Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
File: pCNxKB3-GQctEzndBIKyqvrVQs4.mft (raw, json)
Hash identifier: Q+HYeohHiyq1ou5Bb4OJHPOijojBBbaCGUonkhnhwXc=
Subject key identifier: 22:0B:A0:76:25:A6:8A:43:88:98:7E:BA:85:29:3C:5E:18:61:8E:6C
Authority key identifier: A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
Certificate issuer: /CN=a42371281dfe19072d1339dd0482b2aafad542ce
Certificate serial: 019E88A3801F1100B9C37ACF0A9F03308607
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
Manifest number: 0C19
Signing time: Tue 02 Jun 2026 14:01:16 +0000
Manifest this update: Tue 02 Jun 2026 14:01:16 +0000
Manifest next update: Wed 03 Jun 2026 14:01:16 +0000
Files and hashes: 1: 5-fSRldHA_TyCo0Af_n4H7VHHoo.roa (hash: n/VVjN3d2+A+fBj8+Kv149bG42PjdEV7GiSsjv6L+Uw=)
2: JjXi4XbAnV9bj8nE6_XGuu1V074.asa (hash: O90Cg0AUX3YziSsowsx54UsgUbqTnyh9MTtkhA73QD8=)
3: pCNxKB3-GQctEzndBIKyqvrVQs4.crl (hash: FoKfYJjk8xAO1EuV6yHNR/9c9SA4O9i7vuI+XqO6Qwo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 14:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:88:a3:80:1f:11:00:b9:c3:7a:cf:0a:9f:03:30:86:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42371281dfe19072d1339dd0482b2aafad542ce
Validity
Not Before: Jun 2 14:01:16 2026 GMT
Not After : Jun 3 14:01:16 2026 GMT
Subject: CN=220ba07625a68a4388987eba85293c5e18618e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a2:de:33:88:ae:c9:4e:3b:98:d8:67:59:a8:
36:92:b9:94:af:ad:f4:a8:7f:8b:51:78:d0:fc:1c:
a8:ee:c6:38:40:8d:ec:16:40:88:d3:83:24:99:8d:
02:7f:cd:57:e7:85:da:00:c8:fe:7d:b9:f4:e8:16:
32:07:5d:96:67:85:8a:ef:3a:77:cd:27:58:a8:fc:
6d:bd:09:38:62:66:09:13:b0:8d:44:45:5b:d8:92:
58:82:11:4e:46:cd:dd:95:80:56:39:4b:a0:47:0e:
5f:60:81:de:89:b5:8e:a2:ce:21:57:e4:b2:00:5b:
29:e1:70:7c:4b:5d:12:f1:58:4b:26:ce:f1:91:90:
ce:b2:28:ce:7f:43:f2:2a:1d:0a:46:ee:93:0a:87:
ba:27:10:bc:c1:5e:71:db:20:fc:65:75:9b:2d:80:
41:5e:d9:28:a3:95:80:a1:f0:d0:32:24:92:d3:57:
e3:f0:92:63:b9:f8:98:5f:7f:a5:78:b4:1c:19:bb:
98:f1:25:d5:fd:fb:52:fa:03:b6:5a:f8:60:4e:4c:
b1:fa:b2:37:dc:a0:e0:c2:27:6c:72:39:59:01:50:
a5:0d:2c:bf:be:0a:2c:29:8a:c9:c7:c3:87:99:3a:
6f:e0:d1:32:cc:1c:90:bd:c4:cd:69:0a:3e:46:bf:
5a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:0B:A0:76:25:A6:8A:43:88:98:7E:BA:85:29:3C:5E:18:61:8E:6C
X509v3 Authority Key Identifier:
keyid:A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:e7:f7:6a:5b:21:e8:44:12:ad:a4:02:c2:70:fd:62:49:fb:
9b:eb:87:e0:2f:29:d4:fe:d1:90:92:cc:3d:dc:aa:62:c7:a4:
d1:50:59:8a:ef:58:2b:be:ba:87:08:44:b9:e4:72:fb:f5:31:
7e:4a:27:59:01:67:40:98:f3:99:03:ee:26:4b:b5:ff:3b:6b:
a6:82:3c:f8:b4:0e:40:a3:6c:a4:13:22:57:0f:fb:30:02:9d:
aa:64:a4:1e:71:75:7f:bf:f9:ea:4c:09:32:32:fe:7c:cb:55:
9c:54:67:f7:f2:35:38:db:a2:2e:9b:78:00:0d:ab:84:3f:32:
f1:09:c5:9e:fc:07:11:1c:31:fd:16:c6:dd:ad:54:f6:c8:8f:
68:17:46:27:a3:fb:1b:63:d9:72:c8:e4:b1:e7:14:e5:1d:ca:
0a:cb:93:9b:40:2d:fb:b7:8a:c7:71:df:34:2d:f8:99:cf:a7:
cc:72:7b:0e:ae:2c:2b:1d:c0:bd:2c:c0:9d:f3:f2:cd:cd:54:
67:5a:f4:31:18:e8:53:bd:9e:b2:b5:51:9c:0e:ce:78:71:a1:
b2:4f:c1:76:c2:d1:4b:3e:02:ed:09:fd:34:52:d6:d1:f4:ae:
80:79:fd:ec:c2:fb:9c:ba:e5:cd:6c:c3:f1:1f:a8:48:b7:82:
aa:7b:69:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6Io4AfEQC5w3rPCp8DMIYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MjM3MTI4MWRmZTE5MDcyZDEzMzlkZDA0ODJiMmFhZmFk
NTQyY2UwHhcNMjYwNjAyMTQwMTE2WhcNMjYwNjAzMTQwMTE2WjAzMTEwLwYDVQQD
EygyMjBiYTA3NjI1YTY4YTQzODg5ODdlYmE4NTI5M2M1ZTE4NjE4ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKLeM4iuyU47mNhnWag2krmUr630
qH+LUXjQ/Byo7sY4QI3sFkCI04MkmY0Cf81X54XaAMj+fbn06BYyB12WZ4WK7zp3
zSdYqPxtvQk4YmYJE7CNREVb2JJYghFORs3dlYBWOUugRw5fYIHeibWOos4hV+Sy
AFsp4XB8S10S8VhLJs7xkZDOsijOf0PyKh0KRu6TCoe6JxC8wV5x2yD8ZXWbLYBB
Xtkoo5WAofDQMiSS01fj8JJjufiYX3+leLQcGbuY8SXV/ftS+gO2WvhgTkyx+rI3
3KDgwidscjlZAVClDSy/vgosKYrJx8OHmTpv4NEyzByQvcTNaQo+Rr9auwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCILoHYlpopDiJh+uoUpPF4YYY5sMB8GA1UdIwQY
MBaAFKQjcSgd/hkHLRM53QSCsqr61ULOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgt
OTkwNjBlMjQ1OGVjLzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgtOTkwNjBlMjQ1OGVj
LzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh+f3alsh
6EQSraQCwnD9Ykn7m+uH4C8p1P7RkJLMPdyqYsek0VBZiu9YK766hwhEueRy+/Ux
fkonWQFnQJjzmQPuJku1/ztrpoI8+LQOQKNspBMiVw/7MAKdqmSkHnF1f7/56kwJ
MjL+fMtVnFRn9/I1ONuiLpt4AA2rhD8y8QnFnvwHERwx/RbG3a1U9siPaBdGJ6P7
G2PZcsjksecU5R3KCsuTm0At+7eKx3HfNC34mc+nzHJ7Dq4sKx3AvSzAnfPyzc1U
Z1r0MRjoU72esrVRnA7OeHGhsk/BdsLRSz4C7Qn9NFLW0fSugHn97ML7nLrlzWzD
8R+oSLeCqntpAA==
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:55:20 2026 by rpki-client