Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.mft
File: O33D0CKCjk9bNr3vehiwuwz7rgk.mft (raw, json)
Hash identifier: AfPDMcv5D6uRtRW54gdF0kbUtPmOFMJUzH7ApMQm/78=
Subject key identifier: 98:EE:C1:E3:9F:98:FE:4F:A6:79:5D:6F:4E:F7:EB:28:1D:D8:2F:A9
Authority key identifier: 3B:7D:C3:D0:22:82:8E:4F:5B:36:BD:EF:7A:18:B0:BB:0C:FB:AE:09
Certificate issuer: /CN=3b7dc3d022828e4f5b36bdef7a18b0bb0cfbae09
Certificate serial: 019D390A058BCB0BEF95C3D3F438E1704C77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.mft
Manifest number: 10A4
Signing time: Sun 29 Mar 2026 10:00:51 +0000
Manifest this update: Sun 29 Mar 2026 10:00:51 +0000
Manifest next update: Mon 30 Mar 2026 10:00:51 +0000
Files and hashes: 1: CJjsxGugLLvFbEHWxKghiGCE6lc.roa (hash: cOhc+r4MNkPP5359GE1QtRWPIxNlJ+rMixUIriIgwqM=)
2: O33D0CKCjk9bNr3vehiwuwz7rgk.crl (hash: TK8YKS5iEgdG6ZKZkILoIghjxz9Sar0HkW3TiQGP+Ng=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:05:8b:cb:0b:ef:95:c3:d3:f4:38:e1:70:4c:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7dc3d022828e4f5b36bdef7a18b0bb0cfbae09
Validity
Not Before: Mar 29 10:00:51 2026 GMT
Not After : Mar 30 10:00:51 2026 GMT
Subject: CN=98eec1e39f98fe4fa6795d6f4ef7eb281dd82fa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a4:ba:a8:5a:f7:69:ab:40:40:ab:76:95:d6:
64:3c:8b:4a:43:a2:74:88:d9:92:ec:b1:df:5c:f1:
3f:c0:50:ee:a1:c2:21:2c:69:a6:22:e1:0e:a6:a2:
2b:5f:1b:c1:72:16:c3:14:bf:26:d2:71:da:1b:07:
03:54:03:31:c0:8e:66:e3:27:b0:9f:ac:7f:51:cb:
8a:07:3d:e5:6a:f2:6b:ec:c6:0f:72:9b:52:0e:cc:
8d:b1:71:2f:18:62:b6:5f:f5:6e:e6:4e:e1:fc:06:
84:4f:03:e7:53:d8:44:4d:0d:6c:ce:f3:90:99:83:
51:7d:41:99:11:1d:6d:2f:02:c3:c5:a2:52:b8:4b:
7c:bf:a2:75:59:de:5c:27:71:fa:f4:b0:6a:30:70:
14:9a:c0:6c:90:b3:2c:58:e7:1a:f5:a8:92:38:9a:
1d:ea:14:a0:35:92:a1:4a:9c:f8:91:02:63:ad:fb:
67:f1:b6:14:1c:88:6a:bc:13:5e:67:1c:dc:a2:be:
a7:94:cb:8c:da:57:8c:9c:61:2b:45:3e:34:81:ee:
24:94:49:9c:47:b4:12:72:97:bf:89:e6:91:07:54:
2e:7c:71:2b:0b:87:de:e0:cc:f5:87:42:28:8b:5f:
f0:9d:f2:c5:c6:96:8e:5f:4a:74:28:45:6a:e9:2d:
fc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:EE:C1:E3:9F:98:FE:4F:A6:79:5D:6F:4E:F7:EB:28:1D:D8:2F:A9
X509v3 Authority Key Identifier:
keyid:3B:7D:C3:D0:22:82:8E:4F:5B:36:BD:EF:7A:18:B0:BB:0C:FB:AE:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:08:74:76:6c:01:d3:ac:bc:49:a3:ab:46:3a:01:c4:c4:36:
a6:b7:88:4f:b0:dc:e9:15:df:1c:97:97:b4:0c:d4:db:f6:00:
a2:00:03:69:84:ff:55:1e:75:57:b1:86:c2:12:82:17:0d:b9:
31:c1:b1:60:be:7b:37:0b:be:e0:59:62:6b:da:77:50:4d:61:
d7:ef:6a:89:9f:81:78:6a:75:ad:57:e1:db:73:44:5c:38:d2:
6d:35:67:8a:66:4c:28:5b:45:09:2d:08:ef:e9:9d:4d:40:c6:
4a:0f:b0:b6:b9:c9:e5:6f:ff:81:13:4b:21:25:c5:cf:a6:d7:
57:68:ca:3c:1b:21:fd:62:fa:0c:1b:bf:15:bf:5d:6d:84:04:
9c:b8:9b:66:9f:c6:2d:23:69:c5:46:8f:3a:20:2e:f2:cf:0a:
9b:f3:c5:84:7c:b3:51:5d:45:b0:48:19:c4:64:53:a8:d5:8d:
9d:b0:92:a4:fb:02:0e:e6:f0:30:c6:ec:49:8b:2c:5b:6d:27:
ee:5b:72:56:41:7c:fd:02:2d:9c:ed:72:8a:ef:37:52:9c:53:
f3:3b:dd:a7:79:16:60:07:d9:ae:d6:cc:0d:04:77:5a:40:10:
21:2e:01:3b:c7:69:ff:55:7a:3a:b4:c1:eb:d4:7e:d1:b0:2e:
89:3d:47:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CgWLywvvlcPT9DjhcEx3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2RjM2QwMjI4MjhlNGY1YjM2YmRlZjdhMThiMGJiMGNm
YmFlMDkwHhcNMjYwMzI5MTAwMDUxWhcNMjYwMzMwMTAwMDUxWjAzMTEwLwYDVQQD
Eyg5OGVlYzFlMzlmOThmZTRmYTY3OTVkNmY0ZWY3ZWIyODFkZDgyZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKS6qFr3aatAQKt2ldZkPItKQ6J0
iNmS7LHfXPE/wFDuocIhLGmmIuEOpqIrXxvBchbDFL8m0nHaGwcDVAMxwI5m4yew
n6x/UcuKBz3lavJr7MYPcptSDsyNsXEvGGK2X/Vu5k7h/AaETwPnU9hETQ1szvOQ
mYNRfUGZER1tLwLDxaJSuEt8v6J1Wd5cJ3H69LBqMHAUmsBskLMsWOca9aiSOJod
6hSgNZKhSpz4kQJjrftn8bYUHIhqvBNeZxzcor6nlMuM2leMnGErRT40ge4klEmc
R7QScpe/ieaRB1QufHErC4fe4Mz1h0Ioi1/wnfLFxpaOX0p0KEVq6S38cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjuweOfmP5Ppnldb0736ygd2C+pMB8GA1UdIwQY
MBaAFDt9w9Aigo5PWza973oYsLsM+64JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80ZWYwMmMtOGY4ZC00NmUzLThkMGIt
NzE5NDhlM2M5YWQ0LzEvTzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80ZWYwMmMtOGY4ZC00NmUzLThkMGItNzE5NDhlM2M5YWQ0
LzEvTzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUwh0dmwB
06y8SaOrRjoBxMQ2preIT7Dc6RXfHJeXtAzU2/YAogADaYT/VR51V7GGwhKCFw25
McGxYL57Nwu+4Flia9p3UE1h1+9qiZ+BeGp1rVfh23NEXDjSbTVnimZMKFtFCS0I
7+mdTUDGSg+wtrnJ5W//gRNLISXFz6bXV2jKPBsh/WL6DBu/Fb9dbYQEnLibZp/G
LSNpxUaPOiAu8s8Km/PFhHyzUV1FsEgZxGRTqNWNnbCSpPsCDubwMMbsSYssW20n
7ltyVkF8/QItnO1yiu83UpxT8zvdp3kWYAfZrtbMDQR3WkAQIS4BO8dp/1V6OrTB
69R+0bAuiT1HaA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:46:18 2026 by rpki-client