Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
File: o8lj0aEdANOEre35u4blOEmpsYw.mft (raw, json)
Hash identifier: 9RL4LHJyS2fnbwkchS3PJV//aar02tYANKuyGfGuRSM=
Subject key identifier: 39:E1:3C:F1:BD:79:6E:61:FB:E1:A9:27:59:36:59:25:9A:E0:7E:B7
Authority key identifier: A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
Certificate issuer: /CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Certificate serial: 019D352CF75D4CB0C1E4B018899D091CF565
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
Manifest number: 1891
Signing time: Sat 28 Mar 2026 16:00:32 +0000
Manifest this update: Sat 28 Mar 2026 16:00:32 +0000
Manifest next update: Sun 29 Mar 2026 16:00:32 +0000
Files and hashes: 1: o8lj0aEdANOEre35u4blOEmpsYw.crl (hash: Q4+Iuq83NvoYdhVsYOma92hvWn7EZE2zQ6vww7rZe9E=)
2: sbWj3cDEvspo2pzFM90qmBN7XGY.roa (hash: ZCuFftw5Wl2QKtDaCFVmcabJrAkBRibR6g/1SyLs2gs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:35:2c:f7:5d:4c:b0:c1:e4:b0:18:89:9d:09:1c:f5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Validity
Not Before: Mar 28 16:00:32 2026 GMT
Not After : Mar 29 16:00:32 2026 GMT
Subject: CN=39e13cf1bd796e61fbe1a927593659259ae07eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b7:d1:8f:1a:86:91:1e:fe:92:a5:4c:f4:1e:
08:f8:a2:70:52:48:ad:cc:ad:1d:17:58:a9:44:56:
d5:04:59:a5:e7:5c:54:61:75:8b:e9:a4:5f:89:45:
33:0a:3b:40:ea:08:8e:93:36:5b:22:57:68:2b:c5:
01:07:01:bd:08:09:f7:1b:83:c2:29:a0:ce:1b:2e:
f2:48:ad:de:de:b1:4a:74:07:5b:13:bf:de:f6:00:
26:35:df:e3:d1:c4:97:0e:f8:6c:cd:de:6f:0d:40:
4e:4b:c9:8d:5a:2f:e7:2e:d5:89:50:79:81:51:12:
f8:2c:87:6c:1b:88:6a:ed:78:21:93:09:84:26:19:
20:4c:9c:29:af:10:41:51:88:07:23:a0:85:71:04:
40:0f:fe:9e:98:8c:8e:91:47:0a:c8:21:52:4b:e3:
49:cb:6d:c2:e2:ec:27:63:2a:73:0f:ca:fd:f6:98:
53:1c:b6:a4:1b:59:cc:30:3c:fa:e3:30:68:74:c9:
65:51:ce:67:84:46:79:33:56:86:50:02:9f:60:f1:
bf:19:46:36:fd:74:9f:62:8d:9d:34:ed:79:28:e8:
bb:cb:94:e2:90:58:6f:3b:1f:48:43:e5:28:fb:7c:
91:58:ef:35:d2:fa:ce:db:e9:55:a9:7e:3f:74:1a:
d0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E1:3C:F1:BD:79:6E:61:FB:E1:A9:27:59:36:59:25:9A:E0:7E:B7
X509v3 Authority Key Identifier:
keyid:A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:fe:76:16:65:9f:16:98:67:0b:5d:28:bd:6a:76:cd:7f:6e:
1c:4f:f2:73:97:cc:d2:56:20:7a:68:42:93:74:69:c1:f2:88:
71:7c:3d:92:a7:a9:b2:05:34:8c:51:af:65:50:17:f3:1a:73:
03:79:6c:d1:bd:1d:88:8d:1c:7d:ed:c1:d4:6a:75:fe:17:84:
d3:39:5a:e5:04:95:22:49:00:f5:40:7b:0b:86:d4:62:9c:8f:
d0:7f:e6:0a:9d:2c:af:41:7b:81:47:ce:4f:ff:31:70:a4:a7:
c3:68:90:fb:d6:47:d3:6c:e6:6d:0f:f1:46:af:e1:2f:a8:b4:
f5:82:5a:b5:cf:98:11:7b:86:40:02:23:5b:e6:8a:f7:a5:46:
86:1b:b0:85:b1:76:c5:79:95:4f:09:e7:69:35:51:45:64:77:
86:ca:e3:d1:51:0f:5b:21:57:47:72:08:cf:b2:6f:2c:a2:b8:
0d:e0:38:3e:ff:5f:95:dd:88:ba:a7:40:67:f5:5a:69:91:31:
81:72:36:b9:bf:c3:90:e6:93:2e:99:04:1f:3f:be:cb:7d:c4:
ba:4d:01:5c:41:74:5b:0e:e1:9a:c2:07:a5:b2:c1:00:13:5e:
e0:78:da:46:e9:ec:8f:f4:0c:80:52:ff:68:be:0e:ba:74:f9:
89:0c:73:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ01LPddTLDB5LAYiZ0JHPVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzk2M2QxYTExZDAwZDM4NGFkZWRmOWJiODZlNTM4NDlh
OWIxOGMwHhcNMjYwMzI4MTYwMDMyWhcNMjYwMzI5MTYwMDMyWjAzMTEwLwYDVQQD
EygzOWUxM2NmMWJkNzk2ZTYxZmJlMWE5Mjc1OTM2NTkyNTlhZTA3ZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrfRjxqGkR7+kqVM9B4I+KJwUkit
zK0dF1ipRFbVBFml51xUYXWL6aRfiUUzCjtA6giOkzZbIldoK8UBBwG9CAn3G4PC
KaDOGy7ySK3e3rFKdAdbE7/e9gAmNd/j0cSXDvhszd5vDUBOS8mNWi/nLtWJUHmB
URL4LIdsG4hq7XghkwmEJhkgTJwprxBBUYgHI6CFcQRAD/6emIyOkUcKyCFSS+NJ
y23C4uwnYypzD8r99phTHLakG1nMMDz64zBodMllUc5nhEZ5M1aGUAKfYPG/GUY2
/XSfYo2dNO15KOi7y5TikFhvOx9IQ+Uo+3yRWO810vrO2+lVqX4/dBrQHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDnhPPG9eW5h++GpJ1k2WSWa4H63MB8GA1UdIwQY
MBaAFKPJY9GhHQDThK3t+buG5ThJqbGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2Qt
MTA0MmVhOGUzYmZiLzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2QtMTA0MmVhOGUzYmZi
LzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJf52FmWf
FphnC10ovWp2zX9uHE/yc5fM0lYgemhCk3RpwfKIcXw9kqepsgU0jFGvZVAX8xpz
A3ls0b0diI0cfe3B1Gp1/heE0zla5QSVIkkA9UB7C4bUYpyP0H/mCp0sr0F7gUfO
T/8xcKSnw2iQ+9ZH02zmbQ/xRq/hL6i09YJatc+YEXuGQAIjW+aK96VGhhuwhbF2
xXmVTwnnaTVRRWR3hsrj0VEPWyFXR3IIz7JvLKK4DeA4Pv9fld2IuqdAZ/VaaZEx
gXI2ub/DkOaTLpkEHz++y33Euk0BXEF0Ww7hmsIHpbLBABNe4HjaRunsj/QMgFL/
aL4OunT5iQxzyw==
-----END CERTIFICATE-----
Generated at Sat Mar 28 18:24:14 2026 by rpki-client