Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.mft
File: OXbmqwhMnu7ehuKva95yFSdLlac.mft (raw, json)
Hash identifier: px/88lMvCM6ery7T2c5BSB9ONnmYgu/DqfIoKgbf72w=
Subject key identifier: D8:C1:10:BC:93:47:94:B0:49:F0:23:7C:99:EA:79:28:C7:54:66:DE
Authority key identifier: 39:76:E6:AB:08:4C:9E:EE:DE:86:E2:AF:6B:DE:72:15:27:4B:95:A7
Certificate issuer: /CN=3976e6ab084c9eeede86e2af6bde7215274b95a7
Certificate serial: 019D38D3C38DFAD19E5E2132C560E20CECA0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.mft
Manifest number: 188E
Signing time: Sun 29 Mar 2026 09:01:35 +0000
Manifest this update: Sun 29 Mar 2026 09:01:35 +0000
Manifest next update: Mon 30 Mar 2026 09:01:35 +0000
Files and hashes: 1: 5W8H3hdhAkKM671WDMnpy7cCJuY.roa (hash: NKgi04O8geWs7LDTxcDB8TiJxs4zQ7+9gL3r7rWfDxU=)
2: OXbmqwhMnu7ehuKva95yFSdLlac.crl (hash: 9tDTPaTJ3nFl8+jSDRvX3Bibi8I17xfLZkEGGH/Swlk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:c3:8d:fa:d1:9e:5e:21:32:c5:60:e2:0c:ec:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3976e6ab084c9eeede86e2af6bde7215274b95a7
Validity
Not Before: Mar 29 09:01:35 2026 GMT
Not After : Mar 30 09:01:35 2026 GMT
Subject: CN=d8c110bc934794b049f0237c99ea7928c75466de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b0:03:c7:2d:60:3b:b3:3c:60:c8:f4:f2:b4:
7a:a8:20:90:44:5c:5c:b8:09:15:a8:1b:99:95:b2:
bd:3d:37:9b:c2:08:2d:33:fb:3f:18:6e:9d:1e:1f:
20:ce:fa:17:83:e0:e2:b0:92:b0:61:ef:4c:29:87:
c7:c7:8b:92:53:0c:4d:84:39:0f:08:d5:af:4d:21:
f8:d1:c8:36:39:8a:f5:66:3d:50:70:ea:bd:cd:41:
bb:2e:2b:6d:9f:b0:00:1d:2b:9c:95:d5:37:f2:65:
2e:cd:44:83:46:df:03:5e:e4:9c:90:70:de:04:2c:
d3:94:84:db:7b:c0:ec:3d:b1:78:4d:15:07:3e:70:
9d:7f:23:29:de:bb:02:86:94:97:2a:02:d8:d8:1a:
7d:d7:70:fb:4c:c3:83:e4:1b:2a:0e:e7:03:1c:f4:
a9:4e:25:e8:41:87:57:e9:b5:30:09:ad:3c:51:1c:
56:fc:77:74:88:cb:78:6c:86:3d:cd:16:99:52:ac:
d4:50:77:25:84:db:ae:ef:8d:90:05:ff:bd:b3:73:
e9:6e:1d:50:5d:26:24:59:11:35:e6:ae:3c:a0:51:
27:73:2f:53:f1:66:70:1b:45:84:2d:98:e4:33:54:
ae:d4:60:63:f4:78:94:f5:49:7d:15:3d:6c:fd:2e:
28:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:C1:10:BC:93:47:94:B0:49:F0:23:7C:99:EA:79:28:C7:54:66:DE
X509v3 Authority Key Identifier:
keyid:39:76:E6:AB:08:4C:9E:EE:DE:86:E2:AF:6B:DE:72:15:27:4B:95:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:5d:e5:0e:1c:fa:98:f6:2f:c1:ae:55:67:a4:9a:c0:b5:f7:
5f:b8:be:6c:ac:29:09:41:60:58:a0:43:5b:e0:7c:ba:88:23:
27:57:59:02:8c:d4:39:26:9f:58:49:ea:b2:fd:f9:b8:6d:57:
5a:2d:24:ff:94:23:96:ea:5a:db:73:f8:bc:2c:52:30:b1:6b:
3d:1d:d2:c9:ad:44:82:59:5d:b7:05:ed:f7:d0:72:14:51:d1:
ce:cc:8c:f9:ac:cc:98:b2:ca:3a:bb:f7:64:85:9d:aa:63:c0:
59:1b:ea:09:20:4a:06:b3:2d:ef:04:bc:aa:5e:5a:1b:07:2d:
d9:2f:3e:f6:79:4a:41:26:6a:01:87:1c:9b:3f:03:21:fd:fb:
46:10:5d:29:ac:df:0c:97:cb:9c:b7:d5:b9:2c:d6:10:fc:13:
64:74:0a:4e:76:14:57:6e:3d:97:86:3f:f8:dd:25:e6:05:4d:
a3:ef:cc:fb:91:11:67:09:71:09:46:14:99:0d:03:fe:d8:12:
02:39:6f:29:ae:62:53:af:60:2e:eb:19:9e:ff:d6:ee:43:8a:
8a:b8:ca:04:87:18:9b:1f:91:4e:56:cf:8e:d3:64:67:78:c9:
13:87:06:83:e0:ff:5d:86:54:f9:c7:3d:73:d8:e7:09:3b:b4:
02:5c:c3:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0408ON+tGeXiEyxWDiDOygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzZlNmFiMDg0YzllZWVkZTg2ZTJhZjZiZGU3MjE1Mjc0
Yjk1YTcwHhcNMjYwMzI5MDkwMTM1WhcNMjYwMzMwMDkwMTM1WjAzMTEwLwYDVQQD
EyhkOGMxMTBiYzkzNDc5NGIwNDlmMDIzN2M5OWVhNzkyOGM3NTQ2NmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLADxy1gO7M8YMj08rR6qCCQRFxc
uAkVqBuZlbK9PTebwggtM/s/GG6dHh8gzvoXg+DisJKwYe9MKYfHx4uSUwxNhDkP
CNWvTSH40cg2OYr1Zj1QcOq9zUG7Littn7AAHSucldU38mUuzUSDRt8DXuSckHDe
BCzTlITbe8DsPbF4TRUHPnCdfyMp3rsChpSXKgLY2Bp913D7TMOD5BsqDucDHPSp
TiXoQYdX6bUwCa08URxW/Hd0iMt4bIY9zRaZUqzUUHclhNuu742QBf+9s3Ppbh1Q
XSYkWRE15q48oFEncy9T8WZwG0WELZjkM1Su1GBj9HiU9Ul9FT1s/S4o7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjBELyTR5SwSfAjfJnqeSjHVGbeMB8GA1UdIwQY
MBaAFDl25qsITJ7u3obir2vechUnS5WnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hibXF3aE1udTdlaHVLdmE5NXlGU2RMbGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC83MDI5Y2MtZDMzMS00NjA2LTg4OWMt
ZDY2Njc0Y2ZhNDI0LzEvT1hibXF3aE1udTdlaHVLdmE5NXlGU2RMbGFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC83MDI5Y2MtZDMzMS00NjA2LTg4OWMtZDY2Njc0Y2ZhNDI0
LzEvT1hibXF3aE1udTdlaHVLdmE5NXlGU2RMbGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhV3lDhz6
mPYvwa5VZ6SawLX3X7i+bKwpCUFgWKBDW+B8uogjJ1dZAozUOSafWEnqsv35uG1X
Wi0k/5Qjlupa23P4vCxSMLFrPR3Sya1EglldtwXt99ByFFHRzsyM+azMmLLKOrv3
ZIWdqmPAWRvqCSBKBrMt7wS8ql5aGwct2S8+9nlKQSZqAYccmz8DIf37RhBdKazf
DJfLnLfVuSzWEPwTZHQKTnYUV249l4Y/+N0l5gVNo+/M+5ERZwlxCUYUmQ0D/tgS
AjlvKa5iU69gLusZnv/W7kOKirjKBIcYmx+RTlbPjtNkZ3jJE4cGg+D/XYZU+cc9
c9jnCTu0AlzDyg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:14:12 2026 by rpki-client