Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.mft
File: oHFXHI4QtBnXo7824Qhf_VzXipg.mft (raw, json)
Hash identifier: KS7Wob9+JtUzCFCbPhZiHNmoSiymfePLjfm1SVRkSjo=
Subject key identifier: FE:7D:46:B8:87:6E:EC:72:46:8A:53:A5:3B:05:1F:7E:A9:77:0D:A0
Authority key identifier: A0:71:57:1C:8E:10:B4:19:D7:A3:BF:36:E1:08:5F:FD:5C:D7:8A:98
Certificate issuer: /CN=a071571c8e10b419d7a3bf36e1085ffd5cd78a98
Certificate serial: 019D33ACE57BB093A167BF08A0C71B19C475
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oHFXHI4QtBnXo7824Qhf_VzXipg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.mft
Manifest number: 1255
Signing time: Sat 28 Mar 2026 09:01:02 +0000
Manifest this update: Sat 28 Mar 2026 09:01:02 +0000
Manifest next update: Sun 29 Mar 2026 09:01:02 +0000
Files and hashes: 1: THUvGSRSDdO8NyiSUs_kzMBgKSg.roa (hash: f2duUHB5LK8Of3Fa8X+WHnO6K86lhJ6HdId3wsUMfg8=)
2: oHFXHI4QtBnXo7824Qhf_VzXipg.crl (hash: 7qJAss12G1enBCBCZzjOS5nT5/68+8W/O6fbvAlFZMs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.mft
rsync://rpki.ripe.net/repository/DEFAULT/oHFXHI4QtBnXo7824Qhf_VzXipg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:ac:e5:7b:b0:93:a1:67:bf:08:a0:c7:1b:19:c4:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a071571c8e10b419d7a3bf36e1085ffd5cd78a98
Validity
Not Before: Mar 28 09:01:02 2026 GMT
Not After : Mar 29 09:01:02 2026 GMT
Subject: CN=fe7d46b8876eec72468a53a53b051f7ea9770da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:d9:ec:56:a5:f9:cb:cc:85:8b:1c:32:67:a7:
e3:08:7a:3d:46:10:20:33:32:cb:6d:1a:3e:1d:d0:
70:a9:97:a3:bc:ca:60:5a:80:48:58:7e:5e:fe:7f:
ce:92:92:c5:44:48:8b:b4:a3:58:c9:71:b0:81:70:
da:6e:8d:6f:82:66:37:8d:f5:63:23:b4:ae:9a:59:
d7:59:91:d6:c1:11:7b:25:9e:01:04:74:c6:68:58:
de:5d:95:46:4e:b0:49:95:f3:c1:14:4b:28:59:e6:
c1:45:98:c5:45:97:29:6f:85:6c:75:f8:1f:11:51:
e6:e9:1d:7d:a1:41:bd:87:e8:b2:e0:00:6c:1d:c3:
2b:c6:6d:b3:55:a1:1a:9a:92:2c:bd:36:43:fb:bc:
21:89:18:65:3e:bd:96:55:bd:bc:3d:d3:bf:a4:ba:
79:75:05:fd:ed:db:87:ec:37:cc:f0:dd:c1:b0:5f:
f3:42:88:0e:9e:22:9b:9a:1a:d3:b5:e1:26:cb:74:
32:d4:b2:70:c5:d9:d8:c0:ee:50:0f:38:32:71:e3:
cb:95:97:cd:26:f4:13:90:57:c4:8f:d1:b3:47:e6:
e3:26:63:86:41:42:c8:1d:7a:29:9b:e8:00:ba:8d:
2e:eb:f6:1b:65:12:c8:5f:6d:fa:0a:24:dd:c3:25:
11:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:7D:46:B8:87:6E:EC:72:46:8A:53:A5:3B:05:1F:7E:A9:77:0D:A0
X509v3 Authority Key Identifier:
keyid:A0:71:57:1C:8E:10:B4:19:D7:A3:BF:36:E1:08:5F:FD:5C:D7:8A:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHFXHI4QtBnXo7824Qhf_VzXipg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:d2:98:d2:29:8b:f3:d4:5a:36:58:71:85:87:98:60:aa:28:
22:47:f1:13:1c:63:39:b2:80:6b:63:af:ce:f9:4a:73:96:ae:
42:63:fb:06:cb:66:bc:59:34:b4:75:38:c8:33:82:90:f3:52:
5c:a8:11:82:9a:85:2e:4a:fc:92:b6:71:57:47:ff:c4:03:5f:
eb:e5:92:1d:c8:94:97:a4:5c:52:41:1f:bb:70:8e:7c:a7:12:
63:36:f3:6f:59:b9:35:f6:d1:4b:68:76:ec:28:82:42:8e:fa:
fa:3a:4b:3f:d4:80:60:b4:08:dd:9c:78:9c:0c:04:f2:6f:2c:
bb:2f:f5:14:3a:51:63:68:19:1a:4a:7c:ab:96:ec:51:aa:41:
4d:c9:04:9d:40:10:1b:9c:3c:fa:95:53:78:5a:6e:59:af:ff:
f5:a0:70:cc:dd:28:d0:ec:27:2c:ae:da:fd:49:5d:fb:c0:39:
52:19:fe:a1:9a:98:f6:57:60:bd:ca:95:23:4c:45:a7:48:ea:
00:24:d8:40:23:07:b5:ad:f9:9b:83:b6:9a:7e:50:54:c8:42:
cd:59:bd:1c:42:2a:ca:a8:97:95:f8:bf:40:ed:6a:b7:72:6f:
fd:76:1a:5e:3f:9b:66:e8:73:df:74:d1:38:84:fc:9e:42:30:
c1:f2:4d:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zrOV7sJOhZ78IoMcbGcR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzE1NzFjOGUxMGI0MTlkN2EzYmYzNmUxMDg1ZmZkNWNk
NzhhOTgwHhcNMjYwMzI4MDkwMTAyWhcNMjYwMzI5MDkwMTAyWjAzMTEwLwYDVQQD
EyhmZTdkNDZiODg3NmVlYzcyNDY4YTUzYTUzYjA1MWY3ZWE5NzcwZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7dnsVqX5y8yFixwyZ6fjCHo9RhAg
MzLLbRo+HdBwqZejvMpgWoBIWH5e/n/OkpLFREiLtKNYyXGwgXDabo1vgmY3jfVj
I7SumlnXWZHWwRF7JZ4BBHTGaFjeXZVGTrBJlfPBFEsoWebBRZjFRZcpb4Vsdfgf
EVHm6R19oUG9h+iy4ABsHcMrxm2zVaEampIsvTZD+7whiRhlPr2WVb28PdO/pLp5
dQX97duH7DfM8N3BsF/zQogOniKbmhrTteEmy3Qy1LJwxdnYwO5QDzgycePLlZfN
JvQTkFfEj9GzR+bjJmOGQULIHXopm+gAuo0u6/YbZRLIX236CiTdwyUR4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP59RriHbuxyRopTpTsFH36pdw2gMB8GA1UdIwQY
MBaAFKBxVxyOELQZ16O/NuEIX/1c14qYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hGWEhJNFF0Qm5Ybzc4MjRRaGZfVnpYaXBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9jMjgyOWYtYjNlZC00NGQzLWE1Y2Yt
MGMxZjY5YjdhZWU3LzEvb0hGWEhJNFF0Qm5Ybzc4MjRRaGZfVnpYaXBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9jMjgyOWYtYjNlZC00NGQzLWE1Y2YtMGMxZjY5YjdhZWU3
LzEvb0hGWEhJNFF0Qm5Ybzc4MjRRaGZfVnpYaXBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARNKY0imL
89RaNlhxhYeYYKooIkfxExxjObKAa2OvzvlKc5auQmP7BstmvFk0tHU4yDOCkPNS
XKgRgpqFLkr8krZxV0f/xANf6+WSHciUl6RcUkEfu3COfKcSYzbzb1m5NfbRS2h2
7CiCQo76+jpLP9SAYLQI3Zx4nAwE8m8suy/1FDpRY2gZGkp8q5bsUapBTckEnUAQ
G5w8+pVTeFpuWa//9aBwzN0o0OwnLK7a/Uld+8A5Uhn+oZqY9ldgvcqVI0xFp0jq
ACTYQCMHta35m4O2mn5QVMhCzVm9HEIqyqiXlfi/QO1qt3Jv/XYaXj+bZuhz33TR
OIT8nkIwwfJNQg==
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:16:24 2026 by rpki-client