Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
File: OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft (raw, json)
Hash identifier: HE8CFpzmtJx4qjsNzjG0n+DIwNEkr4rBcrgEyXucqb4=
Subject key identifier: E4:8A:29:DC:87:BD:B3:79:3D:48:D7:00:79:F5:8C:AE:6C:4B:4E:72
Authority key identifier: 38:66:F7:38:50:05:D5:BE:61:01:72:73:88:E1:B3:27:1F:64:4D:E4
Certificate issuer: /CN=3866f7385005d5be6101727388e1b3271f644de4
Certificate serial: 019D29975798EC5AB1888A5A52BA330BA3C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
Manifest number: 038D
Signing time: Thu 26 Mar 2026 10:01:17 +0000
Manifest this update: Thu 26 Mar 2026 10:01:17 +0000
Manifest next update: Fri 27 Mar 2026 10:01:17 +0000
Files and hashes: 1: K8tuEs9t8pmrSDJuwwdt6IYJIik.roa (hash: ZshbzN4NQcUPnRU5jRSR+ix2vC7IlJPNo8C+FrStXqM=)
2: OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl (hash: Imzi4k4WXb5TbNas3zNS9ICt8BOodREeQt4jP4f3nQ8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:97:57:98:ec:5a:b1:88:8a:5a:52:ba:33:0b:a3:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3866f7385005d5be6101727388e1b3271f644de4
Validity
Not Before: Mar 26 10:01:17 2026 GMT
Not After : Mar 27 10:01:17 2026 GMT
Subject: CN=e48a29dc87bdb3793d48d70079f58cae6c4b4e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:91:fd:ed:b9:bd:d3:c4:ca:47:05:b4:27:9c:
05:07:f9:69:78:f1:92:e2:e6:0c:00:a2:c1:6c:91:
1c:37:7d:3e:61:a0:8f:25:ca:83:c5:a5:e8:4e:1d:
76:f0:34:ec:1f:31:a7:9a:40:35:71:44:f9:fd:45:
8e:8f:27:ce:4b:cc:53:4d:33:0c:e5:a3:99:4b:9d:
ec:f6:76:22:ce:25:c9:47:a2:1a:8b:d6:99:33:3f:
aa:c0:00:dc:2a:2a:5a:b6:1c:f3:49:a2:70:69:08:
51:f8:4d:6f:eb:9e:10:1d:6d:c6:61:d9:39:ec:a0:
e7:d8:0c:96:e0:9b:e9:9e:92:ce:e9:ca:03:99:87:
f8:a7:b3:41:e5:26:0c:70:c2:f8:14:56:81:ac:0b:
af:55:f8:76:76:9d:25:be:8b:5c:d0:7c:a7:d0:a0:
58:3b:fe:40:8f:71:e5:40:e8:0f:27:e2:85:e9:f8:
14:43:99:43:66:aa:37:e8:07:64:35:a5:e0:bc:a9:
bc:2e:16:1e:3e:05:1f:12:58:7e:0a:84:c1:3a:2f:
be:3e:b1:f5:9d:e7:bb:f2:fb:aa:bc:01:46:75:36:
59:b9:28:fc:c1:fe:4c:1d:2f:fa:b7:6f:9c:a2:50:
8c:d4:fa:7c:08:92:86:c8:81:35:23:38:90:3c:6d:
45:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:8A:29:DC:87:BD:B3:79:3D:48:D7:00:79:F5:8C:AE:6C:4B:4E:72
X509v3 Authority Key Identifier:
keyid:38:66:F7:38:50:05:D5:BE:61:01:72:73:88:E1:B3:27:1F:64:4D:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
05:22:2b:d8:14:59:5c:27:0a:5f:ee:60:e2:15:04:9c:75:77:
00:f8:ca:c6:38:a9:fe:a7:98:38:70:a6:07:c9:fe:aa:f0:aa:
6c:3e:bc:c0:57:e4:1e:f2:c8:72:8a:e4:f1:7a:ae:23:25:45:
2b:f6:ab:b9:ed:d1:d3:a2:ef:16:7a:05:1e:76:f6:e8:1c:68:
88:3d:3b:d2:32:11:2a:f5:f0:5c:0c:7d:6a:b0:1c:86:e1:09:
d6:cf:31:c6:b6:2d:ce:d0:54:97:93:09:a0:07:62:fb:97:90:
1c:da:a9:03:3b:43:ad:d2:f1:46:72:31:ad:b5:56:ec:1f:ca:
80:d0:9f:77:5f:f9:1f:8b:8f:1d:5f:61:a2:7b:17:07:34:33:
c5:68:d0:90:ac:32:05:0f:4e:5c:2a:19:08:dc:e8:ad:5a:11:
87:c7:61:91:d6:ae:7b:db:8c:2b:62:c4:26:ef:6f:b0:f4:17:
67:5a:e1:80:d0:0d:9a:31:82:40:85:5c:e4:9d:53:e0:9b:de:
2f:f3:9b:25:e6:b6:6d:c9:c0:4c:07:83:48:5f:28:98:1f:d8:
18:f7:d6:93:a8:9e:f9:24:60:ba:22:8c:e6:21:de:f2:84:ce:
e7:78:22:11:68:90:ee:4a:a2:38:e3:5b:dc:fb:1a:14:da:40:
03:29:dc:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pl1eY7FqxiIpaUrozC6PBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NjZmNzM4NTAwNWQ1YmU2MTAxNzI3Mzg4ZTFiMzI3MWY2
NDRkZTQwHhcNMjYwMzI2MTAwMTE3WhcNMjYwMzI3MTAwMTE3WjAzMTEwLwYDVQQD
EyhlNDhhMjlkYzg3YmRiMzc5M2Q0OGQ3MDA3OWY1OGNhZTZjNGI0ZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZH97bm908TKRwW0J5wFB/lpePGS
4uYMAKLBbJEcN30+YaCPJcqDxaXoTh128DTsHzGnmkA1cUT5/UWOjyfOS8xTTTMM
5aOZS53s9nYiziXJR6Iai9aZMz+qwADcKipathzzSaJwaQhR+E1v654QHW3GYdk5
7KDn2AyW4JvpnpLO6coDmYf4p7NB5SYMcML4FFaBrAuvVfh2dp0lvotc0Hyn0KBY
O/5Aj3HlQOgPJ+KF6fgUQ5lDZqo36AdkNaXgvKm8LhYePgUfElh+CoTBOi++PrH1
nee78vuqvAFGdTZZuSj8wf5MHS/6t2+colCM1Pp8CJKGyIE1IziQPG1FqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOSKKdyHvbN5PUjXAHn1jK5sS05yMB8GA1UdIwQY
MBaAFDhm9zhQBdW+YQFyc4jhsycfZE3kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iMDYxOTctNjhkMi00MjllLWFjZTUt
ZTAxNWJmM2YzM2Q3LzEvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iMDYxOTctNjhkMi00MjllLWFjZTUtZTAxNWJmM2YzM2Q3
LzEvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABSIr2BRZ
XCcKX+5g4hUEnHV3APjKxjip/qeYOHCmB8n+qvCqbD68wFfkHvLIcork8XquIyVF
K/arue3R06LvFnoFHnb26BxoiD070jIRKvXwXAx9arAchuEJ1s8xxrYtztBUl5MJ
oAdi+5eQHNqpAztDrdLxRnIxrbVW7B/KgNCfd1/5H4uPHV9honsXBzQzxWjQkKwy
BQ9OXCoZCNzorVoRh8dhkdaue9uMK2LEJu9vsPQXZ1rhgNANmjGCQIVc5J1T4Jve
L/ObJea2bcnATAeDSF8omB/YGPfWk6ie+SRguiKM5iHe8oTO53giEWiQ7kqiOONb
3PsaFNpAAyncIg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:35:27 2026 by rpki-client