Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
File: OGKIZa_YpN-v3e-BHvz8ecA4czI.mft (raw, json)
Hash identifier: q/vGQX+rfQvEG8DHU+cEiwwWr8OC2k+8bursaQT/lSQ=
Subject key identifier: 38:4E:09:DE:8F:1D:BC:7E:96:2A:E0:99:E2:71:38:6A:54:DA:75:90
Authority key identifier: 38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32
Certificate issuer: /CN=38628865afd8a4dfafddef811efcfc79c0387332
Certificate serial: 019D2703FDCBD80BBE1B24359A9FFB35DEE9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
Manifest number: 0D7D
Signing time: Wed 25 Mar 2026 22:01:06 +0000
Manifest this update: Wed 25 Mar 2026 22:01:06 +0000
Manifest next update: Thu 26 Mar 2026 22:01:06 +0000
Files and hashes: 1: OGKIZa_YpN-v3e-BHvz8ecA4czI.crl (hash: WK8Ugi/S+Sj87+XRY/HQR5seeCqgfkJINsVdPSa6JoE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:03:fd:cb:d8:0b:be:1b:24:35:9a:9f:fb:35:de:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38628865afd8a4dfafddef811efcfc79c0387332
Validity
Not Before: Mar 25 22:01:06 2026 GMT
Not After : Mar 26 22:01:06 2026 GMT
Subject: CN=384e09de8f1dbc7e962ae099e271386a54da7590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d3:86:94:3a:53:7c:72:18:33:a5:33:4b:bb:
cf:6f:79:89:29:57:ae:8d:08:de:63:4c:a0:9a:f6:
a1:5a:28:83:2a:16:24:ed:cf:22:cc:d2:60:b1:91:
9a:4f:74:47:47:80:3f:2c:ec:64:67:b3:89:86:d3:
24:ad:38:8e:c8:d7:29:44:23:54:08:1d:77:da:29:
9a:51:5c:51:1f:90:34:5d:7c:33:13:65:85:44:a4:
2b:9f:f0:0f:a8:ba:2a:e5:c6:b1:a4:74:59:f0:6e:
e4:41:73:a2:46:89:a4:4c:d1:df:be:de:c3:fb:72:
0a:f2:ba:f9:fe:be:ee:67:b4:b9:70:15:b8:9d:6d:
fc:42:1a:77:44:46:df:e7:50:5a:b0:71:e9:41:03:
43:db:60:62:6f:3c:d4:ae:57:66:4e:f0:39:b3:27:
33:2a:7b:b2:3e:71:f9:ca:e1:45:53:6c:ed:65:fd:
fc:3d:69:4b:0b:55:55:e5:f1:de:1f:17:30:93:ba:
e5:e0:28:ce:10:58:f3:ae:ab:44:e3:97:69:ff:89:
5b:e4:4f:fb:7c:4b:8a:bc:c8:76:be:04:74:c0:f8:
a4:43:0b:ab:c6:95:23:a3:85:4d:6c:d4:55:ff:e0:
61:58:fe:43:f6:16:2d:2b:6f:6f:27:bb:17:50:f9:
6b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:4E:09:DE:8F:1D:BC:7E:96:2A:E0:99:E2:71:38:6A:54:DA:75:90
X509v3 Authority Key Identifier:
keyid:38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:2b:68:e3:c8:90:c0:33:8c:a9:79:21:47:8d:b5:75:96:d9:
1f:10:f8:27:ff:e6:2e:5d:2b:9f:fb:03:43:b4:22:20:74:0b:
78:1b:e8:a9:cd:d7:74:52:c0:fe:66:aa:fd:bb:e1:f7:3a:b1:
a8:33:b1:a7:fa:b3:80:b3:ca:31:95:1c:0e:6f:5d:56:51:f1:
94:a2:4e:98:e7:79:1a:8d:18:8a:7e:9b:2d:28:77:b4:69:42:
e2:a2:e7:1a:0c:3b:f3:2a:e1:ef:6b:bd:db:68:5b:76:c0:3c:
b6:bc:a5:91:fb:30:aa:36:89:49:2a:96:d5:8d:73:43:7f:2f:
2c:f2:30:b7:2b:5e:53:3f:cb:d9:83:63:11:86:d2:b5:46:61:
b3:2b:9e:64:4c:2b:10:aa:4e:c1:fd:e2:e3:29:66:c3:19:2e:
34:52:6c:11:f3:58:f7:0c:71:a3:8d:7c:a6:a2:af:c7:57:09:
cc:b4:e6:21:d8:8b:e3:04:7e:67:bb:eb:9d:ee:77:bc:0a:89:
84:3a:8c:bc:b0:91:c6:ae:20:89:f0:25:47:da:30:95:dd:59:
f6:64:b8:3a:98:13:fb:c7:94:0d:9f:5e:de:80:db:60:9f:8a:
cd:f6:1c:3b:77:2a:bf:2f:5c:1d:5e:b7:d3:89:e0:f5:40:fc:
1f:a6:f1:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA/3L2Au+GyQ1mp/7Nd7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NjI4ODY1YWZkOGE0ZGZhZmRkZWY4MTFlZmNmYzc5YzAz
ODczMzIwHhcNMjYwMzI1MjIwMTA2WhcNMjYwMzI2MjIwMTA2WjAzMTEwLwYDVQQD
EygzODRlMDlkZThmMWRiYzdlOTYyYWUwOTllMjcxMzg2YTU0ZGE3NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydOGlDpTfHIYM6UzS7vPb3mJKVeu
jQjeY0ygmvahWiiDKhYk7c8izNJgsZGaT3RHR4A/LOxkZ7OJhtMkrTiOyNcpRCNU
CB132imaUVxRH5A0XXwzE2WFRKQrn/APqLoq5caxpHRZ8G7kQXOiRomkTNHfvt7D
+3IK8rr5/r7uZ7S5cBW4nW38Qhp3REbf51BasHHpQQND22BibzzUrldmTvA5sycz
KnuyPnH5yuFFU2ztZf38PWlLC1VV5fHeHxcwk7rl4CjOEFjzrqtE45dp/4lb5E/7
fEuKvMh2vgR0wPikQwurxpUjo4VNbNRV/+BhWP5D9hYtK29vJ7sXUPlrzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhOCd6PHbx+lirgmeJxOGpU2nWQMB8GA1UdIwQY
MBaAFDhiiGWv2KTfr93vgR78/HnAOHMyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUt
ZGJlZTY2ZDczMzEzLzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUtZGJlZTY2ZDczMzEz
LzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhCto48iQ
wDOMqXkhR421dZbZHxD4J//mLl0rn/sDQ7QiIHQLeBvoqc3XdFLA/maq/bvh9zqx
qDOxp/qzgLPKMZUcDm9dVlHxlKJOmOd5Go0Yin6bLSh3tGlC4qLnGgw78yrh72u9
22hbdsA8trylkfswqjaJSSqW1Y1zQ38vLPIwtyteUz/L2YNjEYbStUZhsyueZEwr
EKpOwf3i4ylmwxkuNFJsEfNY9wxxo418pqKvx1cJzLTmIdiL4wR+Z7vrne53vAqJ
hDqMvLCRxq4gifAlR9owld1Z9mS4OpgT+8eUDZ9e3oDbYJ+KzfYcO3cqvy9cHV63
04ng9UD8H6bx8w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:35:05 2026 by rpki-client