Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/506ec8-150f-4275-ac05-05393f2b3a47/1/oiw84jcbnyHFfgw6V4fZWnNctQA.mft
File: oiw84jcbnyHFfgw6V4fZWnNctQA.mft (raw, json)
Hash identifier: AhOZDLSKseeN0p/EfxVNQqb2BOeKbzKzJ0lcug8IDMg=
Subject key identifier: 85:BD:97:83:8D:5D:A6:25:5A:6A:E5:09:A6:25:FD:65:1C:DB:78:E1
Authority key identifier: A2:2C:3C:E2:37:1B:9F:21:C5:7E:0C:3A:57:87:D9:5A:73:5C:B5:00
Certificate issuer: /CN=a22c3ce2371b9f21c57e0c3a5787d95a735cb500
Certificate serial: 019D382DECFA6F09D72FF2CEC1D4F0EA2782
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oiw84jcbnyHFfgw6V4fZWnNctQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/506ec8-150f-4275-ac05-05393f2b3a47/1/oiw84jcbnyHFfgw6V4fZWnNctQA.mft
Manifest number: 128A
Signing time: Sun 29 Mar 2026 06:00:26 +0000
Manifest this update: Sun 29 Mar 2026 06:00:26 +0000
Manifest next update: Mon 30 Mar 2026 06:00:26 +0000
Files and hashes: 1: Kva8pOVZlkquTrmEhbp1bVFcO6k.roa (hash: RxzZTraMVAKkP8ewUU+x3bHJ3Ubv/2C3lu8vqzkWAJU=)
2: oiw84jcbnyHFfgw6V4fZWnNctQA.crl (hash: spor5hoFcCNgb2z5nEvTtP/Xh6G9T3Atb/m9oZlI0mY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/506ec8-150f-4275-ac05-05393f2b3a47/1/oiw84jcbnyHFfgw6V4fZWnNctQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/506ec8-150f-4275-ac05-05393f2b3a47/1/oiw84jcbnyHFfgw6V4fZWnNctQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/oiw84jcbnyHFfgw6V4fZWnNctQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:ec:fa:6f:09:d7:2f:f2:ce:c1:d4:f0:ea:27:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a22c3ce2371b9f21c57e0c3a5787d95a735cb500
Validity
Not Before: Mar 29 06:00:26 2026 GMT
Not After : Mar 30 06:00:26 2026 GMT
Subject: CN=85bd97838d5da6255a6ae509a625fd651cdb78e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dd:56:62:82:fc:44:88:2a:d9:aa:d9:ae:3d:
7c:37:9c:f0:42:b0:d5:fb:45:64:95:87:16:c7:22:
b9:05:73:02:d1:a2:dd:cf:8d:f1:e8:dc:62:2b:96:
87:0c:86:5e:84:65:13:2b:47:b4:29:83:25:67:00:
9f:4d:19:7d:b2:82:74:2c:7a:5b:06:81:69:1b:25:
9e:29:f4:e3:99:58:b6:2b:1c:c1:3e:71:39:eb:98:
9e:ab:ea:3b:64:2d:cb:b8:f2:53:0e:83:08:12:6f:
33:d3:c7:1a:10:57:fb:7c:82:ee:5c:84:3e:92:9e:
83:bf:14:e3:3e:9f:fb:1d:79:0f:6a:9a:3e:b4:dd:
78:a0:6d:d3:e5:b5:8f:3f:dd:2c:44:b1:b0:20:32:
a2:51:3d:8d:dd:aa:4e:f5:1e:47:db:b2:e2:f8:cd:
ee:c1:4b:e8:a8:aa:dc:19:1e:05:8a:7f:33:54:34:
d5:0b:a1:3e:19:ad:41:a0:91:5d:0b:d1:7e:56:e5:
69:50:94:25:fd:b7:50:a5:c0:12:8c:3a:45:a2:5a:
95:e9:61:18:bf:ed:af:42:2f:e6:b8:b1:41:71:17:
62:f3:a1:3f:4e:c9:09:3b:8b:42:fc:66:6b:3c:5f:
35:4e:f2:b9:60:41:58:40:6e:9b:e7:b6:57:31:f3:
09:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:BD:97:83:8D:5D:A6:25:5A:6A:E5:09:A6:25:FD:65:1C:DB:78:E1
X509v3 Authority Key Identifier:
keyid:A2:2C:3C:E2:37:1B:9F:21:C5:7E:0C:3A:57:87:D9:5A:73:5C:B5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiw84jcbnyHFfgw6V4fZWnNctQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/506ec8-150f-4275-ac05-05393f2b3a47/1/oiw84jcbnyHFfgw6V4fZWnNctQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/506ec8-150f-4275-ac05-05393f2b3a47/1/oiw84jcbnyHFfgw6V4fZWnNctQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:1a:29:00:12:e7:cf:ec:63:c0:1f:67:d4:09:25:02:dd:f5:
93:15:d6:45:d4:d9:de:f3:97:75:4c:49:b5:f8:69:cc:0b:61:
92:3c:41:37:06:57:da:c7:f6:b7:d7:26:cb:b8:08:d9:c3:90:
e4:3b:43:e2:ca:b8:5f:d0:fd:2b:2a:55:12:49:f8:36:39:56:
ec:0c:ef:60:89:5f:b1:ac:0b:f7:80:08:da:f8:55:f9:c0:a0:
4f:74:fc:04:9c:b2:17:99:96:46:4a:05:a5:73:0e:db:38:5a:
ef:70:54:6a:09:ba:85:4b:2f:b4:5f:00:63:6f:dd:b5:a7:3f:
3c:6d:3f:bd:21:13:f6:16:38:c9:3a:1c:ad:47:b9:d8:e9:2f:
c2:6a:a1:f3:4f:f6:04:27:af:4a:94:56:c1:67:44:cc:a0:c9:
b1:32:35:6c:49:96:a1:3d:5f:5e:09:e4:30:f2:9f:8d:6c:df:
0a:31:f3:96:bf:67:48:ce:a4:41:34:81:80:cd:9a:73:46:5a:
3a:1e:a6:99:72:53:a8:a6:ed:46:b9:fa:7c:60:5a:99:76:8b:
5c:a4:6d:54:48:ec:9d:e7:31:5b:e4:8e:a4:c0:d6:b3:86:d3:
37:16:24:e1:e3:9f:99:c4:f9:d1:d8:12:41:b0:fc:c3:d1:aa:
af:b7:18:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lez6bwnXL/LOwdTw6ieCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMmMzY2UyMzcxYjlmMjFjNTdlMGMzYTU3ODdkOTVhNzM1
Y2I1MDAwHhcNMjYwMzI5MDYwMDI2WhcNMjYwMzMwMDYwMDI2WjAzMTEwLwYDVQQD
Eyg4NWJkOTc4MzhkNWRhNjI1NWE2YWU1MDlhNjI1ZmQ2NTFjZGI3OGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl91WYoL8RIgq2arZrj18N5zwQrDV
+0VklYcWxyK5BXMC0aLdz43x6NxiK5aHDIZehGUTK0e0KYMlZwCfTRl9soJ0LHpb
BoFpGyWeKfTjmVi2KxzBPnE565ieq+o7ZC3LuPJTDoMIEm8z08caEFf7fILuXIQ+
kp6DvxTjPp/7HXkPapo+tN14oG3T5bWPP90sRLGwIDKiUT2N3apO9R5H27Li+M3u
wUvoqKrcGR4Fin8zVDTVC6E+Ga1BoJFdC9F+VuVpUJQl/bdQpcASjDpFolqV6WEY
v+2vQi/muLFBcRdi86E/TskJO4tC/GZrPF81TvK5YEFYQG6b57ZXMfMJKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIW9l4ONXaYlWmrlCaYl/WUc23jhMB8GA1UdIwQY
MBaAFKIsPOI3G58hxX4MOleH2VpzXLUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2l3ODRqY2JueUhGZmd3NlY0ZlpXbk5jdFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81MDZlYzgtMTUwZi00Mjc1LWFjMDUt
MDUzOTNmMmIzYTQ3LzEvb2l3ODRqY2JueUhGZmd3NlY0ZlpXbk5jdFFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81MDZlYzgtMTUwZi00Mjc1LWFjMDUtMDUzOTNmMmIzYTQ3
LzEvb2l3ODRqY2JueUhGZmd3NlY0ZlpXbk5jdFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVRopABLn
z+xjwB9n1AklAt31kxXWRdTZ3vOXdUxJtfhpzAthkjxBNwZX2sf2t9cmy7gI2cOQ
5DtD4sq4X9D9KypVEkn4NjlW7AzvYIlfsawL94AI2vhV+cCgT3T8BJyyF5mWRkoF
pXMO2zha73BUagm6hUsvtF8AY2/dtac/PG0/vSET9hY4yTocrUe52Okvwmqh80/2
BCevSpRWwWdEzKDJsTI1bEmWoT1fXgnkMPKfjWzfCjHzlr9nSM6kQTSBgM2ac0Za
Oh6mmXJTqKbtRrn6fGBamXaLXKRtVEjsnecxW+SOpMDWs4bTNxYk4eOfmcT50dgS
QbD8w9Gqr7cYsQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:27:53 2026 by rpki-client