Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/PqvgKPO-fuByiF0Cu9e2KmUkJe8.mft
File: PqvgKPO-fuByiF0Cu9e2KmUkJe8.mft (raw, json)
Hash identifier: g+t1DtEdU8fiMDTZAHXTC8R5tVXqY62kTf8PSqpcNBY=
Subject key identifier: 8F:52:AA:E4:CB:C8:0D:EB:BC:A7:42:BB:E8:8F:3D:2F:3C:03:D7:65
Authority key identifier: 3E:AB:E0:28:F3:BE:7E:E0:72:88:5D:02:BB:D7:B6:2A:65:24:25:EF
Certificate issuer: /CN=3eabe028f3be7ee072885d02bbd7b62a652425ef
Certificate serial: 019D38D2DBB065240944A8858E985B66F3B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqvgKPO-fuByiF0Cu9e2KmUkJe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/PqvgKPO-fuByiF0Cu9e2KmUkJe8.mft
Manifest number: 0EA2
Signing time: Sun 29 Mar 2026 09:00:35 +0000
Manifest this update: Sun 29 Mar 2026 09:00:35 +0000
Manifest next update: Mon 30 Mar 2026 09:00:35 +0000
Files and hashes: 1: 66CPSBvOBs6dFqzBnItMz4Q213g.roa (hash: b1rR7/NAs6w4yv3zdYzfmRYRTyFpzzr69EUW9oij5uE=)
2: PqvgKPO-fuByiF0Cu9e2KmUkJe8.crl (hash: DAgxm98d+31deTSumhwn+x+Yjmjmcvii3c5rcWchbPk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/PqvgKPO-fuByiF0Cu9e2KmUkJe8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/PqvgKPO-fuByiF0Cu9e2KmUkJe8.mft
rsync://rpki.ripe.net/repository/DEFAULT/PqvgKPO-fuByiF0Cu9e2KmUkJe8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:db:b0:65:24:09:44:a8:85:8e:98:5b:66:f3:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eabe028f3be7ee072885d02bbd7b62a652425ef
Validity
Not Before: Mar 29 09:00:35 2026 GMT
Not After : Mar 30 09:00:35 2026 GMT
Subject: CN=8f52aae4cbc80debbca742bbe88f3d2f3c03d765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:03:10:4b:24:fa:bf:16:88:bb:8d:c6:0d:3a:
08:20:8d:a0:c6:ef:48:2a:7e:8d:b6:4d:a9:11:ed:
36:2c:18:78:8a:90:32:7b:81:08:25:89:69:18:bf:
99:6d:bf:09:4c:ae:38:50:dd:ce:2f:9f:ef:fd:0f:
f0:c6:75:5e:50:b3:45:b6:19:d6:0e:08:08:c4:df:
2c:cc:4e:7b:7f:f2:2e:73:85:d1:20:f8:11:ea:c7:
7b:27:e4:74:c2:c0:29:1a:bb:fb:c4:94:f4:35:d8:
f5:8a:ac:90:9c:6e:49:e9:66:dd:32:01:b3:19:6f:
d1:b9:2c:9a:82:19:e3:b9:c3:2d:a2:81:82:02:e2:
be:b3:33:6f:34:af:90:e2:2e:ff:33:0d:e9:c2:f8:
36:cc:a9:a7:5b:6f:20:4e:d0:a0:64:46:3f:c0:b7:
b0:b9:c7:55:45:9e:4d:6b:8a:03:fb:ce:6c:66:a3:
dd:f3:5f:0a:2e:a6:39:34:36:1a:99:3e:94:4a:5c:
03:d7:0f:46:95:06:6c:f6:35:18:5b:2d:5f:95:25:
65:04:6e:da:e6:4b:c6:30:ca:61:c9:7b:94:31:0c:
ba:2a:b6:aa:de:49:83:19:31:41:5b:9f:1b:06:b6:
42:8f:04:0b:b3:1b:f0:36:37:13:5c:4a:d8:7b:9f:
b9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:52:AA:E4:CB:C8:0D:EB:BC:A7:42:BB:E8:8F:3D:2F:3C:03:D7:65
X509v3 Authority Key Identifier:
keyid:3E:AB:E0:28:F3:BE:7E:E0:72:88:5D:02:BB:D7:B6:2A:65:24:25:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqvgKPO-fuByiF0Cu9e2KmUkJe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/PqvgKPO-fuByiF0Cu9e2KmUkJe8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/PqvgKPO-fuByiF0Cu9e2KmUkJe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:82:e4:c6:eb:56:de:a6:7e:2b:53:34:e6:b0:88:9d:94:63:
4c:28:e4:21:92:aa:7a:e5:b3:9d:e8:44:d5:f7:23:6f:eb:2d:
01:c8:c2:ee:0b:e4:a6:4a:f0:5b:27:74:cb:a6:36:56:b2:06:
90:e8:dc:5e:e2:e5:c9:01:57:96:b7:7e:66:b5:3a:2f:04:02:
a3:c7:72:f6:c7:eb:1a:7e:af:25:6c:0d:e7:39:2f:19:53:70:
0d:40:f1:d7:61:27:94:ef:1b:a1:1e:9e:f6:2c:88:26:00:f0:
ef:14:6f:17:a7:7a:eb:db:60:af:19:79:1c:96:95:cf:66:2a:
c3:59:53:a7:5c:b9:67:13:40:07:2e:45:50:a7:30:69:6b:08:
53:82:67:ee:a9:2c:dd:53:d5:b9:df:f4:ad:c8:3b:21:f5:7b:
9b:8c:85:f4:b4:4d:b6:04:7c:9c:96:b2:1a:5b:7a:69:8e:db:
e6:67:8c:85:10:42:99:25:24:9c:f6:c5:b0:60:61:70:26:01:
28:b0:18:66:f0:e6:7f:17:70:9c:b2:27:b0:7c:7d:5e:a5:17:
c3:b1:29:39:35:2e:9b:3a:c4:d6:0d:c3:33:07:4a:96:2c:cd:
71:b5:01:cf:bf:87:63:86:ab:97:17:f6:22:85:e6:16:8d:45:
fc:33:1c:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040tuwZSQJRKiFjphbZvOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYWJlMDI4ZjNiZTdlZTA3Mjg4NWQwMmJiZDdiNjJhNjUy
NDI1ZWYwHhcNMjYwMzI5MDkwMDM1WhcNMjYwMzMwMDkwMDM1WjAzMTEwLwYDVQQD
Eyg4ZjUyYWFlNGNiYzgwZGViYmNhNzQyYmJlODhmM2QyZjNjMDNkNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwMQSyT6vxaIu43GDToIII2gxu9I
Kn6Ntk2pEe02LBh4ipAye4EIJYlpGL+Zbb8JTK44UN3OL5/v/Q/wxnVeULNFthnW
DggIxN8szE57f/Iuc4XRIPgR6sd7J+R0wsApGrv7xJT0Ndj1iqyQnG5J6WbdMgGz
GW/RuSyaghnjucMtooGCAuK+szNvNK+Q4i7/Mw3pwvg2zKmnW28gTtCgZEY/wLew
ucdVRZ5Na4oD+85sZqPd818KLqY5NDYamT6USlwD1w9GlQZs9jUYWy1flSVlBG7a
5kvGMMphyXuUMQy6Kraq3kmDGTFBW58bBrZCjwQLsxvwNjcTXErYe5+5qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9SquTLyA3rvKdCu+iPPS88A9dlMB8GA1UdIwQY
MBaAFD6r4Cjzvn7gcohdArvXtiplJCXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHF2Z0tQTy1mdUJ5aUYwQ3U5ZTJLbVVrSmU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yYWQ0ZmEtYmQ3Yi00MDdlLWIyNWEt
ZGY3NDEwYjJkMjc1LzEvUHF2Z0tQTy1mdUJ5aUYwQ3U5ZTJLbVVrSmU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yYWQ0ZmEtYmQ3Yi00MDdlLWIyNWEtZGY3NDEwYjJkMjc1
LzEvUHF2Z0tQTy1mdUJ5aUYwQ3U5ZTJLbVVrSmU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMoLkxutW
3qZ+K1M05rCInZRjTCjkIZKqeuWznehE1fcjb+stAcjC7gvkpkrwWyd0y6Y2VrIG
kOjcXuLlyQFXlrd+ZrU6LwQCo8dy9sfrGn6vJWwN5zkvGVNwDUDx12EnlO8boR6e
9iyIJgDw7xRvF6d669tgrxl5HJaVz2Yqw1lTp1y5ZxNABy5FUKcwaWsIU4Jn7qks
3VPVud/0rcg7IfV7m4yF9LRNtgR8nJayGlt6aY7b5meMhRBCmSUknPbFsGBhcCYB
KLAYZvDmfxdwnLInsHx9XqUXw7EpOTUumzrE1g3DMwdKlizNcbUBz7+HY4arlxf2
IoXmFo1F/DMcFQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:48 2026 by rpki-client