Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft
File: oVHP748-2G0RrqutTRngal0HDTA.mft (raw, json)
Hash identifier: Fprg9DwiGp41thm6RdkW2g90ZXp8Yf8IsGmy2awRto8=
Subject key identifier: 90:37:FE:52:09:FB:DD:EE:A7:D3:DA:EA:F7:C5:7A:44:1A:07:FE:51
Authority key identifier: A1:51:CF:EF:8F:3E:D8:6D:11:AE:AB:AD:4D:19:E0:6A:5D:07:0D:30
Certificate issuer: /CN=a151cfef8f3ed86d11aeabad4d19e06a5d070d30
Certificate serial: 019D39778D3C17501AB9F08C068F462D9DB3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft
Manifest number: 188F
Signing time: Sun 29 Mar 2026 12:00:29 +0000
Manifest this update: Sun 29 Mar 2026 12:00:29 +0000
Manifest next update: Mon 30 Mar 2026 12:00:29 +0000
Files and hashes: 1: Q03YqqXk35qJSm0HehmTM-hKNoU.roa (hash: KbpyMNQhXsLpqvy25FWKpi6JbtT5ilUlph7z2bWSx5s=)
2: oVHP748-2G0RrqutTRngal0HDTA.crl (hash: OQ9VAmBfLmPaW3wFqhASYTXaaltK/SAE+lMRjA2gRr4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:8d:3c:17:50:1a:b9:f0:8c:06:8f:46:2d:9d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a151cfef8f3ed86d11aeabad4d19e06a5d070d30
Validity
Not Before: Mar 29 12:00:29 2026 GMT
Not After : Mar 30 12:00:29 2026 GMT
Subject: CN=9037fe5209fbddeea7d3daeaf7c57a441a07fe51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3e:4a:30:c6:05:ff:17:d4:46:bd:9f:f8:50:
94:01:13:8a:6d:ae:80:37:23:4a:c0:ef:f8:bb:66:
3e:c4:a8:b3:f3:a0:bd:88:95:e6:e8:dd:0e:a0:dc:
c3:fc:cd:d3:db:54:74:99:e2:89:95:3a:3b:9c:79:
e0:e5:fc:f5:d1:79:55:96:30:cc:62:f5:d7:07:b3:
a3:d7:05:d2:01:3f:e7:bc:65:4a:db:4f:21:0c:a9:
0e:7b:f7:86:5f:79:b3:db:4d:8b:cc:db:2b:60:c2:
81:e1:d9:eb:ae:7e:f6:de:cc:b1:17:a0:52:c6:5a:
9f:f7:df:d3:46:bb:60:34:04:ea:3e:cc:c6:35:7e:
06:0a:3d:89:12:2d:ee:60:18:60:4d:f4:83:69:12:
12:08:d1:9c:6d:11:a2:16:eb:38:54:dd:43:e4:f7:
47:72:71:f8:37:be:55:27:15:34:6a:ce:ad:cd:f4:
7a:b6:c2:e6:53:2f:67:f4:e9:ef:d4:26:c8:66:88:
a5:17:ae:8f:ac:ce:f3:83:d2:68:e8:29:30:ec:28:
4a:8d:5f:ab:21:ba:af:4a:21:cf:8f:35:f2:72:31:
a0:07:9f:e4:18:38:b7:88:e4:a8:16:8c:ef:de:7d:
9d:7e:86:ac:77:d8:11:1d:fb:3b:e8:71:7b:c3:88:
2d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:37:FE:52:09:FB:DD:EE:A7:D3:DA:EA:F7:C5:7A:44:1A:07:FE:51
X509v3 Authority Key Identifier:
keyid:A1:51:CF:EF:8F:3E:D8:6D:11:AE:AB:AD:4D:19:E0:6A:5D:07:0D:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:db:40:f5:e3:34:53:ec:d8:0a:34:9a:91:d5:b4:26:23:f1:
c7:bd:90:bb:0d:7a:09:ae:dc:5c:86:a9:32:50:18:e4:10:d5:
4a:7b:1c:e1:a2:11:82:c3:21:00:0e:a0:59:c1:11:eb:87:5a:
c0:23:ed:cd:4c:09:9d:ff:a0:4a:2a:d2:cb:5d:56:e5:24:50:
0c:59:d8:7f:dd:f3:4b:97:c0:b9:ff:d3:99:1e:03:b0:cb:ea:
e0:d3:27:67:c3:93:98:7d:e0:03:db:7c:e8:3c:e1:09:64:f5:
e9:dc:99:5c:ed:e0:63:b3:2d:a9:8a:97:ce:11:40:b9:c0:c8:
b3:49:af:f0:47:2a:84:a6:24:b8:26:8f:ee:41:ce:68:dd:fe:
21:db:d3:ef:d9:9d:50:2f:cc:99:82:90:0a:70:7e:65:85:97:
5b:e8:f5:73:7c:f1:da:11:a7:75:ff:e1:4e:b1:d1:10:01:45:
39:91:ab:26:f7:22:f9:b6:84:5b:dd:2a:05:d8:1f:46:bb:5b:
56:bf:fa:45:98:0b:55:bd:48:3d:2a:ba:cf:a7:71:10:ee:cf:
5d:d3:15:b6:48:c2:32:07:70:30:d7:1d:e9:dd:88:6d:02:16:
00:61:92:e9:77:27:0c:39:1f:e9:71:58:e4:34:8d:7e:ac:a3:
4b:b5:3a:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d408F1AaufCMBo9GLZ2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNTFjZmVmOGYzZWQ4NmQxMWFlYWJhZDRkMTllMDZhNWQw
NzBkMzAwHhcNMjYwMzI5MTIwMDI5WhcNMjYwMzMwMTIwMDI5WjAzMTEwLwYDVQQD
Eyg5MDM3ZmU1MjA5ZmJkZGVlYTdkM2RhZWFmN2M1N2E0NDFhMDdmZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnj5KMMYF/xfURr2f+FCUAROKba6A
NyNKwO/4u2Y+xKiz86C9iJXm6N0OoNzD/M3T21R0meKJlTo7nHng5fz10XlVljDM
YvXXB7Oj1wXSAT/nvGVK208hDKkOe/eGX3mz202LzNsrYMKB4dnrrn723syxF6BS
xlqf99/TRrtgNATqPszGNX4GCj2JEi3uYBhgTfSDaRISCNGcbRGiFus4VN1D5PdH
cnH4N75VJxU0as6tzfR6tsLmUy9n9Onv1CbIZoilF66PrM7zg9Jo6Ckw7ChKjV+r
IbqvSiHPjzXycjGgB5/kGDi3iOSoFozv3n2dfoasd9gRHfs76HF7w4gt1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJA3/lIJ+93up9Pa6vfFekQaB/5RMB8GA1UdIwQY
MBaAFKFRz++PPthtEa6rrU0Z4GpdBw0wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS85NTliOWYtMTQwOC00Y2Y3LThlNzUt
NDA0NmEzMmQyN2E0LzEvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS85NTliOWYtMTQwOC00Y2Y3LThlNzUtNDA0NmEzMmQyN2E0
LzEvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASdtA9eM0
U+zYCjSakdW0JiPxx72Quw16Ca7cXIapMlAY5BDVSnsc4aIRgsMhAA6gWcER64da
wCPtzUwJnf+gSirSy11W5SRQDFnYf93zS5fAuf/TmR4DsMvq4NMnZ8OTmH3gA9t8
6DzhCWT16dyZXO3gY7MtqYqXzhFAucDIs0mv8EcqhKYkuCaP7kHOaN3+IdvT79md
UC/MmYKQCnB+ZYWXW+j1c3zx2hGndf/hTrHREAFFOZGrJvci+baEW90qBdgfRrtb
Vr/6RZgLVb1IPSq6z6dxEO7PXdMVtkjCMgdwMNcd6d2IbQIWAGGS6XcnDDkf6XFY
5DSNfqyjS7U67g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:27:27 2026 by rpki-client