Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/0fbe17-b58c-4ea2-8b32-91f719b5b046/1/oXYKUBSDGdYXKjgg2IipJMCdel8.mft
File: oXYKUBSDGdYXKjgg2IipJMCdel8.mft (raw, json)
Hash identifier: u85iplQgRm+pUeufBGqcPIrHVGctgjk57F+Oi/qOc/4=
Subject key identifier: AA:2D:BF:9B:76:31:7C:58:6C:DF:4F:0C:B4:6F:D7:A1:76:21:29:FC
Authority key identifier: A1:76:0A:50:14:83:19:D6:17:2A:38:20:D8:88:A9:24:C0:9D:7A:5F
Certificate issuer: /CN=a1760a50148319d6172a3820d888a924c09d7a5f
Certificate serial: 019D389BDE3CC33A1A22A0333381B5AD3FCC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oXYKUBSDGdYXKjgg2IipJMCdel8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/0fbe17-b58c-4ea2-8b32-91f719b5b046/1/oXYKUBSDGdYXKjgg2IipJMCdel8.mft
Manifest number: 0148
Signing time: Sun 29 Mar 2026 08:00:32 +0000
Manifest this update: Sun 29 Mar 2026 08:00:32 +0000
Manifest next update: Mon 30 Mar 2026 08:00:32 +0000
Files and hashes: 1: eW52yqvF1GGAE0TXCYsOxEow5Yw.roa (hash: jVx5InVbyJfQ/V5eXsNQ8OqW7VIt2V6pyzq79PNouiw=)
2: oXYKUBSDGdYXKjgg2IipJMCdel8.crl (hash: GryFKfPLaQrJC9wVybnp6xI2SSBMA+obHMnek37dziY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/0fbe17-b58c-4ea2-8b32-91f719b5b046/1/oXYKUBSDGdYXKjgg2IipJMCdel8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/0fbe17-b58c-4ea2-8b32-91f719b5b046/1/oXYKUBSDGdYXKjgg2IipJMCdel8.mft
rsync://rpki.ripe.net/repository/DEFAULT/oXYKUBSDGdYXKjgg2IipJMCdel8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:de:3c:c3:3a:1a:22:a0:33:33:81:b5:ad:3f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1760a50148319d6172a3820d888a924c09d7a5f
Validity
Not Before: Mar 29 08:00:32 2026 GMT
Not After : Mar 30 08:00:32 2026 GMT
Subject: CN=aa2dbf9b76317c586cdf4f0cb46fd7a1762129fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d9:ca:01:10:c1:47:93:04:d4:cf:2f:92:b1:
44:9d:b5:90:b3:bb:77:c9:d7:62:f9:6a:8e:38:5e:
66:a8:bf:df:17:5c:f2:58:e3:3a:02:3b:5a:80:03:
30:c5:db:0f:1c:cc:31:e2:c4:ed:f1:40:17:37:8b:
fe:2c:b5:ee:c3:81:6a:a1:30:89:8c:51:dd:f8:32:
c5:46:69:5b:a8:f7:f6:67:ed:57:a3:b0:bf:49:ad:
7d:53:92:76:87:ec:2b:da:c6:37:1b:5c:ee:9c:67:
7d:50:d6:f5:b3:48:91:f0:a5:cc:0b:59:1b:80:e5:
83:09:f0:86:89:b1:3c:99:a8:d2:d3:38:89:10:40:
fb:e1:3b:5b:0b:8c:51:a4:8d:0d:0e:37:7b:4d:e6:
34:1a:c5:00:fb:5d:fc:70:a7:a2:c1:c0:03:2d:2d:
15:47:03:c7:a4:a2:5a:aa:92:6b:76:35:b3:8f:a9:
f2:9b:d7:b0:e0:0e:97:70:6b:45:01:c1:99:3a:54:
a3:bb:6c:0d:a8:01:c5:10:e6:ff:c1:9b:03:52:c2:
f8:8c:2e:af:4b:f2:22:02:c4:18:60:a0:ad:8b:0f:
a9:e9:05:af:01:96:a5:f5:88:27:83:9e:97:21:8b:
63:25:9c:f7:b1:10:11:a7:f6:1a:9b:b7:36:90:73:
60:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2D:BF:9B:76:31:7C:58:6C:DF:4F:0C:B4:6F:D7:A1:76:21:29:FC
X509v3 Authority Key Identifier:
keyid:A1:76:0A:50:14:83:19:D6:17:2A:38:20:D8:88:A9:24:C0:9D:7A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oXYKUBSDGdYXKjgg2IipJMCdel8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/0fbe17-b58c-4ea2-8b32-91f719b5b046/1/oXYKUBSDGdYXKjgg2IipJMCdel8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/0fbe17-b58c-4ea2-8b32-91f719b5b046/1/oXYKUBSDGdYXKjgg2IipJMCdel8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:4b:b2:c3:2d:38:6f:df:cc:22:09:fc:18:3f:4a:3d:23:5f:
d3:fa:93:3a:ce:64:84:05:00:6d:4c:10:63:4b:07:d9:1e:c8:
53:e3:33:90:28:1f:ba:10:fc:76:e0:b2:73:27:e7:cc:73:2a:
ad:6d:f7:9e:94:97:a4:7e:a9:87:30:75:23:d0:7d:6f:35:c5:
16:d5:ce:2b:a6:6c:20:0b:d1:68:7b:2f:97:9b:f8:4b:08:21:
d5:c1:e2:6c:58:76:d9:3f:e8:7a:8d:7a:69:37:fd:20:b8:14:
ad:05:62:5d:d4:ed:70:0b:cd:1d:b6:a1:12:a8:50:01:a9:35:
b7:0b:df:14:08:13:c2:30:c7:d6:83:6a:8b:83:c0:9f:d8:61:
17:90:4d:9b:0c:b7:a2:c2:69:64:04:37:1f:4c:e5:25:33:b0:
26:d4:cd:91:f1:95:f7:ee:d4:c8:e1:e4:eb:aa:74:bb:3c:aa:
f9:c6:ef:51:52:ef:d6:fd:0f:cb:2d:bf:ad:ff:97:96:e5:46:
3b:38:70:dc:16:71:3c:26:60:65:3d:17:5a:80:8c:0e:fe:d1:
de:e2:40:43:47:2f:11:4c:4d:bb:76:7b:08:9b:14:1d:a9:ff:
db:0d:c7:ec:a4:f0:52:0c:9e:e4:06:b9:87:cd:fe:3f:ed:50:
ed:a1:42:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m948wzoaIqAzM4G1rT/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNzYwYTUwMTQ4MzE5ZDYxNzJhMzgyMGQ4ODhhOTI0YzA5
ZDdhNWYwHhcNMjYwMzI5MDgwMDMyWhcNMjYwMzMwMDgwMDMyWjAzMTEwLwYDVQQD
EyhhYTJkYmY5Yjc2MzE3YzU4NmNkZjRmMGNiNDZmZDdhMTc2MjEyOWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9nKARDBR5ME1M8vkrFEnbWQs7t3
yddi+WqOOF5mqL/fF1zyWOM6AjtagAMwxdsPHMwx4sTt8UAXN4v+LLXuw4FqoTCJ
jFHd+DLFRmlbqPf2Z+1Xo7C/Sa19U5J2h+wr2sY3G1zunGd9UNb1s0iR8KXMC1kb
gOWDCfCGibE8majS0ziJEED74TtbC4xRpI0NDjd7TeY0GsUA+138cKeiwcADLS0V
RwPHpKJaqpJrdjWzj6nym9ew4A6XcGtFAcGZOlSju2wNqAHFEOb/wZsDUsL4jC6v
S/IiAsQYYKCtiw+p6QWvAZal9Ygng56XIYtjJZz3sRARp/Yam7c2kHNg4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKotv5t2MXxYbN9PDLRv16F2ISn8MB8GA1UdIwQY
MBaAFKF2ClAUgxnWFyo4INiIqSTAnXpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1hZS1VCU0RHZFlYS2pnZzJJaXBKTUNkZWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8wZmJlMTctYjU4Yy00ZWEyLThiMzIt
OTFmNzE5YjViMDQ2LzEvb1hZS1VCU0RHZFlYS2pnZzJJaXBKTUNkZWw4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8wZmJlMTctYjU4Yy00ZWEyLThiMzItOTFmNzE5YjViMDQ2
LzEvb1hZS1VCU0RHZFlYS2pnZzJJaXBKTUNkZWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR0uywy04
b9/MIgn8GD9KPSNf0/qTOs5khAUAbUwQY0sH2R7IU+MzkCgfuhD8duCycyfnzHMq
rW33npSXpH6phzB1I9B9bzXFFtXOK6ZsIAvRaHsvl5v4Swgh1cHibFh22T/oeo16
aTf9ILgUrQViXdTtcAvNHbahEqhQAak1twvfFAgTwjDH1oNqi4PAn9hhF5BNmwy3
osJpZAQ3H0zlJTOwJtTNkfGV9+7UyOHk66p0uzyq+cbvUVLv1v0Pyy2/rf+XluVG
Ozhw3BZxPCZgZT0XWoCMDv7R3uJAQ0cvEUxNu3Z7CJsUHan/2w3H7KTwUgye5Aa5
h83+P+1Q7aFCnA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:06:35 2026 by rpki-client