Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
File: OQlq7uS6fDS4EkCtSRrEba90wx0.mft (raw, json)
Hash identifier: R+XS9RYV3r0C4rSj6k0uuDyUufFAnjn4SqecJRAuYd4=
Subject key identifier: B2:FF:56:E7:EC:65:63:42:D8:73:8E:A2:DE:C4:D2:3C:28:EE:3F:5E
Authority key identifier: 39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D
Certificate issuer: /CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
Certificate serial: 019D27A8B4471075AF76E0FB0D32E8336070
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
Manifest number: 1884
Signing time: Thu 26 Mar 2026 01:01:00 +0000
Manifest this update: Thu 26 Mar 2026 01:01:00 +0000
Manifest next update: Fri 27 Mar 2026 01:01:00 +0000
Files and hashes: 1: OQlq7uS6fDS4EkCtSRrEba90wx0.crl (hash: jrRfFhKbvP3/xlf8bjiOwCBin3lqkSLolp4+U5wXCE0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a8:b4:47:10:75:af:76:e0:fb:0d:32:e8:33:60:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
Validity
Not Before: Mar 26 01:01:00 2026 GMT
Not After : Mar 27 01:01:00 2026 GMT
Subject: CN=b2ff56e7ec656342d8738ea2dec4d23c28ee3f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fb:00:8a:40:0e:a8:f6:b0:c7:30:ad:7c:a6:
47:8b:23:09:97:73:d5:7c:5b:4d:d4:ce:ad:42:f3:
0b:f7:67:a2:f3:de:65:50:5a:4d:ac:ee:ce:78:3d:
9c:e2:38:1f:d3:bf:88:64:cf:0c:4d:0b:d3:61:92:
14:e8:13:18:d8:a8:01:96:74:94:c8:ea:10:f7:ec:
23:1e:8b:24:39:6c:7f:96:09:ab:af:91:fb:50:a3:
94:f9:98:63:74:8c:a7:63:89:03:a5:10:66:0d:bc:
66:4a:37:4f:fb:06:59:cd:9d:ec:1d:59:87:4f:27:
88:5a:25:c3:d9:4d:80:dd:a4:1b:95:36:ad:d7:e2:
9e:12:4e:27:a0:ab:41:32:fc:7f:8b:90:2d:39:41:
73:6a:40:6c:6d:1c:94:bd:f5:d3:8c:34:b0:68:85:
11:19:07:7e:15:5e:a2:77:10:05:f2:83:21:d8:fc:
41:eb:8f:c7:15:b5:20:b5:76:4e:ad:95:ac:e7:f7:
c0:e1:9d:97:31:85:81:ec:3b:b2:d1:0e:ec:0f:28:
0b:53:48:60:d0:ab:64:ae:c1:92:da:9b:ed:4f:e8:
05:7c:0e:e8:72:7f:41:3d:bd:fd:2f:c7:4b:77:32:
4e:2e:4d:84:26:b5:20:d3:fc:93:65:ac:a6:26:e0:
b2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:FF:56:E7:EC:65:63:42:D8:73:8E:A2:DE:C4:D2:3C:28:EE:3F:5E
X509v3 Authority Key Identifier:
keyid:39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:d2:ff:18:8c:df:b4:e3:d8:60:93:29:70:bf:6c:79:c0:14:
88:8a:0c:55:f8:82:61:0f:b9:d0:c7:e8:18:1a:f2:2b:22:bd:
a3:cc:74:95:20:8b:cd:20:1a:bd:1f:cc:2b:9a:5a:16:83:7c:
da:dd:a3:05:e9:e6:95:7b:4a:f4:aa:41:ac:d1:7f:ec:77:84:
fa:af:6a:06:2b:21:c4:3e:bd:10:46:6d:c5:29:0c:89:65:75:
d0:6a:e5:42:b8:08:2c:72:af:1f:26:5f:29:f6:1d:6a:8c:9c:
8b:9d:44:82:98:25:2c:eb:8b:de:35:6f:d8:b3:05:ce:e6:bb:
2a:df:f7:9b:10:0f:95:84:1d:a2:53:41:a8:6e:01:bb:cb:0a:
e6:09:c6:98:fd:ae:42:46:c7:93:a7:62:68:c6:fb:5f:03:b1:
09:65:95:03:f5:fa:b7:a3:43:df:5d:4a:dd:a9:59:36:bb:be:
cd:34:dd:ee:fd:7b:f9:26:d2:86:53:0d:55:a6:0d:12:c0:8f:
a2:de:59:2c:73:91:04:10:c8:f4:a7:9c:43:ab:4a:95:ed:ea:
74:23:5f:7d:fb:52:3f:05:7a:3f:bc:8a:6a:50:c5:6e:e9:3d:
33:2b:81:08:a9:cb:e3:67:dd:50:bd:11:9d:13:76:f2:dd:5b:
34:66:cd:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqLRHEHWvduD7DTLoM2BwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDk2YWVlZTRiYTdjMzRiODEyNDBhZDQ5MWFjNDZkYWY3
NGMzMWQwHhcNMjYwMzI2MDEwMTAwWhcNMjYwMzI3MDEwMTAwWjAzMTEwLwYDVQQD
EyhiMmZmNTZlN2VjNjU2MzQyZDg3MzhlYTJkZWM0ZDIzYzI4ZWUzZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfsAikAOqPawxzCtfKZHiyMJl3PV
fFtN1M6tQvML92ei895lUFpNrO7OeD2c4jgf07+IZM8MTQvTYZIU6BMY2KgBlnSU
yOoQ9+wjHoskOWx/lgmrr5H7UKOU+ZhjdIynY4kDpRBmDbxmSjdP+wZZzZ3sHVmH
TyeIWiXD2U2A3aQblTat1+KeEk4noKtBMvx/i5AtOUFzakBsbRyUvfXTjDSwaIUR
GQd+FV6idxAF8oMh2PxB64/HFbUgtXZOrZWs5/fA4Z2XMYWB7Duy0Q7sDygLU0hg
0KtkrsGS2pvtT+gFfA7ocn9BPb39L8dLdzJOLk2EJrUg0/yTZaymJuCytwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLL/VufsZWNC2HOOot7E0jwo7j9eMB8GA1UdIwQY
MBaAFDkJau7kunw0uBJArUkaxG2vdMMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEt
MTA1NjE3NjM4NzI2LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEtMTA1NjE3NjM4NzI2
LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHNL/GIzf
tOPYYJMpcL9secAUiIoMVfiCYQ+50MfoGBryKyK9o8x0lSCLzSAavR/MK5paFoN8
2t2jBenmlXtK9KpBrNF/7HeE+q9qBishxD69EEZtxSkMiWV10GrlQrgILHKvHyZf
KfYdaoyci51EgpglLOuL3jVv2LMFzua7Kt/3mxAPlYQdolNBqG4Bu8sK5gnGmP2u
QkbHk6diaMb7XwOxCWWVA/X6t6ND311K3alZNru+zTTd7v17+SbShlMNVaYNEsCP
ot5ZLHORBBDI9KecQ6tKle3qdCNffftSPwV6P7yKalDFbuk9MyuBCKnL42fdUL0R
nRN28t1bNGbNWQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:07:19 2026 by rpki-client