Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/01eafc-d65a-4a77-ba73-f2c48faf7f3d/1/OUKesL2HA74uXwrMwoG_IhYEsM4.mft
File: OUKesL2HA74uXwrMwoG_IhYEsM4.mft (raw, json)
Hash identifier: xXK3jlmAS5Yyavy30LjZSpbCXM6AEJNWaL/qf0EDJGo=
Subject key identifier: B4:85:C0:43:65:41:06:B5:4E:B5:91:4F:23:0D:77:C1:92:5A:C6:EE
Authority key identifier: 39:42:9E:B0:BD:87:03:BE:2E:5F:0A:CC:C2:81:BF:22:16:04:B0:CE
Certificate issuer: /CN=39429eb0bd8703be2e5f0accc281bf221604b0ce
Certificate serial: 019D352CC37AD0749F16088D81E27B0CCC32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OUKesL2HA74uXwrMwoG_IhYEsM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/01eafc-d65a-4a77-ba73-f2c48faf7f3d/1/OUKesL2HA74uXwrMwoG_IhYEsM4.mft
Manifest number: 09AA
Signing time: Sat 28 Mar 2026 16:00:19 +0000
Manifest this update: Sat 28 Mar 2026 16:00:19 +0000
Manifest next update: Sun 29 Mar 2026 16:00:19 +0000
Files and hashes: 1: OUKesL2HA74uXwrMwoG_IhYEsM4.crl (hash: PafRlRWEZqZ1nprC2iKDFKAWLOlTGlYM8mA4YCnVGcQ=)
2: futCv-J21MxYYna1NlT0XMLEUxQ.roa (hash: Nuw/WTHENdY0hVuqEP9gOdFLaQ350WDyvFQ78Xtrdks=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/01eafc-d65a-4a77-ba73-f2c48faf7f3d/1/OUKesL2HA74uXwrMwoG_IhYEsM4.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/01eafc-d65a-4a77-ba73-f2c48faf7f3d/1/OUKesL2HA74uXwrMwoG_IhYEsM4.mft
rsync://rpki.ripe.net/repository/DEFAULT/OUKesL2HA74uXwrMwoG_IhYEsM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:35:2c:c3:7a:d0:74:9f:16:08:8d:81:e2:7b:0c:cc:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39429eb0bd8703be2e5f0accc281bf221604b0ce
Validity
Not Before: Mar 28 16:00:19 2026 GMT
Not After : Mar 29 16:00:19 2026 GMT
Subject: CN=b485c043654106b54eb5914f230d77c1925ac6ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d5:83:a5:63:df:91:52:9f:cf:55:ca:ea:75:
8a:22:56:d8:ae:48:41:6e:67:b3:d8:15:c0:8d:1a:
71:91:c3:9f:17:2d:ee:1a:0a:f8:7a:83:e3:3b:8b:
d8:08:2d:9d:01:48:c2:fe:84:96:20:3d:c4:05:c2:
10:e4:e6:b6:42:c7:75:64:b1:08:db:b5:79:ac:a9:
06:b7:5e:32:49:04:36:66:3b:f9:60:d9:cd:03:f5:
c1:0c:7b:73:cb:d4:cd:1e:60:6f:0d:74:2f:ac:6c:
d5:e2:2d:d0:cc:4d:c5:3c:85:70:27:fc:54:43:db:
85:2f:05:3c:8a:58:3e:5a:c6:40:ab:f7:a3:5b:55:
32:9a:f3:14:b0:30:87:85:f2:37:4f:77:58:49:30:
aa:57:9b:07:ce:f1:2b:ff:66:2b:79:b7:ce:90:6f:
d8:cb:c1:7a:59:7e:be:32:fc:e5:88:fc:84:68:ac:
b3:b3:eb:23:15:ae:9c:de:62:04:57:09:c4:82:a8:
79:5c:c7:3e:79:a5:d6:24:3f:4c:4e:47:62:f0:8b:
60:2e:4d:07:90:93:4e:2e:17:04:39:3b:e5:16:e9:
fb:40:a4:47:6c:23:08:c5:aa:4e:a3:da:16:30:72:
a1:8f:65:de:bc:a4:3c:19:69:68:57:9c:7d:85:ea:
5c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:85:C0:43:65:41:06:B5:4E:B5:91:4F:23:0D:77:C1:92:5A:C6:EE
X509v3 Authority Key Identifier:
keyid:39:42:9E:B0:BD:87:03:BE:2E:5F:0A:CC:C2:81:BF:22:16:04:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUKesL2HA74uXwrMwoG_IhYEsM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/01eafc-d65a-4a77-ba73-f2c48faf7f3d/1/OUKesL2HA74uXwrMwoG_IhYEsM4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/01eafc-d65a-4a77-ba73-f2c48faf7f3d/1/OUKesL2HA74uXwrMwoG_IhYEsM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:68:9d:60:8b:a9:1b:a6:77:80:0d:45:65:45:61:78:d4:ae:
48:ea:38:2f:d1:78:ab:1a:ae:1d:20:94:b0:ab:b9:c0:e7:49:
eb:ac:13:15:15:b8:da:ed:c6:2e:54:32:e2:02:63:fd:17:ae:
87:80:8b:d7:ed:5e:73:b1:61:b2:f7:40:11:51:69:42:d8:27:
9b:7e:10:60:6c:59:52:38:d0:c9:ef:e4:76:87:c4:32:ca:f2:
7a:bf:1e:85:b5:c9:d4:89:1a:cf:46:51:8f:6a:b7:5c:fe:9c:
36:d3:91:83:41:35:b4:8c:c1:a8:0d:dd:14:28:e5:b7:6e:fa:
94:45:fd:6b:7b:16:33:f6:e5:0a:fe:cf:d2:7e:d9:c3:38:6b:
74:dd:0a:5f:9e:37:01:7e:d0:ee:d5:f5:aa:10:8e:7e:57:32:
c5:d0:97:dc:8c:9d:b8:12:d9:14:e0:16:14:b6:05:4c:a7:fa:
a7:da:72:06:cb:0d:ff:13:e6:4d:e4:da:a8:96:be:63:b6:ba:
38:29:41:09:ef:6b:92:26:b6:ef:dd:78:e4:a0:ef:44:2b:66:
df:01:92:40:95:6b:cf:db:b2:eb:09:29:ca:f6:db:9b:8d:1a:
b4:9a:8d:60:25:d0:b6:af:59:ee:6d:01:cd:fc:0f:47:6e:07:
a1:2c:d8:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ01LMN60HSfFgiNgeJ7DMwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NDI5ZWIwYmQ4NzAzYmUyZTVmMGFjY2MyODFiZjIyMTYw
NGIwY2UwHhcNMjYwMzI4MTYwMDE5WhcNMjYwMzI5MTYwMDE5WjAzMTEwLwYDVQQD
EyhiNDg1YzA0MzY1NDEwNmI1NGViNTkxNGYyMzBkNzdjMTkyNWFjNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldWDpWPfkVKfz1XK6nWKIlbYrkhB
bmez2BXAjRpxkcOfFy3uGgr4eoPjO4vYCC2dAUjC/oSWID3EBcIQ5Oa2Qsd1ZLEI
27V5rKkGt14ySQQ2Zjv5YNnNA/XBDHtzy9TNHmBvDXQvrGzV4i3QzE3FPIVwJ/xU
Q9uFLwU8ilg+WsZAq/ejW1UymvMUsDCHhfI3T3dYSTCqV5sHzvEr/2YrebfOkG/Y
y8F6WX6+MvzliPyEaKyzs+sjFa6c3mIEVwnEgqh5XMc+eaXWJD9MTkdi8ItgLk0H
kJNOLhcEOTvlFun7QKRHbCMIxapOo9oWMHKhj2XevKQ8GWloV5x9hepcDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSFwENlQQa1TrWRTyMNd8GSWsbuMB8GA1UdIwQY
MBaAFDlCnrC9hwO+Ll8KzMKBvyIWBLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1VLZXNMMkhBNzR1WHdyTXdvR19JaFlFc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wMWVhZmMtZDY1YS00YTc3LWJhNzMt
ZjJjNDhmYWY3ZjNkLzEvT1VLZXNMMkhBNzR1WHdyTXdvR19JaFlFc000Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wMWVhZmMtZDY1YS00YTc3LWJhNzMtZjJjNDhmYWY3ZjNk
LzEvT1VLZXNMMkhBNzR1WHdyTXdvR19JaFlFc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHGidYIup
G6Z3gA1FZUVheNSuSOo4L9F4qxquHSCUsKu5wOdJ66wTFRW42u3GLlQy4gJj/Reu
h4CL1+1ec7FhsvdAEVFpQtgnm34QYGxZUjjQye/kdofEMsryer8ehbXJ1Ikaz0ZR
j2q3XP6cNtORg0E1tIzBqA3dFCjlt276lEX9a3sWM/blCv7P0n7ZwzhrdN0KX543
AX7Q7tX1qhCOflcyxdCX3IyduBLZFOAWFLYFTKf6p9pyBssN/xPmTeTaqJa+Y7a6
OClBCe9rkia279145KDvRCtm3wGSQJVrz9uy6wkpyvbbm40atJqNYCXQtq9Z7m0B
zfwPR24HoSzYXw==
-----END CERTIFICATE-----
Generated at Sat Mar 28 19:50:13 2026 by rpki-client