Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
File: Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft (raw, json)
Hash identifier: O8vJzT0O+PwVqXFGIDLssd7LTw8rd1yzLhz28S+46+g=
Subject key identifier: F4:97:8A:09:D5:F4:6F:97:A2:33:ED:F7:80:5C:0F:3F:72:06:6C:74
Authority key identifier: 3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
Certificate issuer: /CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Certificate serial: 019D265F1B2B15DA0E5AD8AB81149A58ECE2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
Manifest number: 09CC
Signing time: Wed 25 Mar 2026 19:01:00 +0000
Manifest this update: Wed 25 Mar 2026 19:01:00 +0000
Manifest next update: Thu 26 Mar 2026 19:01:00 +0000
Files and hashes: 1: Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl (hash: iG2Llvqy0yLXBCAAV0Jv4m0XbSUQ/kMDe3SMQov27/8=)
2: yCYfu-nQ-r5mmuWB4csYdJl_brA.roa (hash: bFBh8jKzarYm0VKcZxzPkcXMAVEV0oykNxP7fDtsTwM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:1b:2b:15:da:0e:5a:d8:ab:81:14:9a:58:ec:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Validity
Not Before: Mar 25 19:01:00 2026 GMT
Not After : Mar 26 19:01:00 2026 GMT
Subject: CN=f4978a09d5f46f97a233edf7805c0f3f72066c74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d2:66:11:44:f5:f9:ca:70:5a:57:31:d1:06:
ea:d4:8f:8e:48:44:ea:b0:ef:28:c2:2e:d0:36:da:
19:1d:59:69:08:c8:5b:03:72:75:e1:01:41:76:2e:
a5:4b:2f:6d:43:12:6e:78:22:7e:22:60:e1:ac:f8:
1e:fd:6e:99:72:b0:87:82:ef:71:23:55:a7:c5:f4:
fb:46:7c:72:b6:75:df:30:87:82:09:9e:2f:ad:27:
d0:2b:30:94:05:c6:07:49:d3:14:25:00:62:2e:bc:
f6:8b:d8:44:46:50:3b:3c:f6:d3:35:b1:b9:ab:89:
b0:38:a1:0c:53:a6:a0:62:eb:e0:c0:c2:02:8b:9e:
11:a4:21:1e:46:ba:b0:10:f1:8c:ed:07:36:8d:f9:
ec:e9:82:47:9c:25:48:75:a8:e2:27:ca:e1:8d:14:
15:1b:1d:27:19:76:c5:a2:bd:57:ba:07:97:6a:1f:
a7:e5:e3:7b:36:45:83:d4:ca:60:9c:60:51:1f:2b:
3a:ef:87:52:57:1f:9c:12:3b:00:a2:6c:1e:b3:66:
c1:d4:b2:37:88:dd:5c:80:0a:ff:71:e1:c5:79:c6:
a9:fa:96:1c:78:5c:87:b0:7f:9f:5d:4a:a7:c6:b7:
eb:f3:85:96:6a:ef:74:d6:d8:6f:15:b6:db:47:d6:
6a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:97:8A:09:D5:F4:6F:97:A2:33:ED:F7:80:5C:0F:3F:72:06:6C:74
X509v3 Authority Key Identifier:
keyid:3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:50:ab:e2:4d:f6:3b:d4:d4:da:93:03:f5:50:4e:84:45:cf:
8b:b4:83:c6:86:6d:65:a4:81:10:73:f3:6c:7a:2c:8a:ae:d0:
a7:be:d1:9c:a8:04:7a:3e:58:ad:16:54:94:b1:87:ff:5b:1a:
a0:d1:4c:cc:59:7f:e1:5a:b5:39:55:51:b4:2d:d7:97:43:d6:
72:36:ad:b2:5a:3c:d6:47:32:85:20:41:e9:04:a0:08:15:32:
75:df:d6:ed:c6:25:4d:bb:c3:b8:5d:b0:0c:c7:ae:1a:b5:e1:
7b:6d:26:ef:b5:c3:2b:2c:52:67:15:14:40:ef:0e:b9:b8:4e:
b2:4b:ce:e9:4e:66:7e:96:cd:56:26:18:e3:ca:c0:80:ef:df:
57:ae:d0:85:41:7b:4f:4c:49:05:c0:3c:02:df:44:8e:26:b6:
0a:f9:ce:a6:9e:fe:b3:10:a7:eb:93:45:05:f4:1c:4c:b0:29:
aa:ab:26:be:dc:3b:7a:29:a9:a2:5b:e5:8b:55:4c:57:5d:5c:
7f:46:a5:73:44:f6:6f:01:0c:ac:e9:bd:8b:fa:a2:97:30:a5:
a0:55:18:49:c9:46:84:45:20:fa:fc:88:a5:0e:d8:46:17:22:
f4:63:09:59:25:22:96:a1:27:e1:e5:39:48:37:f5:18:83:65:
6b:29:b7:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXxsrFdoOWtirgRSaWOziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMTkzNWIzY2JjMjUyN2VhZjE2N2Q2OWIyMDc4ZDMzZTRj
NGRhMjAwHhcNMjYwMzI1MTkwMTAwWhcNMjYwMzI2MTkwMTAwWjAzMTEwLwYDVQQD
EyhmNDk3OGEwOWQ1ZjQ2Zjk3YTIzM2VkZjc4MDVjMGYzZjcyMDY2Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9JmEUT1+cpwWlcx0Qbq1I+OSETq
sO8owi7QNtoZHVlpCMhbA3J14QFBdi6lSy9tQxJueCJ+ImDhrPge/W6ZcrCHgu9x
I1WnxfT7RnxytnXfMIeCCZ4vrSfQKzCUBcYHSdMUJQBiLrz2i9hERlA7PPbTNbG5
q4mwOKEMU6agYuvgwMICi54RpCEeRrqwEPGM7Qc2jfns6YJHnCVIdajiJ8rhjRQV
Gx0nGXbFor1XugeXah+n5eN7NkWD1MpgnGBRHys674dSVx+cEjsAomwes2bB1LI3
iN1cgAr/ceHFecap+pYceFyHsH+fXUqnxrfr84WWau901thvFbbbR9ZqYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSXignV9G+XojPt94BcDz9yBmx0MB8GA1UdIwQY
MBaAFDoZNbPLwlJ+rxZ9abIHjTPkxNogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYt
YWJmODM3YWNlOGU0LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYtYWJmODM3YWNlOGU0
LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL1Cr4k32
O9TU2pMD9VBOhEXPi7SDxoZtZaSBEHPzbHosiq7Qp77RnKgEej5YrRZUlLGH/1sa
oNFMzFl/4Vq1OVVRtC3Xl0PWcjatslo81kcyhSBB6QSgCBUydd/W7cYlTbvDuF2w
DMeuGrXhe20m77XDKyxSZxUUQO8OubhOskvO6U5mfpbNViYY48rAgO/fV67QhUF7
T0xJBcA8At9Ejia2CvnOpp7+sxCn65NFBfQcTLApqqsmvtw7eimpolvli1VMV11c
f0alc0T2bwEMrOm9i/qilzCloFUYSclGhEUg+vyIpQ7YRhci9GMJWSUilqEn4eU5
SDf1GINlaym3GQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:52:59 2026 by rpki-client