Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
File: oKrlhQo22yiCKmwa_F_6z_AH7vI.mft (raw, json)
Hash identifier: I8Xe1Km1lzvmKXzkIoGnqvEbBMt2CmPK34SXnKcPb+w=
Subject key identifier: C9:08:51:59:29:6E:9E:7F:50:C7:02:00:C4:7B:0A:A2:BF:F4:2C:68
Authority key identifier: A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2
Certificate issuer: /CN=a0aae5850a36db28822a6c1afc5ffacff007eef2
Certificate serial: 019CAA21664F452AA1E71B3EB81526E58A9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
Manifest number: 0B3C
Signing time: Sun 01 Mar 2026 16:00:41 +0000
Manifest this update: Sun 01 Mar 2026 16:00:41 +0000
Manifest next update: Mon 02 Mar 2026 16:00:41 +0000
Files and hashes: 1: A2RZ0gbyKC5gzoQeKin0HSE-ZqQ.roa (hash: GGeYGfyoQGlOlTO2uMYQdKl/MdtFY8veEw/Zc71doVs=)
2: oKrlhQo22yiCKmwa_F_6z_AH7vI.crl (hash: WycpcT/iFSeUnKctwOnGFo60FkiMfYXc5gG5g3BSwcU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:21:66:4f:45:2a:a1:e7:1b:3e:b8:15:26:e5:8a:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0aae5850a36db28822a6c1afc5ffacff007eef2
Validity
Not Before: Mar 1 16:00:41 2026 GMT
Not After : Mar 2 16:00:41 2026 GMT
Subject: CN=c9085159296e9e7f50c70200c47b0aa2bff42c68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d2:17:e5:60:a0:ff:94:91:13:e0:1b:0b:87:
17:72:0b:82:3d:43:2f:45:73:03:05:f4:d9:bc:88:
28:02:4a:69:b1:73:6e:d4:3c:e0:a6:78:bc:57:9f:
1b:11:bf:60:47:e0:d9:23:1d:9d:1c:61:a9:01:d4:
be:f6:20:66:22:5f:b1:2f:17:49:c7:34:bd:24:82:
7d:11:f1:e6:99:da:d4:b1:57:de:ac:5f:dd:39:f3:
3d:7f:d2:a2:5e:7d:b9:14:3e:2d:79:dd:d1:87:db:
26:94:09:13:de:09:a3:07:f4:45:23:b2:a6:ca:52:
40:e3:0e:9f:8e:70:8b:f6:9e:3b:00:11:c6:93:96:
da:61:db:77:31:70:89:73:30:f8:ac:4c:31:cc:43:
b6:6c:a3:1e:d3:8c:cf:34:e9:65:31:46:0b:f6:46:
f7:84:ea:a9:cc:f8:27:4f:62:6d:8d:c6:ad:ce:15:
2a:77:b6:17:04:4a:3e:52:7a:43:10:36:e8:bf:06:
84:da:79:4e:d9:72:dd:02:4a:9b:46:66:54:56:7f:
2b:68:a9:9d:68:c7:8d:9b:fe:c5:4b:e4:73:a6:1d:
8c:7d:98:57:a9:a4:c0:e8:37:73:c6:4f:95:1e:67:
53:11:13:93:8b:a1:f9:1b:33:a0:9a:45:3d:3b:6c:
b7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:08:51:59:29:6E:9E:7F:50:C7:02:00:C4:7B:0A:A2:BF:F4:2C:68
X509v3 Authority Key Identifier:
keyid:A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:50:7a:56:b1:db:29:83:78:85:73:8e:4d:38:56:fb:bc:4d:
56:de:eb:9f:21:23:ce:d7:11:a2:d1:0e:a8:91:21:85:9b:22:
5a:10:30:c2:57:18:0b:1a:2a:2d:29:c1:f1:8e:68:bb:fa:0c:
3e:65:2f:ac:c4:1d:70:f6:99:05:f8:db:a8:e1:b4:8f:19:57:
8f:db:ab:3e:16:65:10:c0:d1:f7:5a:38:4b:9d:1d:fc:41:b8:
81:f6:7a:f8:6a:62:54:22:72:95:c5:27:ab:ae:9f:94:81:06:
bd:f5:c2:be:82:fc:7c:23:7b:ef:94:2a:4f:d1:a4:d9:a3:b8:
f8:af:40:5f:6a:11:2e:74:29:c1:50:97:bf:c0:41:7f:97:ec:
bd:93:ea:66:29:f8:7c:82:99:c1:38:af:68:da:01:6e:59:9a:
35:80:58:47:79:d3:fa:5b:27:3a:01:ec:92:ca:74:4e:a8:4f:
25:6a:55:bd:74:3b:f5:f2:14:e9:e8:39:4b:98:d4:05:76:af:
74:b4:f2:c6:11:4e:c9:ae:8f:85:3f:8c:08:07:b0:1f:c7:91:
e1:14:4d:41:c5:2f:97:f1:72:69:a6:5e:86:8b:18:cb:a0:d4:
61:53:2e:68:c9:54:13:67:38:b6:77:6d:73:66:6f:03:9a:70:
07:c8:03:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIWZPRSqh5xs+uBUm5YqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYWFlNTg1MGEzNmRiMjg4MjJhNmMxYWZjNWZmYWNmZjAw
N2VlZjIwHhcNMjYwMzAxMTYwMDQxWhcNMjYwMzAyMTYwMDQxWjAzMTEwLwYDVQQD
EyhjOTA4NTE1OTI5NmU5ZTdmNTBjNzAyMDBjNDdiMGFhMmJmZjQyYzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutIX5WCg/5SRE+AbC4cXcguCPUMv
RXMDBfTZvIgoAkppsXNu1Dzgpni8V58bEb9gR+DZIx2dHGGpAdS+9iBmIl+xLxdJ
xzS9JIJ9EfHmmdrUsVferF/dOfM9f9KiXn25FD4ted3Rh9smlAkT3gmjB/RFI7Km
ylJA4w6fjnCL9p47ABHGk5baYdt3MXCJczD4rEwxzEO2bKMe04zPNOllMUYL9kb3
hOqpzPgnT2JtjcatzhUqd7YXBEo+UnpDEDbovwaE2nlO2XLdAkqbRmZUVn8raKmd
aMeNm/7FS+Rzph2MfZhXqaTA6Ddzxk+VHmdTEROTi6H5GzOgmkU9O2y3UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkIUVkpbp5/UMcCAMR7CqK/9CxoMB8GA1UdIwQY
MBaAFKCq5YUKNtsogipsGvxf+s/wB+7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODIt
MjgxOWU0YzVmMTIzLzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODItMjgxOWU0YzVmMTIz
LzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhVB6VrHb
KYN4hXOOTThW+7xNVt7rnyEjztcRotEOqJEhhZsiWhAwwlcYCxoqLSnB8Y5ou/oM
PmUvrMQdcPaZBfjbqOG0jxlXj9urPhZlEMDR91o4S50d/EG4gfZ6+GpiVCJylcUn
q66flIEGvfXCvoL8fCN775QqT9Gk2aO4+K9AX2oRLnQpwVCXv8BBf5fsvZPqZin4
fIKZwTivaNoBblmaNYBYR3nT+lsnOgHsksp0TqhPJWpVvXQ79fIU6eg5S5jUBXav
dLTyxhFOya6PhT+MCAewH8eR4RRNQcUvl/FyaaZehosYy6DUYVMuaMlUE2c4tndt
c2ZvA5pwB8gDMw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:16:22 2026 by rpki-client