Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.mft
File: 0KOFQs_bHubgdermsQHnu1sUxDY.mft (raw, json)
Hash identifier: pBoR2v+dUmiw7PRga12WFmG8rqDa8ZHGkol0TD9RRuo=
Subject key identifier: A1:9A:39:C8:DF:C6:92:D7:8A:2E:54:7E:50:77:15:61:0D:65:F3:3A
Authority key identifier: D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
Certificate issuer: /CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Certificate serial: 019D37C05BD3212AC294A08EF270B7F748B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.mft
Manifest number: 1527
Signing time: Sun 29 Mar 2026 04:00:46 +0000
Manifest this update: Sun 29 Mar 2026 04:00:46 +0000
Manifest next update: Mon 30 Mar 2026 04:00:46 +0000
Files and hashes: 1: 0KOFQs_bHubgdermsQHnu1sUxDY.crl (hash: pJ312acUQHq/3mwF8xgIJrdhwaQhUSEdWMxODgx5Q2M=)
2: DrZAtoY9Rywo8Ldr7YL_hDy1B6M.roa (hash: ZHyEZKVIvM9BzDhqQ2OC3fMsoZAiuL1oIVL6MnD4jI0=)
3: YFnsBz-ThBGqQauorb6rDcdXyRc.roa (hash: ofSsRHMM0MyWc7/I1MxyPNGPxwyZiKD6PRrjZ0gvq34=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:5b:d3:21:2a:c2:94:a0:8e:f2:70:b7:f7:48:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Validity
Not Before: Mar 29 04:00:46 2026 GMT
Not After : Mar 30 04:00:46 2026 GMT
Subject: CN=a19a39c8dfc692d78a2e547e507715610d65f33a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b4:61:4b:b2:91:71:31:59:c7:73:ab:ac:46:
20:b2:ed:c5:58:20:fc:45:b8:91:16:8d:1b:a8:9d:
b5:2d:a8:0e:cb:66:70:f0:1d:ee:25:d4:8b:f7:6c:
50:32:f5:5c:07:0c:0f:f1:fd:5f:85:0d:29:5d:8d:
76:a7:2f:0b:c9:5b:63:dd:af:52:1e:40:f5:95:74:
23:69:41:12:ae:e6:6d:cb:93:bf:00:c1:cc:d2:82:
79:b1:4e:77:d3:f6:44:41:40:c2:d7:0b:b8:11:62:
4d:b4:5d:aa:39:cf:36:f7:6b:df:ce:d3:f9:a3:f8:
14:c9:b2:43:57:91:34:6d:32:2d:4d:82:9c:eb:a3:
79:9c:5f:29:9e:d6:6d:9a:38:e3:6d:7d:96:f4:55:
07:04:64:c5:cb:53:72:64:33:7e:71:70:ba:87:b2:
a4:f5:75:0d:cb:3e:9f:e9:c9:27:dd:e9:a9:91:9b:
5d:da:b7:11:4d:83:26:65:91:ec:e6:a5:b4:0b:78:
bb:f6:37:78:8c:e8:1c:4f:3d:c2:14:86:2c:0e:5c:
05:c9:bb:1b:b5:1d:4d:6e:92:20:8c:22:c5:bb:64:
31:ce:7a:cb:57:6c:37:30:3e:7d:95:c4:e5:66:02:
46:df:6f:45:03:b6:9e:a7:3e:7b:7a:cf:87:c8:b3:
7c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9A:39:C8:DF:C6:92:D7:8A:2E:54:7E:50:77:15:61:0D:65:F3:3A
X509v3 Authority Key Identifier:
keyid:D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:fe:de:8f:ad:3c:1b:f4:50:45:79:3a:2a:0f:f4:49:ee:4a:
53:f6:24:f4:b4:34:6a:1a:7b:ab:99:b0:5c:61:26:2a:ba:66:
29:bf:ae:a0:f7:02:5a:57:08:13:43:49:d8:37:05:4d:86:42:
30:db:7d:89:a0:5c:74:61:45:2c:da:92:45:13:c5:3f:f9:aa:
47:1b:fc:ee:4f:1b:56:0d:cf:87:41:69:e6:df:36:0c:77:b9:
1a:1e:a6:7d:bb:1f:da:67:47:87:92:26:58:b4:26:7c:6b:3a:
51:4a:8a:31:fe:62:f6:33:c1:34:85:9a:51:9c:b8:6a:16:89:
60:d3:81:18:c6:8e:9b:84:6c:9f:a9:38:8e:50:03:5d:d7:08:
5f:6c:36:94:30:dd:fc:eb:d3:96:0c:05:8c:0c:87:6d:5c:b1:
f0:82:86:47:4c:fc:2f:30:5a:06:fe:29:8c:ad:19:51:71:76:
04:ce:7e:6d:a8:f5:21:f4:73:bc:bd:08:42:ca:18:fa:14:db:
ee:ac:ee:0c:79:6e:fa:c6:3d:88:8a:a8:38:c9:b1:09:1f:a4:
fa:d7:7f:10:38:f7:d3:ca:12:b0:75:9b:a6:50:1d:ff:16:44:
08:66:cc:23:7c:0b:41:60:b0:75:ff:37:5a:98:4f:18:ec:74:
a1:f6:2f:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wFvTISrClKCO8nC390i1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYTM4NTQyY2ZkYjFlZTZlMDc1ZWFlNmIxMDFlN2JiNWIx
NGM0MzYwHhcNMjYwMzI5MDQwMDQ2WhcNMjYwMzMwMDQwMDQ2WjAzMTEwLwYDVQQD
EyhhMTlhMzljOGRmYzY5MmQ3OGEyZTU0N2U1MDc3MTU2MTBkNjVmMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7RhS7KRcTFZx3OrrEYgsu3FWCD8
RbiRFo0bqJ21LagOy2Zw8B3uJdSL92xQMvVcBwwP8f1fhQ0pXY12py8LyVtj3a9S
HkD1lXQjaUESruZty5O/AMHM0oJ5sU530/ZEQUDC1wu4EWJNtF2qOc8292vfztP5
o/gUybJDV5E0bTItTYKc66N5nF8pntZtmjjjbX2W9FUHBGTFy1NyZDN+cXC6h7Kk
9XUNyz6f6ckn3empkZtd2rcRTYMmZZHs5qW0C3i79jd4jOgcTz3CFIYsDlwFybsb
tR1NbpIgjCLFu2QxznrLV2w3MD59lcTlZgJG329FA7aepz57es+HyLN8QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGaOcjfxpLXii5UflB3FWENZfM6MB8GA1UdIwQY
MBaAFNCjhULP2x7m4HXq5rEB57tbFMQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8zZjA0YzktZTZlMS00NTA2LWI4ZmEt
NDBkMTkxMWZhN2YzLzEvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8zZjA0YzktZTZlMS00NTA2LWI4ZmEtNDBkMTkxMWZhN2Yz
LzEvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALf7ej608
G/RQRXk6Kg/0Se5KU/Yk9LQ0ahp7q5mwXGEmKrpmKb+uoPcCWlcIE0NJ2DcFTYZC
MNt9iaBcdGFFLNqSRRPFP/mqRxv87k8bVg3Ph0Fp5t82DHe5Gh6mfbsf2mdHh5Im
WLQmfGs6UUqKMf5i9jPBNIWaUZy4ahaJYNOBGMaOm4Rsn6k4jlADXdcIX2w2lDDd
/OvTlgwFjAyHbVyx8IKGR0z8LzBaBv4pjK0ZUXF2BM5+baj1IfRzvL0IQsoY+hTb
7qzuDHlu+sY9iIqoOMmxCR+k+td/EDj308oSsHWbplAd/xZECGbMI3wLQWCwdf83
WphPGOx0ofYvLg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:32:58 2026 by rpki-client