Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft
File: OXsxr3cA59mVkO39nVhKG1A46tc.mft (raw, json)
Hash identifier: grHW5YPGK9nfJH8OcHWKaYAuN/ninBYLf3oPUT4zQqM=
Subject key identifier: DC:8A:A0:F9:BA:BC:04:77:F6:E7:E3:D2:D6:7F:4C:7B:55:E3:A1:3D
Authority key identifier: 39:7B:31:AF:77:00:E7:D9:95:90:ED:FD:9D:58:4A:1B:50:38:EA:D7
Certificate issuer: /CN=397b31af7700e7d99590edfd9d584a1b5038ead7
Certificate serial: 019D262849484123F47CA9ABFF60D48CBC28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft
Manifest number: 033A
Signing time: Wed 25 Mar 2026 18:01:07 +0000
Manifest this update: Wed 25 Mar 2026 18:01:07 +0000
Manifest next update: Thu 26 Mar 2026 18:01:07 +0000
Files and hashes: 1: OXsxr3cA59mVkO39nVhKG1A46tc.crl (hash: qc75nMOX07Yr44plMjWJIk698ggmzC3JZw0i+wjHC0M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:28:49:48:41:23:f4:7c:a9:ab:ff:60:d4:8c:bc:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=397b31af7700e7d99590edfd9d584a1b5038ead7
Validity
Not Before: Mar 25 18:01:07 2026 GMT
Not After : Mar 26 18:01:07 2026 GMT
Subject: CN=dc8aa0f9babc0477f6e7e3d2d67f4c7b55e3a13d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cf:ad:dc:dd:71:f0:2f:5b:3f:54:4b:98:4c:
ca:4a:6a:5b:a1:64:d4:59:61:e1:98:95:7e:8b:5d:
80:e0:03:dc:ad:9c:04:8f:31:b2:e3:da:a7:2b:23:
02:38:b7:d0:58:04:d6:98:d7:c8:3d:0f:20:95:0f:
3d:97:1d:e9:eb:cb:fa:6d:53:3f:e7:6c:55:9a:70:
b4:fd:36:96:9d:ba:f8:93:01:f0:81:ce:b5:9f:e3:
aa:b3:1a:dd:27:96:6d:fd:48:c1:e6:6a:05:6a:48:
52:fb:3d:51:5e:f5:90:66:59:18:0d:99:3e:ac:3f:
9a:f4:1f:20:0a:3a:df:ed:a1:f0:1c:de:53:9f:e2:
36:42:78:f9:97:57:64:b6:ae:82:77:f1:9d:84:ac:
02:f3:b2:af:98:c2:bd:73:f9:89:d8:6f:af:3b:02:
6a:8b:49:e1:1a:92:f9:1d:7f:eb:30:31:c7:75:b9:
5f:09:af:02:25:dd:72:89:55:a0:0a:27:ee:c6:8d:
dc:5a:0f:2c:f0:b8:2e:8c:eb:ac:ba:22:48:a8:30:
92:20:f0:23:c9:fb:94:0d:45:24:a7:e4:b3:16:94:
fa:eb:07:e0:6b:00:f4:80:92:af:c8:9a:01:c1:ba:
1a:c5:de:d1:4a:dd:f8:f7:a0:81:1c:8a:a0:d8:95:
2b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:8A:A0:F9:BA:BC:04:77:F6:E7:E3:D2:D6:7F:4C:7B:55:E3:A1:3D
X509v3 Authority Key Identifier:
keyid:39:7B:31:AF:77:00:E7:D9:95:90:ED:FD:9D:58:4A:1B:50:38:EA:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:f6:c5:38:57:0b:ba:c0:17:fd:65:d6:c1:67:5c:87:5a:82:
66:39:56:75:62:2b:17:4f:3e:ad:a1:19:3e:6e:6c:72:a1:1a:
d6:89:09:7e:b8:32:c1:c6:09:75:ad:e0:01:c6:6a:c8:cc:d7:
08:d3:61:f9:da:f1:ad:58:c2:06:89:b6:7c:68:ba:01:a1:c2:
b3:e1:5e:f9:f1:b4:22:d2:f5:29:56:f8:aa:10:53:a1:aa:c7:
e7:4d:b5:26:bb:62:f4:54:f3:1d:be:69:55:1f:39:5c:e8:99:
15:de:cc:f6:c6:a7:68:f9:ee:f8:01:61:1c:44:36:c6:57:d6:
4a:cd:ae:d3:2e:a5:9c:ea:be:db:ab:c1:be:06:7d:cf:d4:d0:
53:52:bc:4f:b6:42:32:74:5a:b5:f0:d4:b8:0e:d6:04:04:c3:
a7:71:b5:fb:7d:96:cb:b1:42:b5:5a:e1:62:c6:42:48:79:6a:
37:68:c5:ff:30:70:e9:1e:4b:3c:05:b6:ad:bb:21:7e:5b:9f:
e4:f0:28:ab:cb:d8:a7:82:0c:36:c2:01:71:c9:f9:21:26:45:
75:f4:1c:26:8f:27:54:d8:29:82:20:5f:47:5f:23:96:7d:fa:
c0:91:5e:34:d1:82:2c:a2:d2:e8:e8:ed:00:00:0e:e8:1c:d3:
8c:ee:ba:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKElIQSP0fKmr/2DUjLwoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2IzMWFmNzcwMGU3ZDk5NTkwZWRmZDlkNTg0YTFiNTAz
OGVhZDcwHhcNMjYwMzI1MTgwMTA3WhcNMjYwMzI2MTgwMTA3WjAzMTEwLwYDVQQD
EyhkYzhhYTBmOWJhYmMwNDc3ZjZlN2UzZDJkNjdmNGM3YjU1ZTNhMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8+t3N1x8C9bP1RLmEzKSmpboWTU
WWHhmJV+i12A4APcrZwEjzGy49qnKyMCOLfQWATWmNfIPQ8glQ89lx3p68v6bVM/
52xVmnC0/TaWnbr4kwHwgc61n+OqsxrdJ5Zt/UjB5moFakhS+z1RXvWQZlkYDZk+
rD+a9B8gCjrf7aHwHN5Tn+I2Qnj5l1dktq6Cd/GdhKwC87KvmMK9c/mJ2G+vOwJq
i0nhGpL5HX/rMDHHdblfCa8CJd1yiVWgCifuxo3cWg8s8LgujOusuiJIqDCSIPAj
yfuUDUUkp+SzFpT66wfgawD0gJKvyJoBwboaxd7RSt3496CBHIqg2JUriwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNyKoPm6vAR39ufj0tZ/THtV46E9MB8GA1UdIwQY
MBaAFDl7Ma93AOfZlZDt/Z1YShtQOOrXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8wZDlkM2ItZDc5MC00YWU4LWEyM2Qt
YjIwMmUwNWFjODRhLzEvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8wZDlkM2ItZDc5MC00YWU4LWEyM2QtYjIwMmUwNWFjODRh
LzEvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmvbFOFcL
usAX/WXWwWdch1qCZjlWdWIrF08+raEZPm5scqEa1okJfrgywcYJda3gAcZqyMzX
CNNh+drxrVjCBom2fGi6AaHCs+Fe+fG0ItL1KVb4qhBToarH5021Jrti9FTzHb5p
VR85XOiZFd7M9sanaPnu+AFhHEQ2xlfWSs2u0y6lnOq+26vBvgZ9z9TQU1K8T7ZC
MnRatfDUuA7WBATDp3G1+32Wy7FCtVrhYsZCSHlqN2jF/zBw6R5LPAW2rbshfluf
5PAoq8vYp4IMNsIBccn5ISZFdfQcJo8nVNgpgiBfR18jln36wJFeNNGCLKLS6Ojt
AAAO6BzTjO66ZQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:11:23 2026 by rpki-client