Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
File: pukanXyu9IGGdMXWJigTYVyJ3lY.mft (raw, json)
Hash identifier: ixWzWnK25S78CUWv1TgOrjUO9cnZxObHP/Pu+TWHr/M=
Subject key identifier: 18:CE:DC:C8:BA:42:1A:FF:A4:92:F7:0B:62:AB:AB:D8:F0:D1:4A:56
Authority key identifier: A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56
Certificate issuer: /CN=a6e91a9d7caef4818674c5d6262813615c89de56
Certificate serial: 019D38664BE9B8D9C58C643D19973F6D09C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
Manifest number: 1202
Signing time: Sun 29 Mar 2026 07:02:01 +0000
Manifest this update: Sun 29 Mar 2026 07:02:01 +0000
Manifest next update: Mon 30 Mar 2026 07:02:01 +0000
Files and hashes: 1: pukanXyu9IGGdMXWJigTYVyJ3lY.crl (hash: sZMt3fx7tAy9lQ8F9xxVrS/kSdyRcYDf5dy1YbQrlKc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:4b:e9:b8:d9:c5:8c:64:3d:19:97:3f:6d:09:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6e91a9d7caef4818674c5d6262813615c89de56
Validity
Not Before: Mar 29 07:02:01 2026 GMT
Not After : Mar 30 07:02:01 2026 GMT
Subject: CN=18cedcc8ba421affa492f70b62ababd8f0d14a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:59:a1:fc:55:d2:35:5a:28:c2:ff:92:74:2a:
ee:cf:80:2c:fb:a0:cb:23:71:28:a7:30:b3:01:27:
b9:82:34:b3:94:91:69:26:d8:2f:8f:e2:5d:59:90:
bf:79:3f:a8:3e:f0:a2:0d:1a:cf:f7:5d:ee:b2:72:
21:3a:9a:5a:5f:1f:dd:3e:ad:5c:06:de:b0:3f:6e:
0c:1c:73:50:07:06:48:eb:2e:02:18:c9:a3:a7:06:
7f:6a:be:87:40:f1:5e:db:01:76:ad:d6:a6:2c:39:
4f:e5:50:a2:51:7c:dc:79:09:7c:1f:36:c7:8e:56:
ac:bf:94:c6:3a:27:65:91:c2:6d:c7:12:9d:2f:11:
ae:d3:e5:0c:7d:b0:08:d2:4e:51:4a:51:b1:8c:97:
66:e6:16:6a:0a:4f:5b:cc:0a:97:4b:7a:76:b5:fa:
3c:2f:06:ee:67:78:92:81:49:32:b9:af:7d:15:5c:
de:a7:4e:4c:87:1e:a4:57:6b:63:2e:e3:96:c4:65:
a5:a8:9a:18:f5:e8:e9:c5:3c:8c:c3:c7:f3:11:67:
28:63:a2:6a:16:48:20:15:ec:e1:8e:f5:a3:27:c4:
76:b7:39:8b:d9:64:f2:0c:39:b6:47:93:ad:93:ba:
c4:86:c9:4b:49:48:b6:84:cb:40:98:b4:8c:f6:3f:
2d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:CE:DC:C8:BA:42:1A:FF:A4:92:F7:0B:62:AB:AB:D8:F0:D1:4A:56
X509v3 Authority Key Identifier:
keyid:A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:4e:a2:e6:8c:c3:11:1b:51:c1:62:b7:1f:91:4d:d8:dc:db:
48:5b:64:ba:d8:9c:d2:5b:7f:8f:9c:2b:26:25:eb:03:95:b8:
df:02:5d:18:df:7c:f0:e5:90:e4:50:2c:83:f1:16:17:88:ad:
40:ab:cc:60:07:dd:5c:c0:05:37:4a:45:d1:81:19:ed:eb:b9:
fa:f6:0d:82:9a:08:09:9a:60:7a:3c:22:2d:22:65:c9:a1:04:
cc:92:b6:c3:20:e4:a1:fb:3e:0e:2e:14:cf:9f:f8:ba:a2:89:
34:e6:ce:3d:99:51:6b:97:33:8c:5b:bc:90:a2:e2:59:05:10:
eb:b6:f9:a6:b5:8f:9a:72:5e:cb:23:95:fa:dd:36:74:c9:a2:
d0:56:7c:47:cf:9a:5d:66:2a:ff:f2:70:0e:c8:2c:19:30:02:
31:89:c3:c6:0d:f4:c6:34:e1:37:73:bd:7f:30:e1:37:47:59:
1c:43:fd:b8:ad:9b:ee:83:7b:e7:1b:1a:ae:cf:79:f3:6b:99:
4b:d9:23:99:f8:c9:91:d8:97:a3:dd:2f:a8:bd:10:81:1e:80:
47:b7:41:d6:87:6a:12:66:c8:01:7f:8e:78:01:39:d0:ac:1e:
f8:6b:61:44:7c:11:0f:90:39:78:8d:aa:e7:5f:7a:fc:a7:fe:
b1:be:28:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZkvpuNnFjGQ9GZc/bQnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZTkxYTlkN2NhZWY0ODE4Njc0YzVkNjI2MjgxMzYxNWM4
OWRlNTYwHhcNMjYwMzI5MDcwMjAxWhcNMjYwMzMwMDcwMjAxWjAzMTEwLwYDVQQD
EygxOGNlZGNjOGJhNDIxYWZmYTQ5MmY3MGI2MmFiYWJkOGYwZDE0YTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1mh/FXSNVoowv+SdCruz4As+6DL
I3EopzCzASe5gjSzlJFpJtgvj+JdWZC/eT+oPvCiDRrP913usnIhOppaXx/dPq1c
Bt6wP24MHHNQBwZI6y4CGMmjpwZ/ar6HQPFe2wF2rdamLDlP5VCiUXzceQl8HzbH
jlasv5TGOidlkcJtxxKdLxGu0+UMfbAI0k5RSlGxjJdm5hZqCk9bzAqXS3p2tfo8
LwbuZ3iSgUkyua99FVzep05Mhx6kV2tjLuOWxGWlqJoY9ejpxTyMw8fzEWcoY6Jq
FkggFezhjvWjJ8R2tzmL2WTyDDm2R5Otk7rEhslLSUi2hMtAmLSM9j8tvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBjO3Mi6Qhr/pJL3C2Krq9jw0UpWMB8GA1UdIwQY
MBaAFKbpGp18rvSBhnTF1iYoE2Fcid5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgt
NDA4MjI5ZjBiYWYxLzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgtNDA4MjI5ZjBiYWYx
LzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr06i5ozD
ERtRwWK3H5FN2NzbSFtkutic0lt/j5wrJiXrA5W43wJdGN988OWQ5FAsg/EWF4it
QKvMYAfdXMAFN0pF0YEZ7eu5+vYNgpoICZpgejwiLSJlyaEEzJK2wyDkofs+Di4U
z5/4uqKJNObOPZlRa5czjFu8kKLiWQUQ67b5prWPmnJeyyOV+t02dMmi0FZ8R8+a
XWYq//JwDsgsGTACMYnDxg30xjThN3O9fzDhN0dZHEP9uK2b7oN75xsars9582uZ
S9kjmfjJkdiXo90vqL0QgR6AR7dB1odqEmbIAX+OeAE50Kwe+GthRHwRD5A5eI2q
5196/Kf+sb4oUQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:43:09 2026 by rpki-client