Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/5aa05a-720e-4d56-a3a8-a01c37b88728/1/OzoF27nHf6Fu0QRpdHpcbm6riN4.mft
File: OzoF27nHf6Fu0QRpdHpcbm6riN4.mft (raw, json)
Hash identifier: zHPFF9UpvirjiiPn7qf00LaZgXHjpGdjkuo7UKeVJYs=
Subject key identifier: A8:F4:FA:41:60:F2:2A:47:8C:A0:8B:0D:2D:E6:D1:74:48:20:32:D0
Authority key identifier: 3B:3A:05:DB:B9:C7:7F:A1:6E:D1:04:69:74:7A:5C:6E:6E:AB:88:DE
Certificate issuer: /CN=3b3a05dbb9c77fa16ed10469747a5c6e6eab88de
Certificate serial: 019D2703F1F27E5EE5E63A94F4927CF32790
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzoF27nHf6Fu0QRpdHpcbm6riN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/5aa05a-720e-4d56-a3a8-a01c37b88728/1/OzoF27nHf6Fu0QRpdHpcbm6riN4.mft
Manifest number: 0867
Signing time: Wed 25 Mar 2026 22:01:03 +0000
Manifest this update: Wed 25 Mar 2026 22:01:03 +0000
Manifest next update: Thu 26 Mar 2026 22:01:03 +0000
Files and hashes: 1: 8StX0WxvVxL5fDtFqnpRuPragb8.roa (hash: KTc11CLRkDoDh2bPnpdqQKRTLCJiEbLK9vVpkNsL14o=)
2: OzoF27nHf6Fu0QRpdHpcbm6riN4.crl (hash: TzQUWl+2a7k4BfrmcMxN//MmSLtizsjpq4nO1AXLeAo=)
3: bb_iJ1U1Lf6VC6Ovl038VnEkd0c.roa (hash: x4RJFA42s0Y6MhAsHNXRTYoSOIZLJ8yZ/qGJdWD8hcc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/5aa05a-720e-4d56-a3a8-a01c37b88728/1/OzoF27nHf6Fu0QRpdHpcbm6riN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/5aa05a-720e-4d56-a3a8-a01c37b88728/1/OzoF27nHf6Fu0QRpdHpcbm6riN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/OzoF27nHf6Fu0QRpdHpcbm6riN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:03:f1:f2:7e:5e:e5:e6:3a:94:f4:92:7c:f3:27:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3a05dbb9c77fa16ed10469747a5c6e6eab88de
Validity
Not Before: Mar 25 22:01:03 2026 GMT
Not After : Mar 26 22:01:03 2026 GMT
Subject: CN=a8f4fa4160f22a478ca08b0d2de6d174482032d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:55:94:ba:a9:ae:f9:60:5f:3f:13:dc:50:f2:
53:e3:fa:4f:b9:ff:a2:15:f1:35:9c:55:a0:11:fe:
4c:ae:bf:5e:11:bf:51:82:3d:33:1c:15:01:81:84:
9a:05:40:80:5a:fa:39:df:be:c6:e6:38:bb:d4:81:
b7:9b:a5:f7:d8:46:8f:1a:ea:39:d0:a0:2a:ec:aa:
e1:da:75:5d:f6:75:61:60:1b:df:e9:6f:12:4d:e1:
32:35:3d:84:33:e3:37:ea:f7:35:54:b0:5f:e7:3c:
27:22:fe:9d:ff:f7:f0:cc:be:2f:da:5c:ef:a6:50:
12:95:d2:99:d5:a9:a5:1f:4e:a2:9b:29:68:f4:e5:
0e:83:5d:4c:ee:b1:1f:e0:79:bf:60:ea:7d:90:a4:
82:4b:88:e9:5a:ff:b5:4f:f4:c9:c2:64:67:33:a1:
b5:03:0a:d1:45:be:38:d6:5e:14:fd:1e:67:09:e3:
c4:d2:88:8f:97:cc:c5:cc:51:c5:1a:eb:71:f3:74:
6f:15:fd:3b:a2:9a:85:e0:86:de:4d:e6:18:da:5e:
88:8c:c3:83:75:19:c8:04:52:ce:14:7e:45:2d:67:
3f:36:1e:bf:70:75:f2:34:f4:64:0b:61:9d:12:38:
c4:e3:90:f4:a1:c4:71:e5:f4:72:c5:c6:e1:97:d5:
60:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F4:FA:41:60:F2:2A:47:8C:A0:8B:0D:2D:E6:D1:74:48:20:32:D0
X509v3 Authority Key Identifier:
keyid:3B:3A:05:DB:B9:C7:7F:A1:6E:D1:04:69:74:7A:5C:6E:6E:AB:88:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzoF27nHf6Fu0QRpdHpcbm6riN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/5aa05a-720e-4d56-a3a8-a01c37b88728/1/OzoF27nHf6Fu0QRpdHpcbm6riN4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/5aa05a-720e-4d56-a3a8-a01c37b88728/1/OzoF27nHf6Fu0QRpdHpcbm6riN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:01:74:bf:77:47:31:70:2a:d7:80:09:5f:2f:3f:26:d8:89:
75:53:80:5c:4d:29:40:8d:69:32:a4:7f:3e:62:31:a2:77:d4:
60:6e:a9:2a:5a:03:fd:0f:ab:0c:a5:db:8b:17:36:50:38:cf:
f1:ad:db:b5:20:5a:ea:41:8b:5b:1b:8c:32:78:da:80:52:a7:
25:92:f0:65:49:88:74:77:b2:50:96:97:4b:25:b8:f0:3c:d3:
0c:64:1d:34:cc:6b:24:b5:06:54:75:ea:72:9c:cc:0f:11:b0:
27:7a:2d:65:58:e3:5d:90:3a:fe:e7:0b:29:54:98:e3:81:db:
86:00:4b:1b:9b:a3:85:aa:cc:7f:be:f1:ce:61:ba:fc:41:bf:
88:dd:23:bc:19:95:ba:ea:fa:fe:cc:8a:b6:a4:d0:79:cd:5c:
2e:2a:d6:f7:e2:6a:6c:cd:b8:4b:5f:56:4f:18:8a:ce:24:28:
91:53:2c:d1:ae:aa:1e:d2:a1:bb:5e:f8:3e:e8:c8:9e:f7:4c:
91:2f:c1:b0:e9:34:12:5b:71:af:af:48:45:16:da:85:ef:6b:
7c:54:40:66:68:db:b2:37:34:42:d3:bd:f5:f1:d7:72:d3:d7:
05:a8:c6:8e:67:0c:30:d1:0a:d0:c3:21:cb:1d:46:6b:69:71:
4d:b5:91:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA/Hyfl7l5jqU9JJ88yeQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiM2EwNWRiYjljNzdmYTE2ZWQxMDQ2OTc0N2E1YzZlNmVh
Yjg4ZGUwHhcNMjYwMzI1MjIwMTAzWhcNMjYwMzI2MjIwMTAzWjAzMTEwLwYDVQQD
EyhhOGY0ZmE0MTYwZjIyYTQ3OGNhMDhiMGQyZGU2ZDE3NDQ4MjAzMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1WUuqmu+WBfPxPcUPJT4/pPuf+i
FfE1nFWgEf5Mrr9eEb9Rgj0zHBUBgYSaBUCAWvo5377G5ji71IG3m6X32EaPGuo5
0KAq7Krh2nVd9nVhYBvf6W8STeEyNT2EM+M36vc1VLBf5zwnIv6d//fwzL4v2lzv
plASldKZ1amlH06imylo9OUOg11M7rEf4Hm/YOp9kKSCS4jpWv+1T/TJwmRnM6G1
AwrRRb441l4U/R5nCePE0oiPl8zFzFHFGutx83RvFf07opqF4IbeTeYY2l6IjMOD
dRnIBFLOFH5FLWc/Nh6/cHXyNPRkC2GdEjjE45D0ocRx5fRyxcbhl9VgNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKj0+kFg8ipHjKCLDS3m0XRIIDLQMB8GA1UdIwQY
MBaAFDs6Bdu5x3+hbtEEaXR6XG5uq4jeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pvRjI3bkhmNkZ1MFFScGRIcGNibTZyaU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS81YWEwNWEtNzIwZS00ZDU2LWEzYTgt
YTAxYzM3Yjg4NzI4LzEvT3pvRjI3bkhmNkZ1MFFScGRIcGNibTZyaU40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS81YWEwNWEtNzIwZS00ZDU2LWEzYTgtYTAxYzM3Yjg4NzI4
LzEvT3pvRjI3bkhmNkZ1MFFScGRIcGNibTZyaU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJQF0v3dH
MXAq14AJXy8/JtiJdVOAXE0pQI1pMqR/PmIxonfUYG6pKloD/Q+rDKXbixc2UDjP
8a3btSBa6kGLWxuMMnjagFKnJZLwZUmIdHeyUJaXSyW48DzTDGQdNMxrJLUGVHXq
cpzMDxGwJ3otZVjjXZA6/ucLKVSY44HbhgBLG5ujharMf77xzmG6/EG/iN0jvBmV
uur6/syKtqTQec1cLirW9+JqbM24S19WTxiKziQokVMs0a6qHtKhu174PujInvdM
kS/BsOk0Eltxr69IRRbahe9rfFRAZmjbsjc0QtO99fHXctPXBajGjmcMMNEK0MMh
yx1Ga2lxTbWRIA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:29:45 2026 by rpki-client