Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
File: PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft (raw, json)
Hash identifier: B5eRCRMT4cQdDsnreuKnWY2LsX1zfBF9z1rtc7jDc7A=
Subject key identifier: FA:E9:85:76:BD:C2:09:12:1D:5D:E9:D2:A4:9B:71:FD:60:7D:85:29
Authority key identifier: 3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
Certificate issuer: /CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Certificate serial: 019D08FA3E47ACBDB6980CF147C2B78CB1CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
Manifest number: 1873
Signing time: Fri 20 Mar 2026 02:01:50 +0000
Manifest this update: Fri 20 Mar 2026 02:01:50 +0000
Manifest next update: Sat 21 Mar 2026 02:01:50 +0000
Files and hashes: 1: PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl (hash: nNvHYU8Nqipojy6XBXT2Nu6dudZzPTkzW5uFwZxnIeE=)
2: ZyRogeaonWCDX6YHI-BEV3oTgbo.asa (hash: UhcSgiJzCKNgPVuyaZNIhdxTbMyFoRx3xZ1V9omPKtY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 01:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:08:fa:3e:47:ac:bd:b6:98:0c:f1:47:c2:b7:8c:b1:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Validity
Not Before: Mar 20 02:01:50 2026 GMT
Not After : Mar 21 02:01:50 2026 GMT
Subject: CN=fae98576bdc209121d5de9d2a49b71fd607d8529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:5c:c8:62:44:ed:11:fb:e9:bd:22:fa:27:70:
a9:ec:d5:7b:12:c2:94:27:db:a2:40:a9:e3:39:82:
fa:ca:e7:29:6a:4f:c1:69:87:1a:0a:b8:0a:e9:a4:
f3:90:13:cf:76:1e:48:24:92:fb:73:72:77:66:16:
36:50:50:c8:eb:41:95:8d:3e:cf:fc:6c:93:cd:35:
61:4e:3d:a3:10:cb:55:6f:a5:3b:6c:cc:29:0b:8a:
d2:a2:04:98:60:8d:32:86:ad:fc:8b:31:a2:2b:f4:
27:79:9e:37:dc:a2:83:53:c4:62:d5:13:83:94:99:
18:73:f6:d5:85:74:cf:87:fa:d0:91:77:72:a9:17:
51:32:17:10:8a:fb:2e:25:ae:d2:64:22:f5:3e:99:
ac:67:0c:06:db:db:3c:f7:1d:8f:a0:82:1c:ad:f7:
87:24:2a:44:5a:c2:82:b5:40:29:0e:f8:57:97:c1:
f3:d2:6f:b4:ee:52:a3:55:d1:4d:d6:10:6e:a5:83:
d1:da:1c:e6:f2:22:74:8d:af:e0:72:e9:75:b0:74:
6b:30:b4:5a:bd:ac:ab:10:84:21:3f:13:95:db:11:
85:a2:a4:f9:0c:20:9a:73:19:b7:17:cc:94:d3:e1:
97:86:cd:a2:58:a3:7b:52:bd:4c:1e:55:bd:b3:df:
01:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E9:85:76:BD:C2:09:12:1D:5D:E9:D2:A4:9B:71:FD:60:7D:85:29
X509v3 Authority Key Identifier:
keyid:3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:09:f0:25:ee:16:e0:6f:29:35:ac:05:85:a9:f6:e6:e4:37:
ce:9e:7b:cf:82:af:30:c6:2b:3c:11:db:57:cb:31:10:22:27:
1b:32:95:de:83:a3:aa:09:49:5e:39:c9:d6:7f:82:3f:6a:27:
de:5b:41:50:24:db:04:a2:d0:10:c0:b0:be:85:c3:3b:ed:30:
a7:aa:de:25:a8:5a:d1:6e:a0:b1:42:09:9d:27:a2:7d:d1:9a:
f5:07:08:57:ae:b9:ac:9d:4f:ce:92:b3:03:a2:af:98:c6:92:
84:f8:93:e9:3a:e0:fe:e6:09:f4:df:00:a7:6c:45:ad:48:6b:
d4:f9:50:cc:c9:7a:32:48:2c:ba:26:4f:2c:67:a7:ef:da:bb:
f0:53:92:b7:52:92:02:c8:26:5c:3c:b0:39:89:0c:8e:30:4f:
08:60:b0:f2:d3:53:65:d2:51:85:c8:68:6f:fc:a2:40:72:4e:
1e:5e:15:55:34:91:64:97:e3:7e:51:c0:88:b8:5d:c6:88:3e:
34:c2:58:d9:0c:c8:2f:e1:22:7c:5d:39:5f:46:3c:98:b6:f7:
00:e6:df:66:fa:f2:52:ad:1c:a1:04:42:5d:a2:8f:68:6a:e1:
14:22:34:d6:b4:c8:dd:9d:13:c9:37:90:de:73:8f:50:e0:07:
37:c1:29:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0I+j5HrL22mAzxR8K3jLHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzJhNWY0YmY3NDY2YTYxNDYyYWNiODg4MDhjN2YwMzZk
NGQ2ZDgwHhcNMjYwMzIwMDIwMTUwWhcNMjYwMzIxMDIwMTUwWjAzMTEwLwYDVQQD
EyhmYWU5ODU3NmJkYzIwOTEyMWQ1ZGU5ZDJhNDliNzFmZDYwN2Q4NTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21zIYkTtEfvpvSL6J3Cp7NV7EsKU
J9uiQKnjOYL6yucpak/BaYcaCrgK6aTzkBPPdh5IJJL7c3J3ZhY2UFDI60GVjT7P
/GyTzTVhTj2jEMtVb6U7bMwpC4rSogSYYI0yhq38izGiK/QneZ433KKDU8Ri1ROD
lJkYc/bVhXTPh/rQkXdyqRdRMhcQivsuJa7SZCL1PpmsZwwG29s89x2PoIIcrfeH
JCpEWsKCtUApDvhXl8Hz0m+07lKjVdFN1hBupYPR2hzm8iJ0ja/gcul1sHRrMLRa
vayrEIQhPxOV2xGFoqT5DCCacxm3F8yU0+GXhs2iWKN7Ur1MHlW9s98B1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrphXa9wgkSHV3p0qSbcf1gfYUpMB8GA1UdIwQY
MBaAFD1ypfS/dGamFGKsuIgIx/A21NbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDIt
ODBjMGYxNGVkYWUxLzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDItODBjMGYxNGVkYWUx
LzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACAnwJe4W
4G8pNawFhan25uQ3zp57z4KvMMYrPBHbV8sxECInGzKV3oOjqglJXjnJ1n+CP2on
3ltBUCTbBKLQEMCwvoXDO+0wp6reJaha0W6gsUIJnSeifdGa9QcIV665rJ1PzpKz
A6KvmMaShPiT6Trg/uYJ9N8Ap2xFrUhr1PlQzMl6MkgsuiZPLGen79q78FOSt1KS
AsgmXDywOYkMjjBPCGCw8tNTZdJRhchob/yiQHJOHl4VVTSRZJfjflHAiLhdxog+
NMJY2QzIL+EifF05X0Y8mLb3AObfZvryUq0coQRCXaKPaGrhFCI01rTI3Z0TyTeQ
3nOPUOAHN8Epgg==
-----END CERTIFICATE-----
Generated at Fri Mar 20 04:35:47 2026 by rpki-client