Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.mft
File: OIzM14vxZTPzMYVEPqgtza2SBBA.mft (raw, json)
Hash identifier: AAaKop5XJtgp87WtnQaE9wEhAJx6YoP+bMnytRjp7pc=
Subject key identifier: D7:A9:87:71:FC:E3:91:FD:EB:18:1A:82:44:00:7B:7F:A8:A3:56:D1
Authority key identifier: 38:8C:CC:D7:8B:F1:65:33:F3:31:85:44:3E:A8:2D:CD:AD:92:04:10
Certificate issuer: /CN=388cccd78bf16533f33185443ea82dcdad920410
Certificate serial: 019D28169E572562CE211DAACB2B7E37FA43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OIzM14vxZTPzMYVEPqgtza2SBBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.mft
Manifest number: 0EC4
Signing time: Thu 26 Mar 2026 03:01:04 +0000
Manifest this update: Thu 26 Mar 2026 03:01:04 +0000
Manifest next update: Fri 27 Mar 2026 03:01:04 +0000
Files and hashes: 1: OIzM14vxZTPzMYVEPqgtza2SBBA.crl (hash: Y/RtuEkt3UCvwW9cW1BTzYWQUvNqwe2S1zIqsf3D1FY=)
2: lzXkzHb5e6mg4oE0vsIegFdcHEs.roa (hash: AAwn2QJRCuwjLBg290zcDtj4v0hSm4DxXCwXXNuyeR0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OIzM14vxZTPzMYVEPqgtza2SBBA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:16:9e:57:25:62:ce:21:1d:aa:cb:2b:7e:37:fa:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=388cccd78bf16533f33185443ea82dcdad920410
Validity
Not Before: Mar 26 03:01:04 2026 GMT
Not After : Mar 27 03:01:04 2026 GMT
Subject: CN=d7a98771fce391fdeb181a8244007b7fa8a356d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c1:08:75:4d:62:6a:ed:e8:bb:9a:8e:eb:f4:
6e:65:a0:2c:ac:7c:02:05:3c:c7:3a:9a:c1:fb:0c:
b3:6e:9f:90:36:6e:3d:5c:c7:87:66:5a:71:7b:7c:
2a:b6:30:07:8f:d1:47:05:0d:67:fa:c7:e8:63:27:
50:45:cc:02:70:a5:9a:16:5e:1a:32:bd:f2:ef:f7:
36:dd:f0:f9:45:4a:a2:59:af:92:4e:57:9e:0f:76:
45:fa:65:64:ba:78:9c:04:f1:4d:bb:2a:3e:da:d3:
ef:5c:c8:35:d1:54:e9:6c:0c:29:2c:58:e0:95:4f:
cf:a3:6d:e5:14:f2:f4:6d:bb:f5:c1:60:4f:ad:b9:
e5:43:fc:4c:5c:17:ad:31:67:0e:b6:df:cf:00:82:
3d:24:c3:01:c6:70:4b:f7:8c:6b:12:9f:95:ea:44:
2f:df:ff:fd:a9:67:c8:05:da:f8:67:8c:c9:a2:6e:
32:c1:7a:1b:32:95:86:d3:46:7f:03:2e:84:50:9a:
23:f3:8a:c4:37:b2:dd:69:c6:dc:9d:12:e2:c8:4a:
0f:84:95:98:b4:9f:ae:ea:a5:c4:11:d6:97:94:cc:
bf:74:fe:c8:99:76:0b:79:8c:58:a1:f3:d7:79:99:
40:01:0b:18:2c:10:3f:cb:d4:38:d9:5b:c9:42:dc:
fb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A9:87:71:FC:E3:91:FD:EB:18:1A:82:44:00:7B:7F:A8:A3:56:D1
X509v3 Authority Key Identifier:
keyid:38:8C:CC:D7:8B:F1:65:33:F3:31:85:44:3E:A8:2D:CD:AD:92:04:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OIzM14vxZTPzMYVEPqgtza2SBBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:da:1f:1a:bd:33:b7:d8:ef:4f:f9:21:ca:43:54:9b:d9:55:
1c:c2:8f:68:ac:58:48:9d:d3:54:a7:25:44:ec:bd:3f:81:3a:
af:bb:22:ac:11:79:93:2e:d1:6a:da:e9:41:9d:ea:e1:5a:cb:
d4:ed:02:6b:59:8c:cd:f5:c6:75:22:c4:ab:c4:4c:85:89:87:
cd:bd:7a:7a:f1:2d:9d:14:b2:81:52:8e:d1:c4:17:a4:bf:84:
98:17:08:4f:b7:13:0d:ac:8e:7e:bf:41:9f:03:b3:ed:75:3a:
01:68:f4:32:59:8c:ac:f5:c7:3c:5a:5c:cd:93:24:e5:06:b3:
91:68:25:ec:35:3c:7e:bf:b0:87:ee:09:5b:00:72:aa:5a:0d:
ff:9c:47:14:ad:fe:a9:77:ef:01:14:26:13:11:10:6b:91:b5:
45:a3:64:07:7d:54:94:63:25:9f:9f:3b:6e:82:c5:5d:7c:59:
92:96:17:f2:67:52:72:3b:87:7c:49:d8:8a:c9:35:57:aa:3c:
5e:0b:9c:b7:06:45:96:2c:6a:c8:28:3d:ab:6a:bc:73:76:d6:
3c:cd:55:76:54:cb:d9:fe:8d:5b:20:82:89:f7:db:c9:3a:cc:
26:c0:62:0b:a5:d7:65:fa:3b:3f:63:88:55:88:53:77:7c:78:
ea:54:e2:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFp5XJWLOIR2qyyt+N/pDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OGNjY2Q3OGJmMTY1MzNmMzMxODU0NDNlYTgyZGNkYWQ5
MjA0MTAwHhcNMjYwMzI2MDMwMTA0WhcNMjYwMzI3MDMwMTA0WjAzMTEwLwYDVQQD
EyhkN2E5ODc3MWZjZTM5MWZkZWIxODFhODI0NDAwN2I3ZmE4YTM1NmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosEIdU1iau3ou5qO6/RuZaAsrHwC
BTzHOprB+wyzbp+QNm49XMeHZlpxe3wqtjAHj9FHBQ1n+sfoYydQRcwCcKWaFl4a
Mr3y7/c23fD5RUqiWa+STleeD3ZF+mVkunicBPFNuyo+2tPvXMg10VTpbAwpLFjg
lU/Po23lFPL0bbv1wWBPrbnlQ/xMXBetMWcOtt/PAII9JMMBxnBL94xrEp+V6kQv
3//9qWfIBdr4Z4zJom4ywXobMpWG00Z/Ay6EUJoj84rEN7LdacbcnRLiyEoPhJWY
tJ+u6qXEEdaXlMy/dP7ImXYLeYxYofPXeZlAAQsYLBA/y9Q42VvJQtz7jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNeph3H845H96xgagkQAe3+oo1bRMB8GA1UdIwQY
MBaAFDiMzNeL8WUz8zGFRD6oLc2tkgQQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0l6TTE0dnhaVFB6TVlWRVBxZ3R6YTJTQkJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82OGIxZDMtYzkzOC00MjNlLTkwZGQt
MjEwOThhNjEzNTdlLzEvT0l6TTE0dnhaVFB6TVlWRVBxZ3R6YTJTQkJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS82OGIxZDMtYzkzOC00MjNlLTkwZGQtMjEwOThhNjEzNTdl
LzEvT0l6TTE0dnhaVFB6TVlWRVBxZ3R6YTJTQkJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhdofGr0z
t9jvT/khykNUm9lVHMKPaKxYSJ3TVKclROy9P4E6r7sirBF5ky7RatrpQZ3q4VrL
1O0Ca1mMzfXGdSLEq8RMhYmHzb16evEtnRSygVKO0cQXpL+EmBcIT7cTDayOfr9B
nwOz7XU6AWj0MlmMrPXHPFpczZMk5QazkWgl7DU8fr+wh+4JWwByqloN/5xHFK3+
qXfvARQmExEQa5G1RaNkB31UlGMln587boLFXXxZkpYX8mdScjuHfEnYisk1V6o8
XguctwZFlixqyCg9q2q8c3bWPM1VdlTL2f6NWyCCiffbyTrMJsBiC6XXZfo7P2OI
VYhTd3x46lTi/w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:52:25 2026 by rpki-client