Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
File: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft (raw, json)
Hash identifier: PihTrDelLO1z31HxsZToN7CJpYIR1A9iR6g1XriMjMo=
Subject key identifier: 22:BF:F1:A8:E6:82:3E:1B:E1:DD:3C:0A:77:2A:44:12:41:97:06:91
Authority key identifier: A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0
Certificate issuer: /CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
Certificate serial: 019D38D2FFFB0B02AAB5EFBB71CAF86AF9AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
Manifest number: 0E12
Signing time: Sun 29 Mar 2026 09:00:45 +0000
Manifest this update: Sun 29 Mar 2026 09:00:45 +0000
Manifest next update: Mon 30 Mar 2026 09:00:45 +0000
Files and hashes: 1: Z8sIth2fuLtbZU5YZYofujl3N3Q.roa (hash: OuZ+DZI7vPFF2f+5cYLFAwbQ08o0C2E+Uzidod1oA7I=)
2: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl (hash: DvYDFmRkQpvNX3+d8MCpF5vj+CXg/a7ORKDOPRNrRik=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:ff:fb:0b:02:aa:b5:ef:bb:71:ca:f8:6a:f9:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
Validity
Not Before: Mar 29 09:00:45 2026 GMT
Not After : Mar 30 09:00:45 2026 GMT
Subject: CN=22bff1a8e6823e1be1dd3c0a772a441241970691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:01:e4:2c:c1:cd:ca:d2:47:2f:4b:c3:8c:56:
40:78:90:e7:b7:34:82:98:6a:9b:4d:78:d6:c0:59:
3a:40:90:c8:e4:dc:f1:22:95:1c:04:a3:dd:50:3d:
55:59:29:76:73:41:4a:12:c8:f6:d6:02:76:97:36:
e2:ef:66:a4:09:a2:97:f3:cd:49:c3:7f:0a:24:14:
ab:4f:bc:5e:86:7d:04:d6:ed:4d:d5:8a:74:51:e4:
e1:b6:01:4e:c1:dc:37:b9:30:45:77:3a:9d:f2:6e:
a3:eb:f4:8f:5c:c6:17:a9:fe:e7:a3:b1:19:89:32:
c6:49:98:44:02:0f:27:e3:f2:b1:a7:87:75:fd:ce:
15:e5:70:47:31:9b:9b:3a:c2:2c:54:c2:bf:79:c3:
8d:f7:96:fe:31:be:b9:54:2e:a8:8b:d3:7c:fe:da:
e7:86:9a:e9:53:ec:e0:49:04:7d:1a:0c:ba:f0:b4:
e6:0b:31:f0:80:d0:28:dc:45:bc:0c:00:79:fc:33:
de:5d:7b:c2:59:5b:d4:d7:fc:68:eb:10:ce:9d:83:
45:97:3e:00:53:fe:51:e2:09:62:83:f9:2a:c7:c5:
d0:20:73:2b:8b:01:09:84:10:17:44:9d:25:df:28:
75:d1:71:4b:05:91:47:07:4c:ef:e8:b5:8e:31:44:
36:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BF:F1:A8:E6:82:3E:1B:E1:DD:3C:0A:77:2A:44:12:41:97:06:91
X509v3 Authority Key Identifier:
keyid:A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
e0:4e:36:18:fb:d5:cb:e8:a8:7f:af:19:f4:6f:48:49:a7:d1:
fb:c7:3b:bc:15:d4:91:ba:77:59:d9:88:92:38:18:0c:3d:34:
e8:45:cc:e7:f1:bf:69:a6:95:41:99:01:eb:6b:5d:68:4e:0a:
fc:b3:be:6c:9b:3f:0d:5d:29:c1:57:f1:8b:f4:52:98:46:3c:
de:4f:16:38:08:2c:83:34:ef:17:af:3b:78:6c:38:f4:98:8e:
6e:06:72:51:1b:87:a5:2c:11:c3:23:3f:0e:83:10:15:7f:46:
13:52:8c:d8:c5:dc:82:88:ef:b2:88:3e:9f:2a:8c:40:3b:f5:
d5:91:e7:c5:ea:af:e0:77:d0:65:d1:53:d7:3e:47:e2:3b:cf:
b5:42:70:42:21:35:97:6b:be:56:d8:26:74:ac:bd:a9:13:32:
6e:22:8b:78:a2:d1:19:f4:0a:b8:58:e4:94:4e:d1:25:7b:fa:
4c:0d:93:85:c5:f4:2f:28:03:71:02:69:fc:bf:75:28:ec:f6:
cf:aa:dc:82:e2:42:00:f8:73:f5:5b:e6:ea:2d:48:42:5a:4a:
24:01:0b:71:f1:21:62:9a:09:a1:4e:78:af:62:d9:6d:64:41:
4f:fb:8c:0a:4f:6a:05:58:8c:b5:71:c1:14:f3:06:33:be:64:
7a:41:09:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040v/7CwKqte+7ccr4avmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDhmYzkyNDYwNDI3NTExMTBkMmVjNTA2NWQwYzQ3ZDFk
NDNjZDAwHhcNMjYwMzI5MDkwMDQ1WhcNMjYwMzMwMDkwMDQ1WjAzMTEwLwYDVQQD
EygyMmJmZjFhOGU2ODIzZTFiZTFkZDNjMGE3NzJhNDQxMjQxOTcwNjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgHkLMHNytJHL0vDjFZAeJDntzSC
mGqbTXjWwFk6QJDI5NzxIpUcBKPdUD1VWSl2c0FKEsj21gJ2lzbi72akCaKX881J
w38KJBSrT7xehn0E1u1N1Yp0UeThtgFOwdw3uTBFdzqd8m6j6/SPXMYXqf7no7EZ
iTLGSZhEAg8n4/Kxp4d1/c4V5XBHMZubOsIsVMK/ecON95b+Mb65VC6oi9N8/trn
hprpU+zgSQR9Ggy68LTmCzHwgNAo3EW8DAB5/DPeXXvCWVvU1/xo6xDOnYNFlz4A
U/5R4glig/kqx8XQIHMriwEJhBAXRJ0l3yh10XFLBZFHB0zv6LWOMUQ2YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCK/8ajmgj4b4d08CncqRBJBlwaRMB8GA1UdIwQY
MBaAFKQI/JJGBCdREQ0uxQZdDEfR1DzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2It
ZDkyMjQ4YWFiZTJkLzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2ItZDkyMjQ4YWFiZTJk
LzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4E42GPvV
y+iof68Z9G9ISafR+8c7vBXUkbp3WdmIkjgYDD006EXM5/G/aaaVQZkB62tdaE4K
/LO+bJs/DV0pwVfxi/RSmEY83k8WOAgsgzTvF687eGw49JiObgZyURuHpSwRwyM/
DoMQFX9GE1KM2MXcgojvsog+nyqMQDv11ZHnxeqv4HfQZdFT1z5H4jvPtUJwQiE1
l2u+VtgmdKy9qRMybiKLeKLRGfQKuFjklE7RJXv6TA2ThcX0LygDcQJp/L91KOz2
z6rcguJCAPhz9Vvm6i1IQlpKJAELcfEhYpoJoU54r2LZbWRBT/uMCk9qBViMtXHB
FPMGM75kekEJ1w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:07:25 2026 by rpki-client