Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft
File: o-zqyBJVNKV5R5YtsokD-tesOvk.mft (raw, json)
Hash identifier: XZoOcgJrgjMVftpcT/yTMPbjSa457/4Gh3zqrdBlS4o=
Subject key identifier: C9:87:30:9A:39:23:B5:A0:1D:94:48:0E:8B:A2:00:E4:77:CA:0E:A9
Authority key identifier: A3:EC:EA:C8:12:55:34:A5:79:47:96:2D:B2:89:03:FA:D7:AC:3A:F9
Certificate issuer: /CN=a3eceac8125534a57947962db28903fad7ac3af9
Certificate serial: 019D26CD1A1C49A86F159A441263C80CDEAC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft
Manifest number: 1805
Signing time: Wed 25 Mar 2026 21:01:08 +0000
Manifest this update: Wed 25 Mar 2026 21:01:08 +0000
Manifest next update: Thu 26 Mar 2026 21:01:08 +0000
Files and hashes: 1: 2MsPFamPffku1ttx9gaJe1ffa6Y.roa (hash: DHSbfM3R76vdNxci0L/Qjop0BLeabp3SpJ5q1Jd300M=)
2: o-zqyBJVNKV5R5YtsokD-tesOvk.crl (hash: vtFkQY8p9+2XLvIq18EvD3TKiullEc9XTIVWxeFS15o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:cd:1a:1c:49:a8:6f:15:9a:44:12:63:c8:0c:de:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3eceac8125534a57947962db28903fad7ac3af9
Validity
Not Before: Mar 25 21:01:08 2026 GMT
Not After : Mar 26 21:01:08 2026 GMT
Subject: CN=c987309a3923b5a01d94480e8ba200e477ca0ea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9c:d6:54:74:a2:ca:95:50:38:9d:b5:dd:8d:
7d:f5:e8:b3:a2:0d:53:9c:db:09:43:32:c3:f8:72:
39:70:54:0f:74:52:82:be:2f:8d:cd:7d:20:90:a4:
4d:53:10:f0:cf:30:f6:b6:22:56:e4:85:d1:c1:83:
ec:12:15:d6:e9:d8:4d:b7:d5:da:cd:0a:ca:2a:d4:
38:17:1f:a2:75:50:eb:40:ff:88:c8:31:7f:44:ef:
3c:1f:0d:bd:38:bb:01:77:a1:4f:2d:58:6a:8b:30:
b4:f8:40:cc:d1:8d:77:0e:01:25:bf:aa:8e:52:f1:
36:ff:70:f1:3b:ae:e9:c2:e8:3b:80:da:aa:51:ae:
28:7c:a8:2f:f3:1f:82:bc:1b:99:61:1c:40:16:c2:
f0:7c:ef:34:b2:42:5d:2f:76:4b:cf:00:95:d9:3c:
d3:a7:00:67:ba:f6:4e:d2:e8:5c:e5:58:c7:de:e8:
6c:92:f6:94:ab:74:e4:6b:7e:82:b8:06:0b:46:7c:
07:b0:da:0c:b1:f6:43:a8:9f:50:27:b5:35:19:b5:
a9:29:36:66:93:2d:cd:64:3e:77:ab:e0:79:84:1b:
27:99:fb:b4:1c:4d:e4:f4:65:26:58:93:d6:6e:9a:
05:50:9f:3b:a2:61:18:9d:2f:9f:20:db:5a:c5:2b:
c4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:87:30:9A:39:23:B5:A0:1D:94:48:0E:8B:A2:00:E4:77:CA:0E:A9
X509v3 Authority Key Identifier:
keyid:A3:EC:EA:C8:12:55:34:A5:79:47:96:2D:B2:89:03:FA:D7:AC:3A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:94:6e:35:1b:5d:07:1e:48:09:41:74:64:f9:10:5e:c5:83:
3b:70:ef:a6:d3:0b:d0:39:d9:20:99:5c:8d:5c:85:d6:52:c9:
d8:c2:52:15:22:de:b4:f4:da:13:d9:06:9c:14:cb:44:a0:11:
9f:ee:1d:28:66:3c:2a:c8:9c:07:27:9b:94:06:b8:30:ac:1f:
38:96:05:1c:82:6b:21:80:1d:79:3b:de:bf:52:38:0d:3e:60:
ce:e0:fa:a5:bd:02:85:cf:10:3e:6c:02:98:1e:01:ce:27:13:
ff:2b:7e:ba:d8:bc:0a:d6:0c:2f:8f:b0:3a:dd:aa:ba:f8:8a:
09:b0:2a:f8:d8:0d:ef:14:4a:10:06:fa:91:6e:c8:f8:2f:2d:
d4:d0:c8:3a:98:79:fa:8b:cb:c8:5b:72:c4:3c:a6:9a:e6:47:
62:47:1d:ce:31:ff:d9:93:82:9f:34:88:15:73:f0:ac:61:bb:
6e:6c:fb:27:fa:62:4f:72:6a:87:ee:03:5d:60:58:2c:84:b6:
d4:98:06:a5:fc:90:53:e3:83:e4:95:cf:2c:18:19:7d:c3:e3:
cf:b9:a4:f6:51:3c:e3:3e:f7:5e:99:a2:7c:9f:58:56:d4:59:
44:fa:a6:7a:5d:c3:c9:72:9b:d9:70:de:c4:4d:c7:86:82:79:
c2:2c:dd:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzRocSahvFZpEEmPIDN6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZWNlYWM4MTI1NTM0YTU3OTQ3OTYyZGIyODkwM2ZhZDdh
YzNhZjkwHhcNMjYwMzI1MjEwMTA4WhcNMjYwMzI2MjEwMTA4WjAzMTEwLwYDVQQD
EyhjOTg3MzA5YTM5MjNiNWEwMWQ5NDQ4MGU4YmEyMDBlNDc3Y2EwZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05zWVHSiypVQOJ213Y199eizog1T
nNsJQzLD+HI5cFQPdFKCvi+NzX0gkKRNUxDwzzD2tiJW5IXRwYPsEhXW6dhNt9Xa
zQrKKtQ4Fx+idVDrQP+IyDF/RO88Hw29OLsBd6FPLVhqizC0+EDM0Y13DgElv6qO
UvE2/3DxO67pwug7gNqqUa4ofKgv8x+CvBuZYRxAFsLwfO80skJdL3ZLzwCV2TzT
pwBnuvZO0uhc5VjH3uhskvaUq3Tka36CuAYLRnwHsNoMsfZDqJ9QJ7U1GbWpKTZm
ky3NZD53q+B5hBsnmfu0HE3k9GUmWJPWbpoFUJ87omEYnS+fINtaxSvEEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMmHMJo5I7WgHZRIDouiAOR3yg6pMB8GA1UdIwQY
MBaAFKPs6sgSVTSleUeWLbKJA/rXrDr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby16cXlCSlZOS1Y1UjVZdHNva0QtdGVzT3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kOTExODctNzU0NS00MWU3LTk4OTQt
YTliZDVlNDEwYWVkLzEvby16cXlCSlZOS1Y1UjVZdHNva0QtdGVzT3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kOTExODctNzU0NS00MWU3LTk4OTQtYTliZDVlNDEwYWVk
LzEvby16cXlCSlZOS1Y1UjVZdHNva0QtdGVzT3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT5RuNRtd
Bx5ICUF0ZPkQXsWDO3DvptML0DnZIJlcjVyF1lLJ2MJSFSLetPTaE9kGnBTLRKAR
n+4dKGY8KsicByeblAa4MKwfOJYFHIJrIYAdeTvev1I4DT5gzuD6pb0Chc8QPmwC
mB4BzicT/yt+uti8CtYML4+wOt2quviKCbAq+NgN7xRKEAb6kW7I+C8t1NDIOph5
+ovLyFtyxDymmuZHYkcdzjH/2ZOCnzSIFXPwrGG7bmz7J/piT3Jqh+4DXWBYLIS2
1JgGpfyQU+OD5JXPLBgZfcPjz7mk9lE84z73XpmifJ9YVtRZRPqmel3DyXKb2XDe
xE3HhoJ5wizdKw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:01:19 2026 by rpki-client