Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
File: OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft (raw, json)
Hash identifier: aKokqjcmsRK7+PKwpip50ocVd63tRePI0B9sBXxQY6c=
Subject key identifier: 61:48:FA:08:C3:C7:45:7F:59:E1:AB:C0:DD:C3:65:48:2D:74:01:D1
Authority key identifier: 38:5C:F4:93:9B:EE:EA:EA:F4:40:9C:28:40:EB:34:4C:AB:08:50:E0
Certificate issuer: /CN=385cf4939beeeaeaf4409c2840eb344cab0850e0
Certificate serial: 019D2A72AA4B48F0D6B905A98B765CAF3ED7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
Manifest number: 0DCF
Signing time: Thu 26 Mar 2026 14:00:50 +0000
Manifest this update: Thu 26 Mar 2026 14:00:50 +0000
Manifest next update: Fri 27 Mar 2026 14:00:50 +0000
Files and hashes: 1: Cyn38xr_aKjpDo4P5qrp-xma_-Q.roa (hash: EIt3b7IJ5biIXSp4ZF9k1ni8CNt6QRDhPAAZE5+8sT4=)
2: OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl (hash: 8RAMapn4xQZ3Rq1XDeWFMTYlRehT8KzO4JNf3XhLgUk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:72:aa:4b:48:f0:d6:b9:05:a9:8b:76:5c:af:3e:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385cf4939beeeaeaf4409c2840eb344cab0850e0
Validity
Not Before: Mar 26 14:00:50 2026 GMT
Not After : Mar 27 14:00:50 2026 GMT
Subject: CN=6148fa08c3c7457f59e1abc0ddc365482d7401d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7a:8e:a9:fa:83:d1:65:13:0f:87:e5:68:a3:
54:09:cd:31:57:c2:39:e4:ab:da:82:3e:23:94:c9:
bf:a5:e0:2b:04:c7:84:a4:ab:db:3e:c8:f1:04:e0:
c2:07:b6:5b:24:ab:90:41:04:7e:09:59:31:a5:83:
4f:3a:5b:d7:68:79:b2:bb:ea:01:e3:42:23:ee:dd:
e2:bc:c8:d8:5d:ae:17:68:91:7c:9a:e4:49:f2:9b:
bd:98:01:c5:b4:63:52:24:12:19:54:59:ee:78:4b:
3f:27:dd:cc:ac:6e:96:60:7b:17:ea:44:26:67:6d:
b2:72:75:7c:dd:73:da:42:89:9c:4b:e8:a6:aa:9d:
44:b5:75:a4:10:ef:59:91:e3:a1:6c:47:2d:a4:89:
18:8a:76:a1:99:46:65:fa:67:09:9c:91:a8:f3:56:
df:db:08:1b:b2:96:13:0b:e4:7a:0b:5e:b2:80:42:
18:af:89:1a:17:08:6d:39:76:88:0c:81:d1:1f:ac:
c5:8f:ec:f4:aa:1c:d3:ee:ec:fb:8c:2f:12:84:a9:
5f:c6:af:6d:12:f2:f2:94:89:fd:ef:73:79:09:7d:
b4:e1:59:84:6e:db:e7:cd:3c:f7:e1:20:3b:1b:67:
81:6e:e4:d0:7a:87:67:27:62:e8:05:68:16:db:38:
69:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:48:FA:08:C3:C7:45:7F:59:E1:AB:C0:DD:C3:65:48:2D:74:01:D1
X509v3 Authority Key Identifier:
keyid:38:5C:F4:93:9B:EE:EA:EA:F4:40:9C:28:40:EB:34:4C:AB:08:50:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:64:12:96:84:8b:63:67:43:d2:af:84:78:af:8e:57:80:01:
db:ff:a5:12:b3:5b:cb:d5:71:4d:56:17:c0:34:bb:7c:c8:07:
c8:86:f0:38:96:8d:3b:b3:d1:8e:7e:80:c3:b5:4b:48:8e:d9:
1f:e4:d8:e1:26:10:8e:40:9b:9c:52:54:61:4a:08:77:27:08:
be:39:f5:ea:8e:dc:ef:7a:e5:c6:d5:c2:40:d3:eb:49:3a:71:
38:b8:6f:9e:b8:3b:13:01:69:7a:a5:51:32:b2:21:8f:6d:b0:
f5:70:76:b8:38:07:cc:5e:7f:20:24:9b:a3:ac:be:4e:92:9d:
52:e1:09:5f:52:57:2a:7b:3c:c6:f3:65:67:35:38:b9:b4:10:
68:07:52:24:8b:b7:ba:56:f2:1f:dc:00:e7:e4:ab:e9:9d:b3:
99:a2:e1:6c:d4:90:a5:29:2a:78:3b:77:84:8e:50:a7:c3:4d:
b6:b4:42:ab:7e:5c:b0:51:9e:d1:54:3f:a0:d5:71:64:6c:d3:
74:14:b8:79:2f:63:77:cc:ec:78:1a:2c:20:f4:db:48:13:ef:
5b:71:12:98:f2:95:de:01:19:52:e3:a7:e0:d2:65:ee:44:3f:
16:1e:05:9c:f8:1c:57:3e:41:63:d3:39:9d:5a:c7:b9:c7:ef:
8d:0b:df:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qcqpLSPDWuQWpi3Zcrz7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWNmNDkzOWJlZWVhZWFmNDQwOWMyODQwZWIzNDRjYWIw
ODUwZTAwHhcNMjYwMzI2MTQwMDUwWhcNMjYwMzI3MTQwMDUwWjAzMTEwLwYDVQQD
Eyg2MTQ4ZmEwOGMzYzc0NTdmNTllMWFiYzBkZGMzNjU0ODJkNzQwMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXqOqfqD0WUTD4flaKNUCc0xV8I5
5Kvagj4jlMm/peArBMeEpKvbPsjxBODCB7ZbJKuQQQR+CVkxpYNPOlvXaHmyu+oB
40Ij7t3ivMjYXa4XaJF8muRJ8pu9mAHFtGNSJBIZVFnueEs/J93MrG6WYHsX6kQm
Z22ycnV83XPaQomcS+imqp1EtXWkEO9ZkeOhbEctpIkYinahmUZl+mcJnJGo81bf
2wgbspYTC+R6C16ygEIYr4kaFwhtOXaIDIHRH6zFj+z0qhzT7uz7jC8ShKlfxq9t
EvLylIn973N5CX204VmEbtvnzTz34SA7G2eBbuTQeodnJ2LoBWgW2zhpXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGFI+gjDx0V/WeGrwN3DZUgtdAHRMB8GA1UdIwQY
MBaAFDhc9JOb7urq9ECcKEDrNEyrCFDgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8zNWI2YmQtMTRiNi00M2RjLTgzODQt
N2I3NjE1ZmYwZTk2LzEvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8zNWI2YmQtMTRiNi00M2RjLTgzODQtN2I3NjE1ZmYwZTk2
LzEvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXGQSloSL
Y2dD0q+EeK+OV4AB2/+lErNby9VxTVYXwDS7fMgHyIbwOJaNO7PRjn6Aw7VLSI7Z
H+TY4SYQjkCbnFJUYUoIdycIvjn16o7c73rlxtXCQNPrSTpxOLhvnrg7EwFpeqVR
MrIhj22w9XB2uDgHzF5/ICSbo6y+TpKdUuEJX1JXKns8xvNlZzU4ubQQaAdSJIu3
ulbyH9wA5+Sr6Z2zmaLhbNSQpSkqeDt3hI5Qp8NNtrRCq35csFGe0VQ/oNVxZGzT
dBS4eS9jd8zseBosIPTbSBPvW3ESmPKV3gEZUuOn4NJl7kQ/Fh4FnPgcVz5BY9M5
nVrHucfvjQvf0w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:14:52 2026 by rpki-client