Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
File: OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft (raw, json)
Hash identifier: W+oGMNjVp3X3KbCsqXA0UIR/kaZJmhBizX2ZE4gD3e4=
Subject key identifier: 3C:D4:4D:ED:B9:E9:2C:9B:D1:BF:0C:E5:15:24:B0:39:CE:EF:98:94
Authority key identifier: 39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7
Certificate issuer: /CN=3979b435a3cfefe7c33a84b22f6033009a5225c7
Certificate serial: 019DCF75175358BBFE830969A34C1AC401BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
Manifest number: 186E
Signing time: Mon 27 Apr 2026 15:00:50 +0000
Manifest this update: Mon 27 Apr 2026 15:00:50 +0000
Manifest next update: Tue 28 Apr 2026 15:00:50 +0000
Files and hashes: 1: OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl (hash: kfxnZAJX8yvyXTxnafFdqbwg12XbLypMP2XBnKLRfyg=)
2: TFyydJckZZxmvJ2kyZiqerxMndc.roa (hash: 1M8O0DEiBMTzRovUAkdLb42byd8jCd0k32zelG/wKMY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 15:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:75:17:53:58:bb:fe:83:09:69:a3:4c:1a:c4:01:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3979b435a3cfefe7c33a84b22f6033009a5225c7
Validity
Not Before: Apr 27 15:00:50 2026 GMT
Not After : Apr 28 15:00:50 2026 GMT
Subject: CN=3cd44dedb9e92c9bd1bf0ce51524b039ceef9894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f1:8a:0f:7f:b5:4b:8c:a7:64:3c:83:37:29:
e4:13:1d:2c:50:02:d7:e6:c3:81:73:7a:16:28:14:
de:f1:85:11:95:1c:1f:be:f2:28:db:a0:04:33:63:
75:fd:81:7f:b4:20:0a:cb:cb:df:ab:59:ea:fd:b2:
1f:dd:45:ee:65:72:c2:06:d2:6d:fb:97:47:3f:08:
20:e6:6e:bc:90:57:4d:90:25:ab:94:99:be:3f:ce:
f4:fe:34:21:ad:9f:6a:56:60:72:fa:45:e8:27:f8:
32:85:68:48:93:f2:29:eb:71:03:50:ea:c4:ff:d5:
a5:55:9c:11:3b:2a:de:34:3a:06:a2:35:f2:86:08:
31:25:62:87:4e:9f:22:75:c3:26:66:ae:d2:cc:f2:
0c:fb:17:87:00:42:39:8a:b2:6d:62:77:b2:11:32:
0b:27:1d:46:85:20:a1:f5:94:69:d8:c3:f9:9c:b3:
0b:49:d5:e5:12:07:23:a1:f5:a0:54:07:d2:43:7d:
a8:16:cc:f2:e8:08:06:79:8c:a7:49:96:5d:f3:54:
70:17:fc:31:07:e3:2a:13:4f:be:5d:25:e8:51:30:
8e:8b:cc:7b:70:5e:38:7a:ae:77:35:15:1e:9b:f8:
bc:92:50:11:8e:ba:03:48:15:11:cc:59:ed:e1:c1:
56:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D4:4D:ED:B9:E9:2C:9B:D1:BF:0C:E5:15:24:B0:39:CE:EF:98:94
X509v3 Authority Key Identifier:
keyid:39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:07:ca:da:d6:c8:48:f9:f5:b6:05:f8:22:38:ed:00:ca:6c:
44:b4:61:2a:0c:8f:af:9e:7e:3c:6b:a1:57:66:96:9f:73:64:
0b:ef:1f:5f:24:2a:56:b0:66:04:37:34:69:5b:85:52:4d:46:
2f:e5:9a:53:55:d4:c0:4e:69:e7:a3:f6:dd:07:77:89:cc:60:
2d:c7:be:ab:49:36:86:00:0f:a1:6f:8a:50:63:82:98:59:13:
d2:81:b3:f4:9c:67:aa:60:c9:99:a8:f1:0b:66:99:f9:af:7b:
4f:3a:31:93:e7:7b:8c:39:3c:e4:b7:53:1c:d8:bf:48:99:b6:
84:2e:01:05:ae:8e:95:ad:8d:08:4b:92:1a:6e:28:0e:e2:7d:
67:b8:01:08:38:01:c5:26:da:50:bc:4c:07:53:87:e9:8a:9c:
5f:1b:1b:de:77:ec:5f:68:ae:fa:02:d3:05:a5:1b:22:8a:2a:
38:d0:ba:dc:d9:8a:0f:4f:cc:79:46:17:15:07:f9:5b:0c:74:
d4:9e:65:2a:55:60:26:70:83:49:d7:c8:bc:9f:47:de:01:3d:
0f:6a:dc:6e:ee:da:f0:63:88:eb:31:37:72:2c:dd:13:8a:18:
e1:e5:29:9f:73:5d:db:23:18:81:77:82:f4:a4:e5:85:ab:e3:
6b:ee:28:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3PdRdTWLv+gwlpo0waxAG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzliNDM1YTNjZmVmZTdjMzNhODRiMjJmNjAzMzAwOWE1
MjI1YzcwHhcNMjYwNDI3MTUwMDUwWhcNMjYwNDI4MTUwMDUwWjAzMTEwLwYDVQQD
EygzY2Q0NGRlZGI5ZTkyYzliZDFiZjBjZTUxNTI0YjAzOWNlZWY5ODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvGKD3+1S4ynZDyDNynkEx0sUALX
5sOBc3oWKBTe8YURlRwfvvIo26AEM2N1/YF/tCAKy8vfq1nq/bIf3UXuZXLCBtJt
+5dHPwgg5m68kFdNkCWrlJm+P870/jQhrZ9qVmBy+kXoJ/gyhWhIk/Ip63EDUOrE
/9WlVZwROyreNDoGojXyhggxJWKHTp8idcMmZq7SzPIM+xeHAEI5irJtYneyETIL
Jx1GhSCh9ZRp2MP5nLMLSdXlEgcjofWgVAfSQ32oFszy6AgGeYynSZZd81RwF/wx
B+MqE0++XSXoUTCOi8x7cF44eq53NRUem/i8klARjroDSBURzFnt4cFWgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzUTe256Syb0b8M5RUksDnO75iUMB8GA1UdIwQY
MBaAFDl5tDWjz+/nwzqEsi9gMwCaUiXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYt
ZDViYzIzOWY2YTk4LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYtZDViYzIzOWY2YTk4
LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgAfK2tbI
SPn1tgX4IjjtAMpsRLRhKgyPr55+PGuhV2aWn3NkC+8fXyQqVrBmBDc0aVuFUk1G
L+WaU1XUwE5p56P23Qd3icxgLce+q0k2hgAPoW+KUGOCmFkT0oGz9JxnqmDJmajx
C2aZ+a97Tzoxk+d7jDk85LdTHNi/SJm2hC4BBa6Ola2NCEuSGm4oDuJ9Z7gBCDgB
xSbaULxMB1OH6YqcXxsb3nfsX2iu+gLTBaUbIooqONC63NmKD0/MeUYXFQf5Wwx0
1J5lKlVgJnCDSdfIvJ9H3gE9D2rcbu7a8GOI6zE3cizdE4oY4eUpn3Nd2yMYgXeC
9KTlhavja+4odA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 21:02:33 2026 by rpki-client