Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
File: OZ17KbLru-43WSMgfh2FZU8LV7o.mft (raw, json)
Hash identifier: IxNNuhIYBD9zRw00LsDvvrVOFaWigcuODenAKmUx2UM=
Subject key identifier: FA:BA:61:78:04:89:1C:9A:F6:9B:74:AB:AC:B6:1A:DA:7D:B1:B3:C5
Authority key identifier: 39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA
Certificate issuer: /CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
Certificate serial: 019D27A8749024B95500FCB5EBD00CEF85F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
Manifest number: 04D0
Signing time: Thu 26 Mar 2026 01:00:44 +0000
Manifest this update: Thu 26 Mar 2026 01:00:44 +0000
Manifest next update: Fri 27 Mar 2026 01:00:44 +0000
Files and hashes: 1: OZ17KbLru-43WSMgfh2FZU8LV7o.crl (hash: ls+7BSE/B4Q1lGId6TMVCHfCZ1NMNxNHgzq1QYZKKws=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a8:74:90:24:b9:55:00:fc:b5:eb:d0:0c:ef:85:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
Validity
Not Before: Mar 26 01:00:44 2026 GMT
Not After : Mar 27 01:00:44 2026 GMT
Subject: CN=faba617804891c9af69b74abacb61ada7db1b3c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:01:10:57:7e:99:c1:df:d6:8b:fd:e7:de:55:
7a:7f:d2:5e:10:57:46:d3:27:21:cb:67:c4:0d:77:
d2:9b:e8:af:8a:9b:ad:f9:eb:e5:21:85:0d:f7:0b:
a7:d3:17:fb:7f:5f:dc:2b:76:8d:f9:3f:58:df:5a:
1b:9c:a1:a7:65:b7:50:90:41:67:1c:b3:2f:77:26:
c5:87:e8:2d:9e:93:06:bf:86:1a:d1:85:cd:9d:a6:
ea:b8:79:2e:c2:6f:b9:14:e5:b7:f5:ba:e7:9d:c7:
9f:dd:80:85:31:2f:dc:6d:ef:e4:27:c2:4d:ee:64:
05:ac:3e:be:db:8f:59:20:cb:e3:dc:ac:df:00:52:
57:6d:ae:f3:e0:9e:b5:1f:18:15:f2:08:46:7e:d2:
3d:4f:13:65:08:00:cb:f6:10:94:aa:61:65:5f:40:
fe:73:13:c5:53:5d:9b:03:af:83:c9:8f:7c:92:80:
04:26:a6:90:d3:f1:c3:ea:e2:fd:2a:8a:9a:d5:7b:
95:09:e5:4e:53:2e:41:05:15:cd:75:75:9a:9a:aa:
d1:71:a3:e5:12:d4:84:ab:95:5a:bc:b0:55:21:e3:
c3:38:d7:a7:fe:85:b8:f1:2a:c9:50:9b:89:a8:43:
b8:61:0f:94:76:4d:88:d2:1d:f9:4c:1c:d2:59:69:
e8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:BA:61:78:04:89:1C:9A:F6:9B:74:AB:AC:B6:1A:DA:7D:B1:B3:C5
X509v3 Authority Key Identifier:
keyid:39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:b6:4c:09:e5:ef:e9:7a:0b:58:53:53:7a:44:a8:e3:e1:c3:
fd:eb:29:1e:23:47:f2:ac:69:02:40:c6:82:1d:ce:8e:db:fa:
cb:ae:25:4c:b2:51:2c:10:47:46:f9:7e:27:e9:66:49:7a:1f:
32:13:32:bc:4d:1d:3d:d1:63:f9:97:3e:48:d9:08:4e:a7:ba:
7d:cc:fc:7b:4e:7d:59:3b:d2:f1:55:c6:f4:63:c5:0f:3f:22:
fd:8b:a8:c9:b6:85:cc:de:22:40:07:0e:fc:e7:4f:89:f2:03:
82:1e:1d:a0:db:0a:49:78:6d:ac:bd:e5:03:d5:54:c1:a1:2b:
53:74:80:82:26:3f:79:37:1f:f8:df:c8:47:43:9b:c5:8e:78:
ef:b2:fb:e7:5d:f9:c2:a5:10:3c:6e:ee:12:a0:91:5d:2a:cf:
1d:be:d3:b7:f5:b6:3a:99:d7:76:cb:56:ea:94:df:28:b2:11:
69:ba:7c:12:0b:3c:80:f4:53:4c:d9:86:6b:2e:0c:1e:b4:46:
e4:c1:15:c9:cb:59:27:11:89:52:fc:c9:6b:e7:70:dd:1a:da:
66:ac:84:80:15:ce:98:70:6f:6e:41:8b:33:a9:77:b5:bf:62:
e6:57:65:b4:81:a0:1a:47:c2:0f:4a:50:53:ed:50:90:2f:25:
07:39:24:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqHSQJLlVAPy169AM74XzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWQ3YjI5YjJlYmJiZWUzNzU5MjMyMDdlMWQ4NTY1NGYw
YjU3YmEwHhcNMjYwMzI2MDEwMDQ0WhcNMjYwMzI3MDEwMDQ0WjAzMTEwLwYDVQQD
EyhmYWJhNjE3ODA0ODkxYzlhZjY5Yjc0YWJhY2I2MWFkYTdkYjFiM2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wEQV36Zwd/Wi/3n3lV6f9JeEFdG
0ychy2fEDXfSm+iviput+evlIYUN9wun0xf7f1/cK3aN+T9Y31obnKGnZbdQkEFn
HLMvdybFh+gtnpMGv4Ya0YXNnabquHkuwm+5FOW39brnncef3YCFMS/cbe/kJ8JN
7mQFrD6+249ZIMvj3KzfAFJXba7z4J61HxgV8ghGftI9TxNlCADL9hCUqmFlX0D+
cxPFU12bA6+DyY98koAEJqaQ0/HD6uL9Koqa1XuVCeVOUy5BBRXNdXWamqrRcaPl
EtSEq5VavLBVIePDONen/oW48SrJUJuJqEO4YQ+Udk2I0h35TBzSWWnoPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPq6YXgEiRya9pt0q6y2Gtp9sbPFMB8GA1UdIwQY
MBaAFDmdeymy67vuN1kjIH4dhWVPC1e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAt
YTZiNWE4YmUxMTEzLzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAtYTZiNWE4YmUxMTEz
LzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASbZMCeXv
6XoLWFNTekSo4+HD/espHiNH8qxpAkDGgh3Ojtv6y64lTLJRLBBHRvl+J+lmSXof
MhMyvE0dPdFj+Zc+SNkITqe6fcz8e059WTvS8VXG9GPFDz8i/YuoybaFzN4iQAcO
/OdPifIDgh4doNsKSXhtrL3lA9VUwaErU3SAgiY/eTcf+N/IR0ObxY5477L75135
wqUQPG7uEqCRXSrPHb7Tt/W2OpnXdstW6pTfKLIRabp8Egs8gPRTTNmGay4MHrRG
5MEVyctZJxGJUvzJa+dw3RraZqyEgBXOmHBvbkGLM6l3tb9i5ldltIGgGkfCD0pQ
U+1QkC8lBzkklA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:33:48 2026 by rpki-client