Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft
File: oVHP748-2G0RrqutTRngal0HDTA.mft (raw, json)
Hash identifier: 24OcdtXXIfr/i5RdOSn183JmDLjyi5PEdfpl9pzyu8g=
Subject key identifier: FE:6F:FE:1E:7F:A8:93:F5:20:E6:58:74:DB:FE:54:EF:61:2A:4A:0B
Authority key identifier: A1:51:CF:EF:8F:3E:D8:6D:11:AE:AB:AD:4D:19:E0:6A:5D:07:0D:30
Certificate issuer: /CN=a151cfef8f3ed86d11aeabad4d19e06a5d070d30
Certificate serial: 019D2A0468545D8E5F7EE95ACCA95458E9ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft
Manifest number: 1887
Signing time: Thu 26 Mar 2026 12:00:24 +0000
Manifest this update: Thu 26 Mar 2026 12:00:24 +0000
Manifest next update: Fri 27 Mar 2026 12:00:24 +0000
Files and hashes: 1: Q03YqqXk35qJSm0HehmTM-hKNoU.roa (hash: KbpyMNQhXsLpqvy25FWKpi6JbtT5ilUlph7z2bWSx5s=)
2: oVHP748-2G0RrqutTRngal0HDTA.crl (hash: 1XdAQJOtFw1HzanWAxBm7T0C0bF+JlkXaz/lZl7o/y4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:04:68:54:5d:8e:5f:7e:e9:5a:cc:a9:54:58:e9:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a151cfef8f3ed86d11aeabad4d19e06a5d070d30
Validity
Not Before: Mar 26 12:00:24 2026 GMT
Not After : Mar 27 12:00:24 2026 GMT
Subject: CN=fe6ffe1e7fa893f520e65874dbfe54ef612a4a0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6f:a2:e6:fa:32:21:4a:07:a5:b8:02:71:56:
ec:5b:52:21:0b:ec:b5:3f:ea:99:e8:1e:73:e9:18:
91:f4:5d:15:27:ff:5c:fd:5c:70:13:3b:03:5b:ce:
8c:34:e7:36:c5:46:d1:a2:e8:bf:d3:2f:7b:5f:c6:
95:60:c9:dd:5c:45:96:66:8f:9f:43:cf:3d:05:71:
1d:76:17:16:ab:fb:9a:f4:70:8c:d2:06:60:d1:cc:
a9:de:45:4b:27:5b:e5:07:a1:54:73:4e:7a:95:3c:
cb:19:3a:06:97:86:ab:c7:43:01:96:f5:41:54:a5:
73:16:2c:f5:4e:6d:d7:88:7b:a6:2a:24:39:72:ba:
66:ac:f0:e9:4a:42:cc:6b:28:78:82:74:5f:76:88:
83:23:00:3f:5b:2a:74:7e:db:e2:5b:9f:a1:05:0f:
e7:8d:13:c1:88:8a:33:ff:e3:7a:9a:dc:68:3b:d3:
90:c5:28:40:aa:44:a9:fe:2c:9a:01:87:8a:ed:09:
a4:d0:bf:e9:39:bb:e2:fe:59:7a:4a:85:bd:cb:ef:
3d:de:86:36:9c:0f:ce:c0:e5:82:9a:0e:e6:30:a4:
33:d0:2b:4d:2d:25:84:fa:ff:76:a4:83:1a:b1:33:
bb:cb:b9:46:ad:1e:1e:5f:28:a5:b7:2e:12:c1:1d:
1e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:6F:FE:1E:7F:A8:93:F5:20:E6:58:74:DB:FE:54:EF:61:2A:4A:0B
X509v3 Authority Key Identifier:
keyid:A1:51:CF:EF:8F:3E:D8:6D:11:AE:AB:AD:4D:19:E0:6A:5D:07:0D:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:ce:25:b1:8b:85:4c:65:11:c5:3e:9e:de:66:06:9a:04:c1:
50:50:27:7e:58:aa:2d:26:b7:06:c5:0f:c8:7c:c6:9d:90:b3:
d3:40:38:52:6a:f4:97:7a:1f:01:d8:9b:4e:b2:4e:2f:f3:e8:
e6:57:ab:b4:1f:31:a5:92:81:97:d9:01:49:17:db:c2:6e:33:
e2:d5:b9:b7:a3:66:24:3e:2a:25:43:a4:97:84:2b:a6:a3:db:
b5:4c:31:0a:04:bd:6d:2b:2c:84:5e:1c:bc:92:ac:19:09:45:
0e:55:b8:54:02:b0:13:56:a8:44:35:fa:c4:fe:06:3b:98:b6:
fd:ed:6d:9f:21:b2:57:95:24:6a:b8:5c:70:cb:dd:15:0b:e9:
65:d1:ce:2b:f3:42:98:44:a5:1f:16:06:1a:5b:ce:69:42:0f:
6e:81:16:eb:8a:3b:d6:43:96:b7:05:c9:0d:47:cc:97:27:ec:
72:69:2c:e8:98:9a:34:a9:ab:fa:89:57:de:7a:04:a3:dc:ad:
05:b0:0b:f0:85:02:d0:43:33:d9:0b:7b:82:5a:e9:8e:5b:46:
35:9a:22:c1:ed:48:47:5a:5c:d6:d7:90:01:fc:55:e7:4f:e9:
32:b3:52:8b:2b:d1:ce:05:41:54:55:6c:cf:68:1e:82:27:59:
2a:f9:b0:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBGhUXY5ffulazKlUWOntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNTFjZmVmOGYzZWQ4NmQxMWFlYWJhZDRkMTllMDZhNWQw
NzBkMzAwHhcNMjYwMzI2MTIwMDI0WhcNMjYwMzI3MTIwMDI0WjAzMTEwLwYDVQQD
EyhmZTZmZmUxZTdmYTg5M2Y1MjBlNjU4NzRkYmZlNTRlZjYxMmE0YTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwW+i5voyIUoHpbgCcVbsW1IhC+y1
P+qZ6B5z6RiR9F0VJ/9c/VxwEzsDW86MNOc2xUbRoui/0y97X8aVYMndXEWWZo+f
Q889BXEddhcWq/ua9HCM0gZg0cyp3kVLJ1vlB6FUc056lTzLGToGl4arx0MBlvVB
VKVzFiz1Tm3XiHumKiQ5crpmrPDpSkLMayh4gnRfdoiDIwA/Wyp0ftviW5+hBQ/n
jRPBiIoz/+N6mtxoO9OQxShAqkSp/iyaAYeK7Qmk0L/pObvi/ll6SoW9y+893oY2
nA/OwOWCmg7mMKQz0CtNLSWE+v92pIMasTO7y7lGrR4eXyilty4SwR0eGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5v/h5/qJP1IOZYdNv+VO9hKkoLMB8GA1UdIwQY
MBaAFKFRz++PPthtEa6rrU0Z4GpdBw0wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS85NTliOWYtMTQwOC00Y2Y3LThlNzUt
NDA0NmEzMmQyN2E0LzEvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS85NTliOWYtMTQwOC00Y2Y3LThlNzUtNDA0NmEzMmQyN2E0
LzEvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGs4lsYuF
TGURxT6e3mYGmgTBUFAnfliqLSa3BsUPyHzGnZCz00A4Umr0l3ofAdibTrJOL/Po
5lertB8xpZKBl9kBSRfbwm4z4tW5t6NmJD4qJUOkl4QrpqPbtUwxCgS9bSsshF4c
vJKsGQlFDlW4VAKwE1aoRDX6xP4GO5i2/e1tnyGyV5UkarhccMvdFQvpZdHOK/NC
mESlHxYGGlvOaUIPboEW64o71kOWtwXJDUfMlyfscmks6JiaNKmr+olX3noEo9yt
BbAL8IUC0EMz2Qt7glrpjltGNZoiwe1IR1pc1teQAfxV50/pMrNSiyvRzgVBVFVs
z2gegidZKvmwCg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:22:44 2026 by rpki-client