Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
File: oKrlhQo22yiCKmwa_F_6z_AH7vI.mft (raw, json)
Hash identifier: 9UX1g2VxFB5pO4VQRG0DGwqrHFMvqojrpGHF0D8x6tc=
Subject key identifier: 94:19:7F:3B:5E:8E:6C:42:12:7B:A8:36:F9:0E:93:D2:3A:D5:78:8B
Authority key identifier: A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2
Certificate issuer: /CN=a0aae5850a36db28822a6c1afc5ffacff007eef2
Certificate serial: 019D390A15D6EC3DDD9C309B3E985A6233A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
Manifest number: 0B86
Signing time: Sun 29 Mar 2026 10:00:55 +0000
Manifest this update: Sun 29 Mar 2026 10:00:55 +0000
Manifest next update: Mon 30 Mar 2026 10:00:55 +0000
Files and hashes: 1: A2RZ0gbyKC5gzoQeKin0HSE-ZqQ.roa (hash: GGeYGfyoQGlOlTO2uMYQdKl/MdtFY8veEw/Zc71doVs=)
2: oKrlhQo22yiCKmwa_F_6z_AH7vI.crl (hash: E1449pfSC4S0xkExLnaljAdMiMT65+Dm6i8KW+FlsqE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:15:d6:ec:3d:dd:9c:30:9b:3e:98:5a:62:33:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0aae5850a36db28822a6c1afc5ffacff007eef2
Validity
Not Before: Mar 29 10:00:55 2026 GMT
Not After : Mar 30 10:00:55 2026 GMT
Subject: CN=94197f3b5e8e6c42127ba836f90e93d23ad5788b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cc:93:7e:74:c8:07:36:8c:53:63:a3:34:a0:
41:22:0b:8a:e7:cb:42:4b:a0:a3:ce:7d:17:7d:51:
64:6b:e7:da:d6:80:d5:81:2f:7d:8b:a2:fa:96:36:
15:d3:af:19:9f:67:a7:09:c2:c9:9e:d6:62:6b:fd:
a6:db:56:e5:1f:8c:7b:69:18:ee:60:1d:0f:95:cd:
97:93:66:d4:2c:22:ec:e5:87:11:bb:19:9e:7e:9c:
2d:13:d4:1b:27:58:e2:7d:75:d5:98:e6:e1:e6:1f:
27:fb:8b:8e:93:fa:5e:11:b3:27:7a:b9:37:72:8c:
a6:eb:40:b3:54:49:c8:51:4d:43:2b:60:b6:1a:d3:
f4:41:f5:eb:9b:b5:3a:ac:c0:4c:44:a3:bc:04:63:
44:82:58:09:63:2b:d4:2a:38:95:45:0b:b6:ea:25:
fa:96:88:a7:77:09:9e:56:3b:35:0e:83:d2:f2:ae:
a1:01:7a:ed:cb:2b:4b:7f:d3:1a:3a:86:13:9a:8b:
a9:77:b9:7b:46:17:9c:35:be:14:c1:af:64:2e:2c:
5b:1c:bd:28:57:60:09:6d:ee:ac:64:07:f0:b2:83:
7a:18:fc:06:c5:fa:fa:fb:b6:8b:71:8c:66:c7:03:
ba:be:a7:31:a2:5d:7f:b9:98:50:49:2a:03:ee:11:
d6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:19:7F:3B:5E:8E:6C:42:12:7B:A8:36:F9:0E:93:D2:3A:D5:78:8B
X509v3 Authority Key Identifier:
keyid:A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:bd:55:d5:e5:6a:22:61:5f:87:8f:74:bf:dd:30:60:54:fa:
d5:27:8c:c6:e6:b8:43:7e:a3:16:60:18:66:4f:1a:b5:59:6f:
9c:2a:72:33:f1:c8:bc:41:d5:59:0c:52:da:35:18:ed:9c:03:
f6:f7:46:23:c3:ae:f2:e8:74:30:69:2c:a7:26:86:16:db:5b:
95:d5:7f:6d:e8:02:80:f2:b3:d6:32:68:56:6e:61:8b:ea:ac:
bd:f2:7f:f7:36:e0:57:0e:13:1d:c7:55:df:ba:ac:53:ae:d7:
33:29:18:a9:99:c0:20:cc:2d:11:f4:b4:f3:15:62:87:39:17:
2f:3b:65:c5:31:15:1e:a6:be:70:84:4e:63:b2:19:27:f3:2b:
fb:f0:73:da:a2:8e:98:14:ea:72:89:9e:c0:6b:6d:9f:0b:97:
e7:50:d4:14:6e:72:61:ef:f7:76:4d:d3:58:08:9d:5e:af:4e:
ef:59:7d:8d:ac:72:bc:fd:c6:4d:f1:10:05:a4:f1:bb:9a:e7:
f0:54:6d:29:9f:a2:32:52:6d:dc:24:27:1e:2d:43:d3:14:fa:
25:3d:c9:f6:26:54:e6:8a:24:37:65:ca:88:d4:92:c4:8d:42:
ac:d1:dc:79:ca:34:06:bf:31:f3:ab:9b:7f:97:c4:b7:70:cb:
8e:9a:0c:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ChXW7D3dnDCbPphaYjOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYWFlNTg1MGEzNmRiMjg4MjJhNmMxYWZjNWZmYWNmZjAw
N2VlZjIwHhcNMjYwMzI5MTAwMDU1WhcNMjYwMzMwMTAwMDU1WjAzMTEwLwYDVQQD
Eyg5NDE5N2YzYjVlOGU2YzQyMTI3YmE4MzZmOTBlOTNkMjNhZDU3ODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncyTfnTIBzaMU2OjNKBBIguK58tC
S6Cjzn0XfVFka+fa1oDVgS99i6L6ljYV068Zn2enCcLJntZia/2m21blH4x7aRju
YB0Plc2Xk2bULCLs5YcRuxmefpwtE9QbJ1jifXXVmObh5h8n+4uOk/peEbMnerk3
coym60CzVEnIUU1DK2C2GtP0QfXrm7U6rMBMRKO8BGNEglgJYyvUKjiVRQu26iX6
loindwmeVjs1DoPS8q6hAXrtyytLf9MaOoYTmoupd7l7RhecNb4Uwa9kLixbHL0o
V2AJbe6sZAfwsoN6GPwGxfr6+7aLcYxmxwO6vqcxol1/uZhQSSoD7hHWcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQZfztejmxCEnuoNvkOk9I61XiLMB8GA1UdIwQY
MBaAFKCq5YUKNtsogipsGvxf+s/wB+7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODIt
MjgxOWU0YzVmMTIzLzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODItMjgxOWU0YzVmMTIz
LzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh71V1eVq
ImFfh490v90wYFT61SeMxua4Q36jFmAYZk8atVlvnCpyM/HIvEHVWQxS2jUY7ZwD
9vdGI8Ou8uh0MGkspyaGFttbldV/begCgPKz1jJoVm5hi+qsvfJ/9zbgVw4THcdV
37qsU67XMykYqZnAIMwtEfS08xVihzkXLztlxTEVHqa+cIROY7IZJ/Mr+/Bz2qKO
mBTqcomewGttnwuX51DUFG5yYe/3dk3TWAidXq9O71l9jaxyvP3GTfEQBaTxu5rn
8FRtKZ+iMlJt3CQnHi1D0xT6JT3J9iZU5ookN2XKiNSSxI1CrNHceco0Br8x86ub
f5fEt3DLjpoMzg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:46:09 2026 by rpki-client