Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
File: OpL12TZ1K68tDfcTKZSZzs-p9I0.mft (raw, json)
Hash identifier: vGnzzL2I1NvZwKW6h0hQEy7o1jo/coHa9jCBMPnAGR8=
Subject key identifier: 2D:17:E1:02:87:DD:30:EC:51:A9:B3:E0:DD:04:B5:6A:B8:79:3D:F4
Authority key identifier: 3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
Certificate issuer: /CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Certificate serial: 019D99CFCC9BD381372E2E927C67995ACC89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
Manifest number: 18C8
Signing time: Fri 17 Apr 2026 05:00:25 +0000
Manifest this update: Fri 17 Apr 2026 05:00:25 +0000
Manifest next update: Sat 18 Apr 2026 05:00:25 +0000
Files and hashes: 1: LAK8MpI2c0abasjZoSw7_w7kgs4.roa (hash: clU497fVHM51q9eiZ1bT8jJiNXCByxpgSNSxbj5Sv9U=)
2: OpL12TZ1K68tDfcTKZSZzs-p9I0.crl (hash: D+5qlo2+0QJfjPRDD/W+xSbb0MK7YLOPoS3M1Cai2SA=)
3: jksHLXQsL8kIaSdyy1KKgItGkLM.roa (hash: SvVYKXT2yItHZ/QXEnN9YsWJ7pv9MmMOoAi6wKxSVaU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:cf:cc:9b:d3:81:37:2e:2e:92:7c:67:99:5a:cc:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Validity
Not Before: Apr 17 05:00:25 2026 GMT
Not After : Apr 18 05:00:25 2026 GMT
Subject: CN=2d17e10287dd30ec51a9b3e0dd04b56ab8793df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d1:54:2a:1d:b8:81:e2:a9:2e:c7:cf:a7:98:
7d:2c:36:12:74:b9:d5:85:58:77:35:72:8d:22:98:
68:05:fc:90:2c:e9:cd:2d:7c:96:69:ca:5b:a2:c6:
22:80:f3:b9:84:be:21:b9:5c:99:e5:d1:4e:a8:e6:
46:2a:29:7e:1c:f8:fd:9c:26:32:fc:5e:48:d8:6b:
80:f3:67:ae:ed:15:78:4f:d2:8e:86:d3:08:63:6a:
6b:9a:ef:27:f7:7b:5f:51:11:d6:03:5d:37:5d:80:
f4:80:cf:67:95:a5:ef:b4:81:21:5e:48:b6:9a:f8:
73:8d:cd:0a:39:f6:fb:58:47:c7:16:62:d6:f1:e7:
42:75:ab:92:7a:77:1d:7d:b8:f1:97:ce:95:dd:3b:
c5:c8:83:94:e9:8d:2d:7e:13:0f:38:4a:88:ae:3f:
ce:0a:11:79:59:d5:d2:1d:d2:11:95:b3:5c:b0:62:
5d:4d:22:68:fe:81:06:60:6e:50:c9:14:a6:98:79:
0d:4b:cc:80:9a:5b:92:95:a7:e6:38:76:4f:41:ad:
6e:57:10:1c:73:e6:cb:11:d0:a6:1c:22:52:84:cc:
00:f4:9f:ee:53:84:2e:7e:19:8d:08:51:df:46:9f:
97:0d:24:48:68:1d:64:21:b8:25:bf:a7:7d:72:42:
52:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:17:E1:02:87:DD:30:EC:51:A9:B3:E0:DD:04:B5:6A:B8:79:3D:F4
X509v3 Authority Key Identifier:
keyid:3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:06:c0:38:cd:32:31:d5:ae:75:51:14:ac:ef:8f:5b:6e:f8:
c4:6d:e3:05:b2:83:b7:6f:55:4b:c4:29:8d:4f:48:bf:82:ac:
7e:d5:de:f7:ef:46:ab:33:c7:6a:20:9b:43:d5:ff:98:a3:f6:
4b:a1:b0:d9:76:30:3e:15:26:3a:1a:49:ab:ec:e9:62:db:f3:
34:dc:81:e6:49:b8:00:6e:24:76:b8:0f:5b:b5:dc:c4:44:d1:
37:c8:07:8a:fd:c6:98:af:19:20:bf:9f:01:e4:cb:bf:df:99:
ad:af:2b:af:fd:8b:24:ff:ea:4a:fd:db:37:71:ef:4e:81:f1:
51:cd:de:bc:da:e5:b8:80:3c:58:39:37:f6:95:29:fb:81:33:
1f:81:d8:e9:74:e7:92:f2:d8:96:18:ac:6d:65:70:db:90:9f:
79:16:30:89:98:4b:51:ee:37:9a:f7:05:90:d4:76:7f:27:70:
d1:de:b7:35:aa:d8:d0:b1:bd:e5:d7:fe:2b:d2:d6:61:28:81:
7b:27:db:c0:e9:95:3d:34:53:20:b0:a9:3b:46:b6:47:ca:1c:
0a:e5:41:d1:b7:52:b4:03:28:25:35:99:7b:82:81:54:88:72:
ab:0c:e9:d5:e4:e7:e9:90:82:fd:88:d9:e3:2f:fd:e7:ce:4c:
31:11:a0:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Zz8yb04E3Li6SfGeZWsyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTJmNWQ5MzY3NTJiYWYyZDBkZjcxMzI5OTQ5OWNlY2Zh
OWY0OGQwHhcNMjYwNDE3MDUwMDI1WhcNMjYwNDE4MDUwMDI1WjAzMTEwLwYDVQQD
EygyZDE3ZTEwMjg3ZGQzMGVjNTFhOWIzZTBkZDA0YjU2YWI4NzkzZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19FUKh24geKpLsfPp5h9LDYSdLnV
hVh3NXKNIphoBfyQLOnNLXyWacpbosYigPO5hL4huVyZ5dFOqOZGKil+HPj9nCYy
/F5I2GuA82eu7RV4T9KOhtMIY2prmu8n93tfURHWA103XYD0gM9nlaXvtIEhXki2
mvhzjc0KOfb7WEfHFmLW8edCdauSencdfbjxl86V3TvFyIOU6Y0tfhMPOEqIrj/O
ChF5WdXSHdIRlbNcsGJdTSJo/oEGYG5QyRSmmHkNS8yAmluSlafmOHZPQa1uVxAc
c+bLEdCmHCJShMwA9J/uU4QufhmNCFHfRp+XDSRIaB1kIbglv6d9ckJS9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC0X4QKH3TDsUamz4N0EtWq4eT30MB8GA1UdIwQY
MBaAFDqS9dk2dSuvLQ33EymUmc7PqfSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTIt
MTY5NmIyNDZjZDUwLzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTItMTY5NmIyNDZjZDUw
LzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYQbAOM0y
MdWudVEUrO+PW274xG3jBbKDt29VS8QpjU9Iv4KsftXe9+9GqzPHaiCbQ9X/mKP2
S6Gw2XYwPhUmOhpJq+zpYtvzNNyB5km4AG4kdrgPW7XcxETRN8gHiv3GmK8ZIL+f
AeTLv9+Zra8rr/2LJP/qSv3bN3HvToHxUc3evNrluIA8WDk39pUp+4EzH4HY6XTn
kvLYlhisbWVw25CfeRYwiZhLUe43mvcFkNR2fydw0d63NarY0LG95df+K9LWYSiB
eyfbwOmVPTRTILCpO0a2R8ocCuVB0bdStAMoJTWZe4KBVIhyqwzp1eTn6ZCC/YjZ
4y/9585MMRGgUw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:09:39 2026 by rpki-client