Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
File: OzdnJSANjYwAzw91FK8l_zYjEPA.mft (raw, json)
Hash identifier: LkQbipX4b92W6uaYQXWA0Jpz76I0QS+rJRaX4B8SXtQ=
Subject key identifier: 19:98:D1:03:4C:BE:6D:FA:B5:53:AF:8E:9F:8A:3C:B5:EC:BD:09:65
Authority key identifier: 3B:37:67:25:20:0D:8D:8C:00:CF:0F:75:14:AF:25:FF:36:23:10:F0
Certificate issuer: /CN=3b376725200d8d8c00cf0f7514af25ff362310f0
Certificate serial: 019D9A3E23C2BB1EFE7A6F1B20F721599475
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
Manifest number: 18C3
Signing time: Fri 17 Apr 2026 07:00:56 +0000
Manifest this update: Fri 17 Apr 2026 07:00:56 +0000
Manifest next update: Sat 18 Apr 2026 07:00:56 +0000
Files and hashes: 1: OzdnJSANjYwAzw91FK8l_zYjEPA.crl (hash: wfO5kXTzj68siu4hFWJNGyAodvW5uP+Bzavl3TCPcao=)
2: cpS1wHSQ6aTdnwNWUDjBZlgAC7Y.roa (hash: XiHOtWW1/pqGi1+Lnl6yq25m5xXc7tXDYaQje+WHC+0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:3e:23:c2:bb:1e:fe:7a:6f:1b:20:f7:21:59:94:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b376725200d8d8c00cf0f7514af25ff362310f0
Validity
Not Before: Apr 17 07:00:56 2026 GMT
Not After : Apr 18 07:00:56 2026 GMT
Subject: CN=1998d1034cbe6dfab553af8e9f8a3cb5ecbd0965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:db:dd:90:4a:ae:b2:1e:e6:50:de:99:67:2b:
33:3d:b0:56:c1:cc:6e:a6:96:86:4a:b6:59:8f:0c:
61:34:62:5e:50:a1:8a:a2:5a:0b:62:9b:82:32:c7:
12:06:81:79:d2:1c:fa:24:5c:b0:67:4c:62:39:78:
7e:d1:00:67:17:9b:50:a7:fc:0d:5d:2c:a4:50:08:
63:8b:c1:1d:b8:98:6e:54:35:0a:03:79:3c:66:c6:
46:5e:68:fd:3b:66:81:7d:4e:e4:12:14:ea:db:8c:
76:c9:f7:ce:a0:50:4c:4d:59:01:1b:b6:e1:db:1f:
3f:83:0f:8f:b5:67:01:df:b4:a8:12:76:5f:13:16:
38:18:f2:29:5e:2f:24:83:80:03:d5:e6:7d:fb:cb:
1b:13:6d:fe:5d:47:b2:50:91:da:4c:f2:51:80:c5:
5d:12:40:bb:4a:09:e8:12:07:27:10:7c:b5:33:2a:
55:9e:02:2a:8e:45:64:57:6d:52:b1:20:bb:44:14:
f8:10:53:fd:43:ec:7a:83:0d:3f:b8:7f:a3:82:ec:
64:5f:11:1c:b3:93:83:62:bb:71:3f:7d:5a:d9:9a:
47:fc:06:e7:16:f9:76:03:cd:c0:d4:e8:e0:92:e5:
ca:1b:93:65:69:fd:bb:d1:d6:87:bb:70:d8:53:77:
f5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:98:D1:03:4C:BE:6D:FA:B5:53:AF:8E:9F:8A:3C:B5:EC:BD:09:65
X509v3 Authority Key Identifier:
keyid:3B:37:67:25:20:0D:8D:8C:00:CF:0F:75:14:AF:25:FF:36:23:10:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:13:5e:02:0b:af:bd:24:8f:47:82:0b:08:de:08:cc:d3:93:
92:1a:5f:14:46:48:c4:87:17:29:41:56:37:0e:47:c8:cc:3e:
14:89:96:85:b3:a2:05:4a:82:79:9f:cc:c1:4f:ef:bc:11:a1:
ca:e9:db:9e:55:83:e6:21:a6:dc:79:80:d3:86:1d:e9:96:7a:
ea:14:8f:01:a3:d9:8f:8b:df:2f:79:0e:85:94:6f:3e:c7:3f:
a9:fe:ab:f8:d9:c0:8b:2a:6f:4c:4d:c3:39:69:b3:05:58:83:
39:fe:6c:cb:c5:57:16:f5:55:90:d0:36:2d:64:ea:de:b7:a3:
df:89:8a:56:66:b8:a3:9e:1b:fa:12:11:03:b8:ff:bd:2f:f5:
3d:84:0d:2b:e5:2a:e4:2f:32:3f:9e:f6:a5:3d:4f:0c:14:c3:
93:58:0c:e1:94:cc:db:a6:70:7f:74:e9:12:52:ec:ed:29:08:
d8:ff:07:0c:8f:a8:16:67:2f:5a:ad:87:af:63:38:ee:fe:b2:
f5:93:b5:f5:91:43:13:a7:25:8c:8a:69:f1:7f:00:f8:99:d7:
df:20:19:b8:c6:9f:95:2f:bb:91:14:3d:29:4f:41:55:65:70:
8f:6a:c2:c5:d6:86:ad:30:5d:76:6f:12:de:22:22:2d:3e:8d:
aa:b4:72:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPiPCux7+em8bIPchWZR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMzc2NzI1MjAwZDhkOGMwMGNmMGY3NTE0YWYyNWZmMzYy
MzEwZjAwHhcNMjYwNDE3MDcwMDU2WhcNMjYwNDE4MDcwMDU2WjAzMTEwLwYDVQQD
EygxOTk4ZDEwMzRjYmU2ZGZhYjU1M2FmOGU5ZjhhM2NiNWVjYmQwOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotvdkEqush7mUN6ZZyszPbBWwcxu
ppaGSrZZjwxhNGJeUKGKoloLYpuCMscSBoF50hz6JFywZ0xiOXh+0QBnF5tQp/wN
XSykUAhji8EduJhuVDUKA3k8ZsZGXmj9O2aBfU7kEhTq24x2yffOoFBMTVkBG7bh
2x8/gw+PtWcB37SoEnZfExY4GPIpXi8kg4AD1eZ9+8sbE23+XUeyUJHaTPJRgMVd
EkC7SgnoEgcnEHy1MypVngIqjkVkV21SsSC7RBT4EFP9Q+x6gw0/uH+jguxkXxEc
s5ODYrtxP31a2ZpH/AbnFvl2A83A1OjgkuXKG5Nlaf270daHu3DYU3f1aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmY0QNMvm36tVOvjp+KPLXsvQllMB8GA1UdIwQY
MBaAFDs3ZyUgDY2MAM8PdRSvJf82IxDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9lNTRhNjMtMzZiNC00Njg0LTkxNTkt
MjkyMDk4ZGEyZTM5LzEvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9lNTRhNjMtMzZiNC00Njg0LTkxNTktMjkyMDk4ZGEyZTM5
LzEvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdRNeAguv
vSSPR4ILCN4IzNOTkhpfFEZIxIcXKUFWNw5HyMw+FImWhbOiBUqCeZ/MwU/vvBGh
yunbnlWD5iGm3HmA04Yd6ZZ66hSPAaPZj4vfL3kOhZRvPsc/qf6r+NnAiypvTE3D
OWmzBViDOf5sy8VXFvVVkNA2LWTq3rej34mKVma4o54b+hIRA7j/vS/1PYQNK+Uq
5C8yP572pT1PDBTDk1gM4ZTM26Zwf3TpElLs7SkI2P8HDI+oFmcvWq2Hr2M47v6y
9ZO19ZFDE6cljIpp8X8A+JnX3yAZuMaflS+7kRQ9KU9BVWVwj2rCxdaGrTBddm8S
3iIiLT6NqrRyWw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:52:58 2026 by rpki-client