Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
File: OpL12TZ1K68tDfcTKZSZzs-p9I0.mft (raw, json)
Hash identifier: jyUj6/rNun8LsT1U1ypVUoem9Xzb8+TZ8fI3MGm3p+k=
Subject key identifier: 19:39:A2:C3:20:C4:D8:F0:49:8F:2F:91:5A:C9:3C:56:29:C7:3E:FF
Authority key identifier: 3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
Certificate issuer: /CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Certificate serial: 019E3260F30B795D0A8DEFAF00929ACC5A70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
Manifest number: 1917
Signing time: Sat 16 May 2026 20:01:14 +0000
Manifest this update: Sat 16 May 2026 20:01:14 +0000
Manifest next update: Sun 17 May 2026 20:01:14 +0000
Files and hashes: 1: LAK8MpI2c0abasjZoSw7_w7kgs4.roa (hash: clU497fVHM51q9eiZ1bT8jJiNXCByxpgSNSxbj5Sv9U=)
2: OpL12TZ1K68tDfcTKZSZzs-p9I0.crl (hash: RbRvKZ1TkCQSXWoXujMdwEnzjytAOYq2POejCWwfMTk=)
3: jksHLXQsL8kIaSdyy1KKgItGkLM.roa (hash: SvVYKXT2yItHZ/QXEnN9YsWJ7pv9MmMOoAi6wKxSVaU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 20:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:32:60:f3:0b:79:5d:0a:8d:ef:af:00:92:9a:cc:5a:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Validity
Not Before: May 16 20:01:14 2026 GMT
Not After : May 17 20:01:14 2026 GMT
Subject: CN=1939a2c320c4d8f0498f2f915ac93c5629c73eff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5d:9b:46:f3:0c:91:03:12:38:f9:7f:d6:dd:
0b:b5:a0:07:7a:ef:18:25:7c:6a:9f:93:e1:46:eb:
db:c1:13:19:14:52:8f:95:0d:db:dd:83:c1:f1:52:
0b:e7:43:49:a9:56:9f:88:61:38:7c:bc:9f:c2:d1:
60:53:69:95:1e:61:c9:27:1f:82:3b:a0:4a:9f:24:
78:3c:a5:b6:2c:be:32:97:0e:4f:e9:37:27:65:1b:
86:31:27:24:fb:d8:c3:51:fa:72:2a:b4:d7:1f:b3:
77:43:b6:dc:63:88:9d:3d:94:c5:d8:5d:fa:77:4d:
07:b4:84:95:55:c0:e1:95:4e:d3:2f:e2:84:5c:58:
59:69:42:4b:a3:ce:30:3d:79:5a:dd:5e:d9:b8:80:
5b:e0:89:02:bc:02:39:b8:3f:09:bf:8c:3f:22:ac:
60:23:35:61:48:ff:ce:62:96:27:32:90:6d:8d:8b:
a7:2f:70:a9:49:cd:ec:fa:35:58:79:9f:58:72:96:
34:ce:5f:48:55:67:49:8c:5d:32:ff:82:5f:e3:12:
b4:12:75:9c:5f:45:14:a6:05:58:08:3f:f3:ec:86:
cd:f3:23:c9:5a:b0:4a:ff:32:82:47:6b:4a:d7:7f:
39:bf:bd:94:c4:12:c2:93:ae:94:be:e9:a4:53:07:
59:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:39:A2:C3:20:C4:D8:F0:49:8F:2F:91:5A:C9:3C:56:29:C7:3E:FF
X509v3 Authority Key Identifier:
keyid:3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:77:72:95:b9:31:3d:84:fe:2d:f0:9e:a0:93:a5:78:e4:60:
45:7d:8b:20:e0:d7:93:51:e9:3b:95:57:42:66:6d:27:c7:1d:
10:83:d4:88:76:1e:87:b8:8f:ba:f1:9b:07:8a:71:76:b7:01:
f4:5a:3c:9e:96:27:00:8e:eb:0f:da:77:66:0e:a8:56:79:39:
83:d5:a0:29:f8:06:35:c6:7a:72:b7:bc:8b:45:05:bd:27:32:
db:e0:cf:da:ba:bf:75:b8:2b:41:0d:6a:9d:99:f7:de:44:95:
f3:59:63:a3:53:0f:b4:3b:43:43:cc:88:79:31:e3:69:7e:3a:
40:78:cf:93:33:81:e8:3d:8e:d5:d9:89:1e:c7:e7:ab:7e:2f:
c0:c5:71:ff:0b:e8:94:13:d0:35:86:72:e7:39:e2:a4:b3:4d:
12:15:40:f7:8c:59:6f:7e:ce:2e:7d:70:8b:aa:ec:11:19:3d:
c5:0c:c3:76:bd:68:cb:65:62:8f:ea:24:25:65:8e:77:ea:f4:
3c:96:42:e0:58:3b:3b:52:a0:2d:86:e4:44:7d:b2:60:62:c2:
96:f1:b7:e4:ec:4f:8f:06:5d:2c:b8:5c:7f:19:4a:d2:5a:c3:
2c:12:a7:d8:ce:7b:14:32:93:60:6d:00:7c:9c:1b:3b:72:45:
64:33:ee:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4yYPMLeV0Kje+vAJKazFpwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTJmNWQ5MzY3NTJiYWYyZDBkZjcxMzI5OTQ5OWNlY2Zh
OWY0OGQwHhcNMjYwNTE2MjAwMTE0WhcNMjYwNTE3MjAwMTE0WjAzMTEwLwYDVQQD
EygxOTM5YTJjMzIwYzRkOGYwNDk4ZjJmOTE1YWM5M2M1NjI5YzczZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl2bRvMMkQMSOPl/1t0LtaAHeu8Y
JXxqn5PhRuvbwRMZFFKPlQ3b3YPB8VIL50NJqVafiGE4fLyfwtFgU2mVHmHJJx+C
O6BKnyR4PKW2LL4ylw5P6TcnZRuGMSck+9jDUfpyKrTXH7N3Q7bcY4idPZTF2F36
d00HtISVVcDhlU7TL+KEXFhZaUJLo84wPXla3V7ZuIBb4IkCvAI5uD8Jv4w/Iqxg
IzVhSP/OYpYnMpBtjYunL3CpSc3s+jVYeZ9YcpY0zl9IVWdJjF0y/4Jf4xK0EnWc
X0UUpgVYCD/z7IbN8yPJWrBK/zKCR2tK1385v72UxBLCk66UvumkUwdZfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBk5osMgxNjwSY8vkVrJPFYpxz7/MB8GA1UdIwQY
MBaAFDqS9dk2dSuvLQ33EymUmc7PqfSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTIt
MTY5NmIyNDZjZDUwLzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTItMTY5NmIyNDZjZDUw
LzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVXdylbkx
PYT+LfCeoJOleORgRX2LIODXk1HpO5VXQmZtJ8cdEIPUiHYeh7iPuvGbB4pxdrcB
9Fo8npYnAI7rD9p3Zg6oVnk5g9WgKfgGNcZ6cre8i0UFvScy2+DP2rq/dbgrQQ1q
nZn33kSV81ljo1MPtDtDQ8yIeTHjaX46QHjPkzOB6D2O1dmJHsfnq34vwMVx/wvo
lBPQNYZy5znipLNNEhVA94xZb37OLn1wi6rsERk9xQzDdr1oy2Vij+okJWWOd+r0
PJZC4Fg7O1KgLYbkRH2yYGLClvG35OxPjwZdLLhcfxlK0lrDLBKn2M57FDKTYG0A
fJwbO3JFZDPuyw==
-----END CERTIFICATE-----
Generated at Sun May 17 04:16:30 2026 by rpki-client