Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
File: OpL12TZ1K68tDfcTKZSZzs-p9I0.mft (raw, json)
Hash identifier: u2TTGUzZjwIBbvQAbFCcFtiWmNAcCnjC7IUnXQ6CKLs=
Subject key identifier: E8:98:0A:0A:42:B0:01:2E:18:7B:BB:9D:62:EE:BD:FC:7A:BF:71:7E
Authority key identifier: 3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
Certificate issuer: /CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Certificate serial: 019CAA58CF5E49154AE42547E15AF215AB4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
Manifest number: 184C
Signing time: Sun 01 Mar 2026 17:01:12 +0000
Manifest this update: Sun 01 Mar 2026 17:01:12 +0000
Manifest next update: Mon 02 Mar 2026 17:01:12 +0000
Files and hashes: 1: LAK8MpI2c0abasjZoSw7_w7kgs4.roa (hash: clU497fVHM51q9eiZ1bT8jJiNXCByxpgSNSxbj5Sv9U=)
2: OpL12TZ1K68tDfcTKZSZzs-p9I0.crl (hash: Pq9+laQYCUe78CLSkdgGr8SnpcwcxPjVR1yZ1khEcWM=)
3: jksHLXQsL8kIaSdyy1KKgItGkLM.roa (hash: SvVYKXT2yItHZ/QXEnN9YsWJ7pv9MmMOoAi6wKxSVaU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:cf:5e:49:15:4a:e4:25:47:e1:5a:f2:15:ab:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Validity
Not Before: Mar 1 17:01:12 2026 GMT
Not After : Mar 2 17:01:12 2026 GMT
Subject: CN=e8980a0a42b0012e187bbb9d62eebdfc7abf717e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d5:5f:87:55:1a:a2:03:6f:bd:ec:8c:d0:63:
24:07:2b:fb:fb:a3:05:01:e7:e0:52:eb:19:7a:d3:
fc:a6:c5:ef:05:45:23:6d:67:af:80:2c:a4:53:ed:
86:91:62:89:7c:cb:1c:40:9b:1b:73:3d:de:37:9a:
c2:9b:f9:67:e3:a5:c1:ae:00:90:1e:4a:00:34:70:
5d:85:d1:e6:3c:79:3d:5a:21:4a:19:5e:7c:e5:ba:
01:0a:91:4f:6f:53:07:3e:08:fa:27:a5:e5:bc:07:
91:23:55:fd:4d:f4:83:32:54:21:85:41:f9:0d:0d:
7b:1d:7c:55:d6:a3:f4:0c:f6:df:cf:5a:cf:62:06:
b8:82:d4:10:b3:eb:07:6d:f5:c2:7d:ce:d2:a3:97:
96:6f:bf:9b:d5:a1:a1:0b:bf:9e:33:7e:7d:36:d5:
72:13:08:c8:11:88:7c:f0:99:02:3e:40:78:71:71:
b3:1e:36:c6:50:f9:32:44:ad:1f:76:07:2d:05:4a:
30:21:fb:af:c0:eb:90:f8:ad:dd:84:dd:7a:23:11:
17:33:cf:62:02:23:d9:32:54:cc:a2:86:2a:ce:b9:
30:35:6b:3c:89:1d:c5:ca:23:38:91:fc:ea:15:d5:
8d:d6:50:67:b0:bf:ef:c0:4e:80:5d:64:2a:f3:1e:
3e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:98:0A:0A:42:B0:01:2E:18:7B:BB:9D:62:EE:BD:FC:7A:BF:71:7E
X509v3 Authority Key Identifier:
keyid:3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:bf:f7:84:bf:28:1a:03:77:f6:08:94:be:4d:cf:f2:fe:ca:
78:12:a8:76:89:79:8f:be:f9:0b:55:1e:98:eb:2a:3f:61:02:
e1:c5:dd:dd:b3:e4:3a:0b:6c:98:87:43:a2:0c:95:18:ab:2d:
8a:eb:cc:24:41:7f:6a:0a:67:e3:4f:91:78:16:3b:eb:9c:bb:
a2:28:db:e9:d9:7f:b9:3c:b5:47:4d:3d:ec:8e:cd:bf:97:de:
39:e3:e9:6f:0a:3e:2a:fa:0e:29:8e:d4:7b:87:ef:1a:de:39:
58:b0:6e:a5:d0:de:e0:56:53:cc:65:58:4b:27:7d:28:67:18:
d5:22:1b:e6:9b:3f:cb:cc:3e:6c:99:ff:dc:a9:44:3a:6e:23:
c7:16:ee:c4:b3:75:28:49:7e:17:43:2f:4a:eb:1c:ab:0d:c4:
99:0d:02:ae:56:ef:fc:96:b5:e1:77:dc:38:9d:2f:de:df:a8:
6d:6e:11:bf:64:8a:38:3e:b3:9d:11:9f:38:47:19:89:94:34:
03:3d:32:cf:41:0f:75:1b:03:2c:5a:b5:28:8d:47:64:26:17:
ca:a0:e7:c6:0c:a4:32:3e:90:da:7b:aa:f8:9a:ff:4b:92:c7:
56:f7:43:93:14:0d:95:77:11:21:a6:af:8b:5b:45:6c:28:08:
63:1d:b4:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWM9eSRVK5CVH4VryFatLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTJmNWQ5MzY3NTJiYWYyZDBkZjcxMzI5OTQ5OWNlY2Zh
OWY0OGQwHhcNMjYwMzAxMTcwMTEyWhcNMjYwMzAyMTcwMTEyWjAzMTEwLwYDVQQD
EyhlODk4MGEwYTQyYjAwMTJlMTg3YmJiOWQ2MmVlYmRmYzdhYmY3MTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNVfh1UaogNvveyM0GMkByv7+6MF
AefgUusZetP8psXvBUUjbWevgCykU+2GkWKJfMscQJsbcz3eN5rCm/ln46XBrgCQ
HkoANHBdhdHmPHk9WiFKGV585boBCpFPb1MHPgj6J6XlvAeRI1X9TfSDMlQhhUH5
DQ17HXxV1qP0DPbfz1rPYga4gtQQs+sHbfXCfc7So5eWb7+b1aGhC7+eM359NtVy
EwjIEYh88JkCPkB4cXGzHjbGUPkyRK0fdgctBUowIfuvwOuQ+K3dhN16IxEXM89i
AiPZMlTMooYqzrkwNWs8iR3FyiM4kfzqFdWN1lBnsL/vwE6AXWQq8x4+AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOiYCgpCsAEuGHu7nWLuvfx6v3F+MB8GA1UdIwQY
MBaAFDqS9dk2dSuvLQ33EymUmc7PqfSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTIt
MTY5NmIyNDZjZDUwLzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTItMTY5NmIyNDZjZDUw
LzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ7/3hL8o
GgN39giUvk3P8v7KeBKodol5j775C1UemOsqP2EC4cXd3bPkOgtsmIdDogyVGKst
iuvMJEF/agpn40+ReBY765y7oijb6dl/uTy1R0097I7Nv5feOePpbwo+KvoOKY7U
e4fvGt45WLBupdDe4FZTzGVYSyd9KGcY1SIb5ps/y8w+bJn/3KlEOm4jxxbuxLN1
KEl+F0MvSuscqw3EmQ0Crlbv/Ja14XfcOJ0v3t+obW4Rv2SKOD6znRGfOEcZiZQ0
Az0yz0EPdRsDLFq1KI1HZCYXyqDnxgykMj6Q2nuq+Jr/S5LHVvdDkxQNlXcRIaav
i1tFbCgIYx20xQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:17:37 2026 by rpki-client