Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
File: Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft (raw, json)
Hash identifier: LjoL+hl600vLLem6T65d0K5fN9D4LvQcoHgszgIlgLk=
Subject key identifier: B7:F0:7C:A4:6C:8E:8F:74:64:A2:B7:85:0C:9D:12:BE:86:4D:F6:99
Authority key identifier: 3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
Certificate issuer: /CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Certificate serial: 019D37C0401D3C1CC5BF75631D89A6C7A380
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
Manifest number: 09D5
Signing time: Sun 29 Mar 2026 04:00:39 +0000
Manifest this update: Sun 29 Mar 2026 04:00:39 +0000
Manifest next update: Mon 30 Mar 2026 04:00:39 +0000
Files and hashes: 1: Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl (hash: lHH2XSWWvnnokr7hevcCc034KTy43Dj4aeCWjJOaurA=)
2: yCYfu-nQ-r5mmuWB4csYdJl_brA.roa (hash: bFBh8jKzarYm0VKcZxzPkcXMAVEV0oykNxP7fDtsTwM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:40:1d:3c:1c:c5:bf:75:63:1d:89:a6:c7:a3:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Validity
Not Before: Mar 29 04:00:39 2026 GMT
Not After : Mar 30 04:00:39 2026 GMT
Subject: CN=b7f07ca46c8e8f7464a2b7850c9d12be864df699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1a:e2:19:97:f3:1d:16:83:d6:71:e4:96:59:
f4:78:fd:54:e5:b3:54:90:26:d0:0d:7a:57:4b:5e:
a7:d4:bb:26:42:da:b3:17:f9:f5:ba:92:f7:4c:e0:
18:a9:30:0f:e6:95:23:fb:ca:2c:7f:71:ca:8e:ad:
f1:1a:bb:f1:0b:de:63:d6:3a:fe:d3:2b:06:80:f6:
ea:0c:80:fc:5e:1f:f8:99:3f:d9:fa:02:f8:e4:4b:
7d:b6:85:f3:14:39:35:d9:78:92:1d:ed:6a:65:1f:
7b:25:19:c5:f7:65:76:bd:e8:ff:e0:0a:a7:6f:a1:
15:77:32:07:3d:14:c8:93:eb:88:d5:66:4e:43:25:
81:f9:93:6f:06:15:89:8f:18:b3:fb:e5:63:e6:a0:
a8:58:7a:13:3c:13:9a:f7:c0:33:2d:3a:5d:34:0e:
4a:9d:ec:38:b2:b5:a9:91:7c:44:d4:e9:76:9a:40:
e9:60:02:b6:0c:6d:3e:9e:21:83:09:10:de:2f:9b:
85:bd:e9:5a:36:b8:b6:a8:63:1f:c0:bd:01:00:ff:
6c:28:8f:71:0a:85:db:bc:8b:e3:01:41:7e:0b:e4:
b0:a8:a3:c1:8e:b6:4c:4f:66:40:33:e6:65:dc:4a:
b5:65:b0:5c:d1:30:fc:d9:bc:77:ad:b4:7b:36:a0:
ca:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F0:7C:A4:6C:8E:8F:74:64:A2:B7:85:0C:9D:12:BE:86:4D:F6:99
X509v3 Authority Key Identifier:
keyid:3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:7f:3a:82:0e:4a:7f:b6:f8:87:26:7e:68:25:2a:61:55:67:
4d:c8:74:4b:31:4e:38:9b:b4:9f:07:d4:8a:93:58:58:2d:7c:
28:ff:71:0d:ae:ff:28:76:5d:00:f5:9d:59:b0:27:fd:61:62:
44:b5:cf:13:35:0b:3a:a7:16:eb:27:52:ab:df:ec:22:91:f7:
ec:5c:22:52:c1:f6:47:89:1f:84:1f:50:55:b1:0e:53:ac:32:
21:e4:89:b1:8f:73:47:3e:16:70:9c:f0:9d:bd:38:b0:d3:4e:
60:83:b7:3c:46:66:e2:78:33:ce:c0:fc:59:6d:82:92:b1:39:
87:ab:8e:9e:8f:65:50:67:c0:c2:d9:87:81:63:f6:d5:b8:d8:
b1:58:02:27:53:85:aa:8c:3b:f7:da:99:77:19:79:36:56:37:
9f:cc:b9:25:c8:2c:2a:5e:dc:50:71:2f:e0:2b:32:5f:c7:3e:
b9:6a:a2:0f:49:f5:d0:7a:17:20:f6:ff:9f:db:7f:98:97:fa:
9e:8b:2a:08:33:91:fc:8c:63:74:de:9c:cf:c2:31:17:2c:e9:
6a:8f:25:fe:36:04:4d:90:2a:c2:57:fe:b2:77:62:b5:ee:cb:
6a:a7:82:38:54:6e:cc:21:af:03:8e:74:86:fd:b7:02:12:57:
bf:de:06:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wEAdPBzFv3VjHYmmx6OAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMTkzNWIzY2JjMjUyN2VhZjE2N2Q2OWIyMDc4ZDMzZTRj
NGRhMjAwHhcNMjYwMzI5MDQwMDM5WhcNMjYwMzMwMDQwMDM5WjAzMTEwLwYDVQQD
EyhiN2YwN2NhNDZjOGU4Zjc0NjRhMmI3ODUwYzlkMTJiZTg2NGRmNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhriGZfzHRaD1nHklln0eP1U5bNU
kCbQDXpXS16n1LsmQtqzF/n1upL3TOAYqTAP5pUj+8osf3HKjq3xGrvxC95j1jr+
0ysGgPbqDID8Xh/4mT/Z+gL45Et9toXzFDk12XiSHe1qZR97JRnF92V2vej/4Aqn
b6EVdzIHPRTIk+uI1WZOQyWB+ZNvBhWJjxiz++Vj5qCoWHoTPBOa98AzLTpdNA5K
new4srWpkXxE1Ol2mkDpYAK2DG0+niGDCRDeL5uFvelaNri2qGMfwL0BAP9sKI9x
CoXbvIvjAUF+C+SwqKPBjrZMT2ZAM+Zl3Eq1ZbBc0TD82bx3rbR7NqDKNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfwfKRsjo90ZKK3hQydEr6GTfaZMB8GA1UdIwQY
MBaAFDoZNbPLwlJ+rxZ9abIHjTPkxNogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYt
YWJmODM3YWNlOGU0LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYtYWJmODM3YWNlOGU0
LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdH86gg5K
f7b4hyZ+aCUqYVVnTch0SzFOOJu0nwfUipNYWC18KP9xDa7/KHZdAPWdWbAn/WFi
RLXPEzULOqcW6ydSq9/sIpH37FwiUsH2R4kfhB9QVbEOU6wyIeSJsY9zRz4WcJzw
nb04sNNOYIO3PEZm4ngzzsD8WW2CkrE5h6uOno9lUGfAwtmHgWP21bjYsVgCJ1OF
qow799qZdxl5NlY3n8y5JcgsKl7cUHEv4CsyX8c+uWqiD0n10HoXIPb/n9t/mJf6
nosqCDOR/IxjdN6cz8IxFyzpao8l/jYETZAqwlf+sndite7LaqeCOFRuzCGvA450
hv23AhJXv94GaA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:18 2026 by rpki-client