Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.mft
File: Ojz5kZosgUbJb1oUsVdFm3lLai4.mft (raw, json)
Hash identifier: G1/xr6fTf4sQnQSjgvrQiP8fejc+nT9qImQqN4DT1UY=
Subject key identifier: 04:0C:CB:B0:34:5A:A4:8E:93:05:55:7C:15:E2:1F:AE:27:A6:2A:FA
Authority key identifier: 3A:3C:F9:91:9A:2C:81:46:C9:6F:5A:14:B1:57:45:9B:79:4B:6A:2E
Certificate issuer: /CN=3a3cf9919a2c8146c96f5a14b157459b794b6a2e
Certificate serial: 019D389C028AB25F94A892807BC4D33027C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ojz5kZosgUbJb1oUsVdFm3lLai4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 08:00:41 +0000
Manifest this update: Sun 29 Mar 2026 08:00:41 +0000
Manifest next update: Mon 30 Mar 2026 08:00:41 +0000
Files and hashes: 1: Ojz5kZosgUbJb1oUsVdFm3lLai4.crl (hash: 3WO2sTD+dceqIGgAOL1z+7rBSAt6w1QygJFrFDUjP6Y=)
2: nDu8hN-j-Vp_Vtv9oUPzxmmLDIk.roa (hash: WwxgQJEoxT9RlD+HkKWEjQjejeBr0IIFvMv1CfM5j4U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ojz5kZosgUbJb1oUsVdFm3lLai4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:02:8a:b2:5f:94:a8:92:80:7b:c4:d3:30:27:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a3cf9919a2c8146c96f5a14b157459b794b6a2e
Validity
Not Before: Mar 29 08:00:41 2026 GMT
Not After : Mar 30 08:00:41 2026 GMT
Subject: CN=040ccbb0345aa48e9305557c15e21fae27a62afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ad:ad:d9:e2:e4:88:1b:96:22:dd:8b:fc:e9:
3b:6a:88:97:75:91:6d:ba:f3:47:62:d2:bf:b7:a7:
25:f5:64:2e:b0:70:42:0f:17:a9:cb:4d:89:f9:1b:
6e:13:bc:32:5c:86:04:b9:02:ac:bc:73:57:cd:fe:
94:52:53:68:af:49:3b:ce:ee:a9:1a:4c:4a:f8:25:
4a:ae:e4:9a:34:c5:51:68:f3:cc:80:f6:8a:04:0a:
5a:bb:33:c1:a6:2c:3c:d2:ed:a9:54:75:b6:9c:0c:
39:3c:da:51:87:27:bf:e8:3d:ba:ad:38:b7:72:8a:
54:d1:7f:7c:f3:4c:c1:9b:fb:ff:ab:fe:98:a5:f8:
3e:9b:f8:25:4e:6f:e4:6d:f7:9c:08:13:a1:61:97:
df:ce:70:b5:81:71:1e:e7:64:32:a4:14:72:c4:76:
cc:d4:08:21:db:d9:72:3f:64:bb:71:45:78:bd:71:
97:25:c7:1d:1c:1c:90:a8:fb:65:2a:87:a8:26:92:
98:97:94:d4:32:b3:c7:e0:b6:4f:e5:be:cb:6a:f8:
73:19:00:16:8e:99:ac:25:3c:ca:05:cd:29:f6:37:
b0:c9:d5:60:16:11:a5:55:21:07:f2:0d:3a:8e:ed:
08:da:52:82:52:da:74:9d:50:f2:a4:12:8e:c0:96:
8b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:0C:CB:B0:34:5A:A4:8E:93:05:55:7C:15:E2:1F:AE:27:A6:2A:FA
X509v3 Authority Key Identifier:
keyid:3A:3C:F9:91:9A:2C:81:46:C9:6F:5A:14:B1:57:45:9B:79:4B:6A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ojz5kZosgUbJb1oUsVdFm3lLai4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:c4:1c:3e:dd:f1:2b:bc:8d:97:41:1c:fc:9f:50:b0:80:21:
56:a0:13:af:6c:5c:54:86:08:8a:9d:e4:8f:df:f6:a6:4f:3f:
c4:ce:5c:64:7e:ac:5e:1a:5c:a3:7a:87:5b:d6:b4:b8:d4:68:
c5:3f:9c:d1:2f:3f:54:db:d7:c1:d4:c8:d5:99:12:0e:74:d1:
e2:30:db:81:34:dd:a0:d8:f8:90:01:37:e6:27:e4:ca:82:50:
13:6d:98:16:4c:6e:17:ff:2f:44:43:09:7d:8d:15:bb:cf:e3:
86:35:32:ef:42:0d:75:bb:ca:d8:67:1b:2f:29:3d:77:84:62:
ad:50:f5:55:6f:77:65:d5:73:0e:5e:5e:7a:00:cf:82:99:f9:
b2:b8:33:1e:e2:a8:e9:a3:5f:a5:58:b7:3f:59:5d:ab:03:0b:
40:af:da:a3:9a:e3:e3:b2:a4:0e:04:36:c8:fd:1e:4e:97:28:
a1:9f:c8:e6:41:90:ce:fa:18:a1:c4:bd:ba:00:6a:85:0a:4c:
9d:6e:f5:e1:da:37:fd:1d:8a:97:3a:1c:22:e2:94:c8:81:9b:
1a:f8:fc:17:28:5a:18:f0:42:db:b6:f9:79:00:2f:51:8d:da:
f9:f6:88:a5:d3:27:47:1e:7b:bb:3f:57:85:48:4a:c1:fc:c8:
73:1a:01:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nAKKsl+UqJKAe8TTMCfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhM2NmOTkxOWEyYzgxNDZjOTZmNWExNGIxNTc0NTliNzk0
YjZhMmUwHhcNMjYwMzI5MDgwMDQxWhcNMjYwMzMwMDgwMDQxWjAzMTEwLwYDVQQD
EygwNDBjY2JiMDM0NWFhNDhlOTMwNTU1N2MxNWUyMWZhZTI3YTYyYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2K2t2eLkiBuWIt2L/Ok7aoiXdZFt
uvNHYtK/t6cl9WQusHBCDxepy02J+RtuE7wyXIYEuQKsvHNXzf6UUlNor0k7zu6p
GkxK+CVKruSaNMVRaPPMgPaKBApauzPBpiw80u2pVHW2nAw5PNpRhye/6D26rTi3
copU0X9880zBm/v/q/6Ypfg+m/glTm/kbfecCBOhYZffznC1gXEe52QypBRyxHbM
1Agh29lyP2S7cUV4vXGXJccdHByQqPtlKoeoJpKYl5TUMrPH4LZP5b7LavhzGQAW
jpmsJTzKBc0p9jewydVgFhGlVSEH8g06ju0I2lKCUtp0nVDypBKOwJaL8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQMy7A0WqSOkwVVfBXiH64npir6MB8GA1UdIwQY
MBaAFDo8+ZGaLIFGyW9aFLFXRZt5S2ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2p6NWtab3NnVWJKYjFvVXNWZEZtM2xMYWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85ZWE0OWEtY2Y2Ny00NjZhLWFiNWMt
NzBjYmY1MTQ5YTVhLzEvT2p6NWtab3NnVWJKYjFvVXNWZEZtM2xMYWk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85ZWE0OWEtY2Y2Ny00NjZhLWFiNWMtNzBjYmY1MTQ5YTVh
LzEvT2p6NWtab3NnVWJKYjFvVXNWZEZtM2xMYWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArcQcPt3x
K7yNl0Ec/J9QsIAhVqATr2xcVIYIip3kj9/2pk8/xM5cZH6sXhpco3qHW9a0uNRo
xT+c0S8/VNvXwdTI1ZkSDnTR4jDbgTTdoNj4kAE35ifkyoJQE22YFkxuF/8vREMJ
fY0Vu8/jhjUy70INdbvK2GcbLyk9d4RirVD1VW93ZdVzDl5eegDPgpn5srgzHuKo
6aNfpVi3P1ldqwMLQK/ao5rj47KkDgQ2yP0eTpcooZ/I5kGQzvoYocS9ugBqhQpM
nW714do3/R2KlzocIuKUyIGbGvj8FyhaGPBC27b5eQAvUY3a+faIpdMnRx57uz9X
hUhKwfzIcxoB4w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:06:50 2026 by rpki-client