Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9118e3-13da-4d48-9c38-711fc1a2d0a0/1/OmaGndGplxZLpPoj4P1B-zrLEL4.mft
File: OmaGndGplxZLpPoj4P1B-zrLEL4.mft (raw, json)
Hash identifier: pOdk1n0PwnbXYVLWUbfWrpy1ktnbKJgileN497uifpM=
Subject key identifier: E9:EF:99:40:24:E5:E4:E1:39:8B:14:A5:84:1C:64:07:E6:96:5E:78
Authority key identifier: 3A:66:86:9D:D1:A9:97:16:4B:A4:FA:23:E0:FD:41:FB:3A:CB:10:BE
Certificate issuer: /CN=3a66869dd1a997164ba4fa23e0fd41fb3acb10be
Certificate serial: 019D28BBC7AF33918BF4610C7F24AFF37D57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OmaGndGplxZLpPoj4P1B-zrLEL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9118e3-13da-4d48-9c38-711fc1a2d0a0/1/OmaGndGplxZLpPoj4P1B-zrLEL4.mft
Manifest number: 146D
Signing time: Thu 26 Mar 2026 06:01:28 +0000
Manifest this update: Thu 26 Mar 2026 06:01:28 +0000
Manifest next update: Fri 27 Mar 2026 06:01:28 +0000
Files and hashes: 1: OmaGndGplxZLpPoj4P1B-zrLEL4.crl (hash: jiZYiJsCf1Qp+NM3xqVm3SDhTLwBPCjKzZJnInsCf48=)
2: Whf025AQDA8tBzOKuKXx8fPC43Q.roa (hash: dUevim2/BiChkKpYz6TYK8JPdP42XFVj+fxwUEJ/mxQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9118e3-13da-4d48-9c38-711fc1a2d0a0/1/OmaGndGplxZLpPoj4P1B-zrLEL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9118e3-13da-4d48-9c38-711fc1a2d0a0/1/OmaGndGplxZLpPoj4P1B-zrLEL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/OmaGndGplxZLpPoj4P1B-zrLEL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:c7:af:33:91:8b:f4:61:0c:7f:24:af:f3:7d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a66869dd1a997164ba4fa23e0fd41fb3acb10be
Validity
Not Before: Mar 26 06:01:28 2026 GMT
Not After : Mar 27 06:01:28 2026 GMT
Subject: CN=e9ef994024e5e4e1398b14a5841c6407e6965e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c2:89:ec:c4:2c:b0:20:e9:cb:85:9c:c4:63:
10:c5:89:49:2c:c9:83:be:aa:68:f5:6d:c2:0f:23:
04:65:3b:34:f2:81:5e:a6:5d:b1:43:7f:36:dc:03:
fd:21:54:ad:fa:d5:a3:e3:67:c6:5f:fa:54:3a:74:
aa:68:35:c9:9c:a1:4e:a1:ef:d1:94:62:e7:2b:ca:
4f:03:41:ae:ac:82:9c:ed:e6:73:89:d5:b3:fd:fe:
f6:a3:fa:c3:7a:38:71:33:72:ce:dc:33:15:b3:b8:
44:c4:dc:ef:63:76:3d:a5:b2:59:62:62:a4:18:90:
5a:c4:75:0c:5f:42:ab:03:a0:77:f8:ef:e7:54:77:
56:48:13:67:0c:58:50:95:80:35:42:10:82:8e:e3:
3c:9a:63:ea:aa:ab:bc:1d:7b:88:a7:03:d1:a1:06:
8f:c5:4d:c0:35:9e:01:47:12:69:7a:6d:31:23:2f:
ea:49:36:19:83:cf:12:ae:43:fa:7b:db:79:49:df:
53:e6:f5:a6:8a:0c:a1:c5:c2:b4:bc:ee:03:5a:53:
35:94:1e:24:ad:28:d9:e4:e0:6e:ac:fc:f2:f8:62:
1e:c2:a7:c9:fb:c6:40:5a:b7:9e:2d:9e:20:35:e0:
01:7e:f3:83:dc:cb:c0:31:76:d0:2f:eb:4f:f7:87:
65:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:EF:99:40:24:E5:E4:E1:39:8B:14:A5:84:1C:64:07:E6:96:5E:78
X509v3 Authority Key Identifier:
keyid:3A:66:86:9D:D1:A9:97:16:4B:A4:FA:23:E0:FD:41:FB:3A:CB:10:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmaGndGplxZLpPoj4P1B-zrLEL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9118e3-13da-4d48-9c38-711fc1a2d0a0/1/OmaGndGplxZLpPoj4P1B-zrLEL4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9118e3-13da-4d48-9c38-711fc1a2d0a0/1/OmaGndGplxZLpPoj4P1B-zrLEL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:e0:f2:8e:2c:06:dd:6c:71:50:51:08:ed:89:12:57:36:fe:
ed:f1:fc:62:0f:40:c9:d2:3d:26:a6:69:48:94:13:da:9b:49:
0c:bc:02:ed:57:08:a2:bd:84:69:73:03:15:6a:14:03:e3:ed:
c8:ef:4c:2f:15:f6:ce:c3:90:6a:29:33:94:1b:99:89:4f:39:
0b:08:52:f0:db:3c:bf:e8:24:bf:bc:83:d0:42:2b:35:22:ae:
56:5c:fc:d2:7a:51:e1:db:4e:ac:0e:0a:c3:67:be:47:0a:a8:
ac:66:c1:bf:32:25:f9:a0:41:fa:16:e7:50:82:26:59:2e:82:
3d:15:6d:63:4d:12:54:89:eb:53:b9:ad:55:e7:11:cf:6c:56:
22:05:d4:2a:7c:17:9e:07:76:24:3b:e4:b6:89:81:4f:5e:91:
8a:c5:c6:5e:ef:fa:ea:ef:1b:af:fd:6c:06:e8:e3:7e:aa:72:
bc:84:25:a3:4d:fd:47:0d:15:7a:17:dc:3c:3e:40:9e:2a:3b:
09:e8:15:2b:53:19:48:53:54:01:c1:60:c2:7c:df:d2:5f:bc:
e3:b5:4a:27:3c:21:2a:2f:49:54:6c:bc:05:2c:32:c6:0c:4b:
dc:5f:82:96:47:ea:09:14:e1:3f:dd:32:01:16:a1:2d:08:0a:
7a:7f:9f:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou8evM5GL9GEMfySv831XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNjY4NjlkZDFhOTk3MTY0YmE0ZmEyM2UwZmQ0MWZiM2Fj
YjEwYmUwHhcNMjYwMzI2MDYwMTI4WhcNMjYwMzI3MDYwMTI4WjAzMTEwLwYDVQQD
EyhlOWVmOTk0MDI0ZTVlNGUxMzk4YjE0YTU4NDFjNjQwN2U2OTY1ZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cKJ7MQssCDpy4WcxGMQxYlJLMmD
vqpo9W3CDyMEZTs08oFepl2xQ3823AP9IVSt+tWj42fGX/pUOnSqaDXJnKFOoe/R
lGLnK8pPA0GurIKc7eZzidWz/f72o/rDejhxM3LO3DMVs7hExNzvY3Y9pbJZYmKk
GJBaxHUMX0KrA6B3+O/nVHdWSBNnDFhQlYA1QhCCjuM8mmPqqqu8HXuIpwPRoQaP
xU3ANZ4BRxJpem0xIy/qSTYZg88SrkP6e9t5Sd9T5vWmigyhxcK0vO4DWlM1lB4k
rSjZ5OBurPzy+GIewqfJ+8ZAWreeLZ4gNeABfvOD3MvAMXbQL+tP94dl9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOnvmUAk5eThOYsUpYQcZAfmll54MB8GA1UdIwQY
MBaAFDpmhp3RqZcWS6T6I+D9Qfs6yxC+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21hR25kR3BseFpMcFBvajRQMUItenJMRUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85MTE4ZTMtMTNkYS00ZDQ4LTljMzgt
NzExZmMxYTJkMGEwLzEvT21hR25kR3BseFpMcFBvajRQMUItenJMRUw0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85MTE4ZTMtMTNkYS00ZDQ4LTljMzgtNzExZmMxYTJkMGEw
LzEvT21hR25kR3BseFpMcFBvajRQMUItenJMRUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJuDyjiwG
3WxxUFEI7YkSVzb+7fH8Yg9AydI9JqZpSJQT2ptJDLwC7VcIor2EaXMDFWoUA+Pt
yO9MLxX2zsOQaikzlBuZiU85CwhS8Ns8v+gkv7yD0EIrNSKuVlz80npR4dtOrA4K
w2e+RwqorGbBvzIl+aBB+hbnUIImWS6CPRVtY00SVInrU7mtVecRz2xWIgXUKnwX
ngd2JDvktomBT16RisXGXu/66u8br/1sBujjfqpyvIQlo039Rw0VehfcPD5Anio7
CegVK1MZSFNUAcFgwnzf0l+847VKJzwhKi9JVGy8BSwyxgxL3F+ClkfqCRThP90y
ARahLQgKen+fMA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:02:47 2026 by rpki-client