Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft
File: O_zNSgBCLIZfUJO4W7howrswxGk.mft (raw, json)
Hash identifier: Atj7wp9A0269/viDuKJFNZFJVxbfkw1jKAzG7/Xs/2o=
Subject key identifier: 03:4E:A7:F1:91:63:9B:64:39:91:A0:92:50:84:0F:CF:C5:BC:D2:64
Authority key identifier: 3B:FC:CD:4A:00:42:2C:86:5F:50:93:B8:5B:B8:68:C2:BB:30:C4:69
Certificate issuer: /CN=3bfccd4a00422c865f5093b85bb868c2bb30c469
Certificate serial: 019D3AC107E499BAFD2F6C10939B5C29F3ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft
Manifest number: 1894
Signing time: Sun 29 Mar 2026 18:00:22 +0000
Manifest this update: Sun 29 Mar 2026 18:00:22 +0000
Manifest next update: Mon 30 Mar 2026 18:00:22 +0000
Files and hashes: 1: LC2WPuI9QLIZ8RbSjNvSRTUaDs4.asa (hash: TvS/cC1UWjyeu6FeGmxZxswAr/BZFOyjaWFqao1VhuI=)
2: O_zNSgBCLIZfUJO4W7howrswxGk.crl (hash: o1/50O2h5R+E/vWdXTctuLQmCoipTei/bYP7zd/iY7w=)
3: _In4h_FwuHoLeAhLdOO_0gDal3g.roa (hash: 5CWj3iN4WCDtTiUEN45Kg99lLjsQ7Kch3A5A4xC3N5U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:c1:07:e4:99:ba:fd:2f:6c:10:93:9b:5c:29:f3:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfccd4a00422c865f5093b85bb868c2bb30c469
Validity
Not Before: Mar 29 18:00:22 2026 GMT
Not After : Mar 30 18:00:22 2026 GMT
Subject: CN=034ea7f191639b643991a09250840fcfc5bcd264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:21:81:f3:3e:fd:e9:8c:1d:17:59:c8:18:c9:
f3:19:c2:bf:84:11:83:a4:84:de:1d:76:36:af:c5:
01:a6:ac:b4:b2:18:dc:8f:8d:26:72:ff:06:20:a5:
b1:b2:c5:61:a2:1d:b6:3f:b3:a6:71:fd:e7:fe:1e:
5b:a4:4a:a5:47:e2:2f:77:5c:05:c3:99:63:0a:ec:
83:59:b0:72:73:2b:bf:fb:97:ef:3b:66:4c:07:9e:
12:6d:0b:e7:c6:e7:09:ee:8a:89:72:d6:97:00:20:
c0:2b:d3:47:b5:83:04:36:da:9d:31:73:5a:97:5e:
6c:5e:26:65:48:1e:64:55:46:ec:8d:26:28:1c:c3:
1d:cd:8e:64:c5:c4:ce:b6:14:ad:ca:e5:2a:82:d2:
fa:a4:82:d8:62:11:cf:d6:1e:90:2e:58:be:4c:f0:
39:8b:f1:21:33:b2:b5:bc:6c:f8:4a:bd:69:b5:96:
ca:7d:5a:7a:1d:5b:21:1c:50:24:a0:b4:06:f0:74:
78:03:8d:b3:0f:5c:19:af:fd:6d:f1:72:54:ca:c8:
19:e8:96:e4:93:62:8b:83:d4:f0:98:75:1d:8a:ee:
ec:73:fb:d2:2b:23:cf:a8:8b:74:9e:b7:77:6f:6a:
43:e1:1b:39:d4:41:b2:34:44:84:48:12:de:b7:ca:
40:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:4E:A7:F1:91:63:9B:64:39:91:A0:92:50:84:0F:CF:C5:BC:D2:64
X509v3 Authority Key Identifier:
keyid:3B:FC:CD:4A:00:42:2C:86:5F:50:93:B8:5B:B8:68:C2:BB:30:C4:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:1d:5e:3a:ba:72:cc:1d:55:fc:dc:bc:e8:09:2a:97:b1:bb:
30:28:f7:9e:ca:5f:13:1f:55:68:f1:91:ba:9f:02:a9:e5:ca:
b3:3e:5c:41:61:53:7e:cb:4d:86:ec:e2:db:39:c6:bc:20:45:
b1:a1:61:25:8e:ec:51:ab:26:8c:6e:cf:2e:51:e1:cc:15:96:
13:3a:da:a4:6f:6e:e5:83:a6:2d:d7:d5:1c:c1:f8:eb:ef:25:
13:c6:f2:47:72:82:0c:94:b0:51:1f:6a:08:8d:65:08:13:b6:
53:e9:ea:6c:6a:96:db:07:bc:d7:98:77:9c:23:7c:c3:6d:25:
2e:7a:f5:12:98:6b:29:b9:0c:6f:0b:77:1b:d6:30:9d:b2:91:
d4:ab:ab:3d:b5:60:f5:f8:21:8e:8a:b6:dd:4f:0c:97:97:f7:
fc:d3:af:30:e1:e7:28:e2:0d:fa:82:12:11:6c:37:8b:5a:b1:
90:27:09:87:b1:5d:bc:bf:9d:74:26:26:09:64:aa:f9:5a:fa:
9f:15:ad:02:0a:62:2c:c1:7e:ad:8b:0a:e9:d3:63:c2:32:08:
9d:ba:79:0f:6b:06:3f:11:ac:3a:32:5d:f2:7c:ef:9a:e4:10:
cd:c4:f9:dd:78:d5:57:7d:db:2a:7f:ba:c7:64:d4:17:f5:81:
8d:94:44:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06wQfkmbr9L2wQk5tcKfPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmNjZDRhMDA0MjJjODY1ZjUwOTNiODViYjg2OGMyYmIz
MGM0NjkwHhcNMjYwMzI5MTgwMDIyWhcNMjYwMzMwMTgwMDIyWjAzMTEwLwYDVQQD
EygwMzRlYTdmMTkxNjM5YjY0Mzk5MWEwOTI1MDg0MGZjZmM1YmNkMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CGB8z796YwdF1nIGMnzGcK/hBGD
pITeHXY2r8UBpqy0shjcj40mcv8GIKWxssVhoh22P7Omcf3n/h5bpEqlR+Ivd1wF
w5ljCuyDWbBycyu/+5fvO2ZMB54SbQvnxucJ7oqJctaXACDAK9NHtYMENtqdMXNa
l15sXiZlSB5kVUbsjSYoHMMdzY5kxcTOthStyuUqgtL6pILYYhHP1h6QLli+TPA5
i/EhM7K1vGz4Sr1ptZbKfVp6HVshHFAkoLQG8HR4A42zD1wZr/1t8XJUysgZ6Jbk
k2KLg9TwmHUdiu7sc/vSKyPPqIt0nrd3b2pD4Rs51EGyNESESBLet8pATwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANOp/GRY5tkOZGgklCED8/FvNJkMB8GA1UdIwQY
MBaAFDv8zUoAQiyGX1CTuFu4aMK7MMRpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT196TlNnQkNMSVpmVUpPNFc3aG93cnN3eEdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYTcwZjItYjdhYy00MzQ2LTlkMDgt
NjNhZTBiZmMxNjlmLzEvT196TlNnQkNMSVpmVUpPNFc3aG93cnN3eEdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYTcwZjItYjdhYy00MzQ2LTlkMDgtNjNhZTBiZmMxNjlm
LzEvT196TlNnQkNMSVpmVUpPNFc3aG93cnN3eEdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjh1eOrpy
zB1V/Ny86Akql7G7MCj3nspfEx9VaPGRup8CqeXKsz5cQWFTfstNhuzi2znGvCBF
saFhJY7sUasmjG7PLlHhzBWWEzrapG9u5YOmLdfVHMH46+8lE8byR3KCDJSwUR9q
CI1lCBO2U+nqbGqW2we815h3nCN8w20lLnr1EphrKbkMbwt3G9YwnbKR1KurPbVg
9fghjoq23U8Ml5f3/NOvMOHnKOIN+oISEWw3i1qxkCcJh7FdvL+ddCYmCWSq+Vr6
nxWtAgpiLMF+rYsK6dNjwjIInbp5D2sGPxGsOjJd8nzvmuQQzcT53XjVV33bKn+6
x2TUF/WBjZRE+Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 22:32:58 2026 by rpki-client