Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
File: OSG38e7pDZnilCGKk4dTweotwmc.mft (raw, json)
Hash identifier: TDhglY4cKcA+6TCH+9W8/FgXE2JEpuovJNqN5XHCrY8=
Subject key identifier: EC:51:F0:BC:AA:4A:DF:EC:04:FB:83:C3:3D:17:51:63:81:F4:A6:8C
Authority key identifier: 39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
Certificate issuer: /CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Certificate serial: 019D265FF475D18C5F8DD1DCFD3F665390FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
Manifest number: 1815
Signing time: Wed 25 Mar 2026 19:01:55 +0000
Manifest this update: Wed 25 Mar 2026 19:01:55 +0000
Manifest next update: Thu 26 Mar 2026 19:01:55 +0000
Files and hashes: 1: 68yVcmurp-TUH6bcEYJFrYBYlHA.roa (hash: GhcpVTrzvKoo7+y/CR4zZ8nvtr04ppIcAONYUpBet9U=)
2: OSG38e7pDZnilCGKk4dTweotwmc.crl (hash: Pl3u3HXghYkvGAyKVgnlr8kabXEqNZ4Y8DBFLF0QhKg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:f4:75:d1:8c:5f:8d:d1:dc:fd:3f:66:53:90:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Validity
Not Before: Mar 25 19:01:55 2026 GMT
Not After : Mar 26 19:01:55 2026 GMT
Subject: CN=ec51f0bcaa4adfec04fb83c33d17516381f4a68c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5d:b4:71:6f:43:49:53:71:c2:a3:d1:49:7e:
d4:b7:c3:cf:99:bf:d5:6f:d8:f4:12:02:4f:60:f4:
c8:5c:47:3c:a3:00:57:fe:4e:ce:7b:df:a4:a2:19:
cd:35:71:52:a9:f3:15:92:4a:61:82:01:7a:0e:57:
b5:de:c1:25:21:fd:7b:a5:71:48:1f:68:78:b2:93:
a4:ff:65:e4:b9:5f:33:24:d8:09:c7:07:d2:f7:ed:
c8:c7:fc:7d:c8:45:e9:52:58:eb:1f:1f:20:d3:29:
43:6a:05:28:6c:2e:ec:f6:64:e1:70:94:3b:0e:eb:
fc:5e:83:95:ca:74:ea:5b:07:10:7f:2a:7f:a1:ec:
0a:3e:b8:64:2d:30:07:61:58:43:50:f3:d5:b9:50:
55:67:7c:f2:40:05:ca:b3:63:c4:bc:d4:81:ce:70:
40:3e:49:d2:08:9d:90:37:d9:02:eb:cd:e6:4c:a5:
eb:35:17:07:bc:af:ef:af:c0:fa:49:96:62:6b:4b:
bf:18:0e:f3:13:da:9b:8e:9e:fa:38:cd:e6:6b:5c:
1b:53:4d:98:a5:4a:f3:ea:2d:ac:e7:2c:d1:66:00:
b4:16:33:53:ce:ba:d6:c2:8c:8e:1c:4d:00:4e:4e:
c4:b2:8c:75:04:c0:5b:17:12:bf:39:9d:8e:31:45:
a5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:51:F0:BC:AA:4A:DF:EC:04:FB:83:C3:3D:17:51:63:81:F4:A6:8C
X509v3 Authority Key Identifier:
keyid:39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:88:11:88:6c:a0:08:af:5a:dd:fe:2e:fc:fb:af:05:5b:98:
9b:37:72:5f:62:df:05:ec:b3:70:5e:2f:44:7d:ad:25:f6:a8:
7d:68:55:dc:d4:e1:20:d4:60:8b:12:69:66:86:70:74:68:03:
07:02:6a:31:f1:b7:fc:98:cd:d2:c6:26:58:35:47:d3:4b:fc:
ee:60:b7:5f:2a:32:cb:87:81:72:59:12:b1:df:0d:f2:5e:b2:
dc:1b:8f:1c:5f:cd:03:77:67:25:f3:54:ed:c9:00:6a:9a:f4:
05:20:0d:72:7a:03:96:02:1c:23:7e:18:e2:0f:75:94:6d:f4:
74:d4:0e:2e:69:01:fc:b3:a7:83:c7:e4:ac:6e:05:e7:7d:38:
10:c9:67:b6:e0:7b:d0:c9:c2:d8:67:29:1d:04:f2:e2:48:6e:
ec:c8:8f:97:7c:80:44:91:68:12:c1:77:fa:f0:5e:9e:9f:4e:
25:5d:c2:0f:70:72:37:9b:41:4c:79:ac:6c:bd:07:d1:2b:d0:
8b:ba:93:54:06:67:dc:a1:82:c7:3f:aa:b3:3a:8e:32:0e:01:
ab:4b:fa:2d:fe:3a:17:53:60:40:ec:af:16:5e:f9:00:88:b0:
3b:7b:e5:98:8e:33:1c:b8:07:72:3f:48:b6:00:90:42:e8:55:
0c:b5:4b:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX/R10YxfjdHc/T9mU5D+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MjFiN2YxZWVlOTBkOTllMjk0MjE4YTkzODc1M2MxZWEy
ZGMyNjcwHhcNMjYwMzI1MTkwMTU1WhcNMjYwMzI2MTkwMTU1WjAzMTEwLwYDVQQD
EyhlYzUxZjBiY2FhNGFkZmVjMDRmYjgzYzMzZDE3NTE2MzgxZjRhNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV20cW9DSVNxwqPRSX7Ut8PPmb/V
b9j0EgJPYPTIXEc8owBX/k7Oe9+kohnNNXFSqfMVkkphggF6Dle13sElIf17pXFI
H2h4spOk/2XkuV8zJNgJxwfS9+3Ix/x9yEXpUljrHx8g0ylDagUobC7s9mThcJQ7
Duv8XoOVynTqWwcQfyp/oewKPrhkLTAHYVhDUPPVuVBVZ3zyQAXKs2PEvNSBznBA
PknSCJ2QN9kC683mTKXrNRcHvK/vr8D6SZZia0u/GA7zE9qbjp76OM3ma1wbU02Y
pUrz6i2s5yzRZgC0FjNTzrrWwoyOHE0ATk7Esox1BMBbFxK/OZ2OMUWlMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOxR8LyqSt/sBPuDwz0XUWOB9KaMMB8GA1UdIwQY
MBaAFDkht/Hu6Q2Z4pQhipOHU8HqLcJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgt
MjQ0MWUxMGY2ZjhmLzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgtMjQ0MWUxMGY2Zjhm
LzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABogRiGyg
CK9a3f4u/PuvBVuYmzdyX2LfBeyzcF4vRH2tJfaofWhV3NThINRgixJpZoZwdGgD
BwJqMfG3/JjN0sYmWDVH00v87mC3Xyoyy4eBclkSsd8N8l6y3BuPHF/NA3dnJfNU
7ckAapr0BSANcnoDlgIcI34Y4g91lG30dNQOLmkB/LOng8fkrG4F5304EMlntuB7
0MnC2GcpHQTy4khu7MiPl3yARJFoEsF3+vBenp9OJV3CD3ByN5tBTHmsbL0H0SvQ
i7qTVAZn3KGCxz+qszqOMg4Bq0v6Lf46F1NgQOyvFl75AIiwO3vlmI4zHLgHcj9I
tgCQQuhVDLVLxQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:43:48 2026 by rpki-client