Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
File: OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json)
Hash identifier: DmjHeHNt+ckg3m0gPcdtkw32LnFrw9rb+brWri2irDg=
Subject key identifier: A0:62:1C:13:0B:85:87:FD:7C:1B:10:3C:6A:87:57:3A:4A:BE:78:25
Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
Certificate issuer: /CN=389c030036756ab8cdac922b1af237bce1367ce0
Certificate serial: 019CAB33FB39A986F8ED58A85D7A6E7E9883
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
Manifest number: 1844
Signing time: Sun 01 Mar 2026 21:00:36 +0000
Manifest this update: Sun 01 Mar 2026 21:00:36 +0000
Manifest next update: Mon 02 Mar 2026 21:00:36 +0000
Files and hashes: 1: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: TqCKI8QEo5m13DTTCZLtEtfOsZ8+ImsySak9+tEguwg=)
2: UDNnbwScWIceduT3mK8HBVvLzOg.roa (hash: vhtxGUgVNJ9daTmq66lTJXKGFzwiSTw9nac1gcWaxBE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:33:fb:39:a9:86:f8:ed:58:a8:5d:7a:6e:7e:98:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0
Validity
Not Before: Mar 1 21:00:36 2026 GMT
Not After : Mar 2 21:00:36 2026 GMT
Subject: CN=a0621c130b8587fd7c1b103c6a87573a4abe7825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8b:ca:3f:20:c0:49:89:2e:6e:cc:62:a8:31:
9d:55:4f:2e:eb:d4:dd:b1:09:a9:6c:e4:bb:59:27:
5e:2d:e0:16:8a:89:d4:85:10:8b:59:c1:8f:38:93:
70:aa:21:fb:f9:f9:f7:cd:a0:98:25:99:2d:0e:d0:
c5:03:0d:75:a3:0d:76:b3:e0:e0:c4:6c:32:df:71:
76:8c:5f:0c:d9:f8:54:ed:80:94:6e:22:fc:41:10:
45:17:fa:95:39:7d:48:ff:28:71:be:de:e4:9c:39:
20:34:5b:d9:06:4e:61:85:c8:cf:a0:7a:22:00:5e:
4c:df:f1:db:37:d5:35:be:a9:20:99:71:da:f3:bb:
a1:ee:9d:bb:08:06:4f:c1:b8:92:dc:1e:b3:52:04:
b9:2f:1c:a4:9a:39:a4:ba:ab:35:21:63:ff:e8:b6:
3c:81:bf:47:cd:89:cf:a0:25:3d:c3:2a:aa:e0:92:
e6:8e:3e:22:5d:19:02:df:8c:51:03:9d:d0:96:77:
38:d1:87:4d:91:c4:9f:90:9f:87:3a:47:23:2d:17:
57:c8:34:e1:1f:6e:e7:48:74:67:c4:7d:22:ba:49:
33:2a:d0:3d:75:ed:19:c2:d6:0c:96:40:e8:24:cc:
95:2e:09:3a:d0:7f:2b:98:18:29:c3:80:60:76:91:
90:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:62:1C:13:0B:85:87:FD:7C:1B:10:3C:6A:87:57:3A:4A:BE:78:25
X509v3 Authority Key Identifier:
keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:5a:a8:b7:11:83:ac:d2:e4:c4:17:df:77:96:de:f6:18:72:
42:ac:22:05:33:dc:59:50:95:2c:52:c4:84:5e:e1:5b:ca:c0:
6c:82:39:b3:20:9f:03:ed:05:47:5a:f3:50:1e:fe:73:cf:7b:
4c:64:f0:99:2a:a9:da:76:e4:7b:ac:9f:15:59:7e:8e:d8:42:
26:9c:57:25:41:15:3a:62:dd:bb:ea:d2:59:b5:bc:8b:1a:86:
61:7d:af:ad:86:27:2b:33:e9:92:0c:19:1d:b2:65:c9:37:50:
a6:a1:b4:0b:ea:fa:31:de:5b:4d:c5:66:3c:1a:e9:83:ec:7e:
a3:d7:93:0c:be:9a:44:e4:2f:30:89:a4:f2:1d:7d:16:eb:ed:
ff:84:30:b2:c2:0d:86:e6:fb:cb:bc:35:b9:20:68:a9:49:56:
40:28:7d:2c:5c:c6:df:1a:02:c7:3c:71:b5:d2:c7:b0:e7:f6:
1d:01:c3:bb:90:c8:b7:64:aa:cb:c6:5a:5f:a0:d5:53:89:f0:
36:f3:c1:7a:43:11:31:ab:f9:61:b1:b8:2a:c5:53:36:e5:78:
06:c7:af:9d:78:67:91:e5:24:e3:80:35:07:69:31:cc:c4:85:
a0:99:ff:79:66:fc:2e:20:a9:96:59:67:b9:f4:b5:d0:66:ad:
dc:80:20:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrM/s5qYb47VioXXpufpiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz
NjdjZTAwHhcNMjYwMzAxMjEwMDM2WhcNMjYwMzAyMjEwMDM2WjAzMTEwLwYDVQQD
EyhhMDYyMWMxMzBiODU4N2ZkN2MxYjEwM2M2YTg3NTczYTRhYmU3ODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIvKPyDASYkubsxiqDGdVU8u69Td
sQmpbOS7WSdeLeAWionUhRCLWcGPOJNwqiH7+fn3zaCYJZktDtDFAw11ow12s+Dg
xGwy33F2jF8M2fhU7YCUbiL8QRBFF/qVOX1I/yhxvt7knDkgNFvZBk5hhcjPoHoi
AF5M3/HbN9U1vqkgmXHa87uh7p27CAZPwbiS3B6zUgS5Lxykmjmkuqs1IWP/6LY8
gb9HzYnPoCU9wyqq4JLmjj4iXRkC34xRA53Qlnc40YdNkcSfkJ+HOkcjLRdXyDTh
H27nSHRnxH0iukkzKtA9de0ZwtYMlkDoJMyVLgk60H8rmBgpw4BgdpGQWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKBiHBMLhYf9fBsQPGqHVzpKvnglMB8GA1UdIwQY
MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt
NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0
LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV1qotxGD
rNLkxBffd5be9hhyQqwiBTPcWVCVLFLEhF7hW8rAbII5syCfA+0FR1rzUB7+c897
TGTwmSqp2nbke6yfFVl+jthCJpxXJUEVOmLdu+rSWbW8ixqGYX2vrYYnKzPpkgwZ
HbJlyTdQpqG0C+r6Md5bTcVmPBrpg+x+o9eTDL6aROQvMImk8h19Fuvt/4QwssIN
hub7y7w1uSBoqUlWQCh9LFzG3xoCxzxxtdLHsOf2HQHDu5DIt2Sqy8ZaX6DVU4nw
NvPBekMRMav5YbG4KsVTNuV4BsevnXhnkeUk44A1B2kxzMSFoJn/eWb8LiCpllln
ufS10Gat3IAgYw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:40:11 2026 by rpki-client