Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/oAy0uNVpR3USzleIW6aiiY-8LZU.mft
File: oAy0uNVpR3USzleIW6aiiY-8LZU.mft (raw, json)
Hash identifier: sy92VSrKikwqhyVzujSI9gDrVQBu3fbAZrox7aknzbI=
Subject key identifier: 84:68:60:AF:8B:E5:9B:C2:EB:4C:E7:82:1B:B1:FD:5E:F4:4B:B8:1A
Authority key identifier: A0:0C:B4:B8:D5:69:47:75:12:CE:57:88:5B:A6:A2:89:8F:BC:2D:95
Certificate issuer: /CN=a00cb4b8d569477512ce57885ba6a2898fbc2d95
Certificate serial: 019D24DEFA085871E98D2A7D0177A0ECE72F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oAy0uNVpR3USzleIW6aiiY-8LZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/oAy0uNVpR3USzleIW6aiiY-8LZU.mft
Manifest number: 138E
Signing time: Wed 25 Mar 2026 12:01:25 +0000
Manifest this update: Wed 25 Mar 2026 12:01:25 +0000
Manifest next update: Thu 26 Mar 2026 12:01:25 +0000
Files and hashes: 1: 6GbxDT6a6WV6sMU4TLzGDdlwYGg.asa (hash: IznoMM07vrX9zSwsytLqGEh6ipn7AIyTyq5l5KBrdbs=)
2: VN57OoPBsGwrpB2MMJuifcY0BKk.roa (hash: DcZvkcVJE9Z9uRMzY1z6mkbvBqMp9YTBuJgd294hlxc=)
3: oAy0uNVpR3USzleIW6aiiY-8LZU.crl (hash: aIxK5MoyfFjUWFZx78or9r9r77c42ip0B78LQTg/VoA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/oAy0uNVpR3USzleIW6aiiY-8LZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/oAy0uNVpR3USzleIW6aiiY-8LZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/oAy0uNVpR3USzleIW6aiiY-8LZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 12:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:de:fa:08:58:71:e9:8d:2a:7d:01:77:a0:ec:e7:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a00cb4b8d569477512ce57885ba6a2898fbc2d95
Validity
Not Before: Mar 25 12:01:25 2026 GMT
Not After : Mar 26 12:01:25 2026 GMT
Subject: CN=846860af8be59bc2eb4ce7821bb1fd5ef44bb81a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:15:ef:f4:f0:1a:4e:77:76:c9:8a:03:5c:31:
01:f4:ff:3d:8a:67:34:c2:61:ed:05:c6:c3:e1:57:
0f:11:b7:29:b4:07:e1:b7:e0:6b:57:0e:18:53:e0:
38:56:0d:cf:97:05:d1:61:61:cb:4a:4c:dd:f7:52:
82:98:0c:22:72:8c:37:62:dd:a5:ca:d9:24:00:d9:
19:4a:86:dc:49:45:a7:76:e8:64:c0:13:ec:c0:2b:
26:de:86:56:c2:9b:d2:52:4c:24:35:59:a1:df:c4:
09:25:ff:53:df:8e:92:5b:0e:5b:78:de:35:2f:45:
e3:96:e7:5a:ba:39:a6:3f:b1:c3:ef:ee:d8:38:96:
65:92:77:98:91:ed:42:44:f6:26:45:1c:4a:05:72:
03:61:5c:2e:ce:7a:ef:8c:df:3a:a1:54:22:4b:26:
7c:f4:87:f2:ba:24:32:8d:1d:68:5c:a8:e9:de:84:
e1:47:e2:1d:81:4d:ce:bc:52:25:ba:0d:07:cc:88:
84:2b:e5:ae:c0:16:28:69:d0:b8:c4:1f:c5:16:74:
17:b2:70:69:c6:f8:ce:59:cb:06:bc:27:ca:e9:f1:
42:bd:9d:af:4a:27:de:bf:0d:95:2a:66:62:2a:65:
ed:56:a4:3b:8e:12:31:b9:5a:ad:ff:44:3a:5f:f0:
79:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:68:60:AF:8B:E5:9B:C2:EB:4C:E7:82:1B:B1:FD:5E:F4:4B:B8:1A
X509v3 Authority Key Identifier:
keyid:A0:0C:B4:B8:D5:69:47:75:12:CE:57:88:5B:A6:A2:89:8F:BC:2D:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oAy0uNVpR3USzleIW6aiiY-8LZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/oAy0uNVpR3USzleIW6aiiY-8LZU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/oAy0uNVpR3USzleIW6aiiY-8LZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:db:a0:e0:73:76:bd:df:12:5e:aa:76:0a:9a:3d:66:63:a9:
9f:93:a0:12:59:71:7e:6b:7f:61:0e:bc:31:38:f0:dc:04:8c:
1d:eb:eb:9a:3d:24:b3:47:f8:66:32:47:c4:dc:4a:74:c3:b5:
da:d0:aa:b2:45:25:3d:93:d4:40:81:ec:54:4a:b9:da:7d:68:
3e:ce:a7:8c:2d:16:4e:02:14:01:0e:f3:78:1b:36:d1:80:9e:
66:d2:79:58:7b:2f:70:1f:71:9a:a6:55:92:5b:33:8e:4b:d2:
46:44:a8:5c:7f:6c:a9:45:5c:46:6a:10:ce:b0:00:88:a5:fd:
c1:f6:d1:06:e3:09:2e:6c:68:7c:ea:f9:2c:96:ee:17:bc:88:
79:a1:fe:09:b1:3c:71:89:e8:14:0f:bf:c3:6c:99:12:98:d7:
83:94:08:1c:52:06:6c:00:f6:a6:ef:f6:17:3a:64:3b:88:8b:
b7:47:fe:f7:6b:0e:60:1d:9e:a4:ee:12:a5:4d:ec:8f:ea:77:
87:ed:4c:db:03:c3:4f:34:b7:25:b2:a3:21:50:af:cb:18:f2:
f3:e0:28:57:42:d1:ec:ed:29:e9:56:d9:25:c8:c3:e6:36:ee:
0b:4f:27:b6:d6:b3:ff:30:c2:5d:e9:43:78:9f:3e:0c:12:5c:
4e:7f:38:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0k3voIWHHpjSp9AXeg7OcvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMGNiNGI4ZDU2OTQ3NzUxMmNlNTc4ODViYTZhMjg5OGZi
YzJkOTUwHhcNMjYwMzI1MTIwMTI1WhcNMjYwMzI2MTIwMTI1WjAzMTEwLwYDVQQD
Eyg4NDY4NjBhZjhiZTU5YmMyZWI0Y2U3ODIxYmIxZmQ1ZWY0NGJiODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxXv9PAaTnd2yYoDXDEB9P89imc0
wmHtBcbD4VcPEbcptAfht+BrVw4YU+A4Vg3PlwXRYWHLSkzd91KCmAwicow3Yt2l
ytkkANkZSobcSUWnduhkwBPswCsm3oZWwpvSUkwkNVmh38QJJf9T346SWw5beN41
L0XjludaujmmP7HD7+7YOJZlkneYke1CRPYmRRxKBXIDYVwuznrvjN86oVQiSyZ8
9IfyuiQyjR1oXKjp3oThR+IdgU3OvFIlug0HzIiEK+WuwBYoadC4xB/FFnQXsnBp
xvjOWcsGvCfK6fFCvZ2vSifevw2VKmZiKmXtVqQ7jhIxuVqt/0Q6X/B5JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRoYK+L5ZvC60znghux/V70S7gaMB8GA1UdIwQY
MBaAFKAMtLjVaUd1Es5XiFumoomPvC2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0F5MHVOVnBSM1VTemxlSVc2YWlpWS04TFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mOGZkNTktMDExNS00ZGIzLWJkODUt
MThjNzBlYmY2ODFhLzEvb0F5MHVOVnBSM1VTemxlSVc2YWlpWS04TFpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mOGZkNTktMDExNS00ZGIzLWJkODUtMThjNzBlYmY2ODFh
LzEvb0F5MHVOVnBSM1VTemxlSVc2YWlpWS04TFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANtug4HN2
vd8SXqp2Cpo9ZmOpn5OgEllxfmt/YQ68MTjw3ASMHevrmj0ks0f4ZjJHxNxKdMO1
2tCqskUlPZPUQIHsVEq52n1oPs6njC0WTgIUAQ7zeBs20YCeZtJ5WHsvcB9xmqZV
klszjkvSRkSoXH9sqUVcRmoQzrAAiKX9wfbRBuMJLmxofOr5LJbuF7yIeaH+CbE8
cYnoFA+/w2yZEpjXg5QIHFIGbAD2pu/2FzpkO4iLt0f+92sOYB2epO4SpU3sj+p3
h+1M2wPDTzS3JbKjIVCvyxjy8+AoV0LR7O0p6VbZJcjD5jbuC08nttaz/zDCXelD
eJ8+DBJcTn84nA==
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:24:36 2026 by rpki-client