Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft
File: PBnm8n2SgJXlYN52ePKONFnVWUc.mft (raw, json)
Hash identifier: Cj3Zl2iEnR2ZdDVtuLzcUMpXHHZplI2EleCzWjHT9yI=
Subject key identifier: 04:AF:00:27:CB:18:E7:16:13:06:36:C8:02:BE:CC:F2:BD:F5:18:DF
Authority key identifier: 3C:19:E6:F2:7D:92:80:95:E5:60:DE:76:78:F2:8E:34:59:D5:59:47
Certificate issuer: /CN=3c19e6f27d928095e560de7678f28e3459d55947
Certificate serial: 019D38D38063E2FD710E7D8EE15B081980BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft
Manifest number: 03A3
Signing time: Sun 29 Mar 2026 09:01:17 +0000
Manifest this update: Sun 29 Mar 2026 09:01:17 +0000
Manifest next update: Mon 30 Mar 2026 09:01:17 +0000
Files and hashes: 1: CB5dZw_OUbWQmf6rrxVZ4SzmOPA.roa (hash: 7zRrcVpQEfWDa1cgriGdXYM3UTbJ90zYlGXeGAuJSjI=)
2: PBnm8n2SgJXlYN52ePKONFnVWUc.crl (hash: hMRaV2YWEMRSU5c+16eDiQfhnC/0DhdR7h8/+a4RI0E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:80:63:e2:fd:71:0e:7d:8e:e1:5b:08:19:80:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c19e6f27d928095e560de7678f28e3459d55947
Validity
Not Before: Mar 29 09:01:17 2026 GMT
Not After : Mar 30 09:01:17 2026 GMT
Subject: CN=04af0027cb18e716130636c802beccf2bdf518df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:26:d2:39:9d:14:31:bc:8d:71:39:63:5a:e1:
25:32:a1:16:24:a3:91:37:75:92:ba:79:88:61:44:
09:08:00:b4:4c:63:5a:f9:34:e0:cf:e2:f4:97:62:
40:1b:56:f5:27:1f:eb:4f:99:8c:46:93:fc:fd:96:
82:43:f0:5d:ad:48:4f:3e:4e:9d:6a:40:b9:01:d6:
95:0c:09:26:ab:de:e4:e2:9a:2c:b2:2d:2d:63:0d:
6a:e2:83:75:f4:2e:98:e8:c1:28:08:4d:8a:2a:fa:
7b:7f:c3:f4:99:6f:76:c8:9e:08:76:f2:12:50:4a:
03:c7:1c:1d:7e:85:68:6c:ad:d2:ad:99:e4:85:f6:
2b:74:8d:4c:ab:fc:72:6a:c0:bf:76:80:a0:6e:b0:
c6:ba:29:cb:3a:59:dc:f8:d2:1e:90:ca:15:eb:f8:
e1:0a:38:04:72:84:5a:33:71:69:a2:03:a3:3a:95:
14:a6:c0:7c:84:06:63:80:d3:48:21:53:24:0a:18:
91:74:91:0c:8b:84:ed:3f:14:22:de:46:ce:6f:72:
e5:85:f8:c1:73:16:9b:87:1c:29:40:09:31:b6:32:
1e:4a:21:02:21:f8:5b:30:ed:57:76:34:62:fd:c0:
f3:00:a0:cd:27:54:e1:3a:15:23:19:69:e9:c2:31:
f4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:AF:00:27:CB:18:E7:16:13:06:36:C8:02:BE:CC:F2:BD:F5:18:DF
X509v3 Authority Key Identifier:
keyid:3C:19:E6:F2:7D:92:80:95:E5:60:DE:76:78:F2:8E:34:59:D5:59:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:d0:31:ab:a4:e0:2a:3c:5c:81:8a:3c:4e:aa:91:3a:d3:ea:
1f:ce:62:d2:60:f7:ab:34:db:32:e9:2d:60:27:b3:22:b9:2b:
fc:6f:15:08:96:07:ce:df:77:e9:94:32:d0:41:26:5b:91:f9:
a3:47:99:3f:c7:89:91:39:38:ce:bf:82:41:3f:35:60:41:d1:
99:ee:c3:17:6c:42:76:d3:79:32:bb:80:26:ab:e3:20:90:4d:
b9:04:e5:55:cb:7d:3f:cf:84:47:b0:72:fc:c2:cf:73:06:6d:
34:1c:0b:50:7d:06:c7:9f:26:d1:1f:52:09:91:d7:18:bf:c0:
03:32:f6:2a:39:62:24:34:8b:97:b9:ed:db:22:6a:72:9d:27:
c0:f7:45:a0:64:3e:ce:08:c6:0d:de:cf:9b:9a:6c:0a:c8:8c:
98:c9:91:ee:7e:dd:97:18:d7:02:20:e1:11:a4:ac:77:2d:0c:
f3:51:66:97:c9:a0:2a:9f:60:6a:bb:7e:74:5d:0d:d8:e2:ad:
00:f0:ca:58:8e:d7:ef:37:77:4d:53:9e:bb:15:5b:00:52:a0:
e2:69:b3:a2:f2:49:c0:89:45:67:6e:dc:a2:2f:f2:a0:3f:a2:
01:74:7d:63:65:37:8c:f7:39:a6:c4:b6:82:d8:60:3c:53:c9:
ee:c7:e4:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0404Bj4v1xDn2O4VsIGYC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMTllNmYyN2Q5MjgwOTVlNTYwZGU3Njc4ZjI4ZTM0NTlk
NTU5NDcwHhcNMjYwMzI5MDkwMTE3WhcNMjYwMzMwMDkwMTE3WjAzMTEwLwYDVQQD
EygwNGFmMDAyN2NiMThlNzE2MTMwNjM2YzgwMmJlY2NmMmJkZjUxOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvybSOZ0UMbyNcTljWuElMqEWJKOR
N3WSunmIYUQJCAC0TGNa+TTgz+L0l2JAG1b1Jx/rT5mMRpP8/ZaCQ/BdrUhPPk6d
akC5AdaVDAkmq97k4possi0tYw1q4oN19C6Y6MEoCE2KKvp7f8P0mW92yJ4IdvIS
UEoDxxwdfoVobK3SrZnkhfYrdI1Mq/xyasC/doCgbrDGuinLOlnc+NIekMoV6/jh
CjgEcoRaM3FpogOjOpUUpsB8hAZjgNNIIVMkChiRdJEMi4TtPxQi3kbOb3LlhfjB
cxabhxwpQAkxtjIeSiECIfhbMO1XdjRi/cDzAKDNJ1ThOhUjGWnpwjH0PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFASvACfLGOcWEwY2yAK+zPK99RjfMB8GA1UdIwQY
MBaAFDwZ5vJ9koCV5WDednjyjjRZ1VlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8yMzliNzMtN2FhNy00YjU4LWIxMmMt
NzkyN2RlNTM5MzY0LzEvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8yMzliNzMtN2FhNy00YjU4LWIxMmMtNzkyN2RlNTM5MzY0
LzEvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATNAxq6Tg
KjxcgYo8TqqROtPqH85i0mD3qzTbMuktYCezIrkr/G8VCJYHzt936ZQy0EEmW5H5
o0eZP8eJkTk4zr+CQT81YEHRme7DF2xCdtN5MruAJqvjIJBNuQTlVct9P8+ER7By
/MLPcwZtNBwLUH0Gx58m0R9SCZHXGL/AAzL2KjliJDSLl7nt2yJqcp0nwPdFoGQ+
zgjGDd7Pm5psCsiMmMmR7n7dlxjXAiDhEaSsdy0M81Fml8mgKp9gart+dF0N2OKt
APDKWI7X7zd3TVOeuxVbAFKg4mmzovJJwIlFZ27coi/yoD+iAXR9Y2U3jPc5psS2
gthgPFPJ7sfkzQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:38:21 2026 by rpki-client