Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
File: o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft (raw, json)
Hash identifier: OqPc5RgrvMrTGzkebZQGkvl00eD91gMnft9b6SNZvPg=
Subject key identifier: 58:34:53:8C:2B:B0:4B:19:B9:73:92:96:CF:BE:25:AB:80:9D:FC:ED
Authority key identifier: A3:D3:90:7F:81:1C:B8:3F:16:B8:16:78:5E:38:0B:C2:4C:8A:C1:93
Certificate issuer: /CN=a3d3907f811cb83f16b816785e380bc24c8ac193
Certificate serial: 019D390997224DB09ACB9A55D667B5781DEB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
Manifest number: 159D
Signing time: Sun 29 Mar 2026 10:00:22 +0000
Manifest this update: Sun 29 Mar 2026 10:00:22 +0000
Manifest next update: Mon 30 Mar 2026 10:00:22 +0000
Files and hashes: 1: Ne74LLa0nfzZuK4THnD6BGKIM7Q.roa (hash: jISOsp+VyfAbEpR6bMtcVFG4B/gUZHPkFBIPoaBcPQs=)
2: o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl (hash: dR0fFgvSuTRkzXsBpCJo1FzH59nV0r+fXa+7is909ng=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 10:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:97:22:4d:b0:9a:cb:9a:55:d6:67:b5:78:1d:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3d3907f811cb83f16b816785e380bc24c8ac193
Validity
Not Before: Mar 29 10:00:22 2026 GMT
Not After : Mar 30 10:00:22 2026 GMT
Subject: CN=5834538c2bb04b19b9739296cfbe25ab809dfced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d3:40:5f:1e:81:2e:a5:bb:60:98:ac:48:bf:
56:06:07:b4:16:6d:48:f9:60:40:df:11:3f:ec:ed:
e2:bb:78:cc:11:b0:08:51:cd:2c:f9:0a:f7:f5:4a:
c8:d5:3a:32:95:24:b1:ae:83:b2:e3:2d:5e:8d:b3:
36:84:85:55:38:06:47:e0:1b:d5:6f:cf:b2:3b:97:
7f:00:26:76:ac:a8:23:8c:7a:bb:01:1b:b9:75:6b:
ce:11:d9:55:63:40:8e:ab:91:47:fb:d2:3f:2d:79:
c2:f9:62:5b:f6:63:ba:a4:24:27:c3:a3:39:83:ee:
3b:2f:ca:81:f8:80:38:22:69:ab:40:8d:43:4f:56:
cb:31:23:31:62:55:9c:62:46:77:33:05:7a:24:bc:
ec:66:88:02:fe:ef:17:dc:a7:4c:3e:e0:a8:75:f0:
c0:48:85:9b:f1:50:7a:26:7c:7a:ab:a9:ef:0d:46:
2a:3a:d4:f5:d8:9e:14:bc:58:6a:0c:b9:53:68:38:
8f:ad:5f:68:81:4e:cb:71:fa:d7:14:3d:e7:70:8b:
b2:b3:ae:b3:74:d5:9c:42:d7:e6:62:47:55:00:d7:
95:b9:3c:e6:3e:39:db:36:f7:b9:fb:b2:85:bb:7e:
cf:ee:dd:e8:56:3a:c3:ac:b3:58:6d:6f:4c:cc:d7:
f2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:34:53:8C:2B:B0:4B:19:B9:73:92:96:CF:BE:25:AB:80:9D:FC:ED
X509v3 Authority Key Identifier:
keyid:A3:D3:90:7F:81:1C:B8:3F:16:B8:16:78:5E:38:0B:C2:4C:8A:C1:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:33:8b:00:77:22:8f:87:cc:8f:2a:e4:5c:4d:18:52:31:40:
10:59:f7:7f:ab:4c:32:30:30:ec:b2:92:df:81:29:cb:47:f2:
63:77:b8:ac:43:57:6a:05:bb:1f:c4:fd:c4:f2:4b:3a:d0:3e:
6d:33:82:d5:b5:02:d8:89:1b:47:a8:da:5d:a4:19:9a:71:76:
ff:47:6a:1c:12:74:44:d2:14:2a:07:c4:f1:91:ae:3b:94:9c:
8a:af:40:41:09:c8:37:53:e6:e2:8e:2e:dd:2b:07:08:89:fb:
75:d0:f0:74:2c:60:62:39:7b:05:0b:64:98:6a:c9:3f:6d:27:
94:8a:61:d2:20:35:66:4c:e1:b9:2d:04:05:1c:d1:58:1b:bd:
5e:c3:81:58:6e:9a:85:ab:00:62:83:11:2b:54:b7:ae:3f:19:
0a:4f:d2:80:dc:7f:3a:bc:62:37:99:7c:84:14:b7:6b:e2:f7:
a4:d9:44:85:6d:f4:89:74:c9:e9:c4:e7:3e:29:c1:eb:e2:be:
6f:0a:7a:7e:d4:a2:a9:01:8d:4b:02:5a:11:12:11:f3:17:bc:
28:ed:1c:69:6b:21:d0:5d:32:fb:f4:4b:cd:39:8f:05:d6:c3:
1e:b2:55:c1:65:ae:0d:45:8c:87:91:0b:8f:37:04:8b:bb:d9:
19:af:7c:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CZciTbCay5pV1me1eB3rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZDM5MDdmODExY2I4M2YxNmI4MTY3ODVlMzgwYmMyNGM4
YWMxOTMwHhcNMjYwMzI5MTAwMDIyWhcNMjYwMzMwMTAwMDIyWjAzMTEwLwYDVQQD
Eyg1ODM0NTM4YzJiYjA0YjE5Yjk3MzkyOTZjZmJlMjVhYjgwOWRmY2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dNAXx6BLqW7YJisSL9WBge0Fm1I
+WBA3xE/7O3iu3jMEbAIUc0s+Qr39UrI1ToylSSxroOy4y1ejbM2hIVVOAZH4BvV
b8+yO5d/ACZ2rKgjjHq7ARu5dWvOEdlVY0COq5FH+9I/LXnC+WJb9mO6pCQnw6M5
g+47L8qB+IA4ImmrQI1DT1bLMSMxYlWcYkZ3MwV6JLzsZogC/u8X3KdMPuCodfDA
SIWb8VB6Jnx6q6nvDUYqOtT12J4UvFhqDLlTaDiPrV9ogU7LcfrXFD3ncIuys66z
dNWcQtfmYkdVANeVuTzmPjnbNve5+7KFu37P7t3oVjrDrLNYbW9MzNfydQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFg0U4wrsEsZuXOSls++JauAnfztMB8GA1UdIwQY
MBaAFKPTkH+BHLg/FrgWeF44C8JMisGTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80M2ViMDUtYWZmZS00Mjc0LTkxM2It
MzMyMDI3MWZiM2FjLzEvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80M2ViMDUtYWZmZS00Mjc0LTkxM2ItMzMyMDI3MWZiM2Fj
LzEvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjjOLAHci
j4fMjyrkXE0YUjFAEFn3f6tMMjAw7LKS34Epy0fyY3e4rENXagW7H8T9xPJLOtA+
bTOC1bUC2IkbR6jaXaQZmnF2/0dqHBJ0RNIUKgfE8ZGuO5Sciq9AQQnIN1Pm4o4u
3SsHCIn7ddDwdCxgYjl7BQtkmGrJP20nlIph0iA1ZkzhuS0EBRzRWBu9XsOBWG6a
hasAYoMRK1S3rj8ZCk/SgNx/OrxiN5l8hBS3a+L3pNlEhW30iXTJ6cTnPinB6+K+
bwp6ftSiqQGNSwJaERIR8xe8KO0caWsh0F0y+/RLzTmPBdbDHrJVwWWuDUWMh5EL
jzcEi7vZGa98lA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:01:49 2026 by rpki-client