Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.mft
File: oFa0I4Othizmo3StLKbTbCVNx7E.mft (raw, json)
Hash identifier: j7O3o4XNVvoeE04RrtAhSEhoJKfsmzYSuEElo6jhs74=
Subject key identifier: AB:A0:DE:D5:E7:19:10:A4:3A:D5:51:F9:DE:AA:2E:7F:65:1C:BD:08
Authority key identifier: A0:56:B4:23:83:AD:86:2C:E6:A3:74:AD:2C:A6:D3:6C:25:4D:C7:B1
Certificate issuer: /CN=a056b42383ad862ce6a374ad2ca6d36c254dc7b1
Certificate serial: 019D27DF5D9FD0ADA71B1D65C8AA6D156D89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.mft
Manifest number: 17AB
Signing time: Thu 26 Mar 2026 02:00:43 +0000
Manifest this update: Thu 26 Mar 2026 02:00:43 +0000
Manifest next update: Fri 27 Mar 2026 02:00:43 +0000
Files and hashes: 1: PGTd-Arp7Vz3rSSs0l8FiGHSz58.roa (hash: ClKyMhw4ls8O+22d3zwyr4Of9HO2Cqaa8e0NaPqWqxo=)
2: oFa0I4Othizmo3StLKbTbCVNx7E.crl (hash: v0X1GwXkythNF/3hPs1vUWl2fyGlJozWZzCTEdCCATA=)
3: pteb03Zrz-92mfGhlVuUAxWiO1c.roa (hash: Tlsfv5MPyjgb+Ws3wZ+t04Extj+nRQ2rvjb3jvw/n0Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:5d:9f:d0:ad:a7:1b:1d:65:c8:aa:6d:15:6d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a056b42383ad862ce6a374ad2ca6d36c254dc7b1
Validity
Not Before: Mar 26 02:00:43 2026 GMT
Not After : Mar 27 02:00:43 2026 GMT
Subject: CN=aba0ded5e71910a43ad551f9deaa2e7f651cbd08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:52:c0:d1:10:37:32:5d:fc:04:44:6a:9d:01:
12:f2:c0:51:ec:7d:6c:0a:c2:56:03:60:17:5c:b3:
47:ea:5e:94:ac:3f:22:82:3d:59:b3:a2:a7:ce:4f:
81:68:ef:cf:61:cb:92:2b:b1:57:87:66:45:a2:1d:
94:1f:df:dc:36:1d:c3:19:15:fd:b9:da:52:8b:b4:
a4:5a:d8:03:6d:11:a4:c2:b0:46:f8:40:14:78:f8:
71:c5:2e:0a:c4:09:6f:03:fb:8e:31:43:d4:e6:86:
7a:a2:06:ce:dd:98:32:68:e6:68:2e:f5:77:6c:cd:
ef:81:59:f5:af:22:0f:21:e2:46:f4:fc:68:9e:71:
a5:07:fa:0e:46:6c:31:1d:ce:f6:ee:99:b7:c6:7f:
16:f9:3d:b9:f2:3e:fe:21:56:b3:03:65:c2:ec:c0:
38:bb:01:4c:9a:35:a4:b5:76:d8:fd:05:00:44:2f:
89:43:de:00:ba:ab:fa:c8:97:9f:84:ea:59:e9:bf:
9a:1b:9b:88:aa:a5:b5:90:64:a9:05:ac:02:3b:cf:
23:db:b3:cb:8c:57:60:92:7e:70:0b:da:f0:24:87:
d9:9a:2c:e2:58:a9:a0:c5:11:35:e1:1d:6d:65:ea:
00:20:56:fc:b5:a4:77:ec:39:1d:4b:36:8a:40:9f:
f9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A0:DE:D5:E7:19:10:A4:3A:D5:51:F9:DE:AA:2E:7F:65:1C:BD:08
X509v3 Authority Key Identifier:
keyid:A0:56:B4:23:83:AD:86:2C:E6:A3:74:AD:2C:A6:D3:6C:25:4D:C7:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:15:1d:20:a1:03:50:9d:da:b7:1d:b3:6d:3f:41:8f:3c:18:
77:b4:ee:3e:81:71:e0:e1:ee:22:5b:dd:a6:f5:7c:48:10:a4:
1b:45:9e:8c:d2:40:70:08:f6:7a:6d:bb:65:b1:29:e9:c6:e0:
1e:d6:98:04:ed:fa:40:27:cd:1f:56:ca:b8:7b:21:09:c5:b7:
33:27:2d:4d:f4:21:85:5d:52:65:4c:0b:29:8e:53:68:e0:b5:
d6:b6:55:e3:03:27:db:5d:94:10:ff:89:30:ce:ff:27:3e:2a:
a5:a8:87:cf:77:8f:1c:bb:c6:6b:32:12:19:b3:4a:5d:de:da:
47:e6:2f:bc:49:ff:3d:66:b5:bc:c0:d0:6b:9c:e4:3d:c9:d7:
03:9d:ad:ca:42:cc:f0:57:da:22:c6:22:04:07:48:a8:cf:79:
f8:cc:63:2d:04:a0:d4:b1:6c:76:bc:07:71:32:9b:c6:4c:6e:
7a:d9:ec:45:38:2b:76:94:cf:e6:da:6e:a1:e4:3a:e7:ad:44:
3b:33:b5:5a:48:37:0f:69:a9:89:ad:e9:65:0d:54:f2:5f:5e:
7e:95:82:40:df:e6:b0:21:40:a0:82:2c:97:01:9c:81:16:9d:
ea:c2:38:28:5f:65:0a:e3:f2:34:b1:c8:8a:3b:13:05:c5:95:
c5:67:e9:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n312f0K2nGx1lyKptFW2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTZiNDIzODNhZDg2MmNlNmEzNzRhZDJjYTZkMzZjMjU0
ZGM3YjEwHhcNMjYwMzI2MDIwMDQzWhcNMjYwMzI3MDIwMDQzWjAzMTEwLwYDVQQD
EyhhYmEwZGVkNWU3MTkxMGE0M2FkNTUxZjlkZWFhMmU3ZjY1MWNiZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41LA0RA3Ml38BERqnQES8sBR7H1s
CsJWA2AXXLNH6l6UrD8igj1Zs6Knzk+BaO/PYcuSK7FXh2ZFoh2UH9/cNh3DGRX9
udpSi7SkWtgDbRGkwrBG+EAUePhxxS4KxAlvA/uOMUPU5oZ6ogbO3ZgyaOZoLvV3
bM3vgVn1ryIPIeJG9PxonnGlB/oORmwxHc727pm3xn8W+T258j7+IVazA2XC7MA4
uwFMmjWktXbY/QUARC+JQ94Auqv6yJefhOpZ6b+aG5uIqqW1kGSpBawCO88j27PL
jFdgkn5wC9rwJIfZmiziWKmgxRE14R1tZeoAIFb8taR37DkdSzaKQJ/5tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKug3tXnGRCkOtVR+d6qLn9lHL0IMB8GA1UdIwQY
MBaAFKBWtCODrYYs5qN0rSym02wlTcexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZhMEk0T3RoaXptbzNTdExLYlRiQ1ZOeDdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zZThkY2MtYTc2NC00NGJlLWI1MDct
OWIzZGQ0MTdjMzA4LzEvb0ZhMEk0T3RoaXptbzNTdExLYlRiQ1ZOeDdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zZThkY2MtYTc2NC00NGJlLWI1MDctOWIzZGQ0MTdjMzA4
LzEvb0ZhMEk0T3RoaXptbzNTdExLYlRiQ1ZOeDdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdRUdIKED
UJ3atx2zbT9BjzwYd7TuPoFx4OHuIlvdpvV8SBCkG0WejNJAcAj2em27ZbEp6cbg
HtaYBO36QCfNH1bKuHshCcW3MyctTfQhhV1SZUwLKY5TaOC11rZV4wMn212UEP+J
MM7/Jz4qpaiHz3ePHLvGazISGbNKXd7aR+YvvEn/PWa1vMDQa5zkPcnXA52tykLM
8FfaIsYiBAdIqM95+MxjLQSg1LFsdrwHcTKbxkxuetnsRTgrdpTP5tpuoeQ6561E
OzO1Wkg3D2mpia3pZQ1U8l9efpWCQN/msCFAoIIslwGcgRad6sI4KF9lCuPyNLHI
ijsTBcWVxWfpJw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:51:04 2026 by rpki-client