Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
File: OSG38e7pDZnilCGKk4dTweotwmc.mft (raw, json)
Hash identifier: Bc8rIIIZ+rsMmvOmd1z6XWp9iK1AdHGZ6D3YBsmXw40=
Subject key identifier: A8:F3:0F:25:AE:37:EB:CD:9B:88:21:90:0E:32:A1:18:E3:C8:CF:73
Authority key identifier: 39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
Certificate issuer: /CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Certificate serial: 019D37C0C271430AA35C752F18B96BAD3655
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
Manifest number: 181E
Signing time: Sun 29 Mar 2026 04:01:12 +0000
Manifest this update: Sun 29 Mar 2026 04:01:12 +0000
Manifest next update: Mon 30 Mar 2026 04:01:12 +0000
Files and hashes: 1: 68yVcmurp-TUH6bcEYJFrYBYlHA.roa (hash: GhcpVTrzvKoo7+y/CR4zZ8nvtr04ppIcAONYUpBet9U=)
2: OSG38e7pDZnilCGKk4dTweotwmc.crl (hash: dNGZ0ngQxN4NHJnd9x7yhED9Sh4mAAyDq3izVsjwu0s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:c2:71:43:0a:a3:5c:75:2f:18:b9:6b:ad:36:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Validity
Not Before: Mar 29 04:01:12 2026 GMT
Not After : Mar 30 04:01:12 2026 GMT
Subject: CN=a8f30f25ae37ebcd9b8821900e32a118e3c8cf73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:24:65:3c:bf:1b:5f:dd:13:55:c9:5d:2e:23:
0d:77:09:cc:89:7d:a7:75:dc:8e:c8:09:43:08:7d:
05:06:7e:e9:cf:b1:d6:48:00:11:2e:59:06:37:9e:
d7:81:ba:54:6f:17:ca:0b:28:5d:79:08:18:de:bd:
6d:54:9f:44:13:fd:ee:9d:dc:48:ec:f6:2b:98:e0:
e3:f8:16:c3:d5:b8:60:85:04:9a:4a:ba:d3:dc:c9:
23:5f:b2:14:51:61:a3:79:b0:6d:cf:29:6d:e3:2e:
36:42:d3:f7:ec:1e:4e:f5:ca:97:07:bb:3d:f7:ff:
a6:be:75:54:8f:6c:0d:36:c4:b2:f7:e0:38:5b:96:
88:a0:b2:6e:8f:6d:d6:3f:1a:48:29:9e:c4:13:45:
04:bd:3b:e4:e8:2c:d7:4f:ba:09:57:a1:28:bf:82:
d9:c6:e8:e0:02:97:44:34:57:9c:20:8d:71:19:52:
46:f6:81:b2:47:30:e5:56:ed:af:ed:da:34:1f:7f:
59:6c:24:6b:57:78:b7:04:aa:00:e1:3b:97:d9:ee:
de:4d:ec:59:bc:83:a1:5d:4d:07:bc:48:7b:f0:f9:
fd:9b:f8:4d:84:8a:16:da:69:1e:e1:6b:3f:3a:78:
63:61:6a:82:0e:dd:8e:83:a2:de:7f:c6:e8:3e:93:
c7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F3:0F:25:AE:37:EB:CD:9B:88:21:90:0E:32:A1:18:E3:C8:CF:73
X509v3 Authority Key Identifier:
keyid:39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:17:88:1f:44:f1:3b:ac:f1:ff:42:39:26:c6:92:17:6f:9b:
0b:a6:4a:e8:48:66:e0:e0:86:2e:10:c1:8a:7e:39:15:9a:6d:
e2:18:3a:2d:3f:0a:8a:d5:49:d4:c9:84:f6:3c:04:a8:0b:36:
dc:c9:56:8d:50:f6:73:d0:10:95:53:9b:5b:5a:b1:0b:c2:5c:
db:24:57:ed:a0:cc:23:f9:35:02:fc:bf:28:ce:1f:c0:ca:c2:
09:ab:f2:f6:10:2f:c4:a0:d6:1b:ce:df:02:5f:2a:27:27:27:
c6:9e:94:f9:d6:55:2a:f4:87:29:1b:79:3d:c4:a9:25:49:05:
8b:f8:1a:bc:d3:ed:99:6b:cc:4d:82:8e:26:d9:18:6e:cf:f8:
90:41:f9:ee:91:95:07:8b:a7:97:80:a3:b5:99:f4:3a:5f:ec:
3a:83:f8:4a:d1:2e:e3:77:57:bd:a5:4e:08:f2:63:e4:64:27:
2b:6a:5b:f2:1b:a1:b9:8b:07:b8:43:52:cb:e8:ef:ce:8a:31:
c6:06:dc:7a:a8:77:60:87:f2:7c:64:a9:cb:07:11:78:32:71:
58:65:df:85:75:2c:21:56:73:f4:24:ea:48:79:bf:d2:70:c3:
b5:a6:4c:a3:57:af:a7:2a:96:85:2a:f6:49:51:8b:e8:f6:f3:
0e:32:27:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wMJxQwqjXHUvGLlrrTZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MjFiN2YxZWVlOTBkOTllMjk0MjE4YTkzODc1M2MxZWEy
ZGMyNjcwHhcNMjYwMzI5MDQwMTEyWhcNMjYwMzMwMDQwMTEyWjAzMTEwLwYDVQQD
EyhhOGYzMGYyNWFlMzdlYmNkOWI4ODIxOTAwZTMyYTExOGUzYzhjZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CRlPL8bX90TVcldLiMNdwnMiX2n
ddyOyAlDCH0FBn7pz7HWSAARLlkGN57XgbpUbxfKCyhdeQgY3r1tVJ9EE/3undxI
7PYrmODj+BbD1bhghQSaSrrT3MkjX7IUUWGjebBtzylt4y42QtP37B5O9cqXB7s9
9/+mvnVUj2wNNsSy9+A4W5aIoLJuj23WPxpIKZ7EE0UEvTvk6CzXT7oJV6Eov4LZ
xujgApdENFecII1xGVJG9oGyRzDlVu2v7do0H39ZbCRrV3i3BKoA4TuX2e7eTexZ
vIOhXU0HvEh78Pn9m/hNhIoW2mke4Ws/OnhjYWqCDt2Og6Lef8boPpPHDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKjzDyWuN+vNm4ghkA4yoRjjyM9zMB8GA1UdIwQY
MBaAFDkht/Hu6Q2Z4pQhipOHU8HqLcJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgt
MjQ0MWUxMGY2ZjhmLzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgtMjQ0MWUxMGY2Zjhm
LzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOReIH0Tx
O6zx/0I5JsaSF2+bC6ZK6Ehm4OCGLhDBin45FZpt4hg6LT8KitVJ1MmE9jwEqAs2
3MlWjVD2c9AQlVObW1qxC8Jc2yRX7aDMI/k1Avy/KM4fwMrCCavy9hAvxKDWG87f
Al8qJycnxp6U+dZVKvSHKRt5PcSpJUkFi/gavNPtmWvMTYKOJtkYbs/4kEH57pGV
B4unl4CjtZn0Ol/sOoP4StEu43dXvaVOCPJj5GQnK2pb8huhuYsHuENSy+jvzoox
xgbceqh3YIfyfGSpywcReDJxWGXfhXUsIVZz9CTqSHm/0nDDtaZMo1evpyqWhSr2
SVGL6PbzDjIngA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:30:17 2026 by rpki-client