Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.mft
File: OdQ8JkaIGcB7GSURX-SSH4QgPRY.mft (raw, json)
Hash identifier: xLUoE1mz87mZfegge06qCIullkw9b1cLHEYsF0spVdY=
Subject key identifier: 83:E7:CD:B5:D3:F2:10:55:B0:1A:D6:79:35:12:EB:61:5C:E6:DC:FA
Authority key identifier: 39:D4:3C:26:46:88:19:C0:7B:19:25:11:5F:E4:92:1F:84:20:3D:16
Certificate issuer: /CN=39d43c26468819c07b1925115fe4921f84203d16
Certificate serial: 019D3789193536B684A03489C2D2745506BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OdQ8JkaIGcB7GSURX-SSH4QgPRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.mft
Manifest number: 188D
Signing time: Sun 29 Mar 2026 03:00:24 +0000
Manifest this update: Sun 29 Mar 2026 03:00:24 +0000
Manifest next update: Mon 30 Mar 2026 03:00:24 +0000
Files and hashes: 1: 6EaN192CjrCwlHATB-QjEseTMPI.roa (hash: gRsvMkimlDX2AdHsbVLZmaIf2SyXZuU/L2zLOOUZzvk=)
2: IHAfMYxIFJ2pmcHYjuMlA7NoPQg.asa (hash: w9lR4ON+b59p837ru2OLVhKsOC/JMVjvCSI6iRqeFUs=)
3: OdQ8JkaIGcB7GSURX-SSH4QgPRY.crl (hash: V92QG+mUxTAyz7ScSCzgv0wA7L0pgLabMngdqN/RewQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/OdQ8JkaIGcB7GSURX-SSH4QgPRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:19:35:36:b6:84:a0:34:89:c2:d2:74:55:06:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39d43c26468819c07b1925115fe4921f84203d16
Validity
Not Before: Mar 29 03:00:24 2026 GMT
Not After : Mar 30 03:00:24 2026 GMT
Subject: CN=83e7cdb5d3f21055b01ad6793512eb615ce6dcfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c4:05:05:f7:92:5a:52:f5:12:ad:8d:b2:34:
90:b7:48:1d:44:ac:fa:c2:cc:bb:88:75:f4:77:1f:
be:05:e3:f7:57:38:11:94:f3:7c:33:e6:69:fa:b0:
a4:8d:02:0d:6b:fe:7f:57:bf:b7:9f:6d:0e:d3:89:
7e:85:65:37:1d:3c:02:c9:0b:f4:4d:96:82:f7:78:
5e:5f:33:11:6c:53:0c:06:d2:0f:26:b5:9c:d6:a5:
60:21:24:72:db:5b:f7:28:b6:7d:d1:0c:f3:21:ad:
17:fd:a6:eb:57:5b:7e:f2:6d:de:6f:45:0c:47:d6:
5a:88:ee:b6:4c:52:d2:5c:6b:bf:de:84:66:2b:d7:
19:7e:e2:32:81:d0:e9:ef:66:7c:c5:dd:d7:e5:64:
1b:63:11:ed:cf:82:65:12:79:a4:cd:7c:ab:9a:32:
46:8a:71:ff:f3:66:06:60:93:40:35:9c:6d:7f:47:
83:96:d6:75:3e:b8:33:ba:55:1a:45:5a:42:ef:5c:
e3:fb:f4:91:db:78:34:5b:94:0a:08:00:be:b2:c5:
85:61:ae:26:4f:62:56:c4:3e:b6:47:ee:37:e5:98:
45:ad:41:2c:28:f2:65:57:f1:cb:2f:ab:da:41:fc:
08:d5:fd:4f:92:5c:80:23:cd:35:b9:3f:7b:ae:02:
c5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E7:CD:B5:D3:F2:10:55:B0:1A:D6:79:35:12:EB:61:5C:E6:DC:FA
X509v3 Authority Key Identifier:
keyid:39:D4:3C:26:46:88:19:C0:7B:19:25:11:5F:E4:92:1F:84:20:3D:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OdQ8JkaIGcB7GSURX-SSH4QgPRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:f5:b9:42:c0:08:3f:96:48:ab:21:e6:1f:f7:06:6e:8f:a5:
11:73:ba:90:d2:9c:23:49:60:b0:69:a6:71:44:ca:f8:3d:bd:
79:1f:9a:aa:79:86:04:dc:15:46:14:34:3d:b3:35:01:3b:df:
7c:12:54:a5:3b:46:31:86:88:24:97:54:38:9a:73:8e:0d:64:
a8:99:da:62:83:bb:11:ad:23:a9:5c:60:21:e4:5b:51:bd:d1:
e0:e6:e5:49:28:28:4c:57:9c:32:e7:b5:89:ef:c5:f9:57:f6:
cb:f2:de:4a:16:12:fa:93:f1:a1:9c:02:73:bb:65:3e:b9:b7:
39:79:00:c8:6e:3a:a6:5f:53:66:a5:72:c9:64:d7:64:da:2c:
6a:71:3c:cb:02:4c:9b:f8:b6:1e:8d:23:a6:db:70:19:9f:c3:
85:3b:e4:3b:61:83:7f:da:b5:f9:97:f2:4a:29:eb:c6:a0:49:
5e:3d:87:6c:f7:27:bd:90:67:8b:74:e8:a3:f8:49:18:69:9d:
cc:93:11:78:20:c9:58:b0:66:c8:d2:ea:51:ee:33:2e:eb:a9:
8f:96:e0:45:3c:ea:fb:11:12:59:84:e5:bd:7d:5c:06:8e:cb:
85:f2:39:40:da:5e:a2:f4:ef:09:aa:84:63:2f:13:8d:b7:d4:
6a:ed:ed:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iRk1NraEoDSJwtJ0VQa9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZDQzYzI2NDY4ODE5YzA3YjE5MjUxMTVmZTQ5MjFmODQy
MDNkMTYwHhcNMjYwMzI5MDMwMDI0WhcNMjYwMzMwMDMwMDI0WjAzMTEwLwYDVQQD
Eyg4M2U3Y2RiNWQzZjIxMDU1YjAxYWQ2NzkzNTEyZWI2MTVjZTZkY2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8QFBfeSWlL1Eq2NsjSQt0gdRKz6
wsy7iHX0dx++BeP3VzgRlPN8M+Zp+rCkjQINa/5/V7+3n20O04l+hWU3HTwCyQv0
TZaC93heXzMRbFMMBtIPJrWc1qVgISRy21v3KLZ90QzzIa0X/abrV1t+8m3eb0UM
R9ZaiO62TFLSXGu/3oRmK9cZfuIygdDp72Z8xd3X5WQbYxHtz4JlEnmkzXyrmjJG
inH/82YGYJNANZxtf0eDltZ1PrgzulUaRVpC71zj+/SR23g0W5QKCAC+ssWFYa4m
T2JWxD62R+435ZhFrUEsKPJlV/HLL6vaQfwI1f1PklyAI801uT97rgLFuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIPnzbXT8hBVsBrWeTUS62Fc5tz6MB8GA1UdIwQY
MBaAFDnUPCZGiBnAexklEV/kkh+EID0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2RROEprYUlHY0I3R1NVUlgtU1NINFFnUFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hZmZjMDEtYTU4Zi00ZjcwLWE0MDQt
YWJmMGVhMDdlZmFmLzEvT2RROEprYUlHY0I3R1NVUlgtU1NINFFnUFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hZmZjMDEtYTU4Zi00ZjcwLWE0MDQtYWJmMGVhMDdlZmFm
LzEvT2RROEprYUlHY0I3R1NVUlgtU1NINFFnUFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgfW5QsAI
P5ZIqyHmH/cGbo+lEXO6kNKcI0lgsGmmcUTK+D29eR+aqnmGBNwVRhQ0PbM1ATvf
fBJUpTtGMYaIJJdUOJpzjg1kqJnaYoO7Ea0jqVxgIeRbUb3R4OblSSgoTFecMue1
ie/F+Vf2y/LeShYS+pPxoZwCc7tlPrm3OXkAyG46pl9TZqVyyWTXZNosanE8ywJM
m/i2Ho0jpttwGZ/DhTvkO2GDf9q1+ZfySinrxqBJXj2HbPcnvZBni3Too/hJGGmd
zJMReCDJWLBmyNLqUe4zLuupj5bgRTzq+xESWYTlvX1cBo7LhfI5QNpeovTvCaqE
Yy8TjbfUau3t9g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:32:22 2026 by rpki-client