Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
File: oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft (raw, json)
Hash identifier: I9anOpjyRG08VLyzPafz54Hq2dg8OTxM9MMreXjcOD8=
Subject key identifier: AA:89:17:39:1B:9A:B6:2C:C1:5C:71:0B:2D:11:78:5E:29:BD:45:33
Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59
Certificate serial: 019D2772C31AEE60C347E10B884742D301BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
Manifest number: 0DEA
Signing time: Thu 26 Mar 2026 00:02:05 +0000
Manifest this update: Thu 26 Mar 2026 00:02:05 +0000
Manifest next update: Fri 27 Mar 2026 00:02:05 +0000
Files and hashes: 1: VJaaCilXSaMFiDpDj2m9Nu8DP6E.roa (hash: /Vwcg31kt8NZSUPOXZXkCRASkot9oBzCBAi0+AvtL2w=)
2: oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl (hash: gtRTTcGE8Nc/3xguOnUqKAIVU5lMG86bqiHGM6JOPxU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:c3:1a:ee:60:c3:47:e1:0b:88:47:42:d3:01:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59
Validity
Not Before: Mar 26 00:02:05 2026 GMT
Not After : Mar 27 00:02:05 2026 GMT
Subject: CN=aa8917391b9ab62cc15c710b2d11785e29bd4533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cf:d7:70:8e:0e:8a:ee:dc:90:e5:f5:0f:da:
30:74:49:22:d2:0e:6f:4d:21:eb:f6:fd:35:59:25:
6d:7e:5d:ec:60:2c:9d:cd:72:17:66:ec:32:0b:e0:
4d:a4:37:ec:50:5c:75:ce:90:cd:5b:b7:7d:c6:88:
f4:9e:96:78:c2:86:d0:57:e4:e5:e5:f8:01:3a:c5:
0b:ed:d6:fa:44:ad:8f:6f:34:0b:8a:7a:54:b0:55:
db:f4:2b:f0:d1:c8:a0:5e:b4:b7:af:22:75:a9:00:
30:97:c7:7f:27:1f:62:f4:e3:3c:65:35:8a:a3:cd:
19:3b:07:62:56:ac:1c:3f:c1:a2:de:ba:16:40:99:
9b:ac:d6:ee:14:1d:47:9c:0e:27:dd:bb:a6:eb:9b:
9c:14:6d:55:25:39:b0:1c:6d:f1:f7:56:06:cf:1a:
fd:7e:90:ed:44:11:86:38:14:df:d3:eb:d7:86:e0:
73:46:40:93:6b:9e:ce:de:1a:da:1d:e8:fd:32:7a:
f5:09:98:9a:cc:29:17:e7:d0:c7:3f:36:91:b6:54:
29:05:24:71:d0:03:c3:7f:10:7e:99:c3:37:8d:ca:
05:3c:32:74:c4:5e:26:45:5a:80:02:aa:43:f0:3f:
20:2f:e5:dd:dd:53:e8:7a:d0:15:54:7f:63:a3:e5:
b9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:89:17:39:1B:9A:B6:2C:C1:5C:71:0B:2D:11:78:5E:29:BD:45:33
X509v3 Authority Key Identifier:
keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:88:08:fa:ff:19:14:15:a9:da:f4:c6:7f:73:c1:12:0d:df:
97:59:bf:6a:72:fc:84:ea:91:b9:91:03:9f:05:84:e5:8b:0a:
4f:4f:0b:38:66:ef:64:ab:64:56:bb:87:38:e3:f0:07:94:91:
f2:6f:8a:87:0e:9d:c3:55:e9:1f:20:b9:b0:4b:67:b5:66:a2:
2d:82:51:c5:c9:00:18:15:be:b8:c6:b9:39:3e:e5:9c:6e:00:
72:e7:79:f1:9f:f7:49:ea:85:68:7c:6b:c0:a2:4b:8b:37:36:
d4:fe:ba:b0:a6:77:86:7c:9c:a8:e6:11:1c:97:75:33:0e:02:
ef:ea:15:2a:bc:a7:89:b4:be:37:af:f1:a0:38:d2:1f:11:c3:
f8:a5:bd:ec:fd:66:1d:c5:d7:ca:47:7d:30:9a:a7:ee:a5:82:
e4:f2:5d:0f:ec:f8:86:55:bd:f6:8d:f0:23:e1:30:68:f1:59:
3a:07:5c:86:35:25:68:5a:5d:fe:d6:08:32:48:70:e4:3a:fc:
2c:57:2c:9b:45:b5:3e:b4:b4:ab:cd:36:ba:08:82:7b:56:f9:
e9:a5:9d:8e:9b:27:77:74:ba:17:37:1d:fc:1f:33:10:8b:bd:
21:ab:0f:64:79:65:62:70:0f:56:71:12:0e:fc:aa:52:62:3e:
30:5e:78:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncsMa7mDDR+ELiEdC0wG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1
M2RjNTkwHhcNMjYwMzI2MDAwMjA1WhcNMjYwMzI3MDAwMjA1WjAzMTEwLwYDVQQD
EyhhYTg5MTczOTFiOWFiNjJjYzE1YzcxMGIyZDExNzg1ZTI5YmQ0NTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8/XcI4Oiu7ckOX1D9owdEki0g5v
TSHr9v01WSVtfl3sYCydzXIXZuwyC+BNpDfsUFx1zpDNW7d9xoj0npZ4wobQV+Tl
5fgBOsUL7db6RK2PbzQLinpUsFXb9Cvw0cigXrS3ryJ1qQAwl8d/Jx9i9OM8ZTWK
o80ZOwdiVqwcP8Gi3roWQJmbrNbuFB1HnA4n3bum65ucFG1VJTmwHG3x91YGzxr9
fpDtRBGGOBTf0+vXhuBzRkCTa57O3hraHej9Mnr1CZiazCkX59DHPzaRtlQpBSRx
0APDfxB+mcM3jcoFPDJ0xF4mRVqAAqpD8D8gL+Xd3VPoetAVVH9jo+W5BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqJFzkbmrYswVxxCy0ReF4pvUUzMB8GA1UdIwQY
MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt
ZmI2OTgzY2U5ZGZmLzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm
LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABogI+v8Z
FBWp2vTGf3PBEg3fl1m/anL8hOqRuZEDnwWE5YsKT08LOGbvZKtkVruHOOPwB5SR
8m+Khw6dw1XpHyC5sEtntWaiLYJRxckAGBW+uMa5OT7lnG4Acud58Z/3SeqFaHxr
wKJLizc21P66sKZ3hnycqOYRHJd1Mw4C7+oVKrynibS+N6/xoDjSHxHD+KW97P1m
HcXXykd9MJqn7qWC5PJdD+z4hlW99o3wI+EwaPFZOgdchjUlaFpd/tYIMkhw5Dr8
LFcsm0W1PrS0q802ugiCe1b56aWdjpsnd3S6Fzcd/B8zEIu9IasPZHllYnAPVnES
DvyqUmI+MF54kw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:53:18 2026 by rpki-client