Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft
File: O849R0p3XOR3Y3FjK8GWyh9Owjs.mft (raw, json)
Hash identifier: fweVcLxPDwDBHo3qiuCvsDC1fuHBbDtW6yT+Uv4n4Wo=
Subject key identifier: 50:F2:CD:98:BC:10:E2:27:54:C4:54:65:9F:B2:F4:92:2B:D2:2E:CC
Authority key identifier: 3B:CE:3D:47:4A:77:5C:E4:77:63:71:63:2B:C1:96:CA:1F:4E:C2:3B
Certificate issuer: /CN=3bce3d474a775ce4776371632bc196ca1f4ec23b
Certificate serial: 019D2AE0A4CF217D9A0D910C83E4F59F8444
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O849R0p3XOR3Y3FjK8GWyh9Owjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft
Manifest number: 0523
Signing time: Thu 26 Mar 2026 16:00:58 +0000
Manifest this update: Thu 26 Mar 2026 16:00:58 +0000
Manifest next update: Fri 27 Mar 2026 16:00:58 +0000
Files and hashes: 1: O849R0p3XOR3Y3FjK8GWyh9Owjs.crl (hash: 5aBQHTo2TV/IvQKB6T1toYaG9aDb3Fcv87AQc/XJuUY=)
2: VbL2QWZ9Kg8L1pE36SvfZYyr8Ts.roa (hash: sfB+nZS7Puz64duDQmVXVvH/Ydql31OyVDJAMGHxmwg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft
rsync://rpki.ripe.net/repository/DEFAULT/O849R0p3XOR3Y3FjK8GWyh9Owjs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:e0:a4:cf:21:7d:9a:0d:91:0c:83:e4:f5:9f:84:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bce3d474a775ce4776371632bc196ca1f4ec23b
Validity
Not Before: Mar 26 16:00:58 2026 GMT
Not After : Mar 27 16:00:58 2026 GMT
Subject: CN=50f2cd98bc10e22754c454659fb2f4922bd22ecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6b:6c:6b:d3:de:1f:21:db:f0:3a:07:48:5a:
43:7a:2d:73:95:ec:3d:e8:ac:9e:f3:51:51:cc:92:
63:a3:2a:20:b0:f2:53:53:de:e1:a3:34:4e:5b:6e:
4f:5d:a0:b5:c0:fc:32:a3:a8:74:fb:47:88:1d:4e:
b4:c1:d0:8f:02:45:13:50:73:30:f7:3f:7c:fe:a5:
0b:5d:b7:a0:9b:68:8a:ac:4c:a3:a5:eb:1a:29:d5:
e5:78:b1:3e:90:1e:87:78:8f:41:dd:80:c8:b5:73:
06:87:21:6b:80:e1:c9:3a:7a:2d:2b:dc:86:43:a0:
33:07:79:bd:c2:de:b6:7c:7f:c6:b5:10:77:a0:bc:
93:04:bb:b3:e1:20:e9:eb:fb:06:5f:aa:09:fa:5b:
c1:2d:4a:09:09:bf:83:a2:81:87:c1:39:04:f9:43:
99:f5:70:b1:ae:49:0f:65:f8:60:ae:75:91:14:ff:
bf:8a:8d:a4:a5:1a:f8:4b:90:57:fd:e9:43:fe:fb:
f9:fd:a7:1e:b7:f4:43:aa:c9:74:45:9e:c8:1d:03:
d1:06:ed:85:d4:76:f3:d9:63:f3:3d:4b:20:6b:35:
d7:89:37:e8:98:bd:62:1f:00:9a:52:97:e3:8c:25:
fe:dd:4a:9e:18:60:d1:6e:0f:27:18:dc:53:c4:d9:
4c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F2:CD:98:BC:10:E2:27:54:C4:54:65:9F:B2:F4:92:2B:D2:2E:CC
X509v3 Authority Key Identifier:
keyid:3B:CE:3D:47:4A:77:5C:E4:77:63:71:63:2B:C1:96:CA:1F:4E:C2:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O849R0p3XOR3Y3FjK8GWyh9Owjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:2d:c9:d1:a8:e8:3d:db:9f:8e:7c:a9:22:2b:36:ed:1b:ac:
8e:24:d1:1f:ef:8a:03:67:cf:b8:ce:ca:06:eb:db:0e:60:ca:
72:d9:87:0e:ee:9f:87:3e:2c:35:8c:ff:ae:27:a6:b3:7b:70:
41:73:9e:f6:d9:39:3c:63:70:58:22:75:a0:2f:10:79:4e:9a:
60:60:ad:af:22:af:93:7c:5f:8b:eb:bc:e9:2c:98:bd:ea:bd:
0c:a4:0d:9c:16:a0:68:7d:fe:93:e9:e0:a8:48:1d:8b:85:95:
e5:cb:5b:65:63:dc:1f:1e:bd:84:bc:48:87:12:87:13:b2:63:
57:60:2e:be:3d:4e:6a:88:4b:fd:73:37:63:10:7d:ac:a0:69:
3b:1c:d0:45:5b:9b:f4:78:2e:b4:9c:d3:eb:a5:a0:8c:9b:f8:
db:9a:6b:45:42:9a:95:5e:f0:57:ba:01:68:c9:3d:82:00:97:
5d:e8:28:9e:7d:26:4a:37:a9:16:92:0a:20:01:15:12:86:ce:
4d:5e:db:cd:b4:c5:15:0f:f0:06:66:ed:22:aa:81:4d:84:7e:
d7:2c:98:72:b0:31:ec:e6:2f:c6:d7:f7:19:5d:7b:42:4b:ee:
d3:ab:9d:3d:a7:69:e2:bf:be:bd:e9:78:f6:cb:93:a4:db:15:
fd:9c:67:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4KTPIX2aDZEMg+T1n4REMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiY2UzZDQ3NGE3NzVjZTQ3NzYzNzE2MzJiYzE5NmNhMWY0
ZWMyM2IwHhcNMjYwMzI2MTYwMDU4WhcNMjYwMzI3MTYwMDU4WjAzMTEwLwYDVQQD
Eyg1MGYyY2Q5OGJjMTBlMjI3NTRjNDU0NjU5ZmIyZjQ5MjJiZDIyZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2tsa9PeHyHb8DoHSFpDei1zlew9
6Kye81FRzJJjoyogsPJTU97hozROW25PXaC1wPwyo6h0+0eIHU60wdCPAkUTUHMw
9z98/qULXbegm2iKrEyjpesaKdXleLE+kB6HeI9B3YDItXMGhyFrgOHJOnotK9yG
Q6AzB3m9wt62fH/GtRB3oLyTBLuz4SDp6/sGX6oJ+lvBLUoJCb+DooGHwTkE+UOZ
9XCxrkkPZfhgrnWRFP+/io2kpRr4S5BX/elD/vv5/acet/RDqsl0RZ7IHQPRBu2F
1Hbz2WPzPUsgazXXiTfomL1iHwCaUpfjjCX+3UqeGGDRbg8nGNxTxNlMQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFDyzZi8EOInVMRUZZ+y9JIr0i7MMB8GA1UdIwQY
MBaAFDvOPUdKd1zkd2NxYyvBlsofTsI7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzg0OVIwcDNYT1IzWTNGaks4R1d5aDlPd2pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni81MzM4YmQtZjMyMS00ZDUxLWJlNGEt
NjNjYzZjNjdjOTk1LzEvTzg0OVIwcDNYT1IzWTNGaks4R1d5aDlPd2pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni81MzM4YmQtZjMyMS00ZDUxLWJlNGEtNjNjYzZjNjdjOTk1
LzEvTzg0OVIwcDNYT1IzWTNGaks4R1d5aDlPd2pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjC3J0ajo
PdufjnypIis27RusjiTRH++KA2fPuM7KBuvbDmDKctmHDu6fhz4sNYz/riems3tw
QXOe9tk5PGNwWCJ1oC8QeU6aYGCtryKvk3xfi+u86SyYveq9DKQNnBagaH3+k+ng
qEgdi4WV5ctbZWPcHx69hLxIhxKHE7JjV2Auvj1OaohL/XM3YxB9rKBpOxzQRVub
9HgutJzT66WgjJv425prRUKalV7wV7oBaMk9ggCXXegonn0mSjepFpIKIAEVEobO
TV7bzbTFFQ/wBmbtIqqBTYR+1yyYcrAx7OYvxtf3GV17Qkvu06udPadp4r++vel4
9suTpNsV/ZxnLA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:51:52 2026 by rpki-client