Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.mft
File: ojIkxQF9NOzcKNDPNkQtZb754KA.mft (raw, json)
Hash identifier: tyFQAJp4VBpa+Eh57FEe4EfBQTTJFcgiWJk04nzAdRU=
Subject key identifier: 7C:64:38:D1:10:4A:32:CD:CB:88:A5:7E:9E:FF:90:E4:40:25:58:5D
Authority key identifier: A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
Certificate issuer: /CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Certificate serial: 019D390A349549417690F41FABDC999B4671
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.mft
Manifest number: 1899
Signing time: Sun 29 Mar 2026 10:01:03 +0000
Manifest this update: Sun 29 Mar 2026 10:01:03 +0000
Manifest next update: Mon 30 Mar 2026 10:01:03 +0000
Files and hashes: 1: 1nYeCdEIBl74RW5H49WfsI_nh5E.roa (hash: EcWzaBWnHXuF+60jlRtvVMtfG/DsbN91ytwmWQKXBaU=)
2: WJ5q-_YpjemWY4gDwOrsfg8-7ps.roa (hash: 7c7RZOTv3Be2R6ZcFGTG+yBTp0jpJb35qh0V1e0nACU=)
3: ojIkxQF9NOzcKNDPNkQtZb754KA.crl (hash: OUijfo4QP89koJB360d27LalPcJLn61qWLOpblrjGn0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:34:95:49:41:76:90:f4:1f:ab:dc:99:9b:46:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Validity
Not Before: Mar 29 10:01:03 2026 GMT
Not After : Mar 30 10:01:03 2026 GMT
Subject: CN=7c6438d1104a32cdcb88a57e9eff90e44025585d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d2:d9:5a:ad:d4:83:c2:18:48:31:42:15:89:
c5:03:7c:71:1a:e0:11:30:cb:c9:b3:fe:ad:c6:7b:
37:9f:51:99:bb:3f:8a:65:2d:ba:2d:e8:0a:bc:15:
a6:a5:bf:d6:0a:4a:2d:9d:2b:ba:3e:0a:20:24:9e:
62:bf:18:9f:2b:da:e5:95:86:23:43:6d:63:2d:ba:
fe:27:62:85:e6:3e:18:29:a6:70:57:a7:56:03:18:
43:8e:2c:bd:6d:b6:a6:d3:8e:9d:68:1c:b2:e1:2d:
9a:92:bd:55:e3:69:66:f5:95:73:b5:5a:ec:91:50:
27:5d:1a:77:aa:46:e9:c8:a9:99:de:69:70:28:a2:
f4:cf:ea:ac:53:c4:0a:f0:a9:6c:c9:93:43:e4:3a:
bc:f7:bd:b7:50:47:fd:30:c2:25:8d:68:4b:ac:81:
e5:85:e9:71:02:18:89:83:0a:d7:de:66:c4:46:d6:
aa:21:a3:7e:7a:45:75:33:1c:69:85:ba:d9:c4:3d:
07:b8:c3:d4:e3:1a:07:09:75:e1:ac:91:86:59:01:
cf:81:15:63:64:ee:08:11:3f:a6:62:63:7c:fc:a1:
45:f1:a6:98:57:31:50:51:7f:c8:20:22:2b:b1:aa:
85:ef:1b:ad:94:44:65:21:c1:fc:82:33:75:86:ed:
88:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:64:38:D1:10:4A:32:CD:CB:88:A5:7E:9E:FF:90:E4:40:25:58:5D
X509v3 Authority Key Identifier:
keyid:A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:74:4b:d8:97:0a:1f:b7:8a:0e:24:5a:6f:65:28:31:f5:d7:
12:5b:04:8a:d4:b7:b5:9c:07:4b:59:3e:b8:32:b7:a1:4c:83:
6c:ac:f4:7f:be:16:26:ed:88:e7:15:27:83:ee:4a:78:64:2d:
c6:b7:a7:16:2f:aa:52:e4:c6:5a:f6:87:2a:90:94:14:9d:df:
1d:3f:cf:90:06:96:8b:a5:ce:b3:7b:97:94:53:ac:f4:d6:22:
f7:a3:07:92:97:f6:e0:00:6a:fa:87:8f:75:ee:0a:96:b8:6b:
b8:1c:73:1a:76:8b:0d:63:e6:18:b0:f1:f0:d7:8f:1d:5e:39:
a4:28:cc:39:26:3b:05:db:06:af:65:4c:ae:3b:8f:a0:5d:ec:
52:64:73:ca:24:cd:6f:f8:f0:b0:4e:01:41:72:31:41:96:0b:
af:c0:1e:54:29:06:f8:48:3a:b9:d5:2f:38:3a:87:d6:d9:49:
06:b9:ea:5e:e1:d0:0e:48:e7:c6:ce:50:3a:c5:3a:28:3a:e5:
80:b5:fd:98:41:e9:31:b2:8b:c3:cb:5e:99:3d:77:6a:75:7d:
65:89:c7:97:f4:81:ca:1a:89:00:50:d9:55:a0:74:d9:01:82:
be:2a:58:04:a7:50:ee:5c:93:e0:c8:52:5e:26:b5:14:fb:c3:
25:57:9e:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CjSVSUF2kPQfq9yZm0ZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMzIyNGM1MDE3ZDM0ZWNkYzI4ZDBjZjM2NDQyZDY1YmVm
OWUwYTAwHhcNMjYwMzI5MTAwMTAzWhcNMjYwMzMwMTAwMTAzWjAzMTEwLwYDVQQD
Eyg3YzY0MzhkMTEwNGEzMmNkY2I4OGE1N2U5ZWZmOTBlNDQwMjU1ODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdLZWq3Ug8IYSDFCFYnFA3xxGuAR
MMvJs/6txns3n1GZuz+KZS26LegKvBWmpb/WCkotnSu6PgogJJ5ivxifK9rllYYj
Q21jLbr+J2KF5j4YKaZwV6dWAxhDjiy9bbam046daByy4S2akr1V42lm9ZVztVrs
kVAnXRp3qkbpyKmZ3mlwKKL0z+qsU8QK8KlsyZND5Dq89723UEf9MMIljWhLrIHl
helxAhiJgwrX3mbERtaqIaN+ekV1MxxphbrZxD0HuMPU4xoHCXXhrJGGWQHPgRVj
ZO4IET+mYmN8/KFF8aaYVzFQUX/IICIrsaqF7xutlERlIcH8gjN1hu2I/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHxkONEQSjLNy4ilfp7/kORAJVhdMB8GA1UdIwQY
MBaAFKIyJMUBfTTs3CjQzzZELWW++eCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTkt
ZmVjOGE4MGVkMjMzLzEvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTktZmVjOGE4MGVkMjMz
LzEvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJnRL2JcK
H7eKDiRab2UoMfXXElsEitS3tZwHS1k+uDK3oUyDbKz0f74WJu2I5xUng+5KeGQt
xrenFi+qUuTGWvaHKpCUFJ3fHT/PkAaWi6XOs3uXlFOs9NYi96MHkpf24ABq+oeP
de4KlrhruBxzGnaLDWPmGLDx8NePHV45pCjMOSY7BdsGr2VMrjuPoF3sUmRzyiTN
b/jwsE4BQXIxQZYLr8AeVCkG+Eg6udUvODqH1tlJBrnqXuHQDkjnxs5QOsU6KDrl
gLX9mEHpMbKLw8temT13anV9ZYnHl/SByhqJAFDZVaB02QGCvipYBKdQ7lyT4MhS
Xia1FPvDJVeeHQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:56:42 2026 by rpki-client