Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/83a77d-9cad-40de-abed-c4d42b7f6270/1/ogAYZIx6-hREZNR7seLLK6eG67E.mft
File: ogAYZIx6-hREZNR7seLLK6eG67E.mft (raw, json)
Hash identifier: zusP3GqvNBiMjxsvn1GDiy2Ulu5HL9hzrUsf/l5/rYw=
Subject key identifier: 56:36:E2:B8:E1:81:5C:DC:5E:A0:CD:88:9A:67:32:98:B0:F5:59:42
Authority key identifier: A2:00:18:64:8C:7A:FA:14:44:64:D4:7B:B1:E2:CB:2B:A7:86:EB:B1
Certificate issuer: /CN=a20018648c7afa144464d47bb1e2cb2ba786ebb1
Certificate serial: 019D382E68C1533C80F6E4BCD2CD29130301
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogAYZIx6-hREZNR7seLLK6eG67E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/83a77d-9cad-40de-abed-c4d42b7f6270/1/ogAYZIx6-hREZNR7seLLK6eG67E.mft
Manifest number: 0598
Signing time: Sun 29 Mar 2026 06:00:58 +0000
Manifest this update: Sun 29 Mar 2026 06:00:58 +0000
Manifest next update: Mon 30 Mar 2026 06:00:58 +0000
Files and hashes: 1: jcjuL1I-OfryfxagoMIECR7PHIk.roa (hash: 5XSd5VpigrDBs0g/CxzhzwapRFsuoQY90r59IHVRXrA=)
2: ogAYZIx6-hREZNR7seLLK6eG67E.crl (hash: r/r3V3QCUHs0Vea5UT7Zx1bOwHk7zC9czpRjmxF6iTQ=)
3: okAiKYw_e6QZvczizc6rlRpUxK4.roa (hash: y34ynPJrPUC/f+ZX4ZIuMeW7p+J1n4LsqB74LxIVy4I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/83a77d-9cad-40de-abed-c4d42b7f6270/1/ogAYZIx6-hREZNR7seLLK6eG67E.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/83a77d-9cad-40de-abed-c4d42b7f6270/1/ogAYZIx6-hREZNR7seLLK6eG67E.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogAYZIx6-hREZNR7seLLK6eG67E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:68:c1:53:3c:80:f6:e4:bc:d2:cd:29:13:03:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a20018648c7afa144464d47bb1e2cb2ba786ebb1
Validity
Not Before: Mar 29 06:00:58 2026 GMT
Not After : Mar 30 06:00:58 2026 GMT
Subject: CN=5636e2b8e1815cdc5ea0cd889a673298b0f55942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2e:6d:da:50:b0:83:97:14:e6:c4:32:bb:99:
5f:0d:87:27:73:27:e2:fa:6a:4b:c6:84:3a:f9:28:
6b:45:97:40:1f:9d:f1:8a:e9:0b:ec:35:40:aa:9d:
db:43:4b:7c:91:a7:7c:ca:93:a7:89:db:96:51:9f:
e3:1b:82:9e:95:19:dc:07:db:d5:84:94:0a:10:89:
ec:fc:b4:b6:4b:78:59:9d:e6:f7:34:7f:02:b2:52:
b1:72:fb:7b:31:1c:d9:dd:87:13:b2:52:67:de:fd:
68:e3:77:f0:3d:65:84:34:30:d7:15:59:27:9d:10:
94:95:55:4d:a1:ca:6e:83:b9:99:12:9b:e7:62:7e:
a4:aa:5d:86:67:f7:3a:8f:cd:56:d8:2a:03:0f:d9:
ae:e7:ec:6e:38:ff:18:00:b9:2f:56:cc:31:38:e3:
30:9d:28:8b:1d:29:66:66:4c:aa:55:0e:c0:6b:6c:
d5:19:db:67:b5:22:09:7c:eb:4a:8d:df:cb:57:36:
57:ff:99:9e:dd:37:43:af:b0:c5:b9:5f:c9:c7:02:
2d:8b:8f:df:30:3c:2c:27:08:b4:17:fc:d6:9d:48:
a8:68:5f:bc:e6:9d:4f:6e:36:10:4f:e1:87:46:e9:
1f:3e:0f:fe:ef:92:08:2e:7d:12:6c:86:03:8f:b1:
83:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:36:E2:B8:E1:81:5C:DC:5E:A0:CD:88:9A:67:32:98:B0:F5:59:42
X509v3 Authority Key Identifier:
keyid:A2:00:18:64:8C:7A:FA:14:44:64:D4:7B:B1:E2:CB:2B:A7:86:EB:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogAYZIx6-hREZNR7seLLK6eG67E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/83a77d-9cad-40de-abed-c4d42b7f6270/1/ogAYZIx6-hREZNR7seLLK6eG67E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/83a77d-9cad-40de-abed-c4d42b7f6270/1/ogAYZIx6-hREZNR7seLLK6eG67E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:72:e2:e1:a1:ba:d7:c4:b6:b4:14:12:be:40:3d:a1:ad:c4:
ae:14:de:0c:2c:22:ae:14:fc:9c:97:b7:c4:c3:76:1b:01:1a:
e0:07:75:3d:e1:6b:93:35:d2:db:8b:9b:e7:47:d8:be:2a:52:
e7:e5:fb:1b:d9:44:3e:2c:cb:08:c9:b5:59:a8:61:77:62:e1:
55:ed:59:a9:a9:f8:53:6f:21:23:10:52:2e:54:3a:22:3b:25:
15:a3:8b:8d:da:b5:7b:13:e6:e9:2e:75:03:53:97:62:e7:2b:
98:3d:51:98:09:f1:88:2f:bd:7e:28:6c:e4:d7:41:0b:0d:82:
51:d3:61:3d:ae:b0:66:2d:e3:ff:6f:92:5a:ae:0b:39:51:c5:
26:35:34:84:07:37:35:81:61:ac:1a:90:cc:21:ce:3c:9a:14:
65:1b:c1:c9:bb:94:e2:4d:05:88:5f:fe:62:34:74:9a:ec:1b:
aa:aa:ab:bd:4c:b1:26:f1:8e:06:27:82:a9:38:d3:a2:3f:44:
95:19:29:90:03:d5:66:98:e2:2f:72:5c:15:99:48:7b:9e:20:
50:fe:dd:9a:7c:4b:00:55:86:43:cf:86:b2:9c:da:d2:58:3d:
4d:eb:31:8e:75:ae:e9:fb:27:3c:a5:b7:af:2f:6e:46:22:6f:
b9:e9:09:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LmjBUzyA9uS80s0pEwMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDAxODY0OGM3YWZhMTQ0NDY0ZDQ3YmIxZTJjYjJiYTc4
NmViYjEwHhcNMjYwMzI5MDYwMDU4WhcNMjYwMzMwMDYwMDU4WjAzMTEwLwYDVQQD
Eyg1NjM2ZTJiOGUxODE1Y2RjNWVhMGNkODg5YTY3MzI5OGIwZjU1OTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmi5t2lCwg5cU5sQyu5lfDYcncyfi
+mpLxoQ6+ShrRZdAH53xiukL7DVAqp3bQ0t8kad8ypOniduWUZ/jG4KelRncB9vV
hJQKEIns/LS2S3hZneb3NH8CslKxcvt7MRzZ3YcTslJn3v1o43fwPWWENDDXFVkn
nRCUlVVNocpug7mZEpvnYn6kql2GZ/c6j81W2CoDD9mu5+xuOP8YALkvVswxOOMw
nSiLHSlmZkyqVQ7Aa2zVGdtntSIJfOtKjd/LVzZX/5me3TdDr7DFuV/JxwIti4/f
MDwsJwi0F/zWnUioaF+85p1PbjYQT+GHRukfPg/+75IILn0SbIYDj7GD5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFY24rjhgVzcXqDNiJpnMpiw9VlCMB8GA1UdIwQY
MBaAFKIAGGSMevoURGTUe7HiyyunhuuxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dBWVpJeDYtaFJFWk5SN3NlTExLNmVHNjdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84M2E3N2QtOWNhZC00MGRlLWFiZWQt
YzRkNDJiN2Y2MjcwLzEvb2dBWVpJeDYtaFJFWk5SN3NlTExLNmVHNjdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84M2E3N2QtOWNhZC00MGRlLWFiZWQtYzRkNDJiN2Y2Mjcw
LzEvb2dBWVpJeDYtaFJFWk5SN3NlTExLNmVHNjdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmHLi4aG6
18S2tBQSvkA9oa3ErhTeDCwirhT8nJe3xMN2GwEa4Ad1PeFrkzXS24ub50fYvipS
5+X7G9lEPizLCMm1Wahhd2LhVe1Zqan4U28hIxBSLlQ6IjslFaOLjdq1exPm6S51
A1OXYucrmD1RmAnxiC+9fihs5NdBCw2CUdNhPa6wZi3j/2+SWq4LOVHFJjU0hAc3
NYFhrBqQzCHOPJoUZRvBybuU4k0FiF/+YjR0muwbqqqrvUyxJvGOBieCqTjToj9E
lRkpkAPVZpjiL3JcFZlIe54gUP7dmnxLAFWGQ8+Gspza0lg9TesxjnWu6fsnPKW3
ry9uRiJvuekJ/w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:39 2026 by rpki-client