Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
File: PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json)
Hash identifier: CyPRsIRbC2sw0VGY3jERvqACr3JsNy22ZVnAEQ3tq7Y=
Subject key identifier: 80:1C:EF:D9:16:9F:69:18:3E:47:47:54:9B:CA:1E:53:DD:4E:2D:83
Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
Certificate issuer: /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Certificate serial: 019D375214CAD72D9C53AD885696A5734963
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
Manifest number: 1277
Signing time: Sun 29 Mar 2026 02:00:19 +0000
Manifest this update: Sun 29 Mar 2026 02:00:19 +0000
Manifest next update: Mon 30 Mar 2026 02:00:19 +0000
Files and hashes: 1: FU4n6XNa33EeNcK1pVjnryUAJ6g.roa (hash: vAyZ21gv2CupNTDwhYo/hiCxZiQKD0Xxe9J+fN5P0S8=)
2: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: JbOIkHOQfZwxD2YiKqaUm9B+fseV4yQ4oEWHaWslr3s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:14:ca:d7:2d:9c:53:ad:88:56:96:a5:73:49:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Validity
Not Before: Mar 29 02:00:19 2026 GMT
Not After : Mar 30 02:00:19 2026 GMT
Subject: CN=801cefd9169f69183e4747549bca1e53dd4e2d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:52:f9:bb:64:74:28:87:53:9f:67:99:4f:c2:
0c:38:9a:54:40:fc:58:9e:6f:ff:da:9f:98:df:77:
a6:b0:e5:79:28:af:85:5a:6e:94:b7:f8:e3:7d:65:
28:7a:f1:ca:d0:47:4d:b7:fe:92:9f:dd:e5:2c:8a:
b6:fa:f9:8d:bd:5b:61:5b:4d:fd:e8:ea:26:33:90:
4b:43:fe:cb:1f:a0:e1:d3:71:19:1b:86:11:63:a9:
9a:68:bd:65:f0:cd:ed:74:36:65:01:a7:3f:a4:eb:
90:25:54:cb:77:7f:6d:ea:5a:08:a8:5b:42:81:15:
dc:60:c7:fb:51:b9:ea:fc:62:15:f3:e8:8c:b5:a7:
77:d3:ab:c2:6e:84:c1:35:d8:1a:ec:e9:6e:37:41:
41:b5:3d:ab:e0:72:1b:f1:e4:72:9e:79:84:e0:a2:
95:c6:6b:92:47:07:d8:67:a8:af:2c:85:81:f3:e5:
f5:78:42:79:fc:fa:e2:77:20:f3:79:37:b3:30:c5:
f3:63:92:1d:59:ae:59:23:5c:45:70:45:d0:b9:f6:
a9:17:81:e4:9c:15:cb:bf:3d:9a:dc:80:8e:31:77:
fd:8b:58:fe:73:6a:65:9b:bb:73:ec:17:c8:a2:8b:
80:c4:19:35:ca:25:08:c6:86:c7:c5:36:52:22:8c:
a1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:1C:EF:D9:16:9F:69:18:3E:47:47:54:9B:CA:1E:53:DD:4E:2D:83
X509v3 Authority Key Identifier:
keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:64:31:78:90:12:96:eb:43:7c:16:98:c2:48:57:3f:13:b5:
6d:20:72:e4:64:3f:01:cb:3a:60:25:7a:45:05:23:1f:79:f6:
4d:0b:36:7c:a9:87:0b:6c:c5:aa:a0:4d:b1:47:4e:76:e1:99:
87:99:ee:51:e5:18:54:90:60:a2:60:ee:d0:80:7a:7b:0a:5d:
8c:c9:d9:9a:3f:a5:75:ae:79:14:95:73:c8:ff:e4:b4:43:2d:
35:0d:38:11:a2:0c:52:9d:40:fa:ee:f5:4d:83:3d:04:23:08:
9b:18:65:21:d9:bd:4e:ed:42:5f:f9:88:77:55:a7:99:a2:4e:
89:29:50:8a:c5:3f:d1:5e:3f:3d:89:92:15:d5:78:c5:97:8f:
86:04:2a:57:2e:26:a7:90:00:59:71:6d:85:fa:21:27:7f:74:
51:a3:93:aa:7c:8a:0e:c0:ce:16:4a:bb:eb:2b:71:b7:aa:b8:
9d:07:d2:35:58:c6:fc:f9:38:8a:c4:5e:8f:1e:a3:4d:fc:40:
5e:64:74:b7:97:5f:36:90:d3:f1:1f:76:42:59:e8:cf:15:7d:
ad:a9:24:28:2e:0b:fe:23:37:6b:4b:dc:47:38:92:9c:47:80:
28:25:dc:10:58:a2:cf:15:be:f0:bb:58:52:c0:72:6d:d2:4b:
03:4d:27:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UhTK1y2cU62IVpalc0ljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy
ZDMyYjYwHhcNMjYwMzI5MDIwMDE5WhcNMjYwMzMwMDIwMDE5WjAzMTEwLwYDVQQD
Eyg4MDFjZWZkOTE2OWY2OTE4M2U0NzQ3NTQ5YmNhMWU1M2RkNGUyZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlL5u2R0KIdTn2eZT8IMOJpUQPxY
nm//2p+Y33emsOV5KK+FWm6Ut/jjfWUoevHK0EdNt/6Sn93lLIq2+vmNvVthW039
6OomM5BLQ/7LH6Dh03EZG4YRY6maaL1l8M3tdDZlAac/pOuQJVTLd39t6loIqFtC
gRXcYMf7Ubnq/GIV8+iMtad306vCboTBNdga7OluN0FBtT2r4HIb8eRynnmE4KKV
xmuSRwfYZ6ivLIWB8+X1eEJ5/PridyDzeTezMMXzY5IdWa5ZI1xFcEXQufapF4Hk
nBXLvz2a3ICOMXf9i1j+c2plm7tz7BfIoouAxBk1yiUIxobHxTZSIoyh0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIAc79kWn2kYPkdHVJvKHlPdTi2DMB8GA1UdIwQY
MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt
MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl
LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcmQxeJAS
lutDfBaYwkhXPxO1bSBy5GQ/Acs6YCV6RQUjH3n2TQs2fKmHC2zFqqBNsUdOduGZ
h5nuUeUYVJBgomDu0IB6ewpdjMnZmj+lda55FJVzyP/ktEMtNQ04EaIMUp1A+u71
TYM9BCMImxhlIdm9Tu1CX/mId1WnmaJOiSlQisU/0V4/PYmSFdV4xZePhgQqVy4m
p5AAWXFthfohJ390UaOTqnyKDsDOFkq76ytxt6q4nQfSNVjG/Pk4isRejx6jTfxA
XmR0t5dfNpDT8R92QlnozxV9rakkKC4L/iM3a0vcRziSnEeAKCXcEFiizxW+8LtY
UsBybdJLA00nAw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:00 2026 by rpki-client