Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft
File: OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft (raw, json)
Hash identifier: CYpqR8psRf4GIMixltx7pJQNyTxOmKXBCrdG8dUyeFI=
Subject key identifier: E0:CF:C8:E7:49:F6:E9:B0:1E:B1:CF:8D:58:0D:2E:EA:A3:A3:3B:3A
Authority key identifier: 38:72:8E:9B:D3:73:99:DF:9F:FA:E5:87:BD:06:88:4B:35:0A:65:B7
Certificate issuer: /CN=38728e9bd37399df9ffae587bd06884b350a65b7
Certificate serial: 019DCF3E391957069FFD524E8267871AE0FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft
Manifest number: 17C8
Signing time: Mon 27 Apr 2026 14:00:54 +0000
Manifest this update: Mon 27 Apr 2026 14:00:54 +0000
Manifest next update: Tue 28 Apr 2026 14:00:54 +0000
Files and hashes: 1: AfDUmyK_-yRdfu3oY0w-ZmuI_n8.roa (hash: LsPuKpZEctSg8i+4uevFKA+sYuA+iu39H7g8hC66rsA=)
2: OHKOm9Nzmd-f-uWHvQaISzUKZbc.crl (hash: Dk1WFI9LtQSPQkMURbVMtfKLG3vfX2TuY67S7q191ig=)
3: REMby4Ya31OA35rY4teZSHIa0ew.roa (hash: XyeGvAoenWA3MJIYVq931n9fMFmepWjFnS5c3uEtCFE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 14:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:3e:39:19:57:06:9f:fd:52:4e:82:67:87:1a:e0:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38728e9bd37399df9ffae587bd06884b350a65b7
Validity
Not Before: Apr 27 14:00:54 2026 GMT
Not After : Apr 28 14:00:54 2026 GMT
Subject: CN=e0cfc8e749f6e9b01eb1cf8d580d2eeaa3a33b3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:1c:13:46:91:ef:42:d4:23:90:36:7a:96:4d:
fd:01:a8:f7:29:13:b5:ae:b0:c8:0d:56:06:b8:ad:
d1:15:4d:37:7b:24:97:f7:31:81:56:39:3d:91:60:
31:4c:cf:7d:41:dc:76:6c:cb:01:9b:e4:eb:86:7c:
1b:30:a5:73:18:c3:6b:b9:86:ad:9a:80:53:25:11:
61:66:89:a7:a3:5a:6b:bb:32:7d:fe:43:82:f9:51:
6a:7e:1a:7c:e8:09:f7:37:dd:80:80:47:df:09:d5:
91:15:89:db:1b:72:f8:85:d6:8d:72:31:de:b7:33:
12:ae:4d:e8:a9:d8:0c:b7:47:ff:51:24:ce:77:55:
5b:d5:cf:16:f7:44:ee:50:cd:0c:0d:a1:fc:25:b8:
b4:15:bb:69:57:eb:07:08:bc:b6:90:8c:b8:72:de:
ec:18:0c:cb:c9:48:58:8d:a9:a4:a4:34:8c:43:63:
7f:dc:c7:5b:c3:64:42:e0:9b:18:20:18:18:37:ff:
94:f9:ff:06:6d:d2:13:44:d1:4f:93:7e:16:f3:2a:
75:b9:8c:3c:99:d7:21:fa:14:21:42:e1:af:bd:25:
a7:62:b0:3b:16:1f:e8:ca:7f:c1:a7:90:9f:ee:50:
33:31:ee:9f:57:7b:b1:ce:2a:5a:35:4c:97:5d:5d:
fe:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CF:C8:E7:49:F6:E9:B0:1E:B1:CF:8D:58:0D:2E:EA:A3:A3:3B:3A
X509v3 Authority Key Identifier:
keyid:38:72:8E:9B:D3:73:99:DF:9F:FA:E5:87:BD:06:88:4B:35:0A:65:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bb:c6:fd:b8:d0:49:9e:ed:17:64:eb:2a:85:e6:74:97:32:bc:
94:64:4a:0b:f2:ec:67:87:17:7c:04:2f:2d:d6:06:30:2b:3d:
f4:0a:4d:aa:da:f9:80:f1:f3:fa:e5:c1:df:ae:a7:1e:46:73:
90:e0:37:bf:d4:fd:5a:12:7f:bc:3c:b4:56:1b:d0:99:33:9e:
cd:24:83:06:97:b9:58:17:f3:35:44:9a:76:d7:79:b6:cd:fd:
35:94:2b:b2:25:cd:43:14:a4:65:c3:5e:c8:b7:c7:3c:3d:97:
7c:a1:32:05:69:09:17:04:83:7e:59:b3:5b:3d:1d:d5:33:e2:
63:bb:7e:a4:43:cc:7a:0e:84:dd:e5:ce:b5:2d:70:e4:ac:44:
23:d9:57:21:28:c9:07:37:bc:d1:70:9a:d5:09:bf:3a:1a:9d:
65:32:9d:fd:22:f8:46:2f:c5:f2:08:08:04:84:db:03:89:af:
93:5f:85:0e:b7:1c:62:c7:34:28:f9:92:28:70:3c:31:0a:26:
f0:56:f4:80:f1:d8:d3:85:bc:28:6b:94:08:0c:67:0a:7b:75:
a7:36:b9:31:0d:1f:f0:de:99:a5:19:a9:c2:51:43:69:c4:f6:
98:bb:50:50:e4:b9:b6:fc:10:c2:f9:a6:92:e3:44:4f:73:90:
0a:96:c5:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3PPjkZVwaf/VJOgmeHGuD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NzI4ZTliZDM3Mzk5ZGY5ZmZhZTU4N2JkMDY4ODRiMzUw
YTY1YjcwHhcNMjYwNDI3MTQwMDU0WhcNMjYwNDI4MTQwMDU0WjAzMTEwLwYDVQQD
EyhlMGNmYzhlNzQ5ZjZlOWIwMWViMWNmOGQ1ODBkMmVlYWEzYTMzYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RwTRpHvQtQjkDZ6lk39Aaj3KRO1
rrDIDVYGuK3RFU03eySX9zGBVjk9kWAxTM99Qdx2bMsBm+TrhnwbMKVzGMNruYat
moBTJRFhZomno1pruzJ9/kOC+VFqfhp86An3N92AgEffCdWRFYnbG3L4hdaNcjHe
tzMSrk3oqdgMt0f/USTOd1Vb1c8W90TuUM0MDaH8Jbi0FbtpV+sHCLy2kIy4ct7s
GAzLyUhYjamkpDSMQ2N/3Mdbw2RC4JsYIBgYN/+U+f8GbdITRNFPk34W8yp1uYw8
mdch+hQhQuGvvSWnYrA7Fh/oyn/Bp5Cf7lAzMe6fV3uxzipaNUyXXV3+BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFODPyOdJ9umwHrHPjVgNLuqjozs6MB8GA1UdIwQY
MBaAFDhyjpvTc5nfn/rlh70GiEs1CmW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iZTNlMjUtODgxYy00YWVjLWE5MzIt
ZjhjZmEzM2Q2ODRlLzEvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iZTNlMjUtODgxYy00YWVjLWE5MzItZjhjZmEzM2Q2ODRl
LzEvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu8b9uNBJ
nu0XZOsqheZ0lzK8lGRKC/LsZ4cXfAQvLdYGMCs99ApNqtr5gPHz+uXB366nHkZz
kOA3v9T9WhJ/vDy0VhvQmTOezSSDBpe5WBfzNUSadtd5ts39NZQrsiXNQxSkZcNe
yLfHPD2XfKEyBWkJFwSDflmzWz0d1TPiY7t+pEPMeg6E3eXOtS1w5KxEI9lXISjJ
Bze80XCa1Qm/OhqdZTKd/SL4Ri/F8ggIBITbA4mvk1+FDrccYsc0KPmSKHA8MQom
8Fb0gPHY04W8KGuUCAxnCnt1pza5MQ0f8N6ZpRmpwlFDacT2mLtQUOS5tvwQwvmm
kuNET3OQCpbFTg==
-----END CERTIFICATE-----
Generated at Mon Apr 27 22:31:45 2026 by rpki-client