Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft
File: OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft (raw, json)
Hash identifier: IgWHRLnut8ybuki0M3We2dd7NjUJ2EtUhaMNxDng7XQ=
Subject key identifier: 10:68:AC:17:61:00:79:FD:E7:84:6E:DF:57:01:9A:11:D9:D3:E2:B3
Authority key identifier: 38:F2:37:98:B6:73:93:E4:03:9E:3F:95:55:E2:14:D6:73:7C:13:51
Certificate issuer: /CN=38f23798b67393e4039e3f9555e214d6737c1351
Certificate serial: 019CAB3419DF70899E4A016CCDAD46A1035E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPI3mLZzk-QDnj-VVeIU1nN8E1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft
Manifest number: 1849
Signing time: Sun 01 Mar 2026 21:00:44 +0000
Manifest this update: Sun 01 Mar 2026 21:00:44 +0000
Manifest next update: Mon 02 Mar 2026 21:00:44 +0000
Files and hashes: 1: LnaW5765Yz17Jsu6jhp4pcS4phE.roa (hash: IQeYGnlewk42LV1orLSIQiV+CC/nS8IwBcXiQsT3VkU=)
2: OPI3mLZzk-QDnj-VVeIU1nN8E1E.crl (hash: heNyKvBNEatbPoepkQOtBBkN/0eSLiQj8eqFoQsVHn0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft
rsync://rpki.ripe.net/repository/DEFAULT/OPI3mLZzk-QDnj-VVeIU1nN8E1E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:19:df:70:89:9e:4a:01:6c:cd:ad:46:a1:03:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38f23798b67393e4039e3f9555e214d6737c1351
Validity
Not Before: Mar 1 21:00:44 2026 GMT
Not After : Mar 2 21:00:44 2026 GMT
Subject: CN=1068ac17610079fde7846edf57019a11d9d3e2b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8f:e6:5d:59:bd:43:f7:8c:d8:aa:19:c6:0c:
49:9f:31:4a:9c:fc:04:42:e2:4e:c8:27:1f:50:90:
76:52:42:fb:af:59:b5:4d:b6:b3:f1:a1:49:ab:0e:
41:fb:a9:43:95:60:91:27:bf:7d:3e:4d:8d:64:06:
29:8a:4a:c3:c2:38:fb:f5:97:22:13:a7:cc:91:a9:
3f:b8:2e:b1:97:a3:ae:26:f5:9f:57:66:25:e9:c0:
ad:e8:54:4e:e8:ad:43:88:49:48:85:a4:cf:91:26:
54:3c:c2:ce:75:f4:2b:5b:7f:47:52:09:78:ca:e2:
a0:b4:75:2c:42:f0:74:86:ce:19:e5:da:fe:b1:61:
4f:47:db:46:60:35:7e:e8:c1:2b:32:a8:18:ea:8d:
8e:1a:c5:d1:ab:85:81:71:32:c2:b1:00:87:28:30:
ab:07:26:69:26:5c:11:8e:61:cd:0b:bb:77:05:c8:
20:96:ae:ec:48:24:28:b8:34:f7:10:71:1e:58:ed:
e6:4f:4e:82:15:f9:1d:b0:9f:7c:cb:b1:76:8c:bd:
81:4f:a6:f2:83:47:5b:42:30:01:0a:64:80:0b:bb:
47:ce:55:08:d3:88:d9:58:be:46:0f:7a:36:df:f9:
35:9c:d4:62:37:a2:ce:d1:2a:c3:40:de:d8:e6:73:
a3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:68:AC:17:61:00:79:FD:E7:84:6E:DF:57:01:9A:11:D9:D3:E2:B3
X509v3 Authority Key Identifier:
keyid:38:F2:37:98:B6:73:93:E4:03:9E:3F:95:55:E2:14:D6:73:7C:13:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPI3mLZzk-QDnj-VVeIU1nN8E1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:12:fa:47:96:0b:a1:e2:27:57:1e:fd:51:77:fc:ab:1b:46:
94:dd:be:aa:31:3a:11:b2:6d:bc:54:b1:6a:f5:1d:96:aa:b9:
79:1e:1d:19:c2:bc:33:85:72:69:10:e3:0d:63:f1:d7:2f:5e:
6d:11:c6:9f:2e:99:b3:e0:14:12:be:f2:87:57:c5:50:91:42:
83:a1:87:d1:44:f7:12:5d:e6:a8:79:3a:97:f1:bc:1a:f4:ae:
73:1e:02:a2:68:c0:19:89:98:c5:ad:de:81:52:d4:85:36:ee:
3f:d1:1c:85:32:f7:9e:26:49:42:ee:87:46:1a:6f:2c:4c:75:
a2:03:5d:f1:bc:a9:aa:2a:89:0c:79:a0:30:c1:46:ce:0b:62:
7a:17:d4:04:44:af:03:11:5c:74:ab:bb:d0:a2:ae:bd:d7:4b:
f1:45:b8:44:15:41:21:47:92:20:b4:44:61:18:4f:bc:44:af:
c9:9f:11:88:19:69:ec:4d:8a:3a:cd:9a:dc:64:ea:12:98:de:
52:ad:ae:3f:f9:c7:cc:6d:a0:d7:56:22:3d:db:c9:f4:d0:83:
b3:0e:78:77:b2:f4:50:0e:e6:5e:f1:22:34:f7:d2:89:e2:c9:
52:ae:13:9f:a0:cf:57:e7:6b:40:2a:85:d1:55:28:b1:36:67:
a6:32:b0:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNBnfcImeSgFsza1GoQNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZjIzNzk4YjY3MzkzZTQwMzllM2Y5NTU1ZTIxNGQ2NzM3
YzEzNTEwHhcNMjYwMzAxMjEwMDQ0WhcNMjYwMzAyMjEwMDQ0WjAzMTEwLwYDVQQD
EygxMDY4YWMxNzYxMDA3OWZkZTc4NDZlZGY1NzAxOWExMWQ5ZDNlMmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI/mXVm9Q/eM2KoZxgxJnzFKnPwE
QuJOyCcfUJB2UkL7r1m1Tbaz8aFJqw5B+6lDlWCRJ799Pk2NZAYpikrDwjj79Zci
E6fMkak/uC6xl6OuJvWfV2Yl6cCt6FRO6K1DiElIhaTPkSZUPMLOdfQrW39HUgl4
yuKgtHUsQvB0hs4Z5dr+sWFPR9tGYDV+6MErMqgY6o2OGsXRq4WBcTLCsQCHKDCr
ByZpJlwRjmHNC7t3Bcgglq7sSCQouDT3EHEeWO3mT06CFfkdsJ98y7F2jL2BT6by
g0dbQjABCmSAC7tHzlUI04jZWL5GD3o23/k1nNRiN6LO0SrDQN7Y5nOj0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBBorBdhAHn954Ru31cBmhHZ0+KzMB8GA1UdIwQY
MBaAFDjyN5i2c5PkA54/lVXiFNZzfBNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BJM21MWnprLVFEbmotVlZlSVUxbk44RTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy85YWI0YzktMGMxMC00NjcxLWJkZDQt
NzMwZmNkMGU1ZGNhLzEvT1BJM21MWnprLVFEbmotVlZlSVUxbk44RTFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy85YWI0YzktMGMxMC00NjcxLWJkZDQtNzMwZmNkMGU1ZGNh
LzEvT1BJM21MWnprLVFEbmotVlZlSVUxbk44RTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWBL6R5YL
oeInVx79UXf8qxtGlN2+qjE6EbJtvFSxavUdlqq5eR4dGcK8M4VyaRDjDWPx1y9e
bRHGny6Zs+AUEr7yh1fFUJFCg6GH0UT3El3mqHk6l/G8GvSucx4ComjAGYmYxa3e
gVLUhTbuP9EchTL3niZJQu6HRhpvLEx1ogNd8bypqiqJDHmgMMFGzgtiehfUBESv
AxFcdKu70KKuvddL8UW4RBVBIUeSILREYRhPvESvyZ8RiBlp7E2KOs2a3GTqEpje
Uq2uP/nHzG2g11YiPdvJ9NCDsw54d7L0UA7mXvEiNPfSieLJUq4Tn6DPV+drQCqF
0VUosTZnpjKw3g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:28:58 2026 by rpki-client