Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
File: PwbJ3z-o-T2e8O0EscoENduLxlA.mft (raw, json)
Hash identifier: rQufb4bEQs64jMu5iQxzi6/gXp2RYf+uSqT3+F1Aq8g=
Subject key identifier: 33:C2:5C:84:9C:AE:2E:56:78:DC:EA:BC:47:0D:E8:C5:F5:5C:23:03
Authority key identifier: 3F:06:C9:DF:3F:A8:F9:3D:9E:F0:ED:04:B1:CA:04:35:DB:8B:C6:50
Certificate issuer: /CN=3f06c9df3fa8f93d9ef0ed04b1ca0435db8bc650
Certificate serial: 019CE712560F4CE72AFF1EBC5AA96A491CF6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
Manifest number: 1863
Signing time: Fri 13 Mar 2026 12:01:04 +0000
Manifest this update: Fri 13 Mar 2026 12:01:04 +0000
Manifest next update: Sat 14 Mar 2026 12:01:04 +0000
Files and hashes: 1: 7-32Md7Q_fthPHDnPKRu6x3v5Vw.roa (hash: jKLcvLv2eQ3ck8qI0kEKdK//Dg+ioPx0eWUIN6VBJvE=)
2: PwbJ3z-o-T2e8O0EscoENduLxlA.crl (hash: /mLtAAFSxLU3TpY5+k1AQC7k09oAm3+TXtvrikNWoME=)
3: hrCfuMVXLBCd5tVXj7Gmqzx0zMA.roa (hash: lBA8s9K0T2c9sC0fKCrfeOpYhHxaUfWtbc2uSEp45FI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e7:12:56:0f:4c:e7:2a:ff:1e:bc:5a:a9:6a:49:1c:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f06c9df3fa8f93d9ef0ed04b1ca0435db8bc650
Validity
Not Before: Mar 13 12:01:04 2026 GMT
Not After : Mar 14 12:01:04 2026 GMT
Subject: CN=33c25c849cae2e5678dceabc470de8c5f55c2303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d9:6f:8d:44:c5:10:7f:46:e9:20:56:67:73:
39:d8:0e:4d:c3:55:e8:5a:6d:8d:0a:85:fb:d9:31:
ad:d9:ed:e9:a1:51:a1:e6:94:bd:7a:99:0e:34:d0:
a9:80:01:49:15:ba:8b:ba:4f:54:3b:a2:dc:70:a2:
4a:ac:f8:72:75:92:7d:c4:6a:b9:c0:89:9b:ba:f3:
7a:81:e2:9d:f1:3d:06:c7:14:0d:71:de:f2:5b:34:
86:86:22:0b:77:a8:c7:ac:0f:78:84:98:70:b8:57:
3d:98:93:66:19:56:e0:f9:94:47:96:2d:bf:75:78:
2b:31:ae:21:b1:0f:f8:1d:4f:d3:85:82:1e:b8:87:
a8:80:f0:17:15:e4:c3:3c:5b:e7:83:2f:07:43:6e:
8e:bb:d2:d8:a8:b2:ea:67:ce:c5:42:76:dc:d5:29:
5e:3a:37:40:69:46:29:b6:e1:af:01:41:f4:b8:50:
7e:76:7d:f3:58:98:8c:36:4a:5d:2c:be:aa:79:c3:
fc:88:84:9c:e6:b0:30:e6:2c:37:fe:db:d1:fb:b8:
4e:6e:81:93:2b:0e:bf:89:81:0e:7e:9f:ea:f8:88:
7e:4c:29:8a:69:6a:a5:73:31:5e:2a:0f:83:93:ec:
c0:e7:97:78:2a:36:11:83:aa:d0:c6:0f:94:a0:20:
da:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C2:5C:84:9C:AE:2E:56:78:DC:EA:BC:47:0D:E8:C5:F5:5C:23:03
X509v3 Authority Key Identifier:
keyid:3F:06:C9:DF:3F:A8:F9:3D:9E:F0:ED:04:B1:CA:04:35:DB:8B:C6:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:d5:98:37:2f:34:03:45:41:4e:e3:38:c2:3d:72:6c:01:09:
f6:3f:c1:04:82:ff:a6:5d:14:9c:3e:ca:12:70:42:db:8c:94:
a3:70:16:b0:f4:0d:e6:16:0c:a4:a9:ef:59:94:5f:34:a8:32:
df:68:47:28:d3:9f:56:f2:d2:c5:19:0e:2f:95:cc:60:12:33:
11:ac:49:81:0d:22:a2:cd:bb:82:0f:fe:5e:60:f1:b8:33:df:
ac:1d:c1:0e:5d:df:39:d5:b0:3b:fc:81:3e:72:55:2b:e8:71:
e1:e4:10:f6:1d:1b:b6:60:2c:8f:98:0d:c5:e3:7b:e5:3f:2d:
f5:65:08:16:35:05:af:31:c4:a6:3d:63:88:4a:19:ec:01:ff:
5b:95:35:66:e6:cc:97:6a:e8:e3:88:9d:b2:d8:1d:9a:16:8e:
e0:c2:56:92:b1:e1:b6:a7:64:3d:c0:ff:3d:dc:78:a6:d8:ed:
a7:2a:1e:d9:d7:e5:41:87:19:11:7a:34:33:56:a7:aa:30:a8:
42:5b:e5:80:cd:75:c5:99:a8:b2:60:42:62:22:33:a1:39:6f:
da:a0:7b:87:ae:cf:4e:4f:cf:5b:26:64:4e:03:e8:34:d1:f8:
7b:14:5a:28:5f:d5:58:0d:57:48:3d:ba:6e:ae:50:1c:9a:c0:
d1:0b:50:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZznElYPTOcq/x68WqlqSRz2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMDZjOWRmM2ZhOGY5M2Q5ZWYwZWQwNGIxY2EwNDM1ZGI4
YmM2NTAwHhcNMjYwMzEzMTIwMTA0WhcNMjYwMzE0MTIwMTA0WjAzMTEwLwYDVQQD
EygzM2MyNWM4NDljYWUyZTU2NzhkY2VhYmM0NzBkZThjNWY1NWMyMzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NlvjUTFEH9G6SBWZ3M52A5Nw1Xo
Wm2NCoX72TGt2e3poVGh5pS9epkONNCpgAFJFbqLuk9UO6LccKJKrPhydZJ9xGq5
wImbuvN6geKd8T0GxxQNcd7yWzSGhiILd6jHrA94hJhwuFc9mJNmGVbg+ZRHli2/
dXgrMa4hsQ/4HU/ThYIeuIeogPAXFeTDPFvngy8HQ26Ou9LYqLLqZ87FQnbc1Sle
OjdAaUYptuGvAUH0uFB+dn3zWJiMNkpdLL6qecP8iISc5rAw5iw3/tvR+7hOboGT
Kw6/iYEOfp/q+Ih+TCmKaWqlczFeKg+Dk+zA55d4KjYRg6rQxg+UoCDaVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDPCXIScri5WeNzqvEcN6MX1XCMDMB8GA1UdIwQY
MBaAFD8Gyd8/qPk9nvDtBLHKBDXbi8ZQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9kMDBlM2QtNTRjNy00MzZmLWE4Y2Ut
MzM4YWEwY2Y5OGUyLzEvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9kMDBlM2QtNTRjNy00MzZmLWE4Y2UtMzM4YWEwY2Y5OGUy
LzEvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWtWYNy80
A0VBTuM4wj1ybAEJ9j/BBIL/pl0UnD7KEnBC24yUo3AWsPQN5hYMpKnvWZRfNKgy
32hHKNOfVvLSxRkOL5XMYBIzEaxJgQ0ios27gg/+XmDxuDPfrB3BDl3fOdWwO/yB
PnJVK+hx4eQQ9h0btmAsj5gNxeN75T8t9WUIFjUFrzHEpj1jiEoZ7AH/W5U1ZubM
l2ro44idstgdmhaO4MJWkrHhtqdkPcD/Pdx4ptjtpyoe2dflQYcZEXo0M1anqjCo
QlvlgM11xZmosmBCYiIzoTlv2qB7h67PTk/PWyZkTgPoNNH4exRaKF/VWA1XSD26
bq5QHJrA0QtQEQ==
-----END CERTIFICATE-----
Generated at Fri Mar 13 19:22:35 2026 by rpki-client