Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.mft
File: oLalsaFMhtTPtGxOhuzUBmgEzJA.mft (raw, json)
Hash identifier: YuaoCajYwYwcJV92bMfq+0ieA31TUJz3K33TfSFBLz8=
Subject key identifier: 79:26:8E:95:DB:A4:AC:91:B9:FE:D5:85:51:DF:CF:42:BB:AA:37:E4
Authority key identifier: A0:B6:A5:B1:A1:4C:86:D4:CF:B4:6C:4E:86:EC:D4:06:68:04:CC:90
Certificate issuer: /CN=a0b6a5b1a14c86d4cfb46c4e86ecd4066804cc90
Certificate serial: 019D273B0F302EAF0C8EA69904E5EF4BA001
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.mft
Manifest number: 08A2
Signing time: Wed 25 Mar 2026 23:01:15 +0000
Manifest this update: Wed 25 Mar 2026 23:01:15 +0000
Manifest next update: Thu 26 Mar 2026 23:01:15 +0000
Files and hashes: 1: 1znftmW7RAECqXpyi0tYxYNjW0g.roa (hash: cMxzeL9IIyA+85oK+rVdznnIuT95xFC0Kd6s6c1fiR8=)
2: oLalsaFMhtTPtGxOhuzUBmgEzJA.crl (hash: 52FxDdQTTxWu+bfXyBtMctnWzKMEf+RdU/uNA6RwheA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3b:0f:30:2e:af:0c:8e:a6:99:04:e5:ef:4b:a0:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0b6a5b1a14c86d4cfb46c4e86ecd4066804cc90
Validity
Not Before: Mar 25 23:01:15 2026 GMT
Not After : Mar 26 23:01:15 2026 GMT
Subject: CN=79268e95dba4ac91b9fed58551dfcf42bbaa37e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cb:81:41:a6:d2:63:7b:05:88:36:b1:be:be:
73:a9:4c:d5:15:99:1d:04:d6:75:8a:f3:6c:6f:cc:
0a:e2:e1:1f:16:a9:a2:df:0e:66:1f:b7:5e:4d:37:
71:24:db:9e:5d:55:be:b2:ef:6b:d4:5e:af:39:ad:
d4:a9:32:4e:97:90:28:72:dd:73:f1:1b:96:fb:f0:
e7:fe:a0:d7:80:5b:f6:2f:20:51:24:51:2e:07:a5:
60:25:b0:ba:4f:f1:18:74:6f:33:34:c7:aa:91:30:
77:0e:85:ed:e9:8f:52:6a:4b:f3:45:71:49:b6:a3:
e6:35:64:e8:96:26:9b:ea:d7:3c:7a:02:88:9d:f7:
c5:1a:c6:6e:73:4e:7e:0a:e1:9f:5d:9c:c7:47:6c:
4e:2a:f4:ec:55:21:89:6a:61:9e:11:76:5b:0d:e9:
72:01:21:79:5e:50:af:85:d1:be:24:e9:65:e0:05:
b6:db:11:ff:d9:c3:26:5a:d2:f8:38:4a:f9:bc:21:
84:5b:b9:a9:63:10:fa:79:68:37:a3:25:17:d0:5c:
4b:47:c9:1a:a7:49:2c:6b:f0:7c:95:db:4a:47:47:
ef:14:6a:fa:2e:d4:17:e8:26:4e:4e:cb:ae:1a:3b:
7a:0b:dd:1f:c0:e8:37:b0:08:1d:7b:62:14:ee:69:
68:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:26:8E:95:DB:A4:AC:91:B9:FE:D5:85:51:DF:CF:42:BB:AA:37:E4
X509v3 Authority Key Identifier:
keyid:A0:B6:A5:B1:A1:4C:86:D4:CF:B4:6C:4E:86:EC:D4:06:68:04:CC:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:b4:00:a6:d1:4b:89:5b:0c:f9:2d:77:dc:4f:6c:96:31:bb:
6c:ad:51:a3:a4:86:87:4e:23:25:8e:3d:02:47:1d:28:d6:ad:
13:09:b5:80:6f:26:05:96:06:79:b6:1a:be:dd:63:aa:b3:76:
0b:21:d9:f8:c0:9e:67:68:62:f4:68:c9:6a:ce:64:db:21:62:
ad:f2:c2:8b:8e:77:11:0f:ac:85:50:ae:66:78:eb:3f:e5:10:
34:56:27:42:76:3f:d9:32:2f:31:87:f5:28:a5:ba:4f:45:f2:
ed:d5:79:8f:77:f3:ad:0e:4d:7b:44:be:1f:32:ef:09:ae:db:
f2:d1:26:ac:01:02:37:0f:45:e2:12:56:8f:36:11:59:6a:99:
1b:54:ba:e2:8b:f3:b9:d9:36:ee:86:12:fe:88:c0:1c:32:53:
e5:86:35:6d:1a:78:fe:b4:b4:04:c4:5c:74:28:70:7a:33:68:
54:7d:92:e8:68:fe:3b:02:d1:58:a7:2e:06:a5:8a:3d:aa:ea:
d4:de:35:de:2a:6f:04:53:7e:b8:b6:61:1f:af:02:59:61:dc:
ce:d2:46:09:e8:1b:bf:b9:d7:1b:b6:b9:0a:4c:13:97:c8:72:
99:b0:a3:54:04:35:5b:0e:8e:0d:e1:c7:ea:6f:14:e4:54:0d:
2f:b3:a7:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOw8wLq8MjqaZBOXvS6ABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYjZhNWIxYTE0Yzg2ZDRjZmI0NmM0ZTg2ZWNkNDA2Njgw
NGNjOTAwHhcNMjYwMzI1MjMwMTE1WhcNMjYwMzI2MjMwMTE1WjAzMTEwLwYDVQQD
Eyg3OTI2OGU5NWRiYTRhYzkxYjlmZWQ1ODU1MWRmY2Y0MmJiYWEzN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsuBQabSY3sFiDaxvr5zqUzVFZkd
BNZ1ivNsb8wK4uEfFqmi3w5mH7deTTdxJNueXVW+su9r1F6vOa3UqTJOl5Aoct1z
8RuW+/Dn/qDXgFv2LyBRJFEuB6VgJbC6T/EYdG8zNMeqkTB3DoXt6Y9SakvzRXFJ
tqPmNWToliab6tc8egKInffFGsZuc05+CuGfXZzHR2xOKvTsVSGJamGeEXZbDely
ASF5XlCvhdG+JOll4AW22xH/2cMmWtL4OEr5vCGEW7mpYxD6eWg3oyUX0FxLR8ka
p0ksa/B8ldtKR0fvFGr6LtQX6CZOTsuuGjt6C90fwOg3sAgde2IU7mloPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkmjpXbpKyRuf7VhVHfz0K7qjfkMB8GA1UdIwQY
MBaAFKC2pbGhTIbUz7RsTobs1AZoBMyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9lMWZiNTItOTc5ZC00NDM2LWJlNTEt
ODU4NGJlZjBiN2Q1LzEvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9lMWZiNTItOTc5ZC00NDM2LWJlNTEtODU4NGJlZjBiN2Q1
LzEvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlrQAptFL
iVsM+S133E9sljG7bK1Ro6SGh04jJY49AkcdKNatEwm1gG8mBZYGebYavt1jqrN2
CyHZ+MCeZ2hi9GjJas5k2yFirfLCi453EQ+shVCuZnjrP+UQNFYnQnY/2TIvMYf1
KKW6T0Xy7dV5j3fzrQ5Ne0S+HzLvCa7b8tEmrAECNw9F4hJWjzYRWWqZG1S64ovz
udk27oYS/ojAHDJT5YY1bRp4/rS0BMRcdChwejNoVH2S6Gj+OwLRWKcuBqWKParq
1N413ipvBFN+uLZhH68CWWHcztJGCegbv7nXG7a5CkwTl8hymbCjVAQ1Ww6ODeHH
6m8U5FQNL7OnOw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:59:21 2026 by rpki-client