Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
File: OzdnJSANjYwAzw91FK8l_zYjEPA.mft (raw, json)
Hash identifier: FCtbfQRCYlX73pRA+OiVk4C/ru46jkYdZ9oH9d0DxPQ=
Subject key identifier: C6:24:04:A7:D3:C6:43:25:CE:73:D2:1F:A3:EF:D8:90:DC:00:BA:90
Authority key identifier: 3B:37:67:25:20:0D:8D:8C:00:CF:0F:75:14:AF:25:FF:36:23:10:F0
Certificate issuer: /CN=3b376725200d8d8c00cf0f7514af25ff362310f0
Certificate serial: 019D37C09EFFCB1777727F1C18EAC3F56657
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 04:01:03 +0000
Manifest this update: Sun 29 Mar 2026 04:01:03 +0000
Manifest next update: Mon 30 Mar 2026 04:01:03 +0000
Files and hashes: 1: OzdnJSANjYwAzw91FK8l_zYjEPA.crl (hash: LaNd6YEoYSSBcEcZLOsXK293XL+UrAZUi9Vg8X1NFkY=)
2: cpS1wHSQ6aTdnwNWUDjBZlgAC7Y.roa (hash: XiHOtWW1/pqGi1+Lnl6yq25m5xXc7tXDYaQje+WHC+0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:9e:ff:cb:17:77:72:7f:1c:18:ea:c3:f5:66:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b376725200d8d8c00cf0f7514af25ff362310f0
Validity
Not Before: Mar 29 04:01:03 2026 GMT
Not After : Mar 30 04:01:03 2026 GMT
Subject: CN=c62404a7d3c64325ce73d21fa3efd890dc00ba90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:11:56:ac:a4:6d:95:6b:20:fc:ed:fd:90:c2:
55:47:79:de:5c:bb:7b:d1:d7:2d:92:5a:50:51:ca:
c5:ad:02:52:28:ca:b2:2d:7d:40:9b:f3:66:e3:ae:
d8:98:ac:bc:81:8d:71:fa:67:87:b2:9d:7b:4d:d7:
43:02:24:d3:16:eb:ff:e6:19:63:16:6d:c1:dc:c1:
2e:31:87:89:42:a3:f1:5b:8a:06:02:8f:91:19:4c:
53:ed:12:aa:bf:88:cf:d6:31:f4:3b:f6:88:c8:a8:
22:a4:cb:65:7d:39:1b:9c:1e:2f:96:83:e6:fc:7d:
5d:dc:1c:71:bf:20:13:37:89:41:bb:82:43:4c:50:
14:17:8d:f4:0a:48:b9:cc:e9:b9:fa:34:e8:82:59:
3b:37:c0:97:ed:ea:b8:1b:2f:af:f2:a8:88:cb:99:
d3:a0:22:df:e6:2a:f8:98:97:15:0a:96:dd:68:e9:
91:4b:bb:eb:07:da:2f:1b:5c:62:b2:7a:29:06:6b:
7a:b4:7d:c6:e5:14:2d:5c:bc:bc:7d:fd:44:07:37:
62:47:88:a3:27:b5:a3:8f:ba:a2:c3:6e:2a:b6:5f:
39:54:a5:b2:b5:85:d2:fd:d9:be:bc:ce:67:e4:70:
08:3f:b3:5c:a1:20:87:87:57:3c:2c:35:4e:1b:e6:
40:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:24:04:A7:D3:C6:43:25:CE:73:D2:1F:A3:EF:D8:90:DC:00:BA:90
X509v3 Authority Key Identifier:
keyid:3B:37:67:25:20:0D:8D:8C:00:CF:0F:75:14:AF:25:FF:36:23:10:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:b8:ef:91:d4:5e:73:44:ff:c9:df:6b:bb:7b:36:5f:5f:9e:
56:48:fe:44:6d:6a:49:05:aa:84:7c:bd:0b:94:de:a5:8f:8f:
79:61:45:b0:28:47:61:83:f3:c1:70:84:5d:c1:7d:4f:60:6f:
41:96:61:33:93:ab:56:d3:87:8a:07:f4:95:35:6c:42:ee:6a:
d0:48:00:59:34:6e:91:75:12:ed:fe:07:8d:fd:d9:2e:fc:68:
bc:f9:5d:40:dd:74:1c:12:2f:3a:31:5d:a0:7b:a2:1e:7c:6f:
79:dd:66:c7:dd:67:47:15:f8:be:56:e8:21:4e:b7:dc:b6:c7:
ca:85:88:6d:88:42:da:ff:49:b9:e9:5c:93:6d:f0:8a:84:8a:
c2:73:a3:f7:fe:3e:b3:13:df:5f:d6:f3:31:9e:51:84:73:bc:
eb:2d:e3:da:12:75:2e:8f:d3:cb:b2:2b:cd:d0:e7:22:34:4c:
20:7c:1b:fd:b8:94:84:ea:16:97:8f:a6:11:e5:4a:88:81:90:
eb:1e:fe:2f:9b:8e:bf:48:13:83:e8:9b:00:2c:31:09:97:73:
f0:86:05:13:27:10:ee:66:06:3a:57:9f:ef:85:c1:76:6f:b5:
c4:83:0f:6a:cc:5f:73:c5:6f:8e:00:44:ae:d9:4c:c6:92:8f:
4c:5e:cf:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wJ7/yxd3cn8cGOrD9WZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMzc2NzI1MjAwZDhkOGMwMGNmMGY3NTE0YWYyNWZmMzYy
MzEwZjAwHhcNMjYwMzI5MDQwMTAzWhcNMjYwMzMwMDQwMTAzWjAzMTEwLwYDVQQD
EyhjNjI0MDRhN2QzYzY0MzI1Y2U3M2QyMWZhM2VmZDg5MGRjMDBiYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxFWrKRtlWsg/O39kMJVR3neXLt7
0dctklpQUcrFrQJSKMqyLX1Am/Nm467YmKy8gY1x+meHsp17TddDAiTTFuv/5hlj
Fm3B3MEuMYeJQqPxW4oGAo+RGUxT7RKqv4jP1jH0O/aIyKgipMtlfTkbnB4vloPm
/H1d3BxxvyATN4lBu4JDTFAUF430Cki5zOm5+jToglk7N8CX7eq4Gy+v8qiIy5nT
oCLf5ir4mJcVCpbdaOmRS7vrB9ovG1xisnopBmt6tH3G5RQtXLy8ff1EBzdiR4ij
J7Wjj7qiw24qtl85VKWytYXS/dm+vM5n5HAIP7NcoSCHh1c8LDVOG+ZAIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMYkBKfTxkMlznPSH6Pv2JDcALqQMB8GA1UdIwQY
MBaAFDs3ZyUgDY2MAM8PdRSvJf82IxDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9lNTRhNjMtMzZiNC00Njg0LTkxNTkt
MjkyMDk4ZGEyZTM5LzEvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9lNTRhNjMtMzZiNC00Njg0LTkxNTktMjkyMDk4ZGEyZTM5
LzEvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjLjvkdRe
c0T/yd9ru3s2X1+eVkj+RG1qSQWqhHy9C5TepY+PeWFFsChHYYPzwXCEXcF9T2Bv
QZZhM5OrVtOHigf0lTVsQu5q0EgAWTRukXUS7f4Hjf3ZLvxovPldQN10HBIvOjFd
oHuiHnxved1mx91nRxX4vlboIU633LbHyoWIbYhC2v9Juelck23wioSKwnOj9/4+
sxPfX9bzMZ5RhHO86y3j2hJ1Lo/Ty7IrzdDnIjRMIHwb/biUhOoWl4+mEeVKiIGQ
6x7+L5uOv0gTg+ibACwxCZdz8IYFEycQ7mYGOlef74XBdm+1xIMPasxfc8VvjgBE
rtlMxpKPTF7PnA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:42:08 2026 by rpki-client