Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.mft
File: puiiWpN5KlizotgPsarZWeZa7d8.mft (raw, json)
Hash identifier: fL5fIj5nKpn6U1dykuakLVehcmj7X+MrW1HVHkj2ajg=
Subject key identifier: 70:E7:49:D0:5A:6D:C3:AE:01:C3:0F:89:44:25:20:97:7E:F6:EF:3F
Authority key identifier: A6:E8:A2:5A:93:79:2A:58:B3:A2:D8:0F:B1:AA:D9:59:E6:5A:ED:DF
Certificate issuer: /CN=a6e8a25a93792a58b3a2d80fb1aad959e65aeddf
Certificate serial: 019D39782D1C7A47F1E5ED2CC0D487484B10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.mft
Manifest number: 17EA
Signing time: Sun 29 Mar 2026 12:01:10 +0000
Manifest this update: Sun 29 Mar 2026 12:01:10 +0000
Manifest next update: Mon 30 Mar 2026 12:01:10 +0000
Files and hashes: 1: g9eUHufAbqCnyoz7MWSGoEXgVqk.roa (hash: h3ZbwcX8TFezVBJLOgnMiqp7D8R/Las6MgO0OvsuqC0=)
2: puiiWpN5KlizotgPsarZWeZa7d8.crl (hash: AFU8Q8+wNTnIYngeLZb5AI80wLxmzSMGYeBgql4HHPA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.mft
rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:78:2d:1c:7a:47:f1:e5:ed:2c:c0:d4:87:48:4b:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6e8a25a93792a58b3a2d80fb1aad959e65aeddf
Validity
Not Before: Mar 29 12:01:10 2026 GMT
Not After : Mar 30 12:01:10 2026 GMT
Subject: CN=70e749d05a6dc3ae01c30f89442520977ef6ef3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:07:03:12:55:70:73:51:39:66:a8:24:9e:71:
c0:a8:4e:a8:b6:e9:fd:06:90:40:1c:b6:23:6a:ef:
1e:19:5f:f7:7f:e6:74:89:97:5b:30:3a:ce:ac:6e:
ac:14:55:fe:00:0e:f5:9b:c6:31:a8:45:6f:07:f4:
1e:61:dd:29:79:e6:f9:18:ba:c2:15:fa:22:b1:79:
fe:ad:47:0e:e5:00:c7:72:3c:b2:45:ac:c3:52:83:
9a:4c:12:e8:e1:b2:c8:45:e8:a9:59:27:a8:73:d1:
80:ab:8f:c5:0d:ff:37:dc:66:6b:9e:0a:86:43:72:
54:e4:2b:21:3e:7e:42:c5:ca:ba:fb:fc:e7:01:98:
90:04:b8:e0:df:40:2b:39:5f:4a:96:17:04:57:a7:
48:6a:fb:91:43:72:68:75:e0:2a:57:ab:a7:e7:56:
47:f6:42:d2:59:e2:38:f2:df:ad:cb:92:aa:9d:d0:
78:5b:fc:9b:87:ca:a4:a6:09:55:9e:06:0a:d2:b9:
50:32:1e:55:35:a2:87:4f:b8:29:cf:09:0c:52:be:
07:0c:b3:87:0f:40:6e:e9:50:ab:a4:f0:88:57:f6:
70:1b:3f:f8:9a:80:09:2a:b0:7b:ce:51:24:ff:16:
d8:24:87:49:01:df:32:09:c8:40:1b:b9:ee:08:5c:
4d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E7:49:D0:5A:6D:C3:AE:01:C3:0F:89:44:25:20:97:7E:F6:EF:3F
X509v3 Authority Key Identifier:
keyid:A6:E8:A2:5A:93:79:2A:58:B3:A2:D8:0F:B1:AA:D9:59:E6:5A:ED:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:66:4c:a3:09:21:c0:4d:dd:56:41:23:ed:2e:88:7f:ba:71:
3d:25:5f:59:82:ed:b9:89:3f:77:65:0e:b1:d2:99:62:b2:77:
a5:40:99:a0:91:d1:9a:24:4f:ed:fb:24:8e:e7:a5:ac:3e:7a:
a0:64:bd:24:00:ea:e0:5d:b2:55:f6:a7:8b:c9:34:0e:66:f2:
e1:22:8b:2f:c4:ac:41:bb:ec:e3:45:9b:c4:e1:fe:5a:f3:f5:
40:60:16:87:71:1b:04:f9:5a:c6:d2:22:ee:84:c5:47:63:99:
c7:3d:5f:c5:10:19:4c:a1:43:00:28:7f:d7:88:44:c2:dd:77:
61:aa:f5:7f:74:7e:e6:18:8d:64:28:b4:94:28:13:02:a5:d0:
f3:97:ff:ef:48:a3:41:75:97:03:14:b0:33:9d:86:a5:92:0a:
77:35:b1:5d:c6:a2:bc:1f:65:9f:e5:59:96:76:33:2d:e7:cd:
6e:62:30:fc:a4:78:fd:59:e2:23:d9:9d:2f:3b:4e:db:4e:b7:
1d:e1:83:45:c8:aa:4d:d5:e0:f4:52:b5:b8:ba:dd:93:a3:4d:
60:9a:a5:3f:48:33:c0:85:9c:92:87:5f:1b:29:e8:37:c3:c4:
52:af:e6:4e:c8:f4:5d:36:82:b0:0f:8c:10:d4:74:3e:85:e7:
27:cd:a0:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05eC0cekfx5e0swNSHSEsQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZThhMjVhOTM3OTJhNThiM2EyZDgwZmIxYWFkOTU5ZTY1
YWVkZGYwHhcNMjYwMzI5MTIwMTEwWhcNMjYwMzMwMTIwMTEwWjAzMTEwLwYDVQQD
Eyg3MGU3NDlkMDVhNmRjM2FlMDFjMzBmODk0NDI1MjA5NzdlZjZlZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgcDElVwc1E5ZqgknnHAqE6otun9
BpBAHLYjau8eGV/3f+Z0iZdbMDrOrG6sFFX+AA71m8YxqEVvB/QeYd0peeb5GLrC
FfoisXn+rUcO5QDHcjyyRazDUoOaTBLo4bLIReipWSeoc9GAq4/FDf833GZrngqG
Q3JU5CshPn5Cxcq6+/znAZiQBLjg30ArOV9KlhcEV6dIavuRQ3JodeAqV6un51ZH
9kLSWeI48t+ty5KqndB4W/ybh8qkpglVngYK0rlQMh5VNaKHT7gpzwkMUr4HDLOH
D0Bu6VCrpPCIV/ZwGz/4moAJKrB7zlEk/xbYJIdJAd8yCchAG7nuCFxN3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDnSdBabcOuAcMPiUQlIJd+9u8/MB8GA1UdIwQY
MBaAFKboolqTeSpYs6LYD7Gq2VnmWu3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHVpaVdwTjVLbGl6b3RnUHNhclpXZVphN2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YzZlNzUtYTgwMC00ZDRmLThhYzct
NGVhZWIyYTIzYjI3LzEvcHVpaVdwTjVLbGl6b3RnUHNhclpXZVphN2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YzZlNzUtYTgwMC00ZDRmLThhYzctNGVhZWIyYTIzYjI3
LzEvcHVpaVdwTjVLbGl6b3RnUHNhclpXZVphN2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXmZMowkh
wE3dVkEj7S6If7pxPSVfWYLtuYk/d2UOsdKZYrJ3pUCZoJHRmiRP7fskjuelrD56
oGS9JADq4F2yVfani8k0Dmby4SKLL8SsQbvs40WbxOH+WvP1QGAWh3EbBPlaxtIi
7oTFR2OZxz1fxRAZTKFDACh/14hEwt13Yar1f3R+5hiNZCi0lCgTAqXQ85f/70ij
QXWXAxSwM52GpZIKdzWxXcaivB9ln+VZlnYzLefNbmIw/KR4/VniI9mdLztO2063
HeGDRciqTdXg9FK1uLrdk6NNYJqlP0gzwIWckodfGynoN8PEUq/mTsj0XTaCsA+M
ENR0PoXnJ82g/w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:02:16 2026 by rpki-client