Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
File: OpL12TZ1K68tDfcTKZSZzs-p9I0.mft (raw, json)
Hash identifier: pRiFRpjvN7c4MnybQnksGkl3C1FTeo308PzySPPq9wM=
Subject key identifier: AA:B1:57:32:DC:42:73:0F:25:F6:4B:15:6A:D9:F8:93:AD:49:57:35
Authority key identifier: 3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
Certificate issuer: /CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Certificate serial: 019EC525B7E3A7FA7D1B9395033D2C72F2AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
Manifest number: 1963
Signing time: Sun 14 Jun 2026 08:00:43 +0000
Manifest this update: Sun 14 Jun 2026 08:00:43 +0000
Manifest next update: Mon 15 Jun 2026 08:00:43 +0000
Files and hashes: 1: LAK8MpI2c0abasjZoSw7_w7kgs4.roa (hash: clU497fVHM51q9eiZ1bT8jJiNXCByxpgSNSxbj5Sv9U=)
2: OpL12TZ1K68tDfcTKZSZzs-p9I0.crl (hash: 0/ammBmzmjX/HUCJS1XG6Ssvmg1CFeiq9SwVcwiGu5Q=)
3: jksHLXQsL8kIaSdyy1KKgItGkLM.roa (hash: SvVYKXT2yItHZ/QXEnN9YsWJ7pv9MmMOoAi6wKxSVaU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 15 Jun 2026 04:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c5:25:b7:e3:a7:fa:7d:1b:93:95:03:3d:2c:72:f2:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Validity
Not Before: Jun 14 08:00:43 2026 GMT
Not After : Jun 15 08:00:43 2026 GMT
Subject: CN=aab15732dc42730f25f64b156ad9f893ad495735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1a:4f:df:70:ea:65:27:dd:df:e4:54:87:b7:
48:aa:e6:76:5c:64:dd:9b:4c:34:46:00:60:ac:d6:
50:53:2b:00:87:87:84:b5:70:3b:23:47:56:cf:c6:
0e:f0:a1:d5:45:e7:b4:92:44:80:83:20:d3:07:6c:
3d:b0:22:88:2d:2b:b1:d1:a6:9a:09:2a:99:c1:5a:
29:38:c5:6d:73:15:bf:a1:b9:f9:0a:2f:3b:0a:bc:
0e:31:76:fd:7e:15:c2:63:bd:67:2e:08:d9:f6:b4:
4e:f3:44:de:8b:1e:00:73:f4:2b:79:ae:53:64:67:
be:2f:98:f4:30:70:81:d7:e2:18:f0:aa:79:5d:19:
e2:f2:b2:b5:97:cd:19:23:15:d0:7c:86:69:e1:91:
90:9e:70:02:01:fe:81:29:31:7f:08:8a:bd:77:4c:
8a:c7:e9:b4:03:c6:e8:68:e0:cb:77:21:7b:25:3f:
ee:fe:8c:25:42:67:fb:b3:01:4e:6d:bb:24:9f:42:
8a:b7:56:ca:3a:09:32:ea:be:fd:e4:ec:be:f2:0f:
55:4c:20:f0:cf:c5:91:9f:18:c3:2e:17:40:92:c8:
23:ac:60:88:e8:3a:95:54:47:7f:ca:65:d0:a0:45:
a8:b5:da:46:23:ac:69:1a:77:d6:c2:cd:6c:bd:21:
ff:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B1:57:32:DC:42:73:0F:25:F6:4B:15:6A:D9:F8:93:AD:49:57:35
X509v3 Authority Key Identifier:
keyid:3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:15:15:eb:f4:dd:06:d0:72:95:f2:31:57:6f:7d:62:d9:da:
3c:c5:e5:5b:73:33:ad:83:af:85:8e:e7:88:ce:ee:33:f3:84:
92:e2:44:c5:06:d3:5d:cf:6c:93:53:24:d8:a2:ba:49:03:6a:
94:8f:3e:48:20:6c:45:3d:d9:98:fc:8c:e9:fc:b4:06:9f:2f:
5e:94:7d:f3:6a:fb:a5:56:7a:f3:9d:a8:18:fa:f7:c4:3d:d8:
ff:80:f4:eb:1e:1f:e1:6a:04:7e:62:2d:97:d7:54:5c:45:1d:
3e:dc:22:b1:3a:97:72:50:c0:fd:be:b9:f8:64:24:2c:68:f9:
c5:f3:60:22:5b:23:11:da:31:2b:7f:7c:eb:07:03:d5:53:6e:
aa:18:2b:73:0b:5d:25:5e:83:e5:e2:a2:3d:61:22:94:84:cd:
15:74:05:72:24:77:85:8e:d9:7b:e8:51:44:24:63:76:fa:a5:
06:67:c9:12:54:0b:67:9b:15:a2:f2:d6:0e:84:21:80:bc:23:
d9:1f:47:c1:ce:cc:d0:78:a4:cd:74:10:4b:6d:c4:3f:01:a6:
fe:68:61:ff:b4:e0:44:f4:48:be:72:fc:20:4b:c0:62:99:dc:
13:c4:ad:c6:31:84:0a:9e:16:ed:d0:09:31:4f:df:8f:6c:e2:
5f:b0:02:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7FJbfjp/p9G5OVAz0scvKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTJmNWQ5MzY3NTJiYWYyZDBkZjcxMzI5OTQ5OWNlY2Zh
OWY0OGQwHhcNMjYwNjE0MDgwMDQzWhcNMjYwNjE1MDgwMDQzWjAzMTEwLwYDVQQD
EyhhYWIxNTczMmRjNDI3MzBmMjVmNjRiMTU2YWQ5Zjg5M2FkNDk1NzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RpP33DqZSfd3+RUh7dIquZ2XGTd
m0w0RgBgrNZQUysAh4eEtXA7I0dWz8YO8KHVRee0kkSAgyDTB2w9sCKILSux0aaa
CSqZwVopOMVtcxW/obn5Ci87CrwOMXb9fhXCY71nLgjZ9rRO80Teix4Ac/Qrea5T
ZGe+L5j0MHCB1+IY8Kp5XRni8rK1l80ZIxXQfIZp4ZGQnnACAf6BKTF/CIq9d0yK
x+m0A8boaODLdyF7JT/u/owlQmf7swFObbskn0KKt1bKOgky6r795Oy+8g9VTCDw
z8WRnxjDLhdAksgjrGCI6DqVVEd/ymXQoEWotdpGI6xpGnfWws1svSH/FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqxVzLcQnMPJfZLFWrZ+JOtSVc1MB8GA1UdIwQY
MBaAFDqS9dk2dSuvLQ33EymUmc7PqfSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTIt
MTY5NmIyNDZjZDUwLzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTItMTY5NmIyNDZjZDUw
LzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANhUV6/Td
BtBylfIxV299YtnaPMXlW3MzrYOvhY7niM7uM/OEkuJExQbTXc9sk1Mk2KK6SQNq
lI8+SCBsRT3ZmPyM6fy0Bp8vXpR982r7pVZ6852oGPr3xD3Y/4D06x4f4WoEfmIt
l9dUXEUdPtwisTqXclDA/b65+GQkLGj5xfNgIlsjEdoxK3986wcD1VNuqhgrcwtd
JV6D5eKiPWEilITNFXQFciR3hY7Ze+hRRCRjdvqlBmfJElQLZ5sVovLWDoQhgLwj
2R9Hwc7M0HikzXQQS23EPwGm/mhh/7TgRPRIvnL8IEvAYpncE8StxjGECp4W7dAJ
MU/fj2ziX7ACvw==
-----END CERTIFICATE-----
Generated at Sun Jun 14 11:11:29 2026 by rpki-client