Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
File: OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft (raw, json)
Hash identifier: 68d+8ciDKi1bfwjqqwalmjaCZ3gALC3GOTULBq9Nqc8=
Subject key identifier: 29:10:3D:A0:29:4D:B5:3F:29:D7:06:E3:74:97:56:DD:A1:54:F8:65
Authority key identifier: 38:53:AF:50:14:49:9B:2F:B5:CD:2C:1E:68:A2:4F:F8:25:6D:0D:0D
Certificate issuer: /CN=3853af5014499b2fb5cd2c1e68a24ff8256d0d0d
Certificate serial: 019D38D2CE710CECA4C750474CAB140E6F84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
Manifest number: 152C
Signing time: Sun 29 Mar 2026 09:00:32 +0000
Manifest this update: Sun 29 Mar 2026 09:00:32 +0000
Manifest next update: Mon 30 Mar 2026 09:00:32 +0000
Files and hashes: 1: OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl (hash: FiQ6oO/djJUmbGR1+LRD20fXhxoadgh2slWbBxuKxq8=)
2: yx9kD1LZqyaIsOvaZePm4Qmu_lc.roa (hash: mBiEmcBw4gmmOpAdt+VnRKLKQFDXrLV0M/SqI72yrjg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:ce:71:0c:ec:a4:c7:50:47:4c:ab:14:0e:6f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3853af5014499b2fb5cd2c1e68a24ff8256d0d0d
Validity
Not Before: Mar 29 09:00:32 2026 GMT
Not After : Mar 30 09:00:32 2026 GMT
Subject: CN=29103da0294db53f29d706e3749756dda154f865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a3:32:86:9d:1f:4d:bd:28:52:29:20:7f:cd:
7f:90:78:ba:35:b6:54:fe:bd:1f:08:5f:dd:23:e4:
da:70:09:6e:72:48:9d:e9:ab:25:d4:ab:3a:e8:7c:
5c:48:c9:f6:ea:a9:e1:42:72:dd:f0:01:7d:13:ae:
29:18:e3:2a:fd:7c:a4:2a:4e:23:a8:b6:b3:b8:ee:
5d:55:c0:ea:d5:d7:08:d7:91:4d:d6:b7:e4:7a:4d:
cb:2a:71:6b:87:7f:96:1c:2c:6c:ef:29:c7:a0:b3:
6e:4f:59:5d:0f:09:92:0f:fb:2a:25:59:3a:f9:35:
18:fa:94:f5:92:8b:c5:ff:18:29:13:5d:53:22:8b:
75:ec:e4:8b:b3:77:02:05:a1:d4:71:15:38:d1:7f:
31:48:57:5a:e0:47:3e:6b:b3:0b:e4:fe:08:46:a0:
85:45:12:8a:c2:8f:7d:9b:80:53:62:51:18:fc:b4:
56:b4:1c:a5:f2:49:53:50:b5:1d:c9:f8:1c:ee:fe:
9f:45:8f:d1:62:99:59:99:4b:5b:34:76:30:5d:e9:
72:32:f4:c3:2d:2f:a7:68:2a:46:37:88:70:99:b0:
cf:ec:47:75:8d:b9:03:db:43:2c:c4:8a:70:97:01:
e4:c6:0b:bf:46:ad:ec:da:39:a3:da:69:91:60:f4:
04:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:10:3D:A0:29:4D:B5:3F:29:D7:06:E3:74:97:56:DD:A1:54:F8:65
X509v3 Authority Key Identifier:
keyid:38:53:AF:50:14:49:9B:2F:B5:CD:2C:1E:68:A2:4F:F8:25:6D:0D:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:6f:b8:d7:a5:9f:c4:6b:be:8c:db:ce:e7:d1:02:8d:49:c0:
3b:f7:72:e2:6d:9c:4c:b1:14:9a:20:f4:ad:d4:8f:3e:8c:3b:
39:35:e0:d1:dd:03:8d:06:26:06:6c:07:05:60:dc:d9:35:6e:
73:59:c8:13:31:ad:1a:59:d3:4c:af:a3:6d:4f:00:f0:ec:25:
9a:20:04:48:f3:9d:73:b2:3e:51:9d:08:59:73:e2:93:47:0b:
3d:2c:3d:d9:d7:2d:5c:d1:80:02:94:f7:b2:86:e6:fd:b9:09:
62:cb:82:d7:dc:cc:88:a6:2c:59:ec:0c:9e:59:c1:ea:9e:6b:
90:75:b9:3e:1e:94:bf:68:05:38:5b:d5:07:13:0d:18:dd:7d:
b5:21:26:96:c6:83:3e:35:09:d2:9d:1b:68:16:48:74:7c:ae:
16:a7:a4:86:86:54:37:5b:15:02:f4:3a:27:30:c2:1b:ef:f7:
7b:d2:1a:cc:5a:25:e8:42:5a:55:02:58:e7:60:bf:95:66:62:
53:d0:96:1b:94:99:a8:82:08:95:3b:28:85:e2:40:3f:57:cb:
5d:6d:b2:2c:4a:fb:7d:64:22:29:83:7b:45:01:38:69:d0:ef:
44:ce:55:44:ba:18:f4:17:41:cc:5c:2d:2e:66:ba:1b:17:64:
b6:4e:94:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040s5xDOykx1BHTKsUDm+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NTNhZjUwMTQ0OTliMmZiNWNkMmMxZTY4YTI0ZmY4MjU2
ZDBkMGQwHhcNMjYwMzI5MDkwMDMyWhcNMjYwMzMwMDkwMDMyWjAzMTEwLwYDVQQD
EygyOTEwM2RhMDI5NGRiNTNmMjlkNzA2ZTM3NDk3NTZkZGExNTRmODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36Myhp0fTb0oUikgf81/kHi6NbZU
/r0fCF/dI+TacAluckid6asl1Ks66HxcSMn26qnhQnLd8AF9E64pGOMq/XykKk4j
qLazuO5dVcDq1dcI15FN1rfkek3LKnFrh3+WHCxs7ynHoLNuT1ldDwmSD/sqJVk6
+TUY+pT1kovF/xgpE11TIot17OSLs3cCBaHUcRU40X8xSFda4Ec+a7ML5P4IRqCF
RRKKwo99m4BTYlEY/LRWtByl8klTULUdyfgc7v6fRY/RYplZmUtbNHYwXelyMvTD
LS+naCpGN4hwmbDP7Ed1jbkD20MsxIpwlwHkxgu/Rq3s2jmj2mmRYPQEswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkQPaApTbU/KdcG43SXVt2hVPhlMB8GA1UdIwQY
MBaAFDhTr1AUSZsvtc0sHmiiT/glbQ0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zMGNjNDEtOGFhYi00NDYzLTk5Zjgt
ZGNiNTZhY2I3NzdmLzEvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zMGNjNDEtOGFhYi00NDYzLTk5ZjgtZGNiNTZhY2I3Nzdm
LzEvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsG+416Wf
xGu+jNvO59ECjUnAO/dy4m2cTLEUmiD0rdSPPow7OTXg0d0DjQYmBmwHBWDc2TVu
c1nIEzGtGlnTTK+jbU8A8OwlmiAESPOdc7I+UZ0IWXPik0cLPSw92dctXNGAApT3
sobm/bkJYsuC19zMiKYsWewMnlnB6p5rkHW5Ph6Uv2gFOFvVBxMNGN19tSEmlsaD
PjUJ0p0baBZIdHyuFqekhoZUN1sVAvQ6JzDCG+/3e9IazFol6EJaVQJY52C/lWZi
U9CWG5SZqIIIlTsoheJAP1fLXW2yLEr7fWQiKYN7RQE4adDvRM5VRLoY9BdBzFwt
Lma6Gxdktk6UsQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:29:28 2026 by rpki-client