Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
File: oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft (raw, json)
Hash identifier: fDlvUUeOWZk0KxvP19NFeNcSqEe3fDS515aNmNqwcD4=
Subject key identifier: 07:96:20:F3:5C:6A:DD:55:20:6B:A1:55:DF:7B:95:C7:E3:B9:FF:0C
Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59
Certificate serial: 019D38D3AF9F1CD9ED3CA00FA8D63D12A4EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
Manifest number: 0DF3
Signing time: Sun 29 Mar 2026 09:01:30 +0000
Manifest this update: Sun 29 Mar 2026 09:01:30 +0000
Manifest next update: Mon 30 Mar 2026 09:01:30 +0000
Files and hashes: 1: VJaaCilXSaMFiDpDj2m9Nu8DP6E.roa (hash: /Vwcg31kt8NZSUPOXZXkCRASkot9oBzCBAi0+AvtL2w=)
2: oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl (hash: SuJ+szkmQ1svBDhT6t0Vd9ML1c+oT2U4/ib4UWXeMVc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:af:9f:1c:d9:ed:3c:a0:0f:a8:d6:3d:12:a4:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59
Validity
Not Before: Mar 29 09:01:30 2026 GMT
Not After : Mar 30 09:01:30 2026 GMT
Subject: CN=079620f35c6add55206ba155df7b95c7e3b9ff0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:50:41:06:57:1d:fc:4f:78:c1:3e:19:36:22:
7d:a0:d7:ff:9f:ec:28:84:3f:9c:3e:38:dc:c6:23:
03:b2:ef:fc:ed:2f:62:70:55:b2:b2:78:ab:b3:6e:
15:5c:7e:76:46:8f:d1:8f:e1:fc:c8:e1:91:f4:10:
be:46:2c:c1:02:40:bf:d5:87:f9:05:bd:7d:62:33:
c6:01:73:dc:e1:25:17:19:b6:f7:92:7e:ea:24:6b:
68:a0:72:fd:48:49:6d:1b:eb:04:d4:87:4f:15:14:
17:dc:c2:a4:9d:f2:50:3e:c8:ac:2f:57:62:36:7b:
6c:f0:2e:0c:bc:fd:66:04:fa:c7:c8:25:7b:e7:82:
fd:ab:e0:a3:50:6d:a0:94:bd:ee:fc:f8:32:2b:fd:
b8:59:7a:ab:cc:18:f4:3c:b8:8c:a2:ad:ab:40:a8:
00:49:a6:3d:14:54:54:2b:73:d7:f4:61:23:e6:b8:
ba:bc:85:c4:a8:92:ce:1f:62:44:51:0b:a9:f8:13:
39:a7:a5:fa:d7:ec:94:fd:06:d0:3a:2f:94:c7:26:
8a:f5:b1:54:91:10:5f:ad:db:d7:a7:9c:25:04:3c:
d8:1b:ce:81:b8:d9:1e:5c:66:5a:cc:95:15:69:32:
e2:ab:95:ac:1f:aa:09:34:7f:02:48:43:70:10:4f:
36:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:96:20:F3:5C:6A:DD:55:20:6B:A1:55:DF:7B:95:C7:E3:B9:FF:0C
X509v3 Authority Key Identifier:
keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:5c:02:55:19:0b:46:50:e5:e8:f7:d0:a6:e0:2b:7a:03:52:
ae:53:c1:e6:a5:13:0a:94:9b:36:41:21:fd:c1:40:86:12:56:
f2:13:e0:9a:5a:11:9f:a1:f0:f3:c7:61:8b:c3:4e:7f:e3:d2:
79:e8:c0:ef:8d:96:a1:2a:75:b3:7a:7c:00:59:51:79:41:be:
92:b1:7b:d9:80:1d:cb:95:65:46:34:fe:de:d0:75:35:90:7b:
c4:de:6e:c6:be:1c:3e:26:68:5f:41:0a:d2:e0:27:78:3f:86:
c6:ee:fd:4d:0b:56:ea:06:87:5e:b4:9e:0a:c5:07:01:52:b8:
19:44:cd:6c:75:66:02:44:be:74:e6:fd:9b:4f:e3:e1:3f:63:
14:b8:66:f2:63:84:e7:ff:11:3e:3d:e1:26:57:ea:f4:db:b5:
50:e8:9c:fe:0e:41:d4:11:36:5d:93:25:0d:f6:6f:fd:07:10:
2d:79:32:c5:57:15:f0:5d:f9:d8:7a:8f:0f:8d:09:ac:4b:62:
07:2c:7b:ed:d4:48:a8:e6:5b:fb:99:7a:92:86:ec:6d:4e:1c:
8d:3e:c2:f8:4f:2f:45:58:3c:26:64:f2:09:63:fe:66:b2:fb:
bf:b3:e2:3d:b5:1a:fd:75:78:57:11:db:96:44:4d:2f:30:ca:
18:cd:68:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406+fHNntPKAPqNY9EqTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1
M2RjNTkwHhcNMjYwMzI5MDkwMTMwWhcNMjYwMzMwMDkwMTMwWjAzMTEwLwYDVQQD
EygwNzk2MjBmMzVjNmFkZDU1MjA2YmExNTVkZjdiOTVjN2UzYjlmZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFBBBlcd/E94wT4ZNiJ9oNf/n+wo
hD+cPjjcxiMDsu/87S9icFWysnirs24VXH52Ro/Rj+H8yOGR9BC+RizBAkC/1Yf5
Bb19YjPGAXPc4SUXGbb3kn7qJGtooHL9SEltG+sE1IdPFRQX3MKknfJQPsisL1di
Nnts8C4MvP1mBPrHyCV754L9q+CjUG2glL3u/PgyK/24WXqrzBj0PLiMoq2rQKgA
SaY9FFRUK3PX9GEj5ri6vIXEqJLOH2JEUQup+BM5p6X61+yU/QbQOi+UxyaK9bFU
kRBfrdvXp5wlBDzYG86BuNkeXGZazJUVaTLiq5WsH6oJNH8CSENwEE82wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAeWIPNcat1VIGuhVd97lcfjuf8MMB8GA1UdIwQY
MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt
ZmI2OTgzY2U5ZGZmLzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm
LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArlwCVRkL
RlDl6PfQpuAregNSrlPB5qUTCpSbNkEh/cFAhhJW8hPgmloRn6Hw88dhi8NOf+PS
eejA742WoSp1s3p8AFlReUG+krF72YAdy5VlRjT+3tB1NZB7xN5uxr4cPiZoX0EK
0uAneD+Gxu79TQtW6gaHXrSeCsUHAVK4GUTNbHVmAkS+dOb9m0/j4T9jFLhm8mOE
5/8RPj3hJlfq9Nu1UOic/g5B1BE2XZMlDfZv/QcQLXkyxVcV8F352HqPD40JrEti
Byx77dRIqOZb+5l6kobsbU4cjT7C+E8vRVg8JmTyCWP+ZrL7v7PiPbUa/XV4VxHb
lkRNLzDKGM1oMg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:18 2026 by rpki-client