Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
File: OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft (raw, json)
Hash identifier: sj6SrDsBS1ef49UucU4osRrgZfYsk91BAr9RiqumKUg=
Subject key identifier: B1:13:E5:D1:82:B2:0D:37:65:E1:8F:BE:2F:18:99:48:4B:A5:A1:40
Authority key identifier: 39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
Certificate issuer: /CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Certificate serial: 019D2929AA78B0B4567D6AA90218667CADBE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
Manifest number: 0403
Signing time: Thu 26 Mar 2026 08:01:29 +0000
Manifest this update: Thu 26 Mar 2026 08:01:29 +0000
Manifest next update: Fri 27 Mar 2026 08:01:29 +0000
Files and hashes: 1: OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl (hash: LdJGet2QDIafPZEoo6vVht3mkW5v9RVjeWjs7OdfCA4=)
2: aiiRtiYyMK2pR69dLCHHrDF9gJE.roa (hash: GHDYFSzrpoLIOpX6iS/EkCdY5TaFBOcxhHWzm9AoCPo=)
3: eXXm1Ulp8umzvbta5fLxp-PY-MY.roa (hash: crFjalMvsl9i/+rOJNU/pdcqz+sZdkcxyLZdz71JwLM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:aa:78:b0:b4:56:7d:6a:a9:02:18:66:7c:ad:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Validity
Not Before: Mar 26 08:01:29 2026 GMT
Not After : Mar 27 08:01:29 2026 GMT
Subject: CN=b113e5d182b20d3765e18fbe2f1899484ba5a140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:58:23:2f:20:86:4b:b9:fa:52:45:0e:73:b7:
08:49:f7:d2:3a:c1:c1:e4:c9:b7:5d:82:95:6c:4e:
be:fb:fa:6a:67:76:8c:5e:e6:c8:b3:7e:8a:06:bd:
84:dd:9a:8b:67:db:5c:32:63:74:20:26:c1:4b:a2:
96:f5:a5:e0:9c:16:64:38:2b:09:70:10:5e:cc:45:
b8:e7:3e:63:8c:80:b7:54:ad:18:3c:c5:f1:b0:4a:
12:df:0a:0b:c7:cb:d0:db:c5:24:89:e6:8a:b1:8b:
75:75:a3:ff:b5:20:d4:5e:7d:43:e8:4b:ad:06:ad:
ce:6f:22:a4:fc:1b:b7:07:c4:2b:fb:75:38:ed:80:
5b:e3:c8:37:84:c1:82:b1:e8:77:3d:07:32:52:6b:
bf:e6:b0:e5:63:71:b8:ff:dc:e4:81:8b:a5:50:05:
5a:88:ed:6a:9b:d8:4a:e5:4e:2b:7b:cf:89:2f:ca:
35:2f:44:0c:b0:85:c9:7c:3c:92:9c:b8:88:b7:14:
12:96:96:e9:51:85:d3:cb:0f:aa:80:aa:41:7f:53:
68:ea:3c:c0:e7:b0:cf:14:21:c7:ef:91:85:7d:ac:
27:67:dd:c7:b2:1f:2e:7b:19:cc:4d:ee:a8:a7:98:
18:a4:27:a6:86:d4:77:3c:c7:5a:76:2a:51:10:78:
94:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:13:E5:D1:82:B2:0D:37:65:E1:8F:BE:2F:18:99:48:4B:A5:A1:40
X509v3 Authority Key Identifier:
keyid:39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:b5:09:f1:ad:f1:ee:66:ec:b2:b3:b4:72:28:77:1f:bc:ab:
ae:ee:10:8f:07:b3:65:97:7a:13:b2:00:61:a6:57:17:f6:a7:
b7:44:ee:70:b8:5d:53:04:69:aa:3f:5a:ad:e4:19:06:14:b5:
29:8e:f8:5a:6c:a6:6d:5f:e2:95:89:2c:8b:52:42:53:e6:0c:
d9:49:25:70:f4:79:b4:88:c1:2b:b8:43:d1:bc:c7:97:98:f3:
eb:f4:52:6c:64:42:ec:47:cf:f7:48:80:22:c2:0d:71:bb:41:
72:cc:b6:ee:3b:1e:ba:5a:8d:0a:75:49:61:65:60:5e:f9:b6:
e9:a4:6d:4e:12:03:b6:12:7e:36:29:1a:8f:5e:53:c9:00:06:
2e:b5:2f:bf:ae:0c:92:27:11:6b:ca:72:93:a2:e8:d7:a7:6c:
dc:f8:a3:4f:db:1a:95:7d:7d:42:45:af:0c:df:4d:7e:c1:72:
4b:35:ec:13:85:e0:6e:24:92:e5:89:cb:2b:88:cb:8e:56:59:
e4:a1:86:bb:72:32:8c:ca:3f:ff:20:60:1d:93:35:7b:e8:92:
ae:eb:d7:0a:32:f9:96:16:1c:88:8a:c4:1d:54:d1:61:08:0c:
84:15:e5:d1:15:a8:ab:81:13:f1:42:4a:94:18:9d:0a:20:fc:
0d:87:63:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKap4sLRWfWqpAhhmfK2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Zjg3M2NkMzkzOTIwM2M3NzhhOGVhYWYxNjgzZTk0NjRh
YzM0MDAwHhcNMjYwMzI2MDgwMTI5WhcNMjYwMzI3MDgwMTI5WjAzMTEwLwYDVQQD
EyhiMTEzZTVkMTgyYjIwZDM3NjVlMThmYmUyZjE4OTk0ODRiYTVhMTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslgjLyCGS7n6UkUOc7cISffSOsHB
5Mm3XYKVbE6++/pqZ3aMXubIs36KBr2E3ZqLZ9tcMmN0ICbBS6KW9aXgnBZkOCsJ
cBBezEW45z5jjIC3VK0YPMXxsEoS3woLx8vQ28UkieaKsYt1daP/tSDUXn1D6Eut
Bq3ObyKk/Bu3B8Qr+3U47YBb48g3hMGCseh3PQcyUmu/5rDlY3G4/9zkgYulUAVa
iO1qm9hK5U4re8+JL8o1L0QMsIXJfDySnLiItxQSlpbpUYXTyw+qgKpBf1No6jzA
57DPFCHH75GFfawnZ93Hsh8uexnMTe6op5gYpCemhtR3PMdadipREHiUhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLET5dGCsg03ZeGPvi8YmUhLpaFAMB8GA1UdIwQY
MBaAFDn4c805OSA8d4qOqvFoPpRkrDQAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMt
NGU2NTViNWI2NDI3LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMtNGU2NTViNWI2NDI3
LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANrUJ8a3x
7mbssrO0cih3H7yrru4QjwezZZd6E7IAYaZXF/ant0TucLhdUwRpqj9areQZBhS1
KY74WmymbV/ilYksi1JCU+YM2UklcPR5tIjBK7hD0bzHl5jz6/RSbGRC7EfP90iA
IsINcbtBcsy27jseulqNCnVJYWVgXvm26aRtThIDthJ+Nikaj15TyQAGLrUvv64M
kicRa8pyk6Lo16ds3PijT9salX19QkWvDN9NfsFySzXsE4XgbiSS5YnLK4jLjlZZ
5KGGu3IyjMo//yBgHZM1e+iSruvXCjL5lhYciIrEHVTRYQgMhBXl0RWoq4ET8UJK
lBidCiD8DYdjGQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:04:33 2026 by rpki-client