Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
File: OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft (raw, json)
Hash identifier: zylMQs+4n/tMg8hGIK9eGF8kjT+dHPflnvQd3+FgVVM=
Subject key identifier: BA:B3:A9:5B:61:BD:45:01:AC:AF:A5:C2:F3:11:FC:96:22:72:EE:32
Authority key identifier: 39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
Certificate issuer: /CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Certificate serial: 019D2B1722FD976A5068A2D047D0FA2B924F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
Manifest number: 0404
Signing time: Thu 26 Mar 2026 17:00:29 +0000
Manifest this update: Thu 26 Mar 2026 17:00:29 +0000
Manifest next update: Fri 27 Mar 2026 17:00:29 +0000
Files and hashes: 1: OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl (hash: cXrwqb6jtcYWmbAzjpbqi67rexy64O1M908WsobpPYI=)
2: aiiRtiYyMK2pR69dLCHHrDF9gJE.roa (hash: GHDYFSzrpoLIOpX6iS/EkCdY5TaFBOcxhHWzm9AoCPo=)
3: eXXm1Ulp8umzvbta5fLxp-PY-MY.roa (hash: crFjalMvsl9i/+rOJNU/pdcqz+sZdkcxyLZdz71JwLM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:17:22:fd:97:6a:50:68:a2:d0:47:d0:fa:2b:92:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Validity
Not Before: Mar 26 17:00:29 2026 GMT
Not After : Mar 27 17:00:29 2026 GMT
Subject: CN=bab3a95b61bd4501acafa5c2f311fc962272ee32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:51:67:7e:86:25:1a:49:5d:2e:cb:13:38:21:
8e:9b:33:94:fc:83:bc:fb:35:94:ff:ee:02:e3:7a:
23:30:aa:cd:bc:c6:af:eb:3e:63:9a:44:e5:ab:9c:
ca:34:1a:5b:47:e6:aa:cf:23:fd:15:33:b1:96:e1:
31:36:6f:16:99:1c:5e:d1:af:df:d5:72:6b:81:4c:
d1:50:cd:56:63:d2:1b:5c:f4:b3:19:35:26:f4:1d:
25:a2:6c:cb:ce:2d:32:87:f2:70:6c:67:75:cc:22:
dc:74:7e:fa:b7:b5:9f:0a:f6:34:fd:2c:7b:a3:7c:
a7:cc:b5:92:12:7a:c7:e2:6c:bc:24:64:60:92:47:
09:18:0e:87:94:4e:e9:2e:e8:a3:39:6b:97:07:42:
b9:c9:d5:83:9c:ff:b3:3d:2b:84:f6:e0:2d:16:a9:
be:07:fe:76:26:90:4f:bc:c5:45:2d:09:9a:d3:50:
97:99:61:7a:20:55:00:e6:fa:20:4f:aa:39:46:68:
c9:e4:9d:fa:a0:9a:ce:d9:a6:81:4a:07:6b:8d:1f:
52:51:4c:2a:4e:0b:91:c6:c4:6c:f0:7d:32:0a:3a:
b0:d7:f7:99:0d:5b:60:70:ec:85:7b:cb:4a:8f:6d:
22:ae:87:41:8a:be:70:91:71:36:79:c0:58:97:56:
88:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B3:A9:5B:61:BD:45:01:AC:AF:A5:C2:F3:11:FC:96:22:72:EE:32
X509v3 Authority Key Identifier:
keyid:39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:28:43:80:72:57:5c:1a:12:88:6d:a4:57:b8:36:c2:59:d1:
04:6b:76:fb:3b:06:a2:3d:34:a2:44:07:29:eb:d8:28:dd:8e:
0b:48:51:b7:bc:3a:37:ae:07:c2:e2:d5:07:fd:4c:f0:31:7e:
3c:c8:b8:76:87:0b:ab:ca:a6:32:e3:81:9f:33:38:93:9e:a3:
0c:99:f2:26:1f:9b:f7:c3:a1:6b:ae:d9:2d:77:4f:3e:57:5c:
ba:1d:58:d9:88:1e:7e:d4:55:89:3e:13:3e:14:b1:5f:bc:ef:
cf:db:4c:ef:26:72:22:5e:37:1c:df:6f:c8:0c:64:fe:81:33:
89:39:e1:94:04:a7:12:74:1c:78:c7:e2:ed:d3:c5:5c:02:5f:
89:36:98:a8:56:87:48:f4:78:0a:63:1e:69:ac:ab:fe:f4:51:
2c:11:8c:aa:12:e1:e0:de:48:4a:41:68:09:31:7f:f4:73:79:
68:f4:9b:27:86:eb:e7:66:3f:93:8b:1c:28:e6:f7:9e:e1:25:
b6:56:be:72:80:3d:71:b5:05:c2:17:f0:a5:98:e5:3a:fa:f3:
bd:0a:56:1e:9f:69:c6:49:ee:90:ba:33:e7:86:e8:f7:dc:f3:
3e:f9:8e:9a:11:78:81:d9:f2:07:7d:1a:05:63:99:0f:76:b8:
80:c3:c5:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rFyL9l2pQaKLQR9D6K5JPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Zjg3M2NkMzkzOTIwM2M3NzhhOGVhYWYxNjgzZTk0NjRh
YzM0MDAwHhcNMjYwMzI2MTcwMDI5WhcNMjYwMzI3MTcwMDI5WjAzMTEwLwYDVQQD
EyhiYWIzYTk1YjYxYmQ0NTAxYWNhZmE1YzJmMzExZmM5NjIyNzJlZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFFnfoYlGkldLssTOCGOmzOU/IO8
+zWU/+4C43ojMKrNvMav6z5jmkTlq5zKNBpbR+aqzyP9FTOxluExNm8WmRxe0a/f
1XJrgUzRUM1WY9IbXPSzGTUm9B0lomzLzi0yh/JwbGd1zCLcdH76t7WfCvY0/Sx7
o3ynzLWSEnrH4my8JGRgkkcJGA6HlE7pLuijOWuXB0K5ydWDnP+zPSuE9uAtFqm+
B/52JpBPvMVFLQma01CXmWF6IFUA5vogT6o5RmjJ5J36oJrO2aaBSgdrjR9SUUwq
TguRxsRs8H0yCjqw1/eZDVtgcOyFe8tKj20irodBir5wkXE2ecBYl1aImQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLqzqVthvUUBrK+lwvMR/JYicu4yMB8GA1UdIwQY
MBaAFDn4c805OSA8d4qOqvFoPpRkrDQAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMt
NGU2NTViNWI2NDI3LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMtNGU2NTViNWI2NDI3
LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZihDgHJX
XBoSiG2kV7g2wlnRBGt2+zsGoj00okQHKevYKN2OC0hRt7w6N64HwuLVB/1M8DF+
PMi4docLq8qmMuOBnzM4k56jDJnyJh+b98Oha67ZLXdPPldcuh1Y2YgeftRViT4T
PhSxX7zvz9tM7yZyIl43HN9vyAxk/oEziTnhlASnEnQceMfi7dPFXAJfiTaYqFaH
SPR4CmMeaayr/vRRLBGMqhLh4N5ISkFoCTF/9HN5aPSbJ4br52Y/k4scKOb3nuEl
tla+coA9cbUFwhfwpZjlOvrzvQpWHp9pxknukLoz54bo99zzPvmOmhF4gdnyB30a
BWOZD3a4gMPFRQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:23:47 2026 by rpki-client