Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/oH9uK2DKRkcA3Y4o-6DarcLEDO0.mft
File: oH9uK2DKRkcA3Y4o-6DarcLEDO0.mft (raw, json)
Hash identifier: ssm/VKvVzNqDES/CYle1AroEpZnYHlNWhPrmhqjT55A=
Subject key identifier: B1:76:11:05:B1:A2:55:F8:BE:79:3E:83:64:FF:D9:C2:27:F2:13:22
Authority key identifier: A0:7F:6E:2B:60:CA:46:47:00:DD:8E:28:FB:A0:DA:AD:C2:C4:0C:ED
Certificate issuer: /CN=a07f6e2b60ca464700dd8e28fba0daadc2c40ced
Certificate serial: 019D38D316CF5E35A66762B1509396D7886D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oH9uK2DKRkcA3Y4o-6DarcLEDO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/oH9uK2DKRkcA3Y4o-6DarcLEDO0.mft
Manifest number: 0502
Signing time: Sun 29 Mar 2026 09:00:51 +0000
Manifest this update: Sun 29 Mar 2026 09:00:51 +0000
Manifest next update: Mon 30 Mar 2026 09:00:51 +0000
Files and hashes: 1: CWrDgc5NbM6Zs9itj9MrhDXauLk.roa (hash: 560ydlJiyR+07bXN/UJ/XSK5/4Gksiqy4Mjbt8hjlzc=)
2: oH9uK2DKRkcA3Y4o-6DarcLEDO0.crl (hash: i+Vz1XGCfxHj0TNHEHiu8u9qhdYxTEyZOpvQX2aXzOI=)
3: xf3fvrapGPL0YVXoyYDdzlTvzBQ.roa (hash: Lr8wCklzvs9FPPUMnaTVlsRfmWB1G14CuyO51jqEGdU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/oH9uK2DKRkcA3Y4o-6DarcLEDO0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/oH9uK2DKRkcA3Y4o-6DarcLEDO0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oH9uK2DKRkcA3Y4o-6DarcLEDO0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:16:cf:5e:35:a6:67:62:b1:50:93:96:d7:88:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a07f6e2b60ca464700dd8e28fba0daadc2c40ced
Validity
Not Before: Mar 29 09:00:51 2026 GMT
Not After : Mar 30 09:00:51 2026 GMT
Subject: CN=b1761105b1a255f8be793e8364ffd9c227f21322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d6:75:d4:ff:33:c5:ad:4e:1d:e1:c8:0b:97:
d3:8d:6a:3e:fa:86:c7:3b:33:4a:37:b3:c5:0f:90:
70:9d:94:5a:eb:e5:c6:5f:4a:bf:c9:9f:6b:8e:3b:
59:28:ca:e0:2c:c3:15:47:a2:f5:77:b1:b9:0d:14:
98:f4:11:5e:ff:05:be:a5:50:68:f3:20:d6:ae:b1:
36:ed:c8:64:b5:72:b4:1d:8e:ec:83:a7:6a:fd:63:
9e:3a:7b:2d:3f:73:85:3b:83:f0:25:87:79:a8:4e:
cd:54:64:1f:26:30:18:82:18:71:b0:1d:0a:c4:9a:
0f:ab:bb:42:2f:78:88:5a:c5:dc:04:57:9f:b0:20:
3f:60:c9:d1:47:94:f9:a9:d3:a5:2a:2b:36:f8:f2:
fc:f9:e0:ec:a7:7c:74:c0:3e:45:44:67:a6:74:e3:
5c:52:72:96:0b:da:37:e6:d1:f2:25:1a:17:86:de:
a8:e2:96:a0:75:13:50:44:cf:8d:80:23:bc:29:29:
2a:fb:55:89:05:0c:c7:e8:a1:35:95:83:3b:8c:52:
06:61:ae:97:15:74:e1:28:26:75:d0:f2:29:2c:09:
9d:6d:30:5d:84:68:6d:42:0c:9c:ad:f6:c9:5d:54:
95:f1:8f:87:72:d3:43:fe:ab:4d:57:b5:dd:f7:da:
66:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:76:11:05:B1:A2:55:F8:BE:79:3E:83:64:FF:D9:C2:27:F2:13:22
X509v3 Authority Key Identifier:
keyid:A0:7F:6E:2B:60:CA:46:47:00:DD:8E:28:FB:A0:DA:AD:C2:C4:0C:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oH9uK2DKRkcA3Y4o-6DarcLEDO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/oH9uK2DKRkcA3Y4o-6DarcLEDO0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/oH9uK2DKRkcA3Y4o-6DarcLEDO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:d3:94:a0:14:76:37:d3:a6:ba:f4:72:b4:34:57:a2:ba:1a:
a8:9e:b0:0c:ba:58:3e:0f:f1:0d:8c:76:c4:12:ee:8f:fc:20:
da:74:e9:d4:d2:c2:7e:dd:37:64:c2:7f:29:b6:b8:5c:2c:cb:
7d:b9:86:fc:44:77:93:12:e9:7c:c7:18:06:6e:f3:9b:db:bb:
53:a9:eb:24:d3:cb:19:73:49:cb:a5:35:b7:3b:ed:00:32:83:
0f:b1:f2:c7:11:1f:22:07:69:78:0c:08:19:1c:d0:28:e6:51:
05:78:f5:35:c1:de:99:e0:5d:8d:74:bd:b3:cc:01:d5:6e:ab:
72:bd:f9:e3:45:18:c9:db:1d:59:4d:83:3c:c8:7b:f4:59:54:
e4:62:38:bd:58:cf:1b:95:0f:3a:ee:26:b0:2b:b7:48:10:a7:
47:60:72:c7:52:8b:54:ae:f9:be:e2:a4:cb:72:d8:80:90:4b:
ee:43:34:85:ef:b0:ec:aa:4c:e9:bd:51:65:7e:91:b8:4b:14:
02:a3:cd:94:b0:50:6b:bf:64:12:3f:a3:59:c8:ba:6f:cb:40:
2e:cd:5d:0a:a8:33:0b:f5:2d:cd:96:26:49:cc:73:0d:fb:84:
0f:cc:bb:7a:ca:fe:74:79:97:f9:7d:39:12:1e:62:12:69:f4:
35:7e:e6:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040xbPXjWmZ2KxUJOW14htMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwN2Y2ZTJiNjBjYTQ2NDcwMGRkOGUyOGZiYTBkYWFkYzJj
NDBjZWQwHhcNMjYwMzI5MDkwMDUxWhcNMjYwMzMwMDkwMDUxWjAzMTEwLwYDVQQD
EyhiMTc2MTEwNWIxYTI1NWY4YmU3OTNlODM2NGZmZDljMjI3ZjIxMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotZ11P8zxa1OHeHIC5fTjWo++obH
OzNKN7PFD5BwnZRa6+XGX0q/yZ9rjjtZKMrgLMMVR6L1d7G5DRSY9BFe/wW+pVBo
8yDWrrE27chktXK0HY7sg6dq/WOeOnstP3OFO4PwJYd5qE7NVGQfJjAYghhxsB0K
xJoPq7tCL3iIWsXcBFefsCA/YMnRR5T5qdOlKis2+PL8+eDsp3x0wD5FRGemdONc
UnKWC9o35tHyJRoXht6o4pagdRNQRM+NgCO8KSkq+1WJBQzH6KE1lYM7jFIGYa6X
FXThKCZ10PIpLAmdbTBdhGhtQgycrfbJXVSV8Y+HctND/qtNV7Xd99pmxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLF2EQWxolX4vnk+g2T/2cIn8hMiMB8GA1UdIwQY
MBaAFKB/bitgykZHAN2OKPug2q3CxAztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0g5dUsyREtSa2NBM1k0by02RGFyY0xFRE8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hN2NlOWUtMTBmYy00YmRhLTgzOGIt
YmNiNzI0YmMyNjg0LzEvb0g5dUsyREtSa2NBM1k0by02RGFyY0xFRE8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hN2NlOWUtMTBmYy00YmRhLTgzOGItYmNiNzI0YmMyNjg0
LzEvb0g5dUsyREtSa2NBM1k0by02RGFyY0xFRE8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAItOUoBR2
N9OmuvRytDRXoroaqJ6wDLpYPg/xDYx2xBLuj/wg2nTp1NLCft03ZMJ/Kba4XCzL
fbmG/ER3kxLpfMcYBm7zm9u7U6nrJNPLGXNJy6U1tzvtADKDD7HyxxEfIgdpeAwI
GRzQKOZRBXj1NcHemeBdjXS9s8wB1W6rcr3540UYydsdWU2DPMh79FlU5GI4vVjP
G5UPOu4msCu3SBCnR2Byx1KLVK75vuKky3LYgJBL7kM0he+w7KpM6b1RZX6RuEsU
AqPNlLBQa79kEj+jWci6b8tALs1dCqgzC/UtzZYmScxzDfuED8y7esr+dHmX+X05
Eh5iEmn0NX7muw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:30:56 2026 by rpki-client