Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/999eaf-1cf0-4f48-8791-d1e4a5376510/1/Oh7rvRjfqoBV4TVRugJBZV2qo1I.mft
File: Oh7rvRjfqoBV4TVRugJBZV2qo1I.mft (raw, json)
Hash identifier: x568z/UurZbMmb3mrocYtPgx9gWpvUEC32qiPc6Sb4w=
Subject key identifier: 4B:46:6C:4B:7A:FF:ED:0D:9C:E9:39:91:30:52:AA:7F:1B:84:9B:6F
Authority key identifier: 3A:1E:EB:BD:18:DF:AA:80:55:E1:35:51:BA:02:41:65:5D:AA:A3:52
Certificate issuer: /CN=3a1eebbd18dfaa8055e13551ba0241655daaa352
Certificate serial: 019D38D2AB0943C6F5E70F6648AA23B0A1DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oh7rvRjfqoBV4TVRugJBZV2qo1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/999eaf-1cf0-4f48-8791-d1e4a5376510/1/Oh7rvRjfqoBV4TVRugJBZV2qo1I.mft
Manifest number: 0145
Signing time: Sun 29 Mar 2026 09:00:23 +0000
Manifest this update: Sun 29 Mar 2026 09:00:23 +0000
Manifest next update: Mon 30 Mar 2026 09:00:23 +0000
Files and hashes: 1: 0pB9NxgzSPZHGLSwp4FwUaK9fJM.roa (hash: 6Y/maM1irsBi0a5dABbmBVzfEeCT3zKCr4y+VxDWzpI=)
2: Oh7rvRjfqoBV4TVRugJBZV2qo1I.crl (hash: uLfxtdHRydHNiCe6Faq9rYYeNt8MIwpmeBHR7EQdVZ4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/999eaf-1cf0-4f48-8791-d1e4a5376510/1/Oh7rvRjfqoBV4TVRugJBZV2qo1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/999eaf-1cf0-4f48-8791-d1e4a5376510/1/Oh7rvRjfqoBV4TVRugJBZV2qo1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/Oh7rvRjfqoBV4TVRugJBZV2qo1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:ab:09:43:c6:f5:e7:0f:66:48:aa:23:b0:a1:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a1eebbd18dfaa8055e13551ba0241655daaa352
Validity
Not Before: Mar 29 09:00:23 2026 GMT
Not After : Mar 30 09:00:23 2026 GMT
Subject: CN=4b466c4b7affed0d9ce939913052aa7f1b849b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:30:50:38:ba:df:16:98:c8:c0:f0:b6:63:1a:
81:8b:26:a3:c2:1a:21:34:33:86:d8:5a:13:f6:67:
74:a6:32:a5:ae:f9:80:4a:4e:d1:a3:45:8c:58:d7:
ad:87:82:8d:7d:44:52:69:ad:46:1e:2d:51:41:41:
f4:98:0a:29:e7:54:e6:1e:9f:6b:16:f1:df:58:60:
e9:8b:59:5d:89:2f:18:88:5b:91:da:63:32:5a:3b:
8d:69:93:4a:13:d0:de:a7:83:20:0c:f4:27:99:ad:
48:a9:51:56:58:f2:e9:8b:74:f7:f4:32:85:72:64:
e0:97:11:2b:0d:89:a7:ce:96:f7:18:a1:7f:60:07:
f2:2e:55:a8:ea:8f:ee:e5:9a:8f:70:1f:5f:0c:a2:
21:98:b1:81:83:0b:c5:bc:36:88:97:01:87:9c:cf:
66:4c:e8:e8:3d:97:ba:b8:d0:c5:d3:74:8b:bf:e5:
d3:b4:6c:a9:6c:e3:5c:ea:d2:62:0b:c5:83:5c:4d:
79:36:3e:d8:c0:dc:24:1a:f7:a0:82:b3:49:82:0e:
23:3c:1a:a4:0e:8a:2e:86:2a:b6:1d:6a:11:e8:06:
d0:d7:0e:19:48:77:7b:70:55:ce:9f:a4:52:df:f9:
46:41:6b:7b:bd:21:f1:54:c3:70:23:da:50:9c:ed:
12:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:46:6C:4B:7A:FF:ED:0D:9C:E9:39:91:30:52:AA:7F:1B:84:9B:6F
X509v3 Authority Key Identifier:
keyid:3A:1E:EB:BD:18:DF:AA:80:55:E1:35:51:BA:02:41:65:5D:AA:A3:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oh7rvRjfqoBV4TVRugJBZV2qo1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/999eaf-1cf0-4f48-8791-d1e4a5376510/1/Oh7rvRjfqoBV4TVRugJBZV2qo1I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/999eaf-1cf0-4f48-8791-d1e4a5376510/1/Oh7rvRjfqoBV4TVRugJBZV2qo1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:34:22:7f:7a:8d:a8:17:f7:08:15:d7:db:76:34:a3:e0:d5:
33:03:0a:7d:f2:d4:c5:56:53:3a:6d:a8:84:c8:9d:51:c1:cd:
91:ee:a9:db:99:f7:90:e3:b7:01:84:e3:0e:e1:72:18:a4:0f:
b7:e0:24:58:f2:4b:c3:aa:35:66:63:7c:d6:13:2d:7b:c9:00:
07:73:e6:4a:4b:5d:c7:48:54:2c:36:fd:2a:37:ad:4f:fb:c1:
d7:a7:9e:8d:09:c4:dc:48:bc:92:55:1b:64:db:8b:27:54:10:
95:e9:b3:15:2e:30:0d:ae:46:2e:36:a2:5f:24:2c:90:66:cd:
be:c5:c3:9a:07:c4:16:9f:5e:89:a4:8c:5f:24:e2:67:53:c8:
fb:a4:0b:9a:ea:ed:02:2c:9d:f1:42:8f:ca:69:70:8e:41:cb:
5f:d2:e3:31:b2:70:a3:3b:22:14:5e:e4:a3:da:74:aa:32:b1:
44:ce:47:a9:14:e4:b2:18:df:3e:13:99:3b:e9:ec:56:49:1a:
b1:96:a3:1e:0d:2f:0a:9f:9b:a0:61:a9:d1:0f:6f:1d:b7:6f:
0d:6f:0f:c6:46:2c:e3:a2:4b:4a:f4:ac:1f:b4:91:2d:15:50:
7f:6e:f8:34:5e:0e:30:11:6d:b9:fd:7e:7f:20:74:6e:17:80:
be:f7:08:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040qsJQ8b15w9mSKojsKHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWVlYmJkMThkZmFhODA1NWUxMzU1MWJhMDI0MTY1NWRh
YWEzNTIwHhcNMjYwMzI5MDkwMDIzWhcNMjYwMzMwMDkwMDIzWjAzMTEwLwYDVQQD
Eyg0YjQ2NmM0YjdhZmZlZDBkOWNlOTM5OTEzMDUyYWE3ZjFiODQ5YjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDBQOLrfFpjIwPC2YxqBiyajwhoh
NDOG2FoT9md0pjKlrvmASk7Ro0WMWNeth4KNfURSaa1GHi1RQUH0mAop51TmHp9r
FvHfWGDpi1ldiS8YiFuR2mMyWjuNaZNKE9Dep4MgDPQnma1IqVFWWPLpi3T39DKF
cmTglxErDYmnzpb3GKF/YAfyLlWo6o/u5ZqPcB9fDKIhmLGBgwvFvDaIlwGHnM9m
TOjoPZe6uNDF03SLv+XTtGypbONc6tJiC8WDXE15Nj7YwNwkGveggrNJgg4jPBqk
Doouhiq2HWoR6AbQ1w4ZSHd7cFXOn6RS3/lGQWt7vSHxVMNwI9pQnO0S8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEtGbEt6/+0NnOk5kTBSqn8bhJtvMB8GA1UdIwQY
MBaAFDoe670Y36qAVeE1UboCQWVdqqNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2g3cnZSamZxb0JWNFRWUnVnSkJaVjJxbzFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OTllYWYtMWNmMC00ZjQ4LTg3OTEt
ZDFlNGE1Mzc2NTEwLzEvT2g3cnZSamZxb0JWNFRWUnVnSkJaVjJxbzFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OTllYWYtMWNmMC00ZjQ4LTg3OTEtZDFlNGE1Mzc2NTEw
LzEvT2g3cnZSamZxb0JWNFRWUnVnSkJaVjJxbzFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcjQif3qN
qBf3CBXX23Y0o+DVMwMKffLUxVZTOm2ohMidUcHNke6p25n3kOO3AYTjDuFyGKQP
t+AkWPJLw6o1ZmN81hMte8kAB3PmSktdx0hULDb9KjetT/vB16eejQnE3Ei8klUb
ZNuLJ1QQlemzFS4wDa5GLjaiXyQskGbNvsXDmgfEFp9eiaSMXyTiZ1PI+6QLmurt
Aiyd8UKPymlwjkHLX9LjMbJwozsiFF7ko9p0qjKxRM5HqRTkshjfPhOZO+nsVkka
sZajHg0vCp+boGGp0Q9vHbdvDW8PxkYs46JLSvSsH7SRLRVQf274NF4OMBFtuf1+
fyB0bheAvvcI/w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:47:15 2026 by rpki-client