Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
File: OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft (raw, json)
Hash identifier: Bh/yRJ4oyvbzg8reHc3R0UFgsdTZNtogJTOC5e49ets=
Subject key identifier: D5:BD:1E:E0:B3:1A:7E:AD:22:61:23:3C:6F:B7:55:1B:EF:34:51:FB
Authority key identifier: 39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A
Certificate issuer: /CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a
Certificate serial: 019D38D35DE9C32F0162B2D96FC22AF3E71B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
Manifest number: 1012
Signing time: Sun 29 Mar 2026 09:01:09 +0000
Manifest this update: Sun 29 Mar 2026 09:01:09 +0000
Manifest next update: Mon 30 Mar 2026 09:01:09 +0000
Files and hashes: 1: OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl (hash: NDbWmsB3UWLcTZPRC6vd9HdKjzAdVJkHb+altWdB0mY=)
2: qvZ-nKf7EFh0r3KXcsWmv_aLkqs.roa (hash: XaQIlBTlE+Jhvgae5CyaS1DgkFx27OpIcetptyKOkgg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:5d:e9:c3:2f:01:62:b2:d9:6f:c2:2a:f3:e7:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a
Validity
Not Before: Mar 29 09:01:09 2026 GMT
Not After : Mar 30 09:01:09 2026 GMT
Subject: CN=d5bd1ee0b31a7ead2261233c6fb7551bef3451fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:26:83:f8:31:bd:96:b4:9a:fb:f9:ec:15:ae:
85:2a:d3:75:08:30:2c:b6:64:c5:99:39:1c:9d:2c:
14:e0:b1:8d:96:88:44:3e:a7:f9:ba:6f:da:95:1b:
5d:79:14:aa:92:05:d8:5f:2b:ae:d3:ce:e1:e3:41:
98:69:07:a5:cf:27:1e:03:aa:02:31:44:38:5f:8e:
0a:7f:85:fc:57:9e:df:36:1f:bb:dc:04:21:ed:fe:
b6:f2:04:01:f1:4d:e1:65:aa:63:a7:f6:85:8a:89:
a2:c4:a0:6a:2d:18:91:e2:4b:df:bb:0b:19:fe:de:
63:08:18:6a:e2:59:42:5a:28:d9:dd:81:63:d1:12:
27:2e:0c:16:e0:5f:d0:94:c5:07:ae:96:26:1f:65:
4b:6d:be:f6:98:3e:53:aa:58:73:5f:cc:91:ff:2d:
83:67:90:f4:4e:9c:4d:c9:a1:6d:ce:88:c6:4f:d7:
dc:22:b1:e2:a6:fd:98:47:94:41:98:cf:a0:b8:33:
3f:dd:e7:f5:6d:02:60:05:2b:fa:fd:e0:c6:30:49:
8c:89:2c:d8:3a:2a:4c:97:12:67:5f:e6:38:b6:10:
90:09:ed:3c:95:df:9f:12:77:e2:d5:94:69:d0:c0:
a6:4b:70:ff:57:f0:76:19:76:36:dd:9e:90:bb:72:
95:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BD:1E:E0:B3:1A:7E:AD:22:61:23:3C:6F:B7:55:1B:EF:34:51:FB
X509v3 Authority Key Identifier:
keyid:39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:de:6f:cb:61:db:e6:87:cc:49:25:ac:e2:82:44:e1:f3:62:
6e:10:74:f0:5e:2a:bc:7e:b4:7f:30:78:be:be:c7:19:e0:cc:
ee:e1:6b:c1:94:66:30:60:3d:de:e2:80:5f:92:6e:c0:39:79:
31:ff:ed:83:60:49:55:a5:7c:8d:24:68:bc:6a:68:4c:73:35:
30:80:6f:2d:74:a2:5f:39:f4:2b:cc:b7:af:8b:ad:a1:f9:9b:
e4:46:e1:79:62:fc:fc:75:75:28:6e:92:6b:48:2d:b9:d8:4a:
a9:28:7f:a1:77:8f:e1:45:8a:f4:61:20:03:a9:7f:b2:98:2c:
45:18:87:c2:9e:77:0f:84:e3:49:3d:24:66:5c:10:a0:bf:82:
7f:df:bf:79:1a:d8:70:eb:85:b4:73:d4:9c:a7:0f:11:b0:ad:
09:ab:8d:c8:14:b1:a3:bb:7d:38:d6:de:bb:b7:e3:f4:df:be:
07:4f:79:ee:bf:3a:7a:b5:85:14:73:58:6d:45:5f:b6:95:40:
0b:14:18:fc:e4:ae:5a:e8:91:c3:40:11:04:19:9e:77:24:df:
03:3d:ba:73:1c:9f:1f:57:15:4b:47:2f:f9:39:c9:4c:4f:bc:
88:6c:16:5a:a2:86:67:39:c0:90:f0:48:58:ed:e0:75:e0:85:
2c:b0:dd:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04013pwy8BYrLZb8Iq8+cbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWRjMTM2MTlhYWJhN2YyMjJjZWFjYjA1ZjFiYmFjNTli
ZDNhOWEwHhcNMjYwMzI5MDkwMTA5WhcNMjYwMzMwMDkwMTA5WjAzMTEwLwYDVQQD
EyhkNWJkMWVlMGIzMWE3ZWFkMjI2MTIzM2M2ZmI3NTUxYmVmMzQ1MWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSaD+DG9lrSa+/nsFa6FKtN1CDAs
tmTFmTkcnSwU4LGNlohEPqf5um/alRtdeRSqkgXYXyuu087h40GYaQelzyceA6oC
MUQ4X44Kf4X8V57fNh+73AQh7f628gQB8U3hZapjp/aFiomixKBqLRiR4kvfuwsZ
/t5jCBhq4llCWijZ3YFj0RInLgwW4F/QlMUHrpYmH2VLbb72mD5TqlhzX8yR/y2D
Z5D0TpxNyaFtzojGT9fcIrHipv2YR5RBmM+guDM/3ef1bQJgBSv6/eDGMEmMiSzY
OipMlxJnX+Y4thCQCe08ld+fEnfi1ZRp0MCmS3D/V/B2GXY23Z6Qu3KVUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNW9HuCzGn6tImEjPG+3VRvvNFH7MB8GA1UdIwQY
MBaAFDmdwTYZqrp/IizqywXxu6xZvTqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTkt
MDAzMmZkYzU0NTBiLzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTktMDAzMmZkYzU0NTBi
LzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKt5vy2Hb
5ofMSSWs4oJE4fNibhB08F4qvH60fzB4vr7HGeDM7uFrwZRmMGA93uKAX5JuwDl5
Mf/tg2BJVaV8jSRovGpoTHM1MIBvLXSiXzn0K8y3r4utofmb5EbheWL8/HV1KG6S
a0gtudhKqSh/oXeP4UWK9GEgA6l/spgsRRiHwp53D4TjST0kZlwQoL+Cf9+/eRrY
cOuFtHPUnKcPEbCtCauNyBSxo7t9ONbeu7fj9N++B0957r86erWFFHNYbUVftpVA
CxQY/OSuWuiRw0ARBBmedyTfAz26cxyfH1cVS0cv+TnJTE+8iGwWWqKGZznAkPBI
WO3gdeCFLLDdDw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:43:32 2026 by rpki-client