Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier: AKtd11ywMQEG7nkyibrzFP+H4uR+Om/Td3b6mmaoTc8=
Subject key identifier: A0:CF:D7:AB:F9:2E:E5:4F:0D:49:89:59:C8:B4:4E:B5:3C:98:E6:C7
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 019D31F5925589A267433092A3B2591DED76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number: 10DA
Signing time: Sat 28 Mar 2026 01:01:10 +0000
Manifest this update: Sat 28 Mar 2026 01:01:10 +0000
Manifest next update: Sun 29 Mar 2026 01:01:10 +0000
Files and hashes: 1: RvaTJRlt29ftCtqE0WpwZqGpE9g.roa (hash: StTKZA1GU7wGVFQWDEqlmDXT/zh0mjE1gXIOwpYnhZU=)
2: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: c+rUmVXB++48zJVOmIIxzqQxVDmEJTKF5alFar14zkg=)
3: oTJ_SiNI-sTWNycV04ya44fLP9Q.roa (hash: oQAMQxzLon76LhylB305yCYYWrb8zMDw4+N6NR6rHCY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:31:f5:92:55:89:a2:67:43:30:92:a3:b2:59:1d:ed:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Mar 28 01:01:10 2026 GMT
Not After : Mar 29 01:01:10 2026 GMT
Subject: CN=a0cfd7abf92ee54f0d498959c8b44eb53c98e6c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:4c:22:0e:b3:06:5a:6e:8d:b2:a5:90:a9:df:
cf:50:15:d0:56:a5:be:96:99:93:eb:dd:07:e9:63:
5f:87:52:5c:24:d7:11:f7:c6:fa:f7:4c:83:94:26:
bd:59:2f:6b:27:b6:c9:d6:32:08:30:45:0c:39:e0:
9b:2e:a1:b4:60:9a:98:17:19:f7:de:b7:ea:40:e4:
b9:13:39:4a:4f:38:cb:56:c8:d6:cb:36:6e:af:10:
7a:89:22:17:ff:1e:cf:3a:39:c2:ea:65:1b:e1:39:
59:eb:e3:bf:44:d4:47:8e:5e:b1:06:c6:7d:0d:57:
23:67:16:0b:f6:9f:66:ee:d7:b9:9a:7b:bb:34:f6:
b7:3e:22:68:39:bf:1b:c2:80:14:06:0d:46:63:69:
ea:9d:92:83:15:0b:92:8a:ae:c7:93:94:82:f0:c3:
db:33:e3:3c:65:e2:4b:03:95:9a:55:50:44:1f:a0:
4c:a5:ec:95:67:e6:f0:63:29:5b:78:9f:c2:8d:1e:
44:ba:2c:99:35:0d:09:86:6e:59:d7:f5:0b:37:62:
d9:f0:da:f3:72:89:ed:c7:e4:16:56:b1:8c:0f:9b:
a9:c9:00:0b:e9:df:a3:ff:4b:86:9c:c9:f0:2f:21:
96:3f:2f:e6:f7:ef:94:9c:e2:f6:ae:cb:c7:14:19:
6b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:CF:D7:AB:F9:2E:E5:4F:0D:49:89:59:C8:B4:4E:B5:3C:98:E6:C7
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:d8:82:54:fe:b6:95:58:81:40:b9:6f:7c:ef:73:5f:25:f6:
c0:dd:fa:f0:66:1a:46:60:2a:2d:12:12:12:1b:d3:57:88:ce:
74:8c:39:2f:3c:cc:00:3c:9b:1d:b9:54:84:cf:4e:b9:be:c5:
f8:a8:8e:b2:b5:33:9d:d3:da:04:39:08:f0:58:ec:57:a0:c5:
a2:cb:9e:06:ea:9f:30:a8:4c:a9:8f:09:e9:fb:8b:ce:25:3b:
91:41:ba:78:61:b4:3b:30:50:86:10:78:c1:9e:1e:71:13:92:
6a:f9:09:52:bf:d9:36:11:2f:4f:2a:69:43:13:0d:f9:cb:12:
69:74:b7:ce:cd:aa:33:d2:14:12:f9:23:76:4c:76:a2:07:2c:
fe:31:bc:75:67:bf:87:9c:81:00:94:11:7a:4a:d2:9f:83:ec:
16:20:d6:c7:b3:84:33:0b:61:25:c8:26:03:69:96:d6:a4:0d:
e0:c4:08:cc:0f:1b:dd:4e:f8:fe:20:45:c5:4c:60:41:e8:40:
74:55:18:a1:38:98:ae:1a:ca:a9:4c:90:54:87:b1:e2:5f:fb:
1a:90:9d:74:9c:54:bf:e4:1d:22:e7:95:c7:bd:1f:bb:39:04:
66:96:f8:fa:c8:6a:92:61:7e:b7:ba:ba:46:29:f1:d6:f8:c4:
8a:b2:ef:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0x9ZJViaJnQzCSo7JZHe12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjYwMzI4MDEwMTEwWhcNMjYwMzI5MDEwMTEwWjAzMTEwLwYDVQQD
EyhhMGNmZDdhYmY5MmVlNTRmMGQ0OTg5NTljOGI0NGViNTNjOThlNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UwiDrMGWm6NsqWQqd/PUBXQVqW+
lpmT690H6WNfh1JcJNcR98b690yDlCa9WS9rJ7bJ1jIIMEUMOeCbLqG0YJqYFxn3
3rfqQOS5EzlKTzjLVsjWyzZurxB6iSIX/x7POjnC6mUb4TlZ6+O/RNRHjl6xBsZ9
DVcjZxYL9p9m7te5mnu7NPa3PiJoOb8bwoAUBg1GY2nqnZKDFQuSiq7Hk5SC8MPb
M+M8ZeJLA5WaVVBEH6BMpeyVZ+bwYylbeJ/CjR5EuiyZNQ0Jhm5Z1/ULN2LZ8Nrz
contx+QWVrGMD5upyQAL6d+j/0uGnMnwLyGWPy/m9++UnOL2rsvHFBlrVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKDP16v5LuVPDUmJWci0TrU8mObHMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASdiCVP62
lViBQLlvfO9zXyX2wN368GYaRmAqLRISEhvTV4jOdIw5LzzMADybHblUhM9Oub7F
+KiOsrUzndPaBDkI8FjsV6DFosueBuqfMKhMqY8J6fuLziU7kUG6eGG0OzBQhhB4
wZ4ecROSavkJUr/ZNhEvTyppQxMN+csSaXS3zs2qM9IUEvkjdkx2ogcs/jG8dWe/
h5yBAJQRekrSn4PsFiDWx7OEMwthJcgmA2mW1qQN4MQIzA8b3U74/iBFxUxgQehA
dFUYoTiYrhrKqUyQVIex4l/7GpCddJxUv+QdIueVx70fuzkEZpb4+shqkmF+t7q6
Rinx1vjEirLv2A==
-----END CERTIFICATE-----
Generated at Sat Mar 28 04:45:49 2026 by rpki-client