
2: pxErNcd6Sxb761YSHJdNWdVmeEs.crl (hash: TXHfz6NceK3D0WLN8JG7roJhNSSXKSPU67qxG/R6Hww=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:00:b4:b8:d0:05:ea:c1:96:c0:00:ce:75:82:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7112b35c77a4b16fbeb56121c974d59d566784b
Validity
Not Before: Mar 29 10:00:50 2026 GMT
Not After : Mar 30 10:00:50 2026 GMT
Subject: CN=f644dda9bd7b7f8395c3fa8fa30ebb12126ad3e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6f:87:38:c9:db:02:1f:f1:fe:75:b7:42:8d:
e2:fd:dc:6a:a1:76:89:ce:9a:2d:9e:76:f2:e9:db:
08:2d:11:6a:3c:11:62:9c:da:5d:88:cf:3b:c3:ae:
3a:95:d5:af:3a:79:d5:58:43:5c:f0:a7:98:95:49:
08:cb:98:25:e0:09:fb:44:72:9a:32:f1:15:03:e9:
a9:42:f2:b7:12:dd:7b:c5:1f:90:87:2c:b9:35:78:
1e:f2:87:db:dd:1b:dc:a0:b7:34:10:95:17:a2:6a:
22:ec:63:60:de:b0:6b:a1:3e:c1:2e:95:40:4c:17:
32:ca:8c:9b:b2:aa:f6:07:88:33:e5:94:67:85:1b:
8e:02:04:b0:6f:7a:68:d2:2c:06:b2:bd:b0:21:19:
ec:1d:1f:db:7f:5a:f0:b2:0c:54:d1:3d:ba:4c:96:
11:81:24:c0:59:cd:1f:24:bb:02:26:2d:63:39:76:
76:cf:b5:c5:83:5e:7d:24:81:63:cd:0c:50:27:5d:
84:b4:21:41:0a:0f:d1:9e:63:08:40:77:b4:25:43:
99:19:14:cc:c8:ec:65:ae:e6:53:d2:66:5b:46:d3:
aa:bf:77:d2:54:92:34:09:fc:71:94:b4:4d:d8:18:
44:c5:7c:18:53:e4:cc:f6:93:67:cb:17:6e:b2:d9:
58:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:44:DD:A9:BD:7B:7F:83:95:C3:FA:8F:A3:0E:BB:12:12:6A:D3:E9
X509v3 Authority Key Identifier:
keyid:A7:11:2B:35:C7:7A:4B:16:FB:EB:56:12:1C:97:4D:59:D5:66:78:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:66:db:94:cc:98:9d:f6:a3:67:42:bc:06:81:5a:cc:b5:e5:
da:67:ea:e4:3d:27:fa:c1:10:ff:22:c0:87:a3:c6:2d:4b:5b:
91:aa:0f:85:41:7a:d0:32:2a:ce:88:b2:5a:96:d0:dc:63:40:
fe:8a:b2:d5:62:3f:07:65:9d:7f:80:0a:bc:e8:2b:c5:99:75:
fb:ba:c7:5e:c7:69:a0:5f:35:b2:ae:ab:6c:6c:65:f3:a4:70:
aa:c0:74:62:3b:40:fa:e1:49:9d:f4:36:65:f4:81:6e:60:da:
27:09:c1:87:c8:2b:de:e6:74:18:6c:57:71:5f:1c:ae:26:72:
81:76:50:0e:70:97:2d:5a:2e:02:f6:3b:38:7b:4a:a3:5b:bb:
94:f7:41:12:be:7b:d3:cf:39:61:69:8e:5f:e2:a7:98:1c:dc:
b8:b5:75:44:0a:20:8a:8d:33:b7:44:8a:30:f1:6f:40:64:77:
c4:32:bb:ca:8a:86:04:23:6f:3b:03:79:73:b6:93:b4:2e:00:
01:8c:18:21:ca:d9:6f:23:bd:04:93:d8:26:0f:27:66:a3:25:
13:df:4f:fd:ae:71:27:e0:1b:e5:a9:be:9e:8b:53:95:63:94:
7f:bd:ef:89:30:bb:50:54:a9:f0:d5:8d:28:d0:28:e3:a6:5f:
df:ec:87:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CgC0uNAF6sGWwADOdYJkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTEyYjM1Yzc3YTRiMTZmYmViNTYxMjFjOTc0ZDU5ZDU2
Njc4NGIwHhcNMjYwMzI5MTAwMDUwWhcNMjYwMzMwMTAwMDUwWjAzMTEwLwYDVQQD
EyhmNjQ0ZGRhOWJkN2I3ZjgzOTVjM2ZhOGZhMzBlYmIxMjEyNmFkM2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5W+HOMnbAh/x/nW3Qo3i/dxqoXaJ
zpotnnby6dsILRFqPBFinNpdiM87w646ldWvOnnVWENc8KeYlUkIy5gl4An7RHKa
MvEVA+mpQvK3Et17xR+Qhyy5NXge8ofb3RvcoLc0EJUXomoi7GNg3rBroT7BLpVA
TBcyyoybsqr2B4gz5ZRnhRuOAgSwb3po0iwGsr2wIRnsHR/bf1rwsgxU0T26TJYR
gSTAWc0fJLsCJi1jOXZ2z7XFg159JIFjzQxQJ12EtCFBCg/RnmMIQHe0JUOZGRTM
yOxlruZT0mZbRtOqv3fSVJI0CfxxlLRN2BhExXwYU+TM9pNnyxdustlYEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZE3am9e3+DlcP6j6MOuxISatPpMB8GA1UdIwQY
MBaAFKcRKzXHeksW++tWEhyXTVnVZnhLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83MWNiZTUtNGEyOS00NTY3LWExZmEt
Nzg4ODQyODIyNWI0LzEvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83MWNiZTUtNGEyOS00NTY3LWExZmEtNzg4ODQyODIyNWI0
LzEvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVWbblMyY
nfajZ0K8BoFazLXl2mfq5D0n+sEQ/yLAh6PGLUtbkaoPhUF60DIqzoiyWpbQ3GNA
/oqy1WI/B2Wdf4AKvOgrxZl1+7rHXsdpoF81sq6rbGxl86RwqsB0YjtA+uFJnfQ2
ZfSBbmDaJwnBh8gr3uZ0GGxXcV8criZygXZQDnCXLVouAvY7OHtKo1u7lPdBEr57
0885YWmOX+KnmBzcuLV1RAogio0zt0SKMPFvQGR3xDK7yoqGBCNvOwN5c7aTtC4A
AYwYIcrZbyO9BJPYJg8nZqMlE99P/a5xJ+Ab5am+notTlWOUf73viTC7UFSp8NWN
KNAo46Zf3+yHlQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:05:55 2026 by rpki-client