Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/12df2d-94f1-4d10-94a4-1f8368801fdc/1/OBS2SN1XQgJcPdpeqmZJH_2y5dk.mft
File: OBS2SN1XQgJcPdpeqmZJH_2y5dk.mft (raw, json)
Hash identifier: VXi7tTc0jvLR/N4TTcaJHvw5IQ9I9Ah9Pcm1QFHJb9c=
Subject key identifier: 5A:3E:B2:C6:0D:EE:CA:7B:24:10:DF:13:79:ED:83:68:A8:EC:11:38
Authority key identifier: 38:14:B6:48:DD:57:42:02:5C:3D:DA:5E:AA:66:49:1F:FD:B2:E5:D9
Certificate issuer: /CN=3814b648dd5742025c3dda5eaa66491ffdb2e5d9
Certificate serial: 019D37895D1EED9AA533C1C16B393823A11E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBS2SN1XQgJcPdpeqmZJH_2y5dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/12df2d-94f1-4d10-94a4-1f8368801fdc/1/OBS2SN1XQgJcPdpeqmZJH_2y5dk.mft
Manifest number: 0F6E
Signing time: Sun 29 Mar 2026 03:00:42 +0000
Manifest this update: Sun 29 Mar 2026 03:00:42 +0000
Manifest next update: Mon 30 Mar 2026 03:00:42 +0000
Files and hashes: 1: OBS2SN1XQgJcPdpeqmZJH_2y5dk.crl (hash: J/u44+6EbDSYc3OAjdxUZG7pCCsJd0Mi9TA7C4uKvKI=)
2: WuAHwEu_e_sftMlPkZv_UwtWX5Q.roa (hash: mzprPhNPF3MzVig/0gIEkHNJI2y+MkDSYbRMreX4qBk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/12df2d-94f1-4d10-94a4-1f8368801fdc/1/OBS2SN1XQgJcPdpeqmZJH_2y5dk.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/12df2d-94f1-4d10-94a4-1f8368801fdc/1/OBS2SN1XQgJcPdpeqmZJH_2y5dk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OBS2SN1XQgJcPdpeqmZJH_2y5dk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:5d:1e:ed:9a:a5:33:c1:c1:6b:39:38:23:a1:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3814b648dd5742025c3dda5eaa66491ffdb2e5d9
Validity
Not Before: Mar 29 03:00:42 2026 GMT
Not After : Mar 30 03:00:42 2026 GMT
Subject: CN=5a3eb2c60deeca7b2410df1379ed8368a8ec1138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0f:ea:16:87:9c:6d:79:e0:36:09:b9:8c:fc:
2e:db:e0:f7:ae:61:51:17:22:62:13:5f:a6:8c:f9:
1d:16:76:26:9d:ae:97:43:4c:5a:a2:72:ea:62:72:
b2:6d:ee:95:01:8b:1e:e1:2d:43:d6:dc:4c:ed:27:
4d:e9:84:3a:b9:d5:c1:6f:7a:2d:1c:52:9c:57:b9:
4e:b8:2d:5d:67:03:9c:83:fb:f7:2e:4b:0f:9a:3f:
4d:82:34:ce:f6:c4:c0:ad:81:7a:51:9d:c3:5c:3f:
6f:a3:eb:76:29:72:44:f4:dd:fa:e9:46:2b:1f:43:
60:e3:4a:d0:96:52:5f:fe:16:25:24:aa:55:03:9a:
16:e1:d5:d4:d0:89:aa:27:9e:c6:fa:19:d5:9a:8a:
b7:59:53:31:bf:b5:b8:62:7d:cd:f2:c6:31:ed:e2:
a1:f3:fe:0a:13:59:19:50:c5:d7:27:90:ee:6e:ad:
7c:e0:c5:1a:47:9c:c8:af:5a:f7:fb:c3:67:70:26:
fb:20:46:72:0e:82:04:cd:26:37:61:55:60:38:1f:
4e:39:33:8c:bb:be:55:80:01:19:87:82:83:13:f7:
c5:a8:5f:7e:ad:e3:ae:8f:c8:4f:87:5c:7d:9f:88:
48:7e:ff:52:a1:16:79:97:c0:5d:fc:17:2d:aa:59:
f6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:3E:B2:C6:0D:EE:CA:7B:24:10:DF:13:79:ED:83:68:A8:EC:11:38
X509v3 Authority Key Identifier:
keyid:38:14:B6:48:DD:57:42:02:5C:3D:DA:5E:AA:66:49:1F:FD:B2:E5:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBS2SN1XQgJcPdpeqmZJH_2y5dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/12df2d-94f1-4d10-94a4-1f8368801fdc/1/OBS2SN1XQgJcPdpeqmZJH_2y5dk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/12df2d-94f1-4d10-94a4-1f8368801fdc/1/OBS2SN1XQgJcPdpeqmZJH_2y5dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:e3:02:85:a0:08:98:7a:9c:0c:10:ce:75:c3:8c:5f:68:d9:
ab:46:bc:ae:f0:83:20:4b:ae:19:63:57:4c:69:65:06:33:96:
88:1c:86:07:aa:d7:5e:2e:bc:19:f5:81:ea:5e:2a:1b:92:b4:
d0:4b:11:9a:33:05:3d:aa:70:10:b8:23:c7:53:cd:bc:6d:4b:
39:ab:e4:52:c5:99:19:d7:9c:43:d7:78:c8:0c:a5:b1:b3:88:
29:ab:55:15:05:cd:55:c5:38:70:05:30:75:b3:26:d7:28:97:
0c:d4:0a:60:fb:50:c5:58:55:48:db:05:e5:0f:d8:c1:b0:5f:
df:3c:f2:91:50:05:8e:9c:5d:b7:75:89:f1:8f:0d:00:59:5f:
e7:86:51:ee:61:05:0e:49:00:ae:00:f9:33:a2:a9:4d:ba:7d:
48:5a:ff:e6:d2:aa:09:96:e3:f3:e9:56:34:21:2d:ab:bc:5d:
e6:54:35:3f:97:fe:33:ec:88:6b:e8:11:f5:ac:6e:84:31:61:
75:6c:ca:d9:8e:31:94:28:38:fe:00:aa:68:b7:4c:41:f6:59:
fa:8f:94:4c:29:4e:fa:55:25:cd:0f:89:d8:4b:98:7b:07:45:
73:3b:b0:77:b3:04:84:af:ad:4a:11:77:78:ad:5a:d9:9e:dc:
73:95:48:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iV0e7ZqlM8HBazk4I6EeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MTRiNjQ4ZGQ1NzQyMDI1YzNkZGE1ZWFhNjY0OTFmZmRi
MmU1ZDkwHhcNMjYwMzI5MDMwMDQyWhcNMjYwMzMwMDMwMDQyWjAzMTEwLwYDVQQD
Eyg1YTNlYjJjNjBkZWVjYTdiMjQxMGRmMTM3OWVkODM2OGE4ZWMxMTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw/qFoecbXngNgm5jPwu2+D3rmFR
FyJiE1+mjPkdFnYmna6XQ0xaonLqYnKybe6VAYse4S1D1txM7SdN6YQ6udXBb3ot
HFKcV7lOuC1dZwOcg/v3LksPmj9NgjTO9sTArYF6UZ3DXD9vo+t2KXJE9N366UYr
H0Ng40rQllJf/hYlJKpVA5oW4dXU0ImqJ57G+hnVmoq3WVMxv7W4Yn3N8sYx7eKh
8/4KE1kZUMXXJ5Dubq184MUaR5zIr1r3+8NncCb7IEZyDoIEzSY3YVVgOB9OOTOM
u75VgAEZh4KDE/fFqF9+reOuj8hPh1x9n4hIfv9SoRZ5l8Bd/Bctqln2pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFo+ssYN7sp7JBDfE3ntg2io7BE4MB8GA1UdIwQY
MBaAFDgUtkjdV0ICXD3aXqpmSR/9suXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0JTMlNOMVhRZ0pjUGRwZXFtWkpIXzJ5NWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xMmRmMmQtOTRmMS00ZDEwLTk0YTQt
MWY4MzY4ODAxZmRjLzEvT0JTMlNOMVhRZ0pjUGRwZXFtWkpIXzJ5NWRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xMmRmMmQtOTRmMS00ZDEwLTk0YTQtMWY4MzY4ODAxZmRj
LzEvT0JTMlNOMVhRZ0pjUGRwZXFtWkpIXzJ5NWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmuMChaAI
mHqcDBDOdcOMX2jZq0a8rvCDIEuuGWNXTGllBjOWiByGB6rXXi68GfWB6l4qG5K0
0EsRmjMFPapwELgjx1PNvG1LOavkUsWZGdecQ9d4yAylsbOIKatVFQXNVcU4cAUw
dbMm1yiXDNQKYPtQxVhVSNsF5Q/YwbBf3zzykVAFjpxdt3WJ8Y8NAFlf54ZR7mEF
DkkArgD5M6KpTbp9SFr/5tKqCZbj8+lWNCEtq7xd5lQ1P5f+M+yIa+gR9axuhDFh
dWzK2Y4xlCg4/gCqaLdMQfZZ+o+UTClO+lUlzQ+J2EuYewdFczuwd7MEhK+tShF3
eK1a2Z7cc5VIgw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:45:40 2026 by rpki-client