Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.mft
File: pnQBXVCbXU85bqNjNp6ddP-tdZM.mft (raw, json)
Hash identifier: U0Gq8MMDY4MkLzJeMEDTPYaJUQ5xHFGeGcLb+ucblmo=
Subject key identifier: 0A:BD:84:DD:EA:27:7F:4E:23:FE:7B:86:6C:07:A8:24:80:20:86:17
Authority key identifier: A6:74:01:5D:50:9B:5D:4F:39:6E:A3:63:36:9E:9D:74:FF:AD:75:93
Certificate issuer: /CN=a674015d509b5d4f396ea363369e9d74ffad7593
Certificate serial: 019D37531BB740BD1DB8C56788C80E94CC35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.mft
Manifest number: 1728
Signing time: Sun 29 Mar 2026 02:01:26 +0000
Manifest this update: Sun 29 Mar 2026 02:01:26 +0000
Manifest next update: Mon 30 Mar 2026 02:01:26 +0000
Files and hashes: 1: aHohvmZrJOOZrpMAIOpcUZD835k.roa (hash: Lfp+q62MRXSn7ts6IZsilj9kYQPjsgFts0IvrL3U2wc=)
2: pnQBXVCbXU85bqNjNp6ddP-tdZM.crl (hash: Qnmwbt3NXF6r5qlJTACjiY2cj09pO3f8aFmmDOwQTgc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.mft
rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:53:1b:b7:40:bd:1d:b8:c5:67:88:c8:0e:94:cc:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a674015d509b5d4f396ea363369e9d74ffad7593
Validity
Not Before: Mar 29 02:01:26 2026 GMT
Not After : Mar 30 02:01:26 2026 GMT
Subject: CN=0abd84ddea277f4e23fe7b866c07a82480208617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:62:b0:22:ea:b4:43:0e:6e:9c:2c:c0:36:fa:
6c:8f:e3:5f:b4:57:c1:86:6e:3c:a0:9b:0a:51:db:
a3:bd:15:0f:e9:9f:de:9d:6c:85:cb:4e:4c:db:51:
5d:10:18:ac:d0:38:fd:e9:0e:39:52:5a:66:f9:e0:
c3:50:d6:46:41:d8:50:54:0f:75:db:0c:c5:8f:ee:
8f:c7:50:0c:d6:f9:02:d9:77:6e:45:8b:e7:5b:f0:
fb:07:4d:14:c2:0d:dc:c3:bb:11:f0:5c:a3:05:45:
0b:07:90:7d:78:04:ff:0b:53:05:c2:2f:39:45:39:
6f:bc:42:73:dd:10:de:b3:8a:3f:3e:f7:75:1a:4f:
ed:d8:88:ae:01:5c:ac:54:29:88:6c:99:74:69:5f:
46:cc:04:af:32:85:eb:09:e4:d9:b8:ca:af:60:01:
9e:1b:0f:83:3f:d7:83:7d:fc:14:6d:16:02:30:cb:
1b:5b:36:4c:90:36:b7:83:bf:41:b0:3b:cd:d8:cf:
6c:58:79:b0:7d:da:9c:ff:60:a5:71:75:6d:1f:95:
af:07:bd:88:1a:f9:d1:03:aa:b7:8f:86:12:34:c9:
2d:bc:5d:e9:d0:f6:06:8e:72:39:c2:b7:a5:ce:8f:
3c:8e:47:8a:b9:09:de:34:cb:f3:d6:29:49:a3:2d:
ff:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:BD:84:DD:EA:27:7F:4E:23:FE:7B:86:6C:07:A8:24:80:20:86:17
X509v3 Authority Key Identifier:
keyid:A6:74:01:5D:50:9B:5D:4F:39:6E:A3:63:36:9E:9D:74:FF:AD:75:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:18:ad:90:fb:f4:b7:4a:55:44:a2:ab:a4:d4:43:c0:f3:6d:
0e:1d:92:82:94:51:ce:65:57:f9:8d:cf:dc:51:26:7c:f0:dd:
8f:9d:3c:6e:9c:30:14:ac:ef:6b:1d:04:8d:c7:96:9b:8a:d4:
0c:91:3e:50:82:65:2e:2b:d0:cc:1a:38:d2:a9:d4:2c:08:d0:
f0:ca:d5:83:fb:e9:90:2a:b4:97:fa:53:b1:43:66:9b:29:10:
54:7b:15:bc:69:99:cf:99:0b:72:48:09:db:e7:be:f6:aa:17:
30:6d:c0:60:ff:fd:b9:b3:6c:8e:aa:23:32:6b:b6:72:a7:08:
1b:43:fa:73:17:5a:7a:e7:b9:3e:dd:17:77:ca:96:bc:b5:fc:
23:7d:ae:9f:43:a5:39:8e:5c:00:46:9e:cc:bb:41:96:bf:55:
80:78:8f:0f:94:8d:a4:3b:1c:5a:80:f5:24:29:e6:52:ee:46:
a9:92:5e:06:de:1d:5e:41:58:9e:52:ff:6a:53:60:bf:2b:b9:
1a:74:0e:1e:e2:65:37:4a:b0:5d:aa:f8:80:dd:d2:bd:b9:26:
ef:c4:5a:33:49:e1:66:df:28:95:6b:55:e0:3f:9b:5f:9e:64:
1e:61:bc:a8:69:d0:59:be:ff:bb:2d:be:92:e5:6b:31:6e:dc:
33:e9:29:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Uxu3QL0duMVniMgOlMw1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NzQwMTVkNTA5YjVkNGYzOTZlYTM2MzM2OWU5ZDc0ZmZh
ZDc1OTMwHhcNMjYwMzI5MDIwMTI2WhcNMjYwMzMwMDIwMTI2WjAzMTEwLwYDVQQD
EygwYWJkODRkZGVhMjc3ZjRlMjNmZTdiODY2YzA3YTgyNDgwMjA4NjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWKwIuq0Qw5unCzANvpsj+NftFfB
hm48oJsKUdujvRUP6Z/enWyFy05M21FdEBis0Dj96Q45Ulpm+eDDUNZGQdhQVA91
2wzFj+6Px1AM1vkC2XduRYvnW/D7B00Uwg3cw7sR8FyjBUULB5B9eAT/C1MFwi85
RTlvvEJz3RDes4o/Pvd1Gk/t2IiuAVysVCmIbJl0aV9GzASvMoXrCeTZuMqvYAGe
Gw+DP9eDffwUbRYCMMsbWzZMkDa3g79BsDvN2M9sWHmwfdqc/2ClcXVtH5WvB72I
GvnRA6q3j4YSNMktvF3p0PYGjnI5wrelzo88jkeKuQneNMvz1ilJoy3/EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAq9hN3qJ39OI/57hmwHqCSAIIYXMB8GA1UdIwQY
MBaAFKZ0AV1Qm11POW6jYzaenXT/rXWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5RQlhWQ2JYVTg1YnFOak5wNmRkUC10ZFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82ODllNzAtZTM4ZC00ZmYxLWE5NzIt
NDExM2Q2ODZkZDY2LzEvcG5RQlhWQ2JYVTg1YnFOak5wNmRkUC10ZFpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82ODllNzAtZTM4ZC00ZmYxLWE5NzItNDExM2Q2ODZkZDY2
LzEvcG5RQlhWQ2JYVTg1YnFOak5wNmRkUC10ZFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbRitkPv0
t0pVRKKrpNRDwPNtDh2SgpRRzmVX+Y3P3FEmfPDdj508bpwwFKzvax0EjceWm4rU
DJE+UIJlLivQzBo40qnULAjQ8MrVg/vpkCq0l/pTsUNmmykQVHsVvGmZz5kLckgJ
2+e+9qoXMG3AYP/9ubNsjqojMmu2cqcIG0P6cxdaeue5Pt0Xd8qWvLX8I32un0Ol
OY5cAEaezLtBlr9VgHiPD5SNpDscWoD1JCnmUu5GqZJeBt4dXkFYnlL/alNgvyu5
GnQOHuJlN0qwXar4gN3Svbkm78RaM0nhZt8olWtV4D+bX55kHmG8qGnQWb7/uy2+
kuVrMW7cM+kp9w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:30:47 2026 by rpki-client