Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft
File: OJDnpFSaVx9otoja1PXO2OUpBos.mft (raw, json)
Hash identifier: Aso2viiAIlryza2wS7bbQjxKV6MrnNIDfhO0OvHZRdo=
Subject key identifier: 37:16:40:62:1D:D2:B9:C1:17:15:B6:85:F8:C5:36:21:72:54:10:1B
Authority key identifier: 38:90:E7:A4:54:9A:57:1F:68:B6:88:DA:D4:F5:CE:D8:E5:29:06:8B
Certificate issuer: /CN=3890e7a4549a571f68b688dad4f5ced8e529068b
Certificate serial: 019D390A3B92F14DF3989C98F528DB61939C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 10:01:05 +0000
Manifest this update: Sun 29 Mar 2026 10:01:05 +0000
Manifest next update: Mon 30 Mar 2026 10:01:05 +0000
Files and hashes: 1: OJDnpFSaVx9otoja1PXO2OUpBos.crl (hash: FQgDInmT1kgRUQCdRHAFzMIQHzZjtijy7dYtpcFv2UI=)
2: YyuaBUM2DfGwrhhloV5aHuzBCI4.roa (hash: CVz/owS5fTPJx5btZA+MB4GhmLyvwbOLmAgKI8HaW2k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft
rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:3b:92:f1:4d:f3:98:9c:98:f5:28:db:61:93:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3890e7a4549a571f68b688dad4f5ced8e529068b
Validity
Not Before: Mar 29 10:01:05 2026 GMT
Not After : Mar 30 10:01:05 2026 GMT
Subject: CN=371640621dd2b9c11715b685f8c536217254101b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:76:b2:58:5b:6b:1c:b0:34:af:79:45:80:4a:
0c:7a:53:eb:d0:e4:4c:6c:88:90:44:ec:67:71:a8:
fc:05:71:7d:d3:7b:d0:5a:32:b6:85:52:5c:47:90:
e0:77:62:2f:7f:51:36:fc:b4:3e:39:fc:9c:f9:5b:
0d:b4:2a:72:d9:5b:be:3b:9a:73:6a:56:03:d7:af:
77:a6:d0:c7:b6:03:8e:e7:4d:82:a7:ca:37:ba:fa:
4e:09:a7:e8:89:57:26:a4:d1:82:ab:74:2d:60:b9:
26:53:d2:b2:df:6e:47:bd:7d:b0:f0:a2:f2:7c:30:
4f:a5:46:d8:8a:f1:bc:aa:22:e7:fe:18:24:4e:4a:
47:86:76:ae:51:87:fa:bc:f3:46:2b:e9:0d:6b:3e:
71:b7:88:30:f8:74:b9:a2:a6:c9:4a:bc:36:ff:c6:
9b:c9:82:c2:0f:8e:b9:a8:6f:79:fa:77:c0:52:18:
1c:00:3d:9e:48:57:08:30:e0:b7:9b:0a:50:86:fe:
15:82:08:52:ad:90:aa:02:8b:be:b1:70:44:2b:bd:
f0:1e:f9:72:1d:70:f2:5e:c3:f7:33:f6:b5:7d:4a:
2c:8b:0f:f4:84:82:e7:85:f4:87:b0:db:c4:15:e1:
f5:d9:df:9f:0c:0c:ae:0f:b4:5f:f1:ab:ff:f7:47:
bb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:16:40:62:1D:D2:B9:C1:17:15:B6:85:F8:C5:36:21:72:54:10:1B
X509v3 Authority Key Identifier:
keyid:38:90:E7:A4:54:9A:57:1F:68:B6:88:DA:D4:F5:CE:D8:E5:29:06:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:bf:36:1d:05:3d:12:b1:b4:cc:40:a7:9b:e8:a3:9a:99:ee:
ea:3b:ab:d5:08:f7:3c:ec:c5:99:ce:e1:3e:a3:a5:33:79:b6:
16:d5:9f:21:5e:92:17:48:1e:42:81:0d:ff:31:68:13:17:c8:
62:c0:39:2c:ba:d5:62:61:48:a6:53:24:94:82:91:5d:49:0e:
41:c9:20:6f:7c:64:11:b7:36:4c:c6:ff:64:ab:ce:60:22:fb:
6f:36:54:bc:08:c2:35:e7:12:f9:60:a9:56:ca:96:79:fd:52:
b6:5e:0a:10:15:03:87:8b:89:33:70:e7:9c:26:75:01:55:b5:
7e:ce:71:64:c7:3c:59:15:4e:e1:49:45:a2:f0:f3:24:a7:5c:
3c:f2:fb:00:73:e5:a6:17:c3:7c:3f:20:d0:39:58:4a:20:a6:
db:85:c0:5d:99:4c:9b:14:5d:e0:cc:ee:1e:ec:9f:08:09:6d:
85:5e:8f:02:08:d6:38:f1:6e:1f:57:4b:e6:c5:25:71:ae:b4:
3b:27:52:66:88:5b:6e:71:5c:3b:88:c5:02:ca:b0:6d:21:69:
ab:fb:41:14:20:f6:f8:54:2d:30:b3:1c:7c:a0:28:b8:f6:af:
cb:8b:4e:7e:ed:7b:c8:50:72:84:59:f2:9b:05:da:07:52:a7:
8e:ec:5b:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CjuS8U3zmJyY9SjbYZOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OTBlN2E0NTQ5YTU3MWY2OGI2ODhkYWQ0ZjVjZWQ4ZTUy
OTA2OGIwHhcNMjYwMzI5MTAwMTA1WhcNMjYwMzMwMTAwMTA1WjAzMTEwLwYDVQQD
EygzNzE2NDA2MjFkZDJiOWMxMTcxNWI2ODVmOGM1MzYyMTcyNTQxMDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXayWFtrHLA0r3lFgEoMelPr0ORM
bIiQROxncaj8BXF903vQWjK2hVJcR5Dgd2Ivf1E2/LQ+Ofyc+VsNtCpy2Vu+O5pz
alYD1693ptDHtgOO502Cp8o3uvpOCafoiVcmpNGCq3QtYLkmU9Ky325HvX2w8KLy
fDBPpUbYivG8qiLn/hgkTkpHhnauUYf6vPNGK+kNaz5xt4gw+HS5oqbJSrw2/8ab
yYLCD465qG95+nfAUhgcAD2eSFcIMOC3mwpQhv4VgghSrZCqAou+sXBEK73wHvly
HXDyXsP3M/a1fUosiw/0hILnhfSHsNvEFeH12d+fDAyuD7Rf8av/90e7OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDcWQGId0rnBFxW2hfjFNiFyVBAbMB8GA1UdIwQY
MBaAFDiQ56RUmlcfaLaI2tT1ztjlKQaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pEbnBGU2FWeDlvdG9qYTFQWE8yT1VwQm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8yNWRmNGUtYWZjNS00YzUwLThkZTIt
OTQ4MTJjN2Y0NDllLzEvT0pEbnBGU2FWeDlvdG9qYTFQWE8yT1VwQm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8yNWRmNGUtYWZjNS00YzUwLThkZTItOTQ4MTJjN2Y0NDll
LzEvT0pEbnBGU2FWeDlvdG9qYTFQWE8yT1VwQm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKb82HQU9
ErG0zECnm+ijmpnu6jur1Qj3POzFmc7hPqOlM3m2FtWfIV6SF0geQoEN/zFoExfI
YsA5LLrVYmFIplMklIKRXUkOQckgb3xkEbc2TMb/ZKvOYCL7bzZUvAjCNecS+WCp
VsqWef1Stl4KEBUDh4uJM3DnnCZ1AVW1fs5xZMc8WRVO4UlFovDzJKdcPPL7AHPl
phfDfD8g0DlYSiCm24XAXZlMmxRd4MzuHuyfCAlthV6PAgjWOPFuH1dL5sUlca60
OydSZohbbnFcO4jFAsqwbSFpq/tBFCD2+FQtMLMcfKAouPavy4tOfu17yFByhFny
mwXaB1KnjuxbAQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:23:14 2026 by rpki-client