Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier: JsvH7Q8BhI3224WII0NHfyNDMzzvGgpr/u8jQOaLQUs=
Subject key identifier: A5:7B:61:63:68:4D:5C:6C:9F:A8:34:97:5E:F5:57:59:D5:6F:58:38
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 019D265FF21B716408FFE4E7328EFFAC8C8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number: 10D4
Signing time: Wed 25 Mar 2026 19:01:55 +0000
Manifest this update: Wed 25 Mar 2026 19:01:55 +0000
Manifest next update: Thu 26 Mar 2026 19:01:55 +0000
Files and hashes: 1: RvaTJRlt29ftCtqE0WpwZqGpE9g.roa (hash: StTKZA1GU7wGVFQWDEqlmDXT/zh0mjE1gXIOwpYnhZU=)
2: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: RS6qdF2oKytiRElPvf1Yie2kZtglWLpcVBc+VtQQlJQ=)
3: oTJ_SiNI-sTWNycV04ya44fLP9Q.roa (hash: oQAMQxzLon76LhylB305yCYYWrb8zMDw4+N6NR6rHCY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:f2:1b:71:64:08:ff:e4:e7:32:8e:ff:ac:8c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Mar 25 19:01:55 2026 GMT
Not After : Mar 26 19:01:55 2026 GMT
Subject: CN=a57b6163684d5c6c9fa834975ef55759d56f5838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4d:4b:a9:83:7c:c3:2d:e3:ae:15:5f:27:f3:
44:38:76:65:fa:1c:ae:c7:0f:d0:e9:01:3d:aa:d2:
d1:67:ee:0b:d8:e7:b7:cc:49:52:33:30:8c:4e:2a:
d5:62:fc:4a:be:75:e2:4a:66:07:cb:e6:6f:ec:a9:
d6:ad:30:cd:8c:b5:26:88:00:7d:91:bb:d9:43:0e:
94:c2:7a:5c:0f:cd:f1:80:f0:1c:2f:8f:75:18:ae:
51:f7:89:5e:e4:15:10:7f:63:a0:0a:60:40:e9:f1:
f4:d7:a6:77:15:d8:14:c0:9c:61:92:ec:75:ec:15:
75:71:dd:d8:11:61:3c:99:76:9b:a7:55:97:a1:89:
df:a1:62:f6:85:93:72:fe:7d:d0:58:14:7b:05:51:
90:6d:23:db:cf:4c:77:b2:f2:95:db:4b:2f:de:c4:
32:d6:b0:28:4e:9b:7f:28:ff:24:57:ee:b3:d6:ff:
cd:0f:6a:4e:16:b5:9c:3c:97:cb:08:67:70:62:ae:
2d:b0:96:e3:86:86:bd:aa:2d:bb:06:60:a8:f8:cf:
f1:21:01:45:fc:10:fe:cd:cc:2f:eb:e0:15:87:78:
1f:35:a0:d6:67:c3:41:49:3f:5a:29:e2:c2:de:c2:
d4:52:8f:9f:b1:49:44:cc:b6:b7:c0:1a:1c:9d:26:
db:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:7B:61:63:68:4D:5C:6C:9F:A8:34:97:5E:F5:57:59:D5:6F:58:38
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:53:f5:e6:66:7f:3f:96:e2:a5:37:fe:6f:4a:9d:df:88:48:
f5:c0:55:66:5f:b9:55:78:0f:6b:f4:bf:68:6c:71:64:f6:41:
b7:f7:29:30:0f:31:ec:c8:1a:04:62:40:f8:f3:f4:50:a6:41:
1c:03:6c:63:22:be:36:cf:0a:16:57:02:e8:88:4b:c5:e9:b9:
77:2a:f8:69:71:ce:15:52:46:13:85:ab:37:8e:f5:37:73:87:
da:8c:2d:e9:fd:05:0a:78:7e:73:b0:2e:ed:4b:21:1a:e1:73:
c9:36:50:ea:da:0c:b5:3e:54:e6:ee:ab:36:a9:9f:61:fe:ba:
62:f9:e1:26:15:1c:c6:13:0c:a0:bf:a9:ba:6c:9a:b5:43:76:
25:1e:9d:b0:c6:8c:e0:8a:49:79:b3:8c:db:8d:62:94:7b:b0:
0d:df:98:42:23:ce:23:71:9f:10:fa:fb:50:22:33:d5:ae:aa:
0d:4c:9c:f2:b0:41:1e:7d:d5:5d:bd:b4:2c:86:b5:66:4e:59:
56:2e:92:3b:74:dd:81:5a:7d:43:db:19:95:82:18:52:91:dd:
c9:93:8c:bc:a4:86:70:e7:a4:5c:0b:32:5a:c1:db:cc:a6:52:
02:15:73:de:d6:c5:e5:44:58:be:b4:36:a0:96:48:2b:b4:78:
4c:31:75:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX/IbcWQI/+TnMo7/rIyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjYwMzI1MTkwMTU1WhcNMjYwMzI2MTkwMTU1WjAzMTEwLwYDVQQD
EyhhNTdiNjE2MzY4NGQ1YzZjOWZhODM0OTc1ZWY1NTc1OWQ1NmY1ODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjE1LqYN8wy3jrhVfJ/NEOHZl+hyu
xw/Q6QE9qtLRZ+4L2Oe3zElSMzCMTirVYvxKvnXiSmYHy+Zv7KnWrTDNjLUmiAB9
kbvZQw6UwnpcD83xgPAcL491GK5R94le5BUQf2OgCmBA6fH016Z3FdgUwJxhkux1
7BV1cd3YEWE8mXabp1WXoYnfoWL2hZNy/n3QWBR7BVGQbSPbz0x3svKV20sv3sQy
1rAoTpt/KP8kV+6z1v/ND2pOFrWcPJfLCGdwYq4tsJbjhoa9qi27BmCo+M/xIQFF
/BD+zcwv6+AVh3gfNaDWZ8NBST9aKeLC3sLUUo+fsUlEzLa3wBocnSbb8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKV7YWNoTVxsn6g0l171V1nVb1g4MB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg1P15mZ/
P5bipTf+b0qd34hI9cBVZl+5VXgPa/S/aGxxZPZBt/cpMA8x7MgaBGJA+PP0UKZB
HANsYyK+Ns8KFlcC6IhLxem5dyr4aXHOFVJGE4WrN471N3OH2owt6f0FCnh+c7Au
7UshGuFzyTZQ6toMtT5U5u6rNqmfYf66YvnhJhUcxhMMoL+pumyatUN2JR6dsMaM
4IpJebOM241ilHuwDd+YQiPOI3GfEPr7UCIz1a6qDUyc8rBBHn3VXb20LIa1Zk5Z
Vi6SO3TdgVp9Q9sZlYIYUpHdyZOMvKSGcOekXAsyWsHbzKZSAhVz3tbF5URYvrQ2
oJZIK7R4TDF1cg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:56:39 2026 by rpki-client