Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier: tzlaMvI9bediLUHZp9MOleGvjk+Ssn2N2STwcTb/y0M=
Subject key identifier: 6B:36:6B:34:6D:3C:DF:CC:C8:4F:2C:F9:8D:73:85:51:5F:A6:55:AE
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 019F12D3AB473F138095E27C997E1B2C4FD8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number: 11D3
Signing time: Mon 29 Jun 2026 10:01:29 +0000
Manifest this update: Mon 29 Jun 2026 10:01:29 +0000
Manifest next update: Tue 30 Jun 2026 10:01:29 +0000
Files and hashes: 1: RvaTJRlt29ftCtqE0WpwZqGpE9g.roa (hash: StTKZA1GU7wGVFQWDEqlmDXT/zh0mjE1gXIOwpYnhZU=)
2: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: Xfaq/dRm9zX8HiXyHD+uFq2+4+TY9y14HEMnc9Hm4G4=)
3: oTJ_SiNI-sTWNycV04ya44fLP9Q.roa (hash: oQAMQxzLon76LhylB305yCYYWrb8zMDw4+N6NR6rHCY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 10:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:12:d3:ab:47:3f:13:80:95:e2:7c:99:7e:1b:2c:4f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Jun 29 10:01:29 2026 GMT
Not After : Jun 30 10:01:29 2026 GMT
Subject: CN=6b366b346d3cdfccc84f2cf98d7385515fa655ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b0:30:4c:d7:01:48:ea:50:38:59:2b:a3:ae:
30:04:42:e9:d2:68:1f:ad:b8:d0:54:2a:77:99:dd:
89:d8:50:45:07:6f:7a:b0:e2:d0:b6:83:00:bf:c8:
54:92:c5:56:91:1a:d1:2c:db:85:05:0b:4e:84:c1:
8c:a7:84:b8:f6:92:d0:ac:99:c7:88:55:03:e8:ba:
0a:19:2e:e0:9b:ce:27:16:8e:a1:56:cc:be:f7:fd:
96:45:d1:ee:df:93:c5:77:e4:cd:a8:fe:82:26:d2:
93:47:03:82:d6:5e:48:a6:19:45:8d:9c:3b:aa:8f:
f6:6d:d1:38:e4:9e:b0:bc:37:ec:19:75:67:6a:a0:
56:fa:2c:d6:ba:d4:05:3c:16:c1:05:d3:09:45:8a:
67:9a:4d:58:0b:fb:61:a4:7e:e7:64:ea:34:f3:64:
ed:25:8e:e9:df:16:fd:ce:fb:84:69:e9:9a:ea:ad:
ea:0d:97:69:80:75:45:3a:b5:c0:b7:e5:5e:e0:eb:
77:d8:75:36:54:e0:d5:18:93:39:83:d2:b5:a5:05:
32:7a:78:2b:4c:94:57:69:38:0d:1f:a6:62:2b:41:
20:70:a1:a9:22:2c:7d:4a:4c:be:69:51:43:79:b0:
b2:63:ce:dc:ea:58:cc:83:3b:71:2e:a0:1a:16:56:
1f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:36:6B:34:6D:3C:DF:CC:C8:4F:2C:F9:8D:73:85:51:5F:A6:55:AE
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:de:56:e9:a1:d8:6f:ec:28:62:43:70:b7:20:27:aa:d6:2c:
81:42:db:32:62:56:b7:d0:fa:22:29:a4:86:28:10:a3:1a:02:
cd:eb:f2:d5:d9:4b:54:9e:bc:9b:d4:3f:a4:cf:7d:bb:66:f2:
8d:3d:0d:3e:3c:29:07:d7:be:c2:e4:83:9a:b4:c8:9a:a7:ff:
ba:57:c9:fa:03:cf:fb:97:59:55:66:1d:4a:a3:c4:06:b3:1d:
6c:b2:bc:5e:89:dd:89:78:cc:fd:02:68:f0:99:31:c3:ec:ed:
06:96:7f:cd:15:8b:a8:80:27:7c:2f:1c:51:1b:ec:cf:a8:5a:
f5:e2:e4:10:27:99:b1:06:cf:17:14:9a:04:1e:51:6b:4a:2a:
03:6e:90:ae:d6:9f:bf:8a:3c:0b:ed:0c:cd:0a:5f:f4:68:5a:
e7:61:f7:39:97:3b:c6:8a:e8:ea:b8:2a:c8:04:af:7b:0f:44:
6f:fe:46:49:8f:58:98:5c:de:6b:2b:4d:48:34:2a:11:7a:59:
e5:d6:2a:63:18:f4:6a:55:e7:d3:fb:39:9a:f8:91:3f:e9:4c:
1c:fc:a7:2b:05:b0:ef:41:cf:4f:c4:eb:66:37:79:f9:eb:5e:
12:ec:bc:db:f9:17:7e:51:46:0b:97:5c:67:b3:7d:26:ae:76:
83:e9:77:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8S06tHPxOAleJ8mX4bLE/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjYwNjI5MTAwMTI5WhcNMjYwNjMwMTAwMTI5WjAzMTEwLwYDVQQD
Eyg2YjM2NmIzNDZkM2NkZmNjYzg0ZjJjZjk4ZDczODU1MTVmYTY1NWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbAwTNcBSOpQOFkro64wBELp0mgf
rbjQVCp3md2J2FBFB296sOLQtoMAv8hUksVWkRrRLNuFBQtOhMGMp4S49pLQrJnH
iFUD6LoKGS7gm84nFo6hVsy+9/2WRdHu35PFd+TNqP6CJtKTRwOC1l5IphlFjZw7
qo/2bdE45J6wvDfsGXVnaqBW+izWutQFPBbBBdMJRYpnmk1YC/thpH7nZOo082Tt
JY7p3xb9zvuEaema6q3qDZdpgHVFOrXAt+Ve4Ot32HU2VODVGJM5g9K1pQUyengr
TJRXaTgNH6ZiK0EgcKGpIix9Sky+aVFDebCyY87c6ljMgztxLqAaFlYfPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGs2azRtPN/MyE8s+Y1zhVFfplWuMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG95W6aHY
b+woYkNwtyAnqtYsgULbMmJWt9D6IimkhigQoxoCzevy1dlLVJ68m9Q/pM99u2by
jT0NPjwpB9e+wuSDmrTImqf/ulfJ+gPP+5dZVWYdSqPEBrMdbLK8XondiXjM/QJo
8Jkxw+ztBpZ/zRWLqIAnfC8cURvsz6ha9eLkECeZsQbPFxSaBB5Ra0oqA26Qrtaf
v4o8C+0MzQpf9Gha52H3OZc7xoro6rgqyASvew9Eb/5GSY9YmFzeaytNSDQqEXpZ
5dYqYxj0alXn0/s5mviRP+lMHPynKwWw70HPT8TrZjd5+eteEuy82/kXflFGC5dc
Z7N9Jq52g+l3hQ==
-----END CERTIFICATE-----
Generated at Mon Jun 29 18:49:06 2026 by rpki-client