Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
File: OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json)
Hash identifier: Wdu6UUdK+7jBj2AfT/WtOUvraZKLFqPdjtWkwQ0QhAs=
Subject key identifier: 13:B4:D7:2C:65:E1:3E:31:FE:E3:18:DF:B5:0F:A6:53:FB:52:95:0C
Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
Certificate issuer: /CN=389c030036756ab8cdac922b1af237bce1367ce0
Certificate serial: 019DB1D859E4C827FD70F3F5EDA2B5743498
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
Manifest number: 18CC
Signing time: Tue 21 Apr 2026 21:00:39 +0000
Manifest this update: Tue 21 Apr 2026 21:00:39 +0000
Manifest next update: Wed 22 Apr 2026 21:00:39 +0000
Files and hashes: 1: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: SdnmNViHxzmL0XNRAWN+I8d1KE5BqJDnL++RV8qOz2c=)
2: UDNnbwScWIceduT3mK8HBVvLzOg.roa (hash: vhtxGUgVNJ9daTmq66lTJXKGFzwiSTw9nac1gcWaxBE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 14:21:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b1:d8:59:e4:c8:27:fd:70:f3:f5:ed:a2:b5:74:34:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0
Validity
Not Before: Apr 21 21:00:39 2026 GMT
Not After : Apr 22 21:00:39 2026 GMT
Subject: CN=13b4d72c65e13e31fee318dfb50fa653fb52950c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:84:ae:4e:5c:5b:3a:91:7e:04:4c:b3:57:85:
11:72:75:91:eb:86:d9:ba:67:f2:e6:8f:18:57:15:
0e:9d:aa:6d:f9:ba:14:22:1d:c4:d4:8c:7a:a6:10:
bb:07:60:7a:a4:6c:35:8c:b2:52:cb:46:59:3e:39:
0f:78:6b:9f:4f:83:b2:8a:e9:78:07:6f:80:47:7d:
c1:fe:21:d9:09:2c:a1:44:9b:ec:e6:0b:a4:89:41:
4e:67:36:4e:3c:5d:55:e6:b8:a5:2e:06:4a:b7:02:
21:ef:c5:d1:3e:65:2e:2c:d2:c8:7b:f6:ad:e2:19:
04:65:49:0e:78:61:45:6e:09:26:57:fc:83:da:e4:
7a:03:bd:e7:69:c9:6b:60:ba:7c:6d:2b:af:ed:44:
82:d0:fa:8b:9e:70:42:97:79:4c:0a:8a:89:6a:8f:
b5:d6:94:92:bb:01:c8:15:48:5c:f8:30:95:f9:05:
fb:a5:d5:f4:b6:73:5f:9b:1a:0d:bb:26:cf:f8:7f:
a6:66:f3:bf:b0:9b:cd:e5:32:30:b5:95:c3:e4:f9:
20:62:fd:f0:03:82:3e:63:b7:c0:9e:b8:5a:b7:82:
0a:9c:5e:8b:03:39:6d:24:34:40:5f:1f:a8:fb:f1:
4c:7c:cb:f6:ee:38:99:eb:57:ec:bb:86:ee:da:94:
ba:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:B4:D7:2C:65:E1:3E:31:FE:E3:18:DF:B5:0F:A6:53:FB:52:95:0C
X509v3 Authority Key Identifier:
keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:9f:22:dd:dd:20:bf:48:43:5a:09:f1:be:33:ad:85:4a:a7:
00:6c:80:ae:0b:60:10:b5:0c:a6:73:c8:f3:d2:69:e7:da:3e:
08:af:ca:3d:c5:58:34:2e:61:55:a6:89:2e:d8:32:90:5c:db:
89:8c:3f:86:44:fa:13:85:55:02:96:81:3d:87:78:8c:ef:61:
09:81:ef:e7:b3:93:a0:50:5b:89:c4:75:97:dc:34:0e:b7:74:
c1:cf:dd:a4:7b:f9:3b:ad:87:60:1a:13:c4:02:de:ee:db:80:
96:30:36:19:be:ea:5e:5d:b0:fc:52:70:54:11:24:9e:67:c7:
f4:2b:bf:9f:b2:0f:9e:79:40:f5:99:c6:0b:16:ac:77:8a:93:
c6:d7:99:80:5d:df:81:c7:78:43:e0:dc:99:c9:e2:52:4f:16:
f4:fa:09:1e:52:68:6a:db:ec:07:92:cb:4f:91:1f:94:f3:a9:
3d:56:fa:5a:a4:f8:c2:c7:17:a1:6e:cb:6e:c1:fd:ad:e3:c4:
70:48:24:f2:39:1a:6b:36:b3:27:44:3d:b9:42:c2:80:81:d1:
a9:1c:56:ac:17:f3:d9:ef:63:5a:0d:15:66:49:de:73:7a:b9:
52:24:5d:33:d4:1d:78:3a:84:65:93:99:dc:7a:9c:98:00:09:
48:21:51:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2x2FnkyCf9cPP17aK1dDSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz
NjdjZTAwHhcNMjYwNDIxMjEwMDM5WhcNMjYwNDIyMjEwMDM5WjAzMTEwLwYDVQQD
EygxM2I0ZDcyYzY1ZTEzZTMxZmVlMzE4ZGZiNTBmYTY1M2ZiNTI5NTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYSuTlxbOpF+BEyzV4URcnWR64bZ
umfy5o8YVxUOnapt+boUIh3E1Ix6phC7B2B6pGw1jLJSy0ZZPjkPeGufT4Oyiul4
B2+AR33B/iHZCSyhRJvs5gukiUFOZzZOPF1V5rilLgZKtwIh78XRPmUuLNLIe/at
4hkEZUkOeGFFbgkmV/yD2uR6A73naclrYLp8bSuv7USC0PqLnnBCl3lMCoqJao+1
1pSSuwHIFUhc+DCV+QX7pdX0tnNfmxoNuybP+H+mZvO/sJvN5TIwtZXD5PkgYv3w
A4I+Y7fAnrhat4IKnF6LAzltJDRAXx+o+/FMfMv27jiZ61fsu4bu2pS6VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBO01yxl4T4x/uMY37UPplP7UpUMMB8GA1UdIwQY
MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt
NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0
LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg58i3d0g
v0hDWgnxvjOthUqnAGyArgtgELUMpnPI89Jp59o+CK/KPcVYNC5hVaaJLtgykFzb
iYw/hkT6E4VVApaBPYd4jO9hCYHv57OToFBbicR1l9w0Drd0wc/dpHv5O62HYBoT
xALe7tuAljA2Gb7qXl2w/FJwVBEknmfH9Cu/n7IPnnlA9ZnGCxasd4qTxteZgF3f
gcd4Q+DcmcniUk8W9PoJHlJoatvsB5LLT5EflPOpPVb6WqT4wscXoW7LbsH9rePE
cEgk8jkaazazJ0Q9uULCgIHRqRxWrBfz2e9jWg0VZknec3q5UiRdM9QdeDqEZZOZ
3HqcmAAJSCFRhA==
-----END CERTIFICATE-----
Generated at Wed Apr 22 00:08:35 2026 by rpki-client