Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.mft
File: OoTf7z1RB7hPx3xW3PeeBf6cc1E.mft (raw, json)
Hash identifier: kJGufXTHhPXNWeD93fuops8T9SZh57OH+5u1J+YXnqc=
Subject key identifier: B1:F2:44:39:4B:BF:8E:6D:76:9C:F0:B4:4E:58:87:F1:B2:21:A9:A7
Authority key identifier: 3A:84:DF:EF:3D:51:07:B8:4F:C7:7C:56:DC:F7:9E:05:FE:9C:73:51
Certificate issuer: /CN=3a84dfef3d5107b84fc77c56dcf79e05fe9c7351
Certificate serial: 019D29CDD0BBE19F7E34443F2240DE5C6B47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OoTf7z1RB7hPx3xW3PeeBf6cc1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.mft
Manifest number: 12A2
Signing time: Thu 26 Mar 2026 11:00:47 +0000
Manifest this update: Thu 26 Mar 2026 11:00:47 +0000
Manifest next update: Fri 27 Mar 2026 11:00:47 +0000
Files and hashes: 1: OoTf7z1RB7hPx3xW3PeeBf6cc1E.crl (hash: x638tE78ocf9SCu5jtirh1PHLIQNEX61lbJJb5Fod8U=)
2: YMwIWblxxdgG2PErs0i8hdeLN_I.roa (hash: MLrLMjAo1D27u4EH1t9gBEoOSZR3KZexjLZQqipMzrU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.mft
rsync://rpki.ripe.net/repository/DEFAULT/OoTf7z1RB7hPx3xW3PeeBf6cc1E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:cd:d0:bb:e1:9f:7e:34:44:3f:22:40:de:5c:6b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a84dfef3d5107b84fc77c56dcf79e05fe9c7351
Validity
Not Before: Mar 26 11:00:47 2026 GMT
Not After : Mar 27 11:00:47 2026 GMT
Subject: CN=b1f244394bbf8e6d769cf0b44e5887f1b221a9a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4a:f3:fb:35:7e:c6:48:18:a6:11:fe:47:b6:
f5:ff:ce:34:92:d4:2a:53:8e:08:1d:a4:13:b1:ec:
07:1c:f9:1f:d6:08:e2:6e:03:13:1b:27:4e:d3:29:
ba:42:b1:56:83:de:86:0c:41:cd:1a:70:23:25:b7:
18:50:71:7b:c1:7c:ed:98:67:dd:a3:27:ba:1e:4e:
76:d5:89:6d:54:fe:95:5f:bc:1b:75:09:ad:39:08:
9d:45:7f:04:d3:f6:1d:a1:83:d9:96:02:29:6e:bb:
a0:08:d8:ca:28:a2:14:24:e1:0f:77:d0:08:94:4f:
59:89:9f:86:55:91:73:a0:56:2d:b6:63:1e:d6:1b:
c9:fb:9a:3d:8b:e5:17:bc:cc:54:4e:cc:71:82:a8:
e3:89:77:1e:6d:22:47:eb:b9:f2:98:a1:d8:63:42:
08:cf:d7:c6:67:86:78:1f:68:9d:6c:22:ea:94:c0:
44:4a:7f:94:19:ff:c0:44:0e:d9:20:ca:da:cf:1d:
66:d8:ca:fa:f2:d5:1f:00:c5:2b:10:37:dd:bc:cf:
75:0b:da:7a:1a:88:9c:32:be:b6:b9:47:a5:cc:8a:
1e:6a:9c:56:94:64:4d:20:b8:68:ab:d7:37:4c:eb:
1f:69:f6:77:ee:bd:b7:d3:2c:03:76:23:c1:15:2a:
56:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F2:44:39:4B:BF:8E:6D:76:9C:F0:B4:4E:58:87:F1:B2:21:A9:A7
X509v3 Authority Key Identifier:
keyid:3A:84:DF:EF:3D:51:07:B8:4F:C7:7C:56:DC:F7:9E:05:FE:9C:73:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoTf7z1RB7hPx3xW3PeeBf6cc1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:8b:5a:43:e0:63:2b:8b:fb:bd:fd:bb:49:e4:5b:04:89:1e:
89:63:fd:56:4c:1b:17:a9:4e:6e:d9:e5:b9:9d:54:41:3b:ff:
8a:ee:91:2e:4a:ae:78:3e:4e:a5:23:ff:b2:7f:a5:58:d5:13:
0b:17:cb:15:7e:64:8b:d9:ea:aa:d1:de:8a:5c:e9:06:81:70:
e6:86:3a:b6:51:84:fc:80:40:8c:38:de:2c:4a:db:aa:31:12:
3d:31:6f:30:1d:00:41:c8:cb:85:c5:87:c7:38:52:4d:aa:33:
a6:b4:3a:93:16:43:98:c0:90:9d:63:2c:53:9f:ef:45:7e:65:
37:fc:6f:43:10:a0:c5:c9:db:2f:d8:8f:0e:f7:f9:00:ea:c3:
59:34:a7:5f:2a:35:4d:5d:c5:df:1f:39:a2:e1:fb:20:5b:55:
06:06:3e:cd:86:80:2d:c9:01:88:61:ff:68:a5:b4:ec:b0:8a:
c7:11:74:31:00:a4:ee:0c:2a:3e:0f:0b:8e:78:d7:c9:71:fa:
fe:5e:12:0e:cd:88:7f:1a:ff:b4:f8:c7:d1:f7:9c:ab:34:2c:
47:b0:00:6f:3c:ce:81:cf:08:d5:dd:a1:c9:3b:41:72:7a:6c:
c6:31:b2:54:77:a6:78:51:8a:f3:14:50:0e:49:7f:d4:f3:8e:
b8:b1:49:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzdC74Z9+NEQ/IkDeXGtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODRkZmVmM2Q1MTA3Yjg0ZmM3N2M1NmRjZjc5ZTA1ZmU5
YzczNTEwHhcNMjYwMzI2MTEwMDQ3WhcNMjYwMzI3MTEwMDQ3WjAzMTEwLwYDVQQD
EyhiMWYyNDQzOTRiYmY4ZTZkNzY5Y2YwYjQ0ZTU4ODdmMWIyMjFhOWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3krz+zV+xkgYphH+R7b1/840ktQq
U44IHaQTsewHHPkf1gjibgMTGydO0ym6QrFWg96GDEHNGnAjJbcYUHF7wXztmGfd
oye6Hk521YltVP6VX7wbdQmtOQidRX8E0/YdoYPZlgIpbrugCNjKKKIUJOEPd9AI
lE9ZiZ+GVZFzoFYttmMe1hvJ+5o9i+UXvMxUTsxxgqjjiXcebSJH67nymKHYY0II
z9fGZ4Z4H2idbCLqlMBESn+UGf/ARA7ZIMrazx1m2Mr68tUfAMUrEDfdvM91C9p6
GoicMr62uUelzIoeapxWlGRNILhoq9c3TOsfafZ37r230ywDdiPBFSpWWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHyRDlLv45tdpzwtE5Yh/GyIamnMB8GA1UdIwQY
MBaAFDqE3+89UQe4T8d8Vtz3ngX+nHNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29UZjd6MVJCN2hQeDN4VzNQZWVCZjZjYzFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNGI3ZjMtNDBjZS00MmVkLWE5M2It
NWU4ZGVkYWM5Y2I3LzEvT29UZjd6MVJCN2hQeDN4VzNQZWVCZjZjYzFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNGI3ZjMtNDBjZS00MmVkLWE5M2ItNWU4ZGVkYWM5Y2I3
LzEvT29UZjd6MVJCN2hQeDN4VzNQZWVCZjZjYzFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaotaQ+Bj
K4v7vf27SeRbBIkeiWP9VkwbF6lObtnluZ1UQTv/iu6RLkqueD5OpSP/sn+lWNUT
CxfLFX5ki9nqqtHeilzpBoFw5oY6tlGE/IBAjDjeLErbqjESPTFvMB0AQcjLhcWH
xzhSTaozprQ6kxZDmMCQnWMsU5/vRX5lN/xvQxCgxcnbL9iPDvf5AOrDWTSnXyo1
TV3F3x85ouH7IFtVBgY+zYaALckBiGH/aKW07LCKxxF0MQCk7gwqPg8LjnjXyXH6
/l4SDs2Ifxr/tPjH0fecqzQsR7AAbzzOgc8I1d2hyTtBcnpsxjGyVHemeFGK8xRQ
Dkl/1POOuLFJ/Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:52:00 2026 by rpki-client