Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
File: OBXtD6YgyAGqqabxT2WW1-yXUKE.mft (raw, json)
Hash identifier: +ECXCKwCsG/ymUggYp8SM6IqUxCdYWgO4dyGY5iQyHA=
Subject key identifier: 5E:94:D3:85:68:0E:89:46:1C:F8:91:2C:9F:70:74:30:3F:DE:75:C7
Authority key identifier: 38:15:ED:0F:A6:20:C8:01:AA:A9:A6:F1:4F:65:96:D7:EC:97:50:A1
Certificate issuer: /CN=3815ed0fa620c801aaa9a6f14f6596d7ec9750a1
Certificate serial: 019D378939F6A8488FC441335E6D71268191
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 03:00:33 +0000
Manifest this update: Sun 29 Mar 2026 03:00:33 +0000
Manifest next update: Mon 30 Mar 2026 03:00:33 +0000
Files and hashes: 1: J5zzAtbu7OO84foJkjfo9mnqe4E.roa (hash: iT6yzwPu2JR2wJ7myEmKqPOSCKR+ROL2NO3QjEH64jQ=)
2: OBXtD6YgyAGqqabxT2WW1-yXUKE.crl (hash: sfB7W1UaNCf+6ao4iJ+O4eLyOvwEpSr2Px3suYvVULU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:39:f6:a8:48:8f:c4:41:33:5e:6d:71:26:81:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3815ed0fa620c801aaa9a6f14f6596d7ec9750a1
Validity
Not Before: Mar 29 03:00:33 2026 GMT
Not After : Mar 30 03:00:33 2026 GMT
Subject: CN=5e94d385680e89461cf8912c9f7074303fde75c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:73:41:70:12:42:e3:ab:a8:e0:f1:74:44:cc:
3e:a3:47:51:cb:7a:0f:17:b7:9e:e5:20:8d:7a:ff:
3f:4f:be:15:09:1b:21:17:57:5b:f9:67:bf:2f:df:
67:cf:ce:7c:80:6b:d9:18:75:3e:91:69:b1:31:e2:
66:7f:f5:ab:83:e0:74:a4:e9:7a:e2:e3:e6:57:ea:
f3:01:6e:d5:09:e2:21:6f:ac:0e:b5:cc:f0:a0:2e:
23:71:85:50:ae:23:e2:56:95:29:fd:95:94:58:02:
f0:cb:2e:9b:7a:bb:7e:d6:62:e1:59:eb:f6:2d:35:
a5:24:5e:dd:57:0d:c2:90:a4:3f:f2:90:3b:52:4a:
85:fc:34:1b:16:f4:15:e2:03:0b:fc:ab:69:98:06:
de:af:db:10:7f:b4:9a:68:b0:1f:d2:72:17:26:fc:
6d:20:1b:1a:8a:1f:b6:a6:5f:e6:ea:97:29:39:54:
38:d7:e5:cd:4f:e3:8b:d3:19:81:22:42:0e:eb:7c:
c1:42:f0:2d:12:32:1d:0d:d0:7c:63:b6:38:4e:42:
68:7b:85:84:75:01:c1:d2:6e:05:f2:42:91:89:e8:
e8:8b:b0:69:50:77:40:38:6e:b2:71:06:aa:14:cc:
ac:20:8f:87:5b:7e:0d:c2:25:da:c6:59:d0:4c:be:
c1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:94:D3:85:68:0E:89:46:1C:F8:91:2C:9F:70:74:30:3F:DE:75:C7
X509v3 Authority Key Identifier:
keyid:38:15:ED:0F:A6:20:C8:01:AA:A9:A6:F1:4F:65:96:D7:EC:97:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:91:d2:32:ae:bd:44:53:b8:85:d9:f4:10:e5:00:07:36:a8:
36:2b:18:e9:4c:21:9a:1b:4f:e1:05:a6:bd:a2:35:4d:a7:a5:
eb:e8:00:e0:ff:c7:aa:fd:c9:62:f9:d5:e0:24:94:b4:dd:79:
05:cd:f4:00:87:20:dd:fb:9f:9b:60:3c:91:33:0f:50:ec:ef:
71:cb:85:ea:fa:9d:37:60:b5:cf:a4:19:44:53:10:13:58:6b:
b3:a2:a8:16:69:e4:fe:78:91:16:3e:7a:c2:6b:99:c9:56:f0:
f7:3c:b7:83:e5:d4:8e:e0:a9:58:3e:7d:aa:c7:09:f3:13:c8:
d6:db:a1:56:31:67:99:10:34:e6:1e:04:c6:a8:76:04:70:75:
db:f2:1b:89:71:64:c8:07:4c:b0:03:63:fd:b1:33:3e:aa:69:
3a:88:b0:5b:bc:52:ae:e5:5c:6b:14:27:fd:ab:21:ac:d5:09:
cb:9e:eb:76:b3:a8:69:f2:78:9d:5d:46:fb:3b:a2:f5:e7:17:
e7:3d:ab:a4:75:de:f4:e1:04:32:a0:e4:f3:9c:b2:9d:82:7e:
3a:6c:a2:7e:0c:a9:9e:2f:ef:e4:ee:6b:56:9b:3f:6f:f0:e7:
e8:e6:32:3c:bc:44:c5:e5:09:93:59:96:73:0f:e4:7e:54:38:
87:80:eb:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iTn2qEiPxEEzXm1xJoGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MTVlZDBmYTYyMGM4MDFhYWE5YTZmMTRmNjU5NmQ3ZWM5
NzUwYTEwHhcNMjYwMzI5MDMwMDMzWhcNMjYwMzMwMDMwMDMzWjAzMTEwLwYDVQQD
Eyg1ZTk0ZDM4NTY4MGU4OTQ2MWNmODkxMmM5ZjcwNzQzMDNmZGU3NWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnNBcBJC46uo4PF0RMw+o0dRy3oP
F7ee5SCNev8/T74VCRshF1db+We/L99nz858gGvZGHU+kWmxMeJmf/Wrg+B0pOl6
4uPmV+rzAW7VCeIhb6wOtczwoC4jcYVQriPiVpUp/ZWUWALwyy6bert+1mLhWev2
LTWlJF7dVw3CkKQ/8pA7UkqF/DQbFvQV4gML/KtpmAber9sQf7SaaLAf0nIXJvxt
IBsaih+2pl/m6pcpOVQ41+XNT+OL0xmBIkIO63zBQvAtEjIdDdB8Y7Y4TkJoe4WE
dQHB0m4F8kKRiejoi7BpUHdAOG6ycQaqFMysII+HW34NwiXaxlnQTL7BJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6U04VoDolGHPiRLJ9wdDA/3nXHMB8GA1UdIwQY
MBaAFDgV7Q+mIMgBqqmm8U9lltfsl1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8zMmRhNDAtMGNiZi00MjQ0LWIxYTQt
ZjM1YTQ0NTYzNWNhLzEvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8zMmRhNDAtMGNiZi00MjQ0LWIxYTQtZjM1YTQ0NTYzNWNh
LzEvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQZHSMq69
RFO4hdn0EOUABzaoNisY6UwhmhtP4QWmvaI1Tael6+gA4P/Hqv3JYvnV4CSUtN15
Bc30AIcg3fufm2A8kTMPUOzvccuF6vqdN2C1z6QZRFMQE1hrs6KoFmnk/niRFj56
wmuZyVbw9zy3g+XUjuCpWD59qscJ8xPI1tuhVjFnmRA05h4Exqh2BHB12/IbiXFk
yAdMsANj/bEzPqppOoiwW7xSruVcaxQn/ashrNUJy57rdrOoafJ4nV1G+zui9ecX
5z2rpHXe9OEEMqDk85yynYJ+Omyifgypni/v5O5rVps/b/Dn6OYyPLxExeUJk1mW
cw/kflQ4h4Drew==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:58 2026 by rpki-client