Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft
File: OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft (raw, json)
Hash identifier: bthKbQl/ozeN4vrRvHcX87r47kI11F2aoLYJf+W987s=
Subject key identifier: 0D:0A:D9:DA:1D:0A:6D:E2:9A:5C:FE:27:B0:FE:7C:85:B0:D3:7F:4E
Authority key identifier: 3A:BC:62:47:EE:0C:AE:C3:65:A8:02:2F:5F:8C:6F:EC:CC:A5:71:0D
Certificate issuer: /CN=3abc6247ee0caec365a8022f5f8c6feccca5710d
Certificate serial: 019D28F2A661C45DA7BA05BB7161153967A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OrxiR-4MrsNlqAIvX4xv7MylcQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft
Manifest number: 1165
Signing time: Thu 26 Mar 2026 07:01:24 +0000
Manifest this update: Thu 26 Mar 2026 07:01:24 +0000
Manifest next update: Fri 27 Mar 2026 07:01:24 +0000
Files and hashes: 1: OrxiR-4MrsNlqAIvX4xv7MylcQ0.crl (hash: iOt6i0YWGylaDP4aYSX5x9pvSRR3Fk28WPT23BYKy7g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OrxiR-4MrsNlqAIvX4xv7MylcQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:f2:a6:61:c4:5d:a7:ba:05:bb:71:61:15:39:67:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3abc6247ee0caec365a8022f5f8c6feccca5710d
Validity
Not Before: Mar 26 07:01:24 2026 GMT
Not After : Mar 27 07:01:24 2026 GMT
Subject: CN=0d0ad9da1d0a6de29a5cfe27b0fe7c85b0d37f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:4a:b9:1c:d4:5f:a5:26:04:05:0f:a0:27:fc:
bd:73:7e:8d:2d:3b:63:05:00:07:91:c1:a4:78:94:
71:02:7e:34:64:30:d9:ea:a5:ab:14:89:4a:ba:c2:
4b:f4:b8:30:1b:c4:4e:1b:68:ee:2c:53:f0:5c:84:
48:57:74:f2:52:9f:33:17:c1:51:6a:57:d1:a8:13:
80:01:32:6b:1c:d3:c7:b5:cc:03:4d:af:4e:4d:29:
23:b2:4e:af:76:1b:69:09:be:26:d4:62:57:5a:b5:
b3:4f:7a:9e:40:7e:56:36:98:57:94:ab:4c:65:7d:
76:24:cf:33:59:28:7c:3e:da:ff:bb:fb:66:a5:0e:
1e:10:04:56:5e:1b:95:66:03:88:17:ce:67:f8:a3:
ac:66:a6:a1:34:2e:6a:9f:62:87:e6:2b:c4:ee:79:
54:38:c7:f5:1f:67:2e:b5:2c:db:46:e7:f8:48:8a:
3e:f7:04:90:f3:d9:45:5a:c0:7c:ff:2d:9b:e3:64:
03:57:c2:b7:95:83:64:df:c8:bf:2c:1e:3a:9a:73:
9b:41:ca:83:54:b3:42:d4:38:98:e2:65:91:b9:f2:
06:97:3d:ac:37:b6:02:47:1c:c7:5e:25:55:01:f8:
05:dc:97:df:cc:e4:9c:81:c3:08:d2:90:49:17:f0:
c4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:0A:D9:DA:1D:0A:6D:E2:9A:5C:FE:27:B0:FE:7C:85:B0:D3:7F:4E
X509v3 Authority Key Identifier:
keyid:3A:BC:62:47:EE:0C:AE:C3:65:A8:02:2F:5F:8C:6F:EC:CC:A5:71:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OrxiR-4MrsNlqAIvX4xv7MylcQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:e1:37:0a:fd:87:68:91:4b:47:cf:97:6a:11:53:f1:b0:7c:
65:5e:d2:93:2c:80:0f:a6:a5:e0:c4:02:27:e2:02:3f:41:09:
c6:8f:c5:0b:5f:e1:df:1e:a5:65:65:92:4b:26:e2:d5:88:0b:
9a:a6:60:9b:4e:4c:5d:35:bb:7c:47:1a:5a:3e:85:26:30:eb:
d3:1f:25:d5:cf:28:99:ba:14:cc:2e:7e:a0:ce:37:56:e9:c8:
27:0d:3a:cf:43:c2:93:49:dd:79:0a:54:70:c8:79:35:92:63:
39:02:0d:12:8f:3c:aa:01:13:3f:10:bf:e7:48:c9:c0:7c:7f:
ff:9c:0b:81:27:7c:61:7b:06:87:5a:40:68:d6:0f:73:f6:b5:
65:27:1b:72:34:9b:53:4f:b7:12:bf:26:4c:75:d5:eb:c7:1b:
e7:2e:6f:b4:85:8f:32:f6:17:27:e6:77:d1:71:fe:4d:c7:1d:
7a:2c:ca:ba:e6:59:99:a5:2f:19:3c:06:77:25:e1:13:1f:8e:
71:07:cf:9c:69:48:13:f9:fe:a2:88:d1:ef:91:25:1b:aa:cc:
87:c1:99:1a:31:e4:5d:b0:87:3a:0d:d2:f6:ba:06:30:1c:a6:
27:d6:de:2b:d0:14:3f:db:e6:92:c5:5b:bf:ae:94:d2:d2:4d:
ec:f3:83:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8qZhxF2nugW7cWEVOWejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmM2MjQ3ZWUwY2FlYzM2NWE4MDIyZjVmOGM2ZmVjY2Nh
NTcxMGQwHhcNMjYwMzI2MDcwMTI0WhcNMjYwMzI3MDcwMTI0WjAzMTEwLwYDVQQD
EygwZDBhZDlkYTFkMGE2ZGUyOWE1Y2ZlMjdiMGZlN2M4NWIwZDM3ZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Eq5HNRfpSYEBQ+gJ/y9c36NLTtj
BQAHkcGkeJRxAn40ZDDZ6qWrFIlKusJL9LgwG8ROG2juLFPwXIRIV3TyUp8zF8FR
alfRqBOAATJrHNPHtcwDTa9OTSkjsk6vdhtpCb4m1GJXWrWzT3qeQH5WNphXlKtM
ZX12JM8zWSh8Ptr/u/tmpQ4eEARWXhuVZgOIF85n+KOsZqahNC5qn2KH5ivE7nlU
OMf1H2cutSzbRuf4SIo+9wSQ89lFWsB8/y2b42QDV8K3lYNk38i/LB46mnObQcqD
VLNC1DiY4mWRufIGlz2sN7YCRxzHXiVVAfgF3JffzOScgcMI0pBJF/DEMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0K2dodCm3imlz+J7D+fIWw039OMB8GA1UdIwQY
MBaAFDq8YkfuDK7DZagCL1+Mb+zMpXENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3J4aVItNE1yc05scUFJdlg0eHY3TXlsY1EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MzNhYmItMmMzZC00ZGQzLTgwZWIt
YjhjZjY0OWRlMzJjLzEvT3J4aVItNE1yc05scUFJdlg0eHY3TXlsY1EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MzNhYmItMmMzZC00ZGQzLTgwZWItYjhjZjY0OWRlMzJj
LzEvT3J4aVItNE1yc05scUFJdlg0eHY3TXlsY1EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF+E3Cv2H
aJFLR8+XahFT8bB8ZV7SkyyAD6al4MQCJ+ICP0EJxo/FC1/h3x6lZWWSSybi1YgL
mqZgm05MXTW7fEcaWj6FJjDr0x8l1c8omboUzC5+oM43VunIJw06z0PCk0ndeQpU
cMh5NZJjOQINEo88qgETPxC/50jJwHx//5wLgSd8YXsGh1pAaNYPc/a1ZScbcjSb
U0+3Er8mTHXV68cb5y5vtIWPMvYXJ+Z30XH+TccdeizKuuZZmaUvGTwGdyXhEx+O
cQfPnGlIE/n+oojR75ElG6rMh8GZGjHkXbCHOg3S9roGMBymJ9beK9AUP9vmksVb
v66U0tJN7POD8A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:40:23 2026 by rpki-client