Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.mft
File: O95jhoTGRf7dYA7TxQzfMQsRbT4.mft (raw, json)
Hash identifier: JB3zcpLrbf4cJHpiV8C+K0F1Q/gvYgV5ziY/+77NBxs=
Subject key identifier: A1:EE:E5:80:E9:4C:86:3E:D6:14:38:5D:2A:F1:E8:1D:2B:4C:70:A2
Authority key identifier: 3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
Certificate issuer: /CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Certificate serial: 019D25F19AAB0DF140FF6AC9AA9B9F10D3DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.mft
Manifest number: 13A3
Signing time: Wed 25 Mar 2026 17:01:23 +0000
Manifest this update: Wed 25 Mar 2026 17:01:23 +0000
Manifest next update: Thu 26 Mar 2026 17:01:23 +0000
Files and hashes: 1: O95jhoTGRf7dYA7TxQzfMQsRbT4.crl (hash: vemUSW7iJtn1E1flMIID0ud8xSz/13GgV3fC7x5kyw8=)
2: Z7DXzXjQ1iWsLhA7bX6hUr5-ljA.roa (hash: 3kmZN3nQ/QKEMXaSVLOkM6zDUNMkeL4tJG0CWoaKc6Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.mft
rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:f1:9a:ab:0d:f1:40:ff:6a:c9:aa:9b:9f:10:d3:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Validity
Not Before: Mar 25 17:01:23 2026 GMT
Not After : Mar 26 17:01:23 2026 GMT
Subject: CN=a1eee580e94c863ed614385d2af1e81d2b4c70a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0c:b5:fa:c1:96:c5:3f:6a:7d:8a:28:e5:5d:
dd:21:f2:51:ee:b5:28:37:fc:67:ea:65:a2:89:2e:
b1:2a:51:5c:68:40:e2:2a:99:68:9d:c2:ac:56:ff:
39:75:04:7e:40:50:4d:a8:78:db:d5:c8:a3:b9:89:
83:47:87:db:bb:f3:7a:81:73:3b:1d:65:d6:8f:d1:
8a:bb:ec:30:35:25:8b:98:03:aa:c0:31:e3:13:97:
38:1c:a2:d7:98:c0:c1:26:bb:52:d6:37:d9:95:41:
f7:22:a8:a5:e6:bd:75:2c:a6:81:fe:6e:d6:d6:c3:
26:d7:86:a0:62:fa:a2:8a:31:cd:6c:e5:67:c3:29:
6a:7a:c1:e4:d0:27:9a:6c:fb:76:96:4e:3f:41:0c:
d5:93:e5:46:26:29:11:51:20:7a:be:34:81:b0:81:
67:7c:d1:9e:4c:b9:c6:e2:cf:aa:af:3a:d1:55:bd:
77:d7:94:9a:c3:22:58:40:54:7b:95:eb:3c:e6:98:
fc:bf:b8:e9:bc:a6:2a:a0:db:22:c1:6f:6f:94:20:
f5:ab:d9:bd:9a:f2:48:e3:d0:df:f6:65:a6:b4:5c:
c3:3c:b5:bc:62:76:76:3f:a6:e5:a0:31:3b:fa:5c:
00:06:7b:cd:0d:94:1c:61:29:da:88:a5:a0:51:51:
e3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:EE:E5:80:E9:4C:86:3E:D6:14:38:5D:2A:F1:E8:1D:2B:4C:70:A2
X509v3 Authority Key Identifier:
keyid:3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:6c:5b:29:d1:79:46:48:11:ed:12:66:1e:ba:5c:39:40:0e:
69:f9:d4:4c:97:18:53:d9:59:11:1c:7e:aa:55:17:63:18:c2:
fc:73:6e:03:f2:db:d3:70:95:83:29:30:73:7d:f6:e8:05:5b:
0e:a2:df:ec:e7:82:7b:56:ec:c0:3d:eb:27:b1:00:75:b7:93:
65:49:c6:a8:89:5e:8a:0d:2c:ed:b1:18:0c:bf:6a:a3:6b:05:
e9:05:a9:17:89:29:7e:d3:56:f1:1b:6d:d5:f1:f8:4c:f0:b5:
26:49:1c:78:0f:10:3e:a9:11:62:f2:82:96:bf:18:1f:c9:c5:
ad:25:54:62:a0:1d:04:4f:bb:32:7e:a1:e4:72:df:96:c6:d7:
17:24:f2:37:7c:04:f9:09:bf:f6:f0:05:cb:46:39:f9:a1:89:
c1:6e:31:1d:18:d1:94:14:3c:1e:81:2b:b5:b2:ae:7e:c6:85:
5a:c2:03:40:12:3e:e9:61:8a:db:98:dd:14:aa:1c:f9:e7:16:
f3:76:35:31:dc:2e:f9:5b:7c:34:57:69:58:43:9d:9f:47:a1:
e0:41:31:38:ce:b8:5e:0d:5a:0b:75:42:e9:a0:47:3a:74:e4:
25:1a:68:e3:33:32:c3:2b:6d:fc:be:b6:15:45:03:e9:e0:d6:
a7:64:c2:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8ZqrDfFA/2rJqpufENPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGU2Mzg2ODRjNjQ1ZmVkZDYwMGVkM2M1MGNkZjMxMGIx
MTZkM2UwHhcNMjYwMzI1MTcwMTIzWhcNMjYwMzI2MTcwMTIzWjAzMTEwLwYDVQQD
EyhhMWVlZTU4MGU5NGM4NjNlZDYxNDM4NWQyYWYxZTgxZDJiNGM3MGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswy1+sGWxT9qfYoo5V3dIfJR7rUo
N/xn6mWiiS6xKlFcaEDiKploncKsVv85dQR+QFBNqHjb1cijuYmDR4fbu/N6gXM7
HWXWj9GKu+wwNSWLmAOqwDHjE5c4HKLXmMDBJrtS1jfZlUH3Iqil5r11LKaB/m7W
1sMm14agYvqiijHNbOVnwylqesHk0CeabPt2lk4/QQzVk+VGJikRUSB6vjSBsIFn
fNGeTLnG4s+qrzrRVb1315SawyJYQFR7les85pj8v7jpvKYqoNsiwW9vlCD1q9m9
mvJI49Df9mWmtFzDPLW8YnZ2P6bloDE7+lwABnvNDZQcYSnaiKWgUVHjbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHu5YDpTIY+1hQ4XSrx6B0rTHCiMB8GA1UdIwQY
MBaAFDveY4aExkX+3WAO08UM3zELEW0+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQt
MDk3YjA1MTBkM2UyLzEvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQtMDk3YjA1MTBkM2Uy
LzEvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVGxbKdF5
RkgR7RJmHrpcOUAOafnUTJcYU9lZERx+qlUXYxjC/HNuA/Lb03CVgykwc3326AVb
DqLf7OeCe1bswD3rJ7EAdbeTZUnGqIleig0s7bEYDL9qo2sF6QWpF4kpftNW8Rtt
1fH4TPC1JkkceA8QPqkRYvKClr8YH8nFrSVUYqAdBE+7Mn6h5HLflsbXFyTyN3wE
+Qm/9vAFy0Y5+aGJwW4xHRjRlBQ8HoErtbKufsaFWsIDQBI+6WGK25jdFKoc+ecW
83Y1Mdwu+Vt8NFdpWEOdn0eh4EExOM64Xg1aC3VC6aBHOnTkJRpo4zMywytt/L62
FUUD6eDWp2TC4Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:35:09 2026 by rpki-client