Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft
File: oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft (raw, json)
Hash identifier: or75iapleDcLoMS+mdfR1BEgNVgOIiEl2qwxUnCPZrs=
Subject key identifier: 38:B8:C2:38:B2:C9:09:02:A7:DA:77:47:EE:62:AD:F7:66:C3:B4:EE
Authority key identifier: A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77
Certificate issuer: /CN=a220dda64843a4ee364b089356ca87995830fd77
Certificate serial: 019D382E5DEB7B3DBBC1954065BCB8E686A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft
Manifest number: 0FB6
Signing time: Sun 29 Mar 2026 06:00:55 +0000
Manifest this update: Sun 29 Mar 2026 06:00:55 +0000
Manifest next update: Mon 30 Mar 2026 06:00:55 +0000
Files and hashes: 1: J576zMYsvhdS1kduYOyMDY6tWBo.roa (hash: HQssjrgmFTJtkMHgZxRNGivJgKKVgxjUhkrUCmJCcew=)
2: oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl (hash: uHYFWITam+CKHVrEak7NpMMdsUj+927oRiXuqIrYH6w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft
rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:5d:eb:7b:3d:bb:c1:95:40:65:bc:b8:e6:86:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a220dda64843a4ee364b089356ca87995830fd77
Validity
Not Before: Mar 29 06:00:55 2026 GMT
Not After : Mar 30 06:00:55 2026 GMT
Subject: CN=38b8c238b2c90902a7da7747ee62adf766c3b4ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:59:13:7a:d8:88:3a:95:cd:17:85:28:6d:b2:
41:29:5b:66:b8:c9:72:1f:d3:e3:90:20:fd:70:4d:
3d:d9:e4:b4:16:e2:3d:28:eb:74:dc:bb:c1:42:6e:
a6:fe:6e:a1:4d:67:a2:84:2a:e6:d2:c9:2f:ef:e8:
c1:64:1b:41:d3:7c:14:34:99:3c:b5:89:de:f2:ca:
41:6c:e3:b0:78:71:ff:4d:ca:d0:fa:f7:d9:f3:ed:
82:a4:ae:34:a3:57:c0:97:91:9e:1f:a9:f6:3d:24:
57:82:11:35:2d:2d:31:ce:12:45:91:40:0e:45:d4:
f4:6a:3f:d1:3f:e3:36:80:b4:93:a4:74:1e:e9:da:
d0:8d:0b:8e:83:63:b6:2d:be:b7:05:1a:4b:7a:50:
03:62:08:6d:42:da:54:4a:2d:7a:74:48:45:d9:f9:
3e:11:3b:cf:dd:31:a9:32:fc:67:a9:aa:71:fd:31:
b5:f3:e9:46:8d:52:a8:b1:0f:15:d1:81:87:eb:90:
73:1f:ff:96:51:4b:2c:7f:a2:48:79:e8:19:d2:27:
09:d7:8f:47:ed:f6:82:2b:4d:3a:36:7e:24:c5:04:
de:66:7b:de:b7:22:01:cf:38:c9:99:f9:3a:ba:40:
fc:0b:3b:62:82:1d:0d:e1:e8:1c:40:e6:84:73:a8:
b0:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B8:C2:38:B2:C9:09:02:A7:DA:77:47:EE:62:AD:F7:66:C3:B4:EE
X509v3 Authority Key Identifier:
keyid:A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:1a:4d:09:1e:da:5a:d5:55:43:bf:5c:20:31:8e:b2:e8:95:
56:fd:02:87:40:ab:77:d3:c6:f9:ac:d0:96:82:cf:1b:8c:70:
a0:7c:85:5e:bf:da:ae:a1:7f:ae:c1:dd:ff:33:eb:3c:3b:ae:
94:d8:7d:88:af:38:a4:15:a0:ae:90:33:4c:a0:df:e4:de:6b:
fc:c1:b7:f1:3e:c9:a9:9c:9f:d9:18:f9:90:0b:b3:da:cd:df:
f1:4e:5a:fc:2e:c2:40:25:38:93:38:d3:28:c7:27:b5:46:56:
14:5e:76:fe:ef:ed:77:24:c7:1f:f3:00:df:6b:40:9b:db:a2:
dd:29:04:5a:e5:a5:21:d4:44:1b:8e:69:c0:e5:1c:41:31:a9:
c4:51:74:5b:05:8a:63:ad:22:e3:bc:86:5e:82:dd:75:2c:27:
7c:1e:23:03:67:71:61:2f:a0:8a:8b:29:95:7e:e4:c4:ac:43:
16:d3:13:52:37:00:0e:3e:e3:b5:86:ba:83:c5:2c:18:5d:4a:
c2:10:85:68:fd:ce:fc:cd:09:4b:ba:1d:b3:12:e6:8c:07:cd:
83:58:77:de:bc:8a:61:1d:de:a0:c1:0b:ce:d1:f7:ea:18:4e:
2c:e7:d9:56:a8:7b:32:af:65:f5:95:fb:55:40:2f:c7:ec:e9:
bb:bc:7c:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Ll3rez27wZVAZby45oamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMjBkZGE2NDg0M2E0ZWUzNjRiMDg5MzU2Y2E4Nzk5NTgz
MGZkNzcwHhcNMjYwMzI5MDYwMDU1WhcNMjYwMzMwMDYwMDU1WjAzMTEwLwYDVQQD
EygzOGI4YzIzOGIyYzkwOTAyYTdkYTc3NDdlZTYyYWRmNzY2YzNiNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVkTetiIOpXNF4UobbJBKVtmuMly
H9PjkCD9cE092eS0FuI9KOt03LvBQm6m/m6hTWeihCrm0skv7+jBZBtB03wUNJk8
tYne8spBbOOweHH/TcrQ+vfZ8+2CpK40o1fAl5GeH6n2PSRXghE1LS0xzhJFkUAO
RdT0aj/RP+M2gLSTpHQe6drQjQuOg2O2Lb63BRpLelADYghtQtpUSi16dEhF2fk+
ETvP3TGpMvxnqapx/TG18+lGjVKosQ8V0YGH65BzH/+WUUssf6JIeegZ0icJ149H
7faCK006Nn4kxQTeZnvetyIBzzjJmfk6ukD8Cztigh0N4egcQOaEc6iwFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDi4wjiyyQkCp9p3R+5irfdmw7TuMB8GA1UdIwQY
MBaAFKIg3aZIQ6TuNksIk1bKh5lYMP13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYt
ZjVmODE0NTY1MWQzLzEvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYtZjVmODE0NTY1MWQz
LzEvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYhpNCR7a
WtVVQ79cIDGOsuiVVv0Ch0Crd9PG+azQloLPG4xwoHyFXr/arqF/rsHd/zPrPDuu
lNh9iK84pBWgrpAzTKDf5N5r/MG38T7JqZyf2Rj5kAuz2s3f8U5a/C7CQCU4kzjT
KMcntUZWFF52/u/tdyTHH/MA32tAm9ui3SkEWuWlIdREG45pwOUcQTGpxFF0WwWK
Y60i47yGXoLddSwnfB4jA2dxYS+giosplX7kxKxDFtMTUjcADj7jtYa6g8UsGF1K
whCFaP3O/M0JS7odsxLmjAfNg1h33ryKYR3eoMELztH36hhOLOfZVqh7Mq9l9ZX7
VUAvx+zpu7x8/g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:59:13 2026 by rpki-client