Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/os1DAbKJXx2YqFDlic58BjxTn00.mft
File: os1DAbKJXx2YqFDlic58BjxTn00.mft (raw, json)
Hash identifier: QGygR2Ec/oewotO7ov5vAWlWAQ6cjQap0tanj3leDnc=
Subject key identifier: FE:C2:5B:FA:1A:69:2A:7B:90:7E:7E:AE:63:FA:40:93:B6:45:83:06
Authority key identifier: A2:CD:43:01:B2:89:5F:1D:98:A8:50:E5:89:CE:7C:06:3C:53:9F:4D
Certificate issuer: /CN=a2cd4301b2895f1d98a850e589ce7c063c539f4d
Certificate serial: 019D2C29BB139C3AADC7CF220DD3EED876D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/os1DAbKJXx2YqFDlic58BjxTn00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/os1DAbKJXx2YqFDlic58BjxTn00.mft
Manifest number: 13EE
Signing time: Thu 26 Mar 2026 22:00:25 +0000
Manifest this update: Thu 26 Mar 2026 22:00:25 +0000
Manifest next update: Fri 27 Mar 2026 22:00:25 +0000
Files and hashes: 1: 1yJjuTyf2ztvnkdUcqNAvBEgaSg.roa (hash: nfIlAhagUA3pYoE5LuKLJK3yVXO0M1iaR7XMEzKKagA=)
2: os1DAbKJXx2YqFDlic58BjxTn00.crl (hash: jnRZpX/VO67DY9N3LySBMfYwg7lbsKFgZcfi3Th0+qM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/os1DAbKJXx2YqFDlic58BjxTn00.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/os1DAbKJXx2YqFDlic58BjxTn00.mft
rsync://rpki.ripe.net/repository/DEFAULT/os1DAbKJXx2YqFDlic58BjxTn00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2c:29:bb:13:9c:3a:ad:c7:cf:22:0d:d3:ee:d8:76:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2cd4301b2895f1d98a850e589ce7c063c539f4d
Validity
Not Before: Mar 26 22:00:25 2026 GMT
Not After : Mar 27 22:00:25 2026 GMT
Subject: CN=fec25bfa1a692a7b907e7eae63fa4093b6458306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c9:f8:ce:2d:8d:52:71:4e:0d:c6:d0:20:70:
af:aa:bd:7e:1f:15:91:98:99:54:3b:3b:d3:f8:7f:
3c:b5:65:4d:c6:fe:3d:f0:4e:17:c5:ec:92:10:92:
9b:25:93:80:44:23:a3:8b:32:12:2e:ae:f7:07:92:
64:e9:71:0d:de:2e:50:13:52:16:0b:35:af:50:c9:
aa:07:c4:df:88:ef:5b:d4:6f:fa:bc:6f:6b:75:db:
b6:67:5e:f4:a6:5c:f5:db:d3:61:dc:ef:7a:67:27:
c1:7e:18:dd:97:91:f0:81:67:94:a1:3d:cf:13:3b:
e5:d1:55:65:15:9e:0b:a4:e3:08:05:75:38:00:08:
df:18:e5:0c:f9:ed:50:d6:60:e3:a4:76:a9:6d:c2:
a5:d9:ec:26:26:14:c6:78:9a:c7:eb:db:ec:c8:5e:
3f:58:ee:b6:98:a3:db:a0:e1:51:9a:e3:87:fc:26:
35:2f:2b:8a:59:57:5f:22:11:4a:d4:ca:a7:b9:f6:
89:3e:14:c5:d5:ab:01:a8:17:da:f5:0e:b4:ff:31:
b0:ef:50:76:8b:5b:f7:48:2b:68:bf:a0:63:d1:56:
22:94:89:5c:eb:27:0d:40:29:78:44:b2:90:59:c5:
61:d8:4f:03:25:20:2b:ee:e0:17:3b:3b:f8:0d:9e:
e5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C2:5B:FA:1A:69:2A:7B:90:7E:7E:AE:63:FA:40:93:B6:45:83:06
X509v3 Authority Key Identifier:
keyid:A2:CD:43:01:B2:89:5F:1D:98:A8:50:E5:89:CE:7C:06:3C:53:9F:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/os1DAbKJXx2YqFDlic58BjxTn00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/os1DAbKJXx2YqFDlic58BjxTn00.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/38486c-9de3-44ef-ab29-58f3f37ccdd9/1/os1DAbKJXx2YqFDlic58BjxTn00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:72:3c:c0:35:71:03:4c:33:e1:96:06:79:e6:60:a6:59:cb:
c1:6c:f6:ec:01:c8:8b:0e:a8:4d:8e:89:eb:a6:b5:75:58:41:
f9:11:3e:2d:40:c5:36:28:8a:52:25:09:d0:47:2b:e4:06:9c:
b4:8f:c3:62:0d:0f:97:98:9e:54:92:d4:fd:60:34:f4:f0:86:
f6:5a:79:f7:d1:87:a3:6b:28:b5:88:5a:29:4c:6d:0c:a6:2a:
2c:44:a2:c0:e3:ce:79:30:f6:fa:e9:30:12:fa:98:8a:07:03:
a8:1d:4a:85:16:e0:8c:38:cd:67:be:4e:17:59:ff:97:8f:a0:
53:d9:5d:b8:aa:68:fc:99:8b:7f:b8:45:d0:8f:bd:24:c1:ae:
58:3b:9f:03:0d:c9:84:a5:50:bc:76:39:85:7b:b1:57:65:4e:
41:26:05:d5:25:0c:05:b0:45:e6:b9:81:87:16:60:c4:1d:47:
7d:c1:7d:89:e0:bd:12:af:06:ed:82:5d:34:dc:53:29:81:58:
c2:2b:40:0f:71:b5:83:76:75:3f:bd:52:2b:a2:f4:a1:fb:d7:
2b:88:7f:4b:d5:ec:01:2d:f1:d6:a9:8a:16:46:19:63:ac:d9:
da:13:80:a2:39:3b:4d:af:95:fa:4d:f0:9b:d5:ec:51:7a:2f:
05:5d:4c:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0sKbsTnDqtx88iDdPu2HbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyY2Q0MzAxYjI4OTVmMWQ5OGE4NTBlNTg5Y2U3YzA2M2M1
MzlmNGQwHhcNMjYwMzI2MjIwMDI1WhcNMjYwMzI3MjIwMDI1WjAzMTEwLwYDVQQD
EyhmZWMyNWJmYTFhNjkyYTdiOTA3ZTdlYWU2M2ZhNDA5M2I2NDU4MzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsn4zi2NUnFODcbQIHCvqr1+HxWR
mJlUOzvT+H88tWVNxv498E4XxeySEJKbJZOARCOjizISLq73B5Jk6XEN3i5QE1IW
CzWvUMmqB8TfiO9b1G/6vG9rddu2Z170plz129Nh3O96ZyfBfhjdl5HwgWeUoT3P
Ezvl0VVlFZ4LpOMIBXU4AAjfGOUM+e1Q1mDjpHapbcKl2ewmJhTGeJrH69vsyF4/
WO62mKPboOFRmuOH/CY1LyuKWVdfIhFK1MqnufaJPhTF1asBqBfa9Q60/zGw71B2
i1v3SCtov6Bj0VYilIlc6ycNQCl4RLKQWcVh2E8DJSAr7uAXOzv4DZ7l7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7CW/oaaSp7kH5+rmP6QJO2RYMGMB8GA1UdIwQY
MBaAFKLNQwGyiV8dmKhQ5YnOfAY8U59NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3MxREFiS0pYeDJZcUZEbGljNThCanhUbjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zODQ4NmMtOWRlMy00NGVmLWFiMjkt
NThmM2YzN2NjZGQ5LzEvb3MxREFiS0pYeDJZcUZEbGljNThCanhUbjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zODQ4NmMtOWRlMy00NGVmLWFiMjktNThmM2YzN2NjZGQ5
LzEvb3MxREFiS0pYeDJZcUZEbGljNThCanhUbjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqXI8wDVx
A0wz4ZYGeeZgplnLwWz27AHIiw6oTY6J66a1dVhB+RE+LUDFNiiKUiUJ0Ecr5Aac
tI/DYg0Pl5ieVJLU/WA09PCG9lp599GHo2sotYhaKUxtDKYqLESiwOPOeTD2+ukw
EvqYigcDqB1KhRbgjDjNZ75OF1n/l4+gU9lduKpo/JmLf7hF0I+9JMGuWDufAw3J
hKVQvHY5hXuxV2VOQSYF1SUMBbBF5rmBhxZgxB1HfcF9ieC9Eq8G7YJdNNxTKYFY
witAD3G1g3Z1P71SK6L0ofvXK4h/S9XsAS3x1qmKFkYZY6zZ2hOAojk7Ta+V+k3w
m9XsUXovBV1M3w==
-----END CERTIFICATE-----
Generated at Fri Mar 27 02:03:34 2026 by rpki-client