Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft
File: OpNtLymObP1WYEVz0e-eDoKZtSk.mft (raw, json)
Hash identifier: kdXyvtJxJmbigb24zXY6XeHMhUCQs6IS1hB3l5lyhWs=
Subject key identifier: A9:C0:2D:8C:4F:0A:F0:2E:46:EA:63:33:79:C3:8D:F8:24:43:A4:42
Authority key identifier: 3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29
Certificate issuer: /CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
Certificate serial: 019DD19AB0FAED3D6D1E14ADA3C63C76733D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft
Manifest number: 11A3
Signing time: Tue 28 Apr 2026 01:01:09 +0000
Manifest this update: Tue 28 Apr 2026 01:01:09 +0000
Manifest next update: Wed 29 Apr 2026 01:01:09 +0000
Files and hashes: 1: OpNtLymObP1WYEVz0e-eDoKZtSk.crl (hash: 1tn2ZHymTpUfyebvB5jvzrXzyFglP5HcIWLIaGUuH+g=)
2: e4qPjYtVZNjFgNgoQb6aifisJTs.roa (hash: 1M+oNLSG3cS6v1C1UyKbtqc0oXSkYgVWMgvB/761VUE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 01:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d1:9a:b0:fa:ed:3d:6d:1e:14:ad:a3:c6:3c:76:73:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
Validity
Not Before: Apr 28 01:01:09 2026 GMT
Not After : Apr 29 01:01:09 2026 GMT
Subject: CN=a9c02d8c4f0af02e46ea633379c38df82443a442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ef:e5:ae:14:b2:22:b3:73:51:0a:f2:8f:93:
fb:6d:e0:15:c9:0a:d3:26:61:ac:a0:d8:39:51:c8:
4e:1e:8f:e6:99:fd:9c:c5:b6:93:55:ca:8b:a7:d2:
c1:5e:15:04:88:17:c3:26:9c:88:94:d5:ba:b7:c7:
c8:d7:72:85:99:18:91:b7:bb:a1:c8:0c:5e:c4:3c:
e8:32:62:c4:fb:a3:06:17:4b:d6:54:b2:a0:07:a1:
0a:55:03:fb:39:08:80:ba:1e:13:06:09:ad:33:f6:
a5:b8:36:1e:a6:b4:be:99:8e:aa:a0:a0:d6:8b:56:
27:53:cf:49:81:a6:b0:f3:31:ea:06:79:65:3a:a5:
1b:0a:17:8b:86:02:2b:ff:3f:dd:bc:32:fd:7b:47:
01:6c:70:6f:90:b5:5e:bd:5a:ea:a1:61:97:d4:e5:
8d:c4:04:66:54:72:ab:bb:ec:52:fa:23:4a:21:3b:
0b:12:71:f2:05:19:c7:84:56:a5:81:2b:8f:22:16:
68:84:2c:a8:0e:42:dc:da:8e:75:ce:77:dd:5d:3a:
ce:4d:c9:f7:5c:f0:8f:21:3b:b4:94:de:8a:14:73:
4b:ea:48:96:1e:66:b8:78:33:00:f1:56:71:f2:77:
83:9f:22:c3:32:cd:28:a4:02:02:11:60:3a:f6:b0:
87:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C0:2D:8C:4F:0A:F0:2E:46:EA:63:33:79:C3:8D:F8:24:43:A4:42
X509v3 Authority Key Identifier:
keyid:3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:0d:9d:69:ed:a1:31:9f:c1:60:1c:ab:4f:fc:89:c5:36:7d:
a3:2b:e3:9e:16:f8:73:d3:5b:b9:08:9a:c7:68:34:c6:76:52:
f6:7e:d5:c2:02:44:56:84:87:36:f5:eb:ca:1b:90:27:e9:73:
02:d9:48:8d:b5:ea:49:72:93:3e:14:2e:0d:b9:02:53:f8:51:
24:b8:40:03:21:40:49:9c:a6:16:69:20:5d:f4:e0:5a:32:5f:
e6:98:47:a9:6d:af:03:44:7c:32:35:d5:89:cd:14:0d:a4:40:
17:b0:44:92:2e:20:6c:8e:0b:15:dd:d3:c6:00:b9:b0:97:40:
bb:f7:b5:5e:31:27:49:81:bd:62:92:8b:a2:31:23:54:bb:10:
28:52:52:76:cb:fb:49:e5:1d:6b:e0:48:99:9e:0e:59:60:a0:
b7:69:b9:48:b6:03:0c:56:e7:8d:f3:fe:99:51:c4:ab:b0:49:
98:8b:f5:d9:31:e2:7e:d5:1a:c8:db:a7:27:c0:ba:35:d1:3a:
30:0c:09:e9:bd:75:47:ef:3e:80:73:9d:7f:da:3f:ce:1a:f5:
ea:46:e1:b9:40:67:41:3c:6f:97:4a:eb:72:ce:85:ac:55:e0:
96:f8:77:4b:2f:09:6e:37:6f:dd:2e:f1:bf:17:de:6c:5a:d6:
f4:3b:09:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3RmrD67T1tHhSto8Y8dnM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTM2ZDJmMjk4ZTZjZmQ1NjYwNDU3M2QxZWY5ZTBlODI5
OWI1MjkwHhcNMjYwNDI4MDEwMTA5WhcNMjYwNDI5MDEwMTA5WjAzMTEwLwYDVQQD
EyhhOWMwMmQ4YzRmMGFmMDJlNDZlYTYzMzM3OWMzOGRmODI0NDNhNDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5e/lrhSyIrNzUQryj5P7beAVyQrT
JmGsoNg5UchOHo/mmf2cxbaTVcqLp9LBXhUEiBfDJpyIlNW6t8fI13KFmRiRt7uh
yAxexDzoMmLE+6MGF0vWVLKgB6EKVQP7OQiAuh4TBgmtM/aluDYeprS+mY6qoKDW
i1YnU89Jgaaw8zHqBnllOqUbCheLhgIr/z/dvDL9e0cBbHBvkLVevVrqoWGX1OWN
xARmVHKru+xS+iNKITsLEnHyBRnHhFalgSuPIhZohCyoDkLc2o51znfdXTrOTcn3
XPCPITu0lN6KFHNL6kiWHma4eDMA8VZx8neDnyLDMs0opAICEWA69rCHxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKnALYxPCvAuRupjM3nDjfgkQ6RCMB8GA1UdIwQY
MBaAFDqTbS8pjmz9VmBFc9Hvng6CmbUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQt
YjVmOGVjMGFhZDdjLzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQtYjVmOGVjMGFhZDdj
LzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVw2dae2h
MZ/BYByrT/yJxTZ9oyvjnhb4c9NbuQiax2g0xnZS9n7VwgJEVoSHNvXryhuQJ+lz
AtlIjbXqSXKTPhQuDbkCU/hRJLhAAyFASZymFmkgXfTgWjJf5phHqW2vA0R8MjXV
ic0UDaRAF7BEki4gbI4LFd3TxgC5sJdAu/e1XjEnSYG9YpKLojEjVLsQKFJSdsv7
SeUda+BImZ4OWWCgt2m5SLYDDFbnjfP+mVHEq7BJmIv12THiftUayNunJ8C6NdE6
MAwJ6b11R+8+gHOdf9o/zhr16kbhuUBnQTxvl0rrcs6FrFXglvh3Sy8Jbjdv3S7x
vxfebFrW9DsJ2A==
-----END CERTIFICATE-----
Generated at Tue Apr 28 08:27:06 2026 by rpki-client