Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
File: OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft (raw, json)
Hash identifier: nFYvqmDA8XNMat5MEAtMkJvahaFpJJD4GQbt9jTQQGI=
Subject key identifier: 43:B7:42:20:DC:65:A4:77:77:6F:41:35:0E:28:0F:D5:D8:1E:42:A7
Authority key identifier: 39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A
Certificate issuer: /CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a
Certificate serial: 019D996245241A8F2CE773371E1F91E73CDB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
Manifest number: 1044
Signing time: Fri 17 Apr 2026 03:00:47 +0000
Manifest this update: Fri 17 Apr 2026 03:00:47 +0000
Manifest next update: Sat 18 Apr 2026 03:00:47 +0000
Files and hashes: 1: OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl (hash: zazlLp5+6Oz+L5BDTCp9/DW91ttBpzND+RY8XTilguw=)
2: qvZ-nKf7EFh0r3KXcsWmv_aLkqs.roa (hash: XaQIlBTlE+Jhvgae5CyaS1DgkFx27OpIcetptyKOkgg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 03:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:62:45:24:1a:8f:2c:e7:73:37:1e:1f:91:e7:3c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a
Validity
Not Before: Apr 17 03:00:47 2026 GMT
Not After : Apr 18 03:00:47 2026 GMT
Subject: CN=43b74220dc65a477776f41350e280fd5d81e42a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ac:54:12:ff:5c:50:8d:bd:5f:df:6d:39:42:
b4:d2:1e:49:cd:f0:61:35:d0:5b:2e:a1:5b:8f:8e:
a6:f4:26:f6:a7:88:b7:31:d3:6d:df:95:21:a2:c9:
3e:c0:e5:65:8c:6f:96:40:78:6b:c6:98:8a:f2:dd:
67:58:ee:70:28:3d:ee:0c:02:61:b9:d6:6c:96:a9:
67:3f:a9:d7:7b:85:12:4b:91:52:d9:12:75:b2:52:
d2:2c:b1:68:72:19:be:86:4a:a2:a6:61:ff:35:05:
71:9b:89:25:db:23:ec:80:ee:0d:a0:4c:ec:96:b6:
88:6c:2f:b3:6f:ee:16:a8:ff:80:d9:a5:62:3f:87:
73:20:a0:ed:b4:21:09:76:3c:42:a6:fd:1d:6d:ec:
94:04:5a:28:2c:bf:09:71:28:ef:69:53:8d:bc:75:
41:56:36:6e:a0:8f:37:68:8f:0c:94:13:c6:e9:1d:
cc:7c:54:d9:79:ee:a8:a8:9b:0c:31:a2:9e:b8:bc:
93:b2:cb:8c:b1:c6:9d:56:7b:8c:1a:af:a0:60:20:
52:21:47:29:82:d7:a8:69:2d:ec:f5:80:61:bb:25:
fe:bc:8e:cd:b0:bc:0c:f9:64:0a:2e:0c:1b:a5:0c:
5b:43:94:00:6b:6c:88:3f:1f:fe:84:30:b1:64:65:
db:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B7:42:20:DC:65:A4:77:77:6F:41:35:0E:28:0F:D5:D8:1E:42:A7
X509v3 Authority Key Identifier:
keyid:39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:4d:b7:69:2d:50:18:82:79:70:fd:1c:60:ad:cf:24:9c:8c:
ad:1a:18:9c:76:65:4d:c2:09:23:09:2c:4a:23:7b:5d:bc:00:
ec:3f:73:cc:5a:c9:62:cb:7e:e4:ee:b0:89:87:bc:d9:6f:7c:
c8:7c:6d:91:58:40:fa:71:fa:02:1a:d2:c0:e9:37:24:fa:13:
6e:ab:1a:32:dd:16:8d:1f:bb:c1:8c:50:bd:28:e5:69:63:77:
c7:df:ef:c2:c4:8f:87:f1:c5:35:07:4d:17:77:2f:85:0a:9e:
3d:6a:e0:f6:c2:be:d0:ba:f1:85:b5:8f:c0:07:ec:d0:ef:de:
de:79:b6:6a:48:a6:08:db:e3:33:48:06:0f:ff:d3:81:de:b9:
1c:60:97:79:13:a4:47:9d:1f:f3:2e:99:42:d4:cd:96:f1:81:
5b:05:a6:02:ce:36:17:1f:41:b3:1a:a7:13:af:d6:ae:82:c7:
f5:9f:78:e2:65:da:a1:16:06:b7:71:62:3f:30:ea:bb:cc:bd:
94:3d:e2:65:69:73:56:e7:f7:24:f7:f0:05:ea:07:39:87:c9:
17:cb:ba:18:01:10:bc:b7:5e:c5:55:55:0b:4b:9d:1e:15:ab:
23:17:af:5b:51:6f:47:c5:9f:71:30:d9:30:ad:ed:50:d1:f4:
39:48:8a:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYkUkGo8s53M3Hh+R5zzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWRjMTM2MTlhYWJhN2YyMjJjZWFjYjA1ZjFiYmFjNTli
ZDNhOWEwHhcNMjYwNDE3MDMwMDQ3WhcNMjYwNDE4MDMwMDQ3WjAzMTEwLwYDVQQD
Eyg0M2I3NDIyMGRjNjVhNDc3Nzc2ZjQxMzUwZTI4MGZkNWQ4MWU0MmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaxUEv9cUI29X99tOUK00h5JzfBh
NdBbLqFbj46m9Cb2p4i3MdNt35Uhosk+wOVljG+WQHhrxpiK8t1nWO5wKD3uDAJh
udZslqlnP6nXe4USS5FS2RJ1slLSLLFochm+hkqipmH/NQVxm4kl2yPsgO4NoEzs
lraIbC+zb+4WqP+A2aViP4dzIKDttCEJdjxCpv0dbeyUBFooLL8JcSjvaVONvHVB
VjZuoI83aI8MlBPG6R3MfFTZee6oqJsMMaKeuLyTssuMscadVnuMGq+gYCBSIUcp
gteoaS3s9YBhuyX+vI7NsLwM+WQKLgwbpQxbQ5QAa2yIPx/+hDCxZGXbgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEO3QiDcZaR3d29BNQ4oD9XYHkKnMB8GA1UdIwQY
MBaAFDmdwTYZqrp/IizqywXxu6xZvTqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTkt
MDAzMmZkYzU0NTBiLzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTktMDAzMmZkYzU0NTBi
LzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlU23aS1Q
GIJ5cP0cYK3PJJyMrRoYnHZlTcIJIwksSiN7XbwA7D9zzFrJYst+5O6wiYe82W98
yHxtkVhA+nH6AhrSwOk3JPoTbqsaMt0WjR+7wYxQvSjlaWN3x9/vwsSPh/HFNQdN
F3cvhQqePWrg9sK+0LrxhbWPwAfs0O/e3nm2akimCNvjM0gGD//Tgd65HGCXeROk
R50f8y6ZQtTNlvGBWwWmAs42Fx9BsxqnE6/WroLH9Z944mXaoRYGt3FiPzDqu8y9
lD3iZWlzVuf3JPfwBeoHOYfJF8u6GAEQvLdexVVVC0udHhWrIxevW1FvR8WfcTDZ
MK3tUNH0OUiKbg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:45:45 2026 by rpki-client