Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft
File: OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft (raw, json)
Hash identifier: GE3sXXLrmhIQTIDxbDfN977oLl50coB3NfudKdhDtaM=
Subject key identifier: 78:8A:1C:35:92:D0:1A:B8:31:5E:2A:44:6F:13:E8:4D:7B:D3:3D:28
Authority key identifier: 3A:E0:09:62:47:A8:C5:4E:5D:E8:C1:B0:DA:F1:05:4A:EC:8C:C4:50
Certificate issuer: /CN=3ae0096247a8c54e5de8c1b0daf1054aec8cc450
Certificate serial: 019D2CCFE4539819544C74CC1CC3B781D29F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft
Manifest number: 1888
Signing time: Fri 27 Mar 2026 01:01:54 +0000
Manifest this update: Fri 27 Mar 2026 01:01:54 +0000
Manifest next update: Sat 28 Mar 2026 01:01:54 +0000
Files and hashes: 1: OuAJYkeoxU5d6MGw2vEFSuyMxFA.crl (hash: tKc0S8TjtJewSzFaj/hyZhFVh5M0ro2Xk8oE+KjsMt8=)
2: r2XaIkvbtNRIA7GDmackHk60QAM.roa (hash: 5qhD+1z/Ukex+udgPBqOlQgjbCAqwLAXHXdPV8FaxfA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2c:cf:e4:53:98:19:54:4c:74:cc:1c:c3:b7:81:d2:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ae0096247a8c54e5de8c1b0daf1054aec8cc450
Validity
Not Before: Mar 27 01:01:54 2026 GMT
Not After : Mar 28 01:01:54 2026 GMT
Subject: CN=788a1c3592d01ab8315e2a446f13e84d7bd33d28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:81:ca:6a:10:27:c8:e5:3f:24:a3:e2:90:fb:
36:5e:e4:79:7d:03:8f:a7:91:00:33:4f:a6:48:7d:
60:df:0e:ac:19:cd:3f:68:11:1a:28:83:ad:7b:3e:
38:ce:37:87:01:47:00:99:96:90:77:3a:14:e4:bb:
5f:6b:04:c2:fb:ab:5b:20:57:d4:85:84:dd:de:39:
3e:be:61:2b:de:ee:8b:eb:fd:f0:11:46:3c:46:49:
c9:a8:e7:db:96:ed:e5:99:ca:7e:f6:b2:60:67:af:
3e:89:8b:a1:9b:51:44:5f:42:14:93:ec:41:f8:dc:
9a:3e:d2:23:a2:e3:11:2f:af:7e:e6:24:f0:9d:fc:
74:8c:bd:ed:03:70:71:0f:da:56:31:9e:5c:b0:7b:
73:d3:1b:8d:e1:31:c5:4f:af:12:30:cf:89:34:9f:
c5:4b:5b:ac:ff:84:b9:aa:c0:27:5d:60:cd:42:b3:
5f:45:55:3a:4d:2f:30:40:c8:1c:ee:14:21:30:e5:
0e:d3:35:65:21:a5:69:b9:93:29:1d:79:49:63:c3:
bb:b7:1a:bf:d6:58:ca:88:7f:71:62:d3:8e:0e:4e:
e1:54:c7:11:11:4e:96:35:35:cc:f1:00:0a:8f:23:
21:1c:5d:84:39:36:cc:5c:b8:46:a6:ac:d6:68:ea:
a2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:8A:1C:35:92:D0:1A:B8:31:5E:2A:44:6F:13:E8:4D:7B:D3:3D:28
X509v3 Authority Key Identifier:
keyid:3A:E0:09:62:47:A8:C5:4E:5D:E8:C1:B0:DA:F1:05:4A:EC:8C:C4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:ff:59:98:4a:7b:b4:ee:23:e3:89:3a:57:2d:9e:d7:96:94:
96:cd:1e:a2:0f:f4:c1:0e:53:bd:2a:a9:fb:9d:68:98:ab:ce:
c9:36:60:66:7d:91:6b:2f:2f:fa:6d:f7:86:21:30:90:9b:a9:
66:74:b1:d0:99:cb:f5:36:36:97:31:5e:90:3d:aa:d8:35:8f:
6b:a9:ce:2e:09:00:f5:6f:97:00:09:98:9e:e0:a1:1d:f1:9c:
ef:b4:9d:46:29:1e:94:3c:4d:cd:5a:ee:62:e7:00:e9:6d:f6:
99:f6:ba:41:7f:3f:96:ec:47:62:c3:a5:81:c8:79:16:05:a6:
75:1b:8e:b3:c9:7b:9b:e1:8a:c2:a5:ec:5d:a0:a9:51:91:7c:
32:a1:13:f4:93:a6:90:3a:a8:7d:c1:64:83:aa:34:11:d6:bb:
4c:f0:f2:fe:07:54:53:12:e7:5d:87:58:64:51:b4:a0:82:08:
a6:a0:85:e9:c7:60:c2:dc:be:01:a4:db:fc:7e:bf:30:43:a7:
b2:a7:be:2c:80:0c:c1:f4:6f:6e:c7:25:c1:15:fd:50:b7:0b:
e9:d4:e0:50:4b:95:fa:b4:3a:b7:19:50:24:46:e9:f2:7e:ef:
37:b1:18:d9:24:f3:23:97:2a:73:93:50:8c:97:15:0b:70:f7:
ae:c3:1b:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0sz+RTmBlUTHTMHMO3gdKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZTAwOTYyNDdhOGM1NGU1ZGU4YzFiMGRhZjEwNTRhZWM4
Y2M0NTAwHhcNMjYwMzI3MDEwMTU0WhcNMjYwMzI4MDEwMTU0WjAzMTEwLwYDVQQD
Eyg3ODhhMWMzNTkyZDAxYWI4MzE1ZTJhNDQ2ZjEzZTg0ZDdiZDMzZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIHKahAnyOU/JKPikPs2XuR5fQOP
p5EAM0+mSH1g3w6sGc0/aBEaKIOtez44zjeHAUcAmZaQdzoU5LtfawTC+6tbIFfU
hYTd3jk+vmEr3u6L6/3wEUY8RknJqOfblu3lmcp+9rJgZ68+iYuhm1FEX0IUk+xB
+NyaPtIjouMRL69+5iTwnfx0jL3tA3BxD9pWMZ5csHtz0xuN4THFT68SMM+JNJ/F
S1us/4S5qsAnXWDNQrNfRVU6TS8wQMgc7hQhMOUO0zVlIaVpuZMpHXlJY8O7txq/
1ljKiH9xYtOODk7hVMcREU6WNTXM8QAKjyMhHF2EOTbMXLhGpqzWaOqi3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHiKHDWS0Bq4MV4qRG8T6E170z0oMB8GA1UdIwQY
MBaAFDrgCWJHqMVOXejBsNrxBUrsjMRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wYWE0OTQtOTMwOC00N2VlLWE4MDgt
Yjk3MjIxNDQ1MTNmLzEvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wYWE0OTQtOTMwOC00N2VlLWE4MDgtYjk3MjIxNDQ1MTNm
LzEvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE/9ZmEp7
tO4j44k6Vy2e15aUls0eog/0wQ5TvSqp+51omKvOyTZgZn2Ray8v+m33hiEwkJup
ZnSx0JnL9TY2lzFekD2q2DWPa6nOLgkA9W+XAAmYnuChHfGc77SdRikelDxNzVru
YucA6W32mfa6QX8/luxHYsOlgch5FgWmdRuOs8l7m+GKwqXsXaCpUZF8MqET9JOm
kDqofcFkg6o0Eda7TPDy/gdUUxLnXYdYZFG0oIIIpqCF6cdgwty+AaTb/H6/MEOn
sqe+LIAMwfRvbsclwRX9ULcL6dTgUEuV+rQ6txlQJEbp8n7vN7EY2STzI5cqc5NQ
jJcVC3D3rsMb4g==
-----END CERTIFICATE-----
Generated at Fri Mar 27 06:41:49 2026 by rpki-client