Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
File: _OTzlnKb9HjmNlSYIfb2lw2JP1I.mft (raw, json)
Hash identifier: KINVVAJYoiaOw4mZ3tafpQdxqmHxTp/iuikanduackg=
Subject key identifier: 28:AF:C9:69:22:CA:B5:9B:81:B7:42:09:60:A7:17:88:29:5A:35:64
Authority key identifier: FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
Certificate issuer: /CN=fce4f396729bf478e636549821f6f6970d893f52
Certificate serial: 019D39E53E0265CEC6D124F4BC0073128A0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 14:00:17 +0000
Manifest this update: Sun 29 Mar 2026 14:00:17 +0000
Manifest next update: Mon 30 Mar 2026 14:00:17 +0000
Files and hashes: 1: C9Ra18IQZMYPkfBHca82xhr0cTA.roa (hash: SV7yW/23Qp7R5wgSCdgQtEDtBATncL3nb2e5yjh6BqQ=)
2: _OTzlnKb9HjmNlSYIfb2lw2JP1I.crl (hash: 3Jcvl3uAgWjqMclm7XEvpJejWSdDg4DDA6AOa+ghGXs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:e5:3e:02:65:ce:c6:d1:24:f4:bc:00:73:12:8a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fce4f396729bf478e636549821f6f6970d893f52
Validity
Not Before: Mar 29 14:00:17 2026 GMT
Not After : Mar 30 14:00:17 2026 GMT
Subject: CN=28afc96922cab59b81b7420960a71788295a3564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e3:3f:3e:94:24:56:54:d1:52:23:5a:dd:bd:
dd:4b:bf:f1:d0:19:43:d2:90:3b:9c:a8:fb:cb:80:
cc:6c:e5:d7:c1:7b:0a:13:d3:18:33:f7:65:61:25:
03:5a:84:62:43:e0:f6:5b:17:7f:a8:e6:50:9e:1f:
19:cf:20:15:3b:84:8a:5d:a6:8e:4d:f0:2d:82:86:
66:1e:79:20:59:03:31:7e:44:69:e8:1e:44:ea:2e:
e2:5f:7b:00:1b:04:24:23:a4:63:f7:c1:5f:08:ce:
64:01:ed:d6:f5:2f:d8:96:a4:96:8b:62:61:9e:42:
ed:e1:2e:09:a9:7f:22:da:15:3c:ad:97:4b:df:3a:
d8:11:91:ea:31:ed:a6:51:8a:5f:46:04:b6:c7:be:
fa:9e:53:57:12:57:68:bd:d9:c1:ee:3e:8d:90:91:
86:16:f4:54:f9:27:0d:a8:c5:50:f0:59:6b:7a:f1:
ea:49:cd:57:af:c3:0d:13:1c:e7:94:df:70:ea:47:
25:f5:0b:a2:78:4d:41:5d:9e:4f:7e:65:89:84:0d:
e0:51:9f:cd:a6:3d:ad:d8:20:2c:c9:df:23:04:f1:
0c:cd:07:2f:40:63:3e:01:81:ed:55:44:29:ff:1c:
e0:bd:6f:ac:d5:98:9b:29:4b:ea:6d:fb:b8:11:86:
6a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:AF:C9:69:22:CA:B5:9B:81:B7:42:09:60:A7:17:88:29:5A:35:64
X509v3 Authority Key Identifier:
keyid:FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:c9:84:30:8f:a3:61:31:f3:80:d6:f5:38:93:5c:cd:ad:dd:
54:d0:bd:55:b6:63:40:48:ad:ef:e9:64:c2:47:07:0c:dc:e9:
c6:d3:3e:12:15:a6:d8:d2:73:b0:e1:06:08:14:d4:a0:65:d6:
55:07:87:fb:3c:cf:3f:ba:74:5d:de:ff:22:3c:bc:02:22:41:
0c:81:4e:e2:26:97:e7:b4:72:6a:a3:e7:17:c3:28:77:2b:00:
a2:c8:8e:a7:0d:91:57:d3:88:5d:fd:72:dd:1d:2e:bd:97:a4:
e2:a5:88:86:f0:6b:1a:dd:3f:cd:a0:e4:29:3f:a5:be:64:38:
fe:12:04:8f:57:c2:71:40:11:d6:85:ec:33:d4:da:60:c5:d1:
c1:f1:a7:03:17:8b:ee:f7:66:b2:23:c9:21:3a:a5:fb:72:4d:
24:a7:d2:09:2a:7b:7d:f3:a5:63:8b:9e:0e:f2:40:55:3f:8d:
95:91:bc:67:55:79:f5:15:67:ed:db:e0:cc:a4:2b:23:f0:a4:
2e:a1:8a:7f:3e:9f:a2:8b:a4:cf:c5:4d:63:de:6a:cf:0d:15:
0e:8e:e7:cb:e1:27:b7:93:16:f1:44:5b:71:d3:f7:5d:c0:5d:
a4:dd:83:0f:35:ad:83:6f:65:2a:1f:6e:b0:14:32:7b:57:b0:
d5:d6:a7:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055T4CZc7G0ST0vABzEooLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTRmMzk2NzI5YmY0NzhlNjM2NTQ5ODIxZjZmNjk3MGQ4
OTNmNTIwHhcNMjYwMzI5MTQwMDE3WhcNMjYwMzMwMTQwMDE3WjAzMTEwLwYDVQQD
EygyOGFmYzk2OTIyY2FiNTliODFiNzQyMDk2MGE3MTc4ODI5NWEzNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOM/PpQkVlTRUiNa3b3dS7/x0BlD
0pA7nKj7y4DMbOXXwXsKE9MYM/dlYSUDWoRiQ+D2Wxd/qOZQnh8ZzyAVO4SKXaaO
TfAtgoZmHnkgWQMxfkRp6B5E6i7iX3sAGwQkI6Rj98FfCM5kAe3W9S/YlqSWi2Jh
nkLt4S4JqX8i2hU8rZdL3zrYEZHqMe2mUYpfRgS2x776nlNXEldovdnB7j6NkJGG
FvRU+ScNqMVQ8FlrevHqSc1Xr8MNExznlN9w6kcl9QuieE1BXZ5PfmWJhA3gUZ/N
pj2t2CAsyd8jBPEMzQcvQGM+AYHtVUQp/xzgvW+s1ZibKUvqbfu4EYZqwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCivyWkiyrWbgbdCCWCnF4gpWjVkMB8GA1UdIwQY
MBaAFPzk85Zym/R45jZUmCH29pcNiT9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEt
OGM3MGRlOWU5YjlkLzEvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEtOGM3MGRlOWU5Yjlk
LzEvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJMmEMI+j
YTHzgNb1OJNcza3dVNC9VbZjQEit7+lkwkcHDNzpxtM+EhWm2NJzsOEGCBTUoGXW
VQeH+zzPP7p0Xd7/Ijy8AiJBDIFO4iaX57RyaqPnF8ModysAosiOpw2RV9OIXf1y
3R0uvZek4qWIhvBrGt0/zaDkKT+lvmQ4/hIEj1fCcUAR1oXsM9TaYMXRwfGnAxeL
7vdmsiPJITql+3JNJKfSCSp7ffOlY4ueDvJAVT+NlZG8Z1V59RVn7dvgzKQrI/Ck
LqGKfz6fooukz8VNY95qzw0VDo7ny+Ent5MW8URbcdP3XcBdpN2DDzWtg29lKh9u
sBQye1ew1danKQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:49:40 2026 by rpki-client