Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
File: OhoMABa5sz-T6Kejk9CRkNXhhJk.mft (raw, json)
Hash identifier: EYmwf6rYwANnTj8HY4iNxTi62uKjXhiVQq2h0EZulPY=
Subject key identifier: B4:DE:B2:21:BB:C5:E2:BD:F8:55:56:D8:42:E2:11:76:80:A7:05:51
Authority key identifier: 3A:1A:0C:00:16:B9:B3:3F:93:E8:A7:A3:93:D0:91:90:D5:E1:84:99
Certificate issuer: /CN=3a1a0c0016b9b33f93e8a7a393d09190d5e18499
Certificate serial: 019D29975ED265E0CB8C96DE665C434CA78B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
Manifest number: 0E5F
Signing time: Thu 26 Mar 2026 10:01:19 +0000
Manifest this update: Thu 26 Mar 2026 10:01:19 +0000
Manifest next update: Fri 27 Mar 2026 10:01:19 +0000
Files and hashes: 1: 45gfhpJZ3iP87aZz2FMKvnMEh6s.roa (hash: aLw8J27Q+seOL2Fs5LjCfydMw9YG+QyzWZaIPCmtZ80=)
2: OhoMABa5sz-T6Kejk9CRkNXhhJk.crl (hash: xp/BeA9DjYCXeyzoF8vOOuTnVQ//A8ng/nInRXqt1YU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:97:5e:d2:65:e0:cb:8c:96:de:66:5c:43:4c:a7:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a1a0c0016b9b33f93e8a7a393d09190d5e18499
Validity
Not Before: Mar 26 10:01:19 2026 GMT
Not After : Mar 27 10:01:19 2026 GMT
Subject: CN=b4deb221bbc5e2bdf85556d842e2117680a70551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:30:86:bc:12:21:90:c6:f2:e0:ad:86:e3:d3:
3b:95:52:b2:ef:f6:b7:ff:ed:40:d1:d7:07:76:eb:
37:3a:c1:bc:7b:dd:8d:6c:68:62:46:dd:d6:b3:78:
aa:95:67:4e:23:db:a2:9e:08:f2:d9:41:21:d9:93:
e8:2e:23:14:e2:7c:90:ba:81:8d:2f:b6:01:3a:4d:
42:77:99:90:6a:fb:37:6a:35:25:c8:66:d5:88:01:
bc:38:83:a7:d4:b7:59:ee:86:db:7f:96:38:32:94:
bb:75:7c:60:a6:d1:0b:ff:c3:17:8f:cb:c5:61:be:
9e:71:f9:37:ca:30:f3:12:2a:9e:ea:b8:82:1f:e4:
22:42:40:57:14:93:1f:fa:44:e0:65:06:ea:3f:7c:
15:de:b9:16:a2:83:63:b5:53:7d:fc:4b:fb:81:c7:
c4:92:bc:de:84:a5:fd:b1:4c:f2:47:db:43:54:a8:
f6:52:17:99:6e:5f:b3:0b:43:0b:89:37:8c:4b:f7:
09:4d:ca:c6:8d:be:24:5b:62:87:b7:be:56:f9:8f:
e8:38:47:9c:ae:3d:62:e5:7d:d9:8b:1b:1f:06:b7:
29:6b:fb:b7:cc:2a:6c:54:a4:ed:73:6f:41:32:4c:
d3:7d:9e:69:e3:39:1a:64:12:74:67:6e:c1:eb:f4:
e6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:DE:B2:21:BB:C5:E2:BD:F8:55:56:D8:42:E2:11:76:80:A7:05:51
X509v3 Authority Key Identifier:
keyid:3A:1A:0C:00:16:B9:B3:3F:93:E8:A7:A3:93:D0:91:90:D5:E1:84:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:84:ce:af:4f:47:2f:ab:a2:3b:0e:b9:50:41:37:b3:49:c3:
8d:2a:1b:23:90:20:e4:1b:2d:8c:fa:d8:16:29:eb:a3:72:8b:
59:05:af:dd:78:49:ee:9c:ba:c9:b0:f8:b8:0b:b3:bc:c5:b5:
98:1f:09:60:2e:e9:7a:cb:1f:e9:8a:6e:9f:e6:62:ac:26:e2:
de:1a:c3:85:1e:60:82:4a:9f:01:ed:16:10:4f:90:f4:f0:35:
00:58:8b:fd:82:fe:05:f4:1d:a5:99:92:c9:a8:96:4f:38:a4:
53:dc:c7:16:51:db:e5:b1:1f:bc:b9:e5:e8:e5:7f:70:f9:24:
03:c3:98:e1:4c:42:75:c0:4c:ed:cc:8b:30:f7:b5:5f:6c:8a:
26:a5:c6:8a:9f:03:f6:80:42:ba:5e:73:8b:ca:18:bd:1f:9d:
80:81:e9:d3:a2:74:72:91:b4:cb:fd:90:12:32:25:84:80:c4:
5c:62:3b:fb:fe:a9:d0:72:09:95:5f:ea:26:64:97:02:96:bb:
3e:dc:8d:70:fc:76:25:43:43:4e:c1:03:40:35:0d:91:b3:43:
45:f9:42:ea:d0:91:84:1d:5e:61:6b:8d:eb:57:a3:85:28:1d:
dc:07:33:a3:04:0b:04:03:56:f0:77:a4:d7:d4:2f:cf:b0:ef:
20:97:d4:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pl17SZeDLjJbeZlxDTKeLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWEwYzAwMTZiOWIzM2Y5M2U4YTdhMzkzZDA5MTkwZDVl
MTg0OTkwHhcNMjYwMzI2MTAwMTE5WhcNMjYwMzI3MTAwMTE5WjAzMTEwLwYDVQQD
EyhiNGRlYjIyMWJiYzVlMmJkZjg1NTU2ZDg0MmUyMTE3NjgwYTcwNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDCGvBIhkMby4K2G49M7lVKy7/a3
/+1A0dcHdus3OsG8e92NbGhiRt3Ws3iqlWdOI9uingjy2UEh2ZPoLiMU4nyQuoGN
L7YBOk1Cd5mQavs3ajUlyGbViAG8OIOn1LdZ7obbf5Y4MpS7dXxgptEL/8MXj8vF
Yb6ecfk3yjDzEiqe6riCH+QiQkBXFJMf+kTgZQbqP3wV3rkWooNjtVN9/Ev7gcfE
krzehKX9sUzyR9tDVKj2UheZbl+zC0MLiTeMS/cJTcrGjb4kW2KHt75W+Y/oOEec
rj1i5X3ZixsfBrcpa/u3zCpsVKTtc29BMkzTfZ5p4zkaZBJ0Z27B6/TmKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTesiG7xeK9+FVW2ELiEXaApwVRMB8GA1UdIwQY
MBaAFDoaDAAWubM/k+ino5PQkZDV4YSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85OTU4ODEtMzljZC00MTA0LTliMjkt
MGI2NDU5Nzc1YjY0LzEvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy85OTU4ODEtMzljZC00MTA0LTliMjktMGI2NDU5Nzc1YjY0
LzEvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASoTOr09H
L6uiOw65UEE3s0nDjSobI5Ag5BstjPrYFinro3KLWQWv3XhJ7py6ybD4uAuzvMW1
mB8JYC7pessf6Ypun+ZirCbi3hrDhR5ggkqfAe0WEE+Q9PA1AFiL/YL+BfQdpZmS
yaiWTzikU9zHFlHb5bEfvLnl6OV/cPkkA8OY4UxCdcBM7cyLMPe1X2yKJqXGip8D
9oBCul5zi8oYvR+dgIHp06J0cpG0y/2QEjIlhIDEXGI7+/6p0HIJlV/qJmSXApa7
PtyNcPx2JUNDTsEDQDUNkbNDRflC6tCRhB1eYWuN61ejhSgd3AczowQLBANW8Hek
19Qvz7DvIJfU4g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:09:25 2026 by rpki-client