Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
File: OTioGkQSd0HZSaNVpH88tZk4mng.mft (raw, json)
Hash identifier: YxYhIRzhwXgEYutQEl66rUdiThX6TObKeTuStgaasdo=
Subject key identifier: 66:40:C5:BC:69:A3:EB:55:95:7A:1C:97:CB:A1:39:53:0F:B3:2F:83
Authority key identifier: 39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78
Certificate issuer: /CN=3938a81a44127741d949a355a47f3cb599389a78
Certificate serial: 019CABD9A825FC4347BA8765EB2A7025DC69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
Manifest number: 129A
Signing time: Mon 02 Mar 2026 00:01:34 +0000
Manifest this update: Mon 02 Mar 2026 00:01:34 +0000
Manifest next update: Tue 03 Mar 2026 00:01:34 +0000
Files and hashes: 1: 0U-cjSx-vbFV-NT594PYA8nArLg.roa (hash: HUb+G3KOFlBU9/9PngolZEI4Hx103lYxj0RKTkVEA0w=)
2: OTioGkQSd0HZSaNVpH88tZk4mng.crl (hash: uMIKyMMKwPRBAIl+DMITJoTdsxoWrGpSQLJ8dmNfg74=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:a8:25:fc:43:47:ba:87:65:eb:2a:70:25:dc:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3938a81a44127741d949a355a47f3cb599389a78
Validity
Not Before: Mar 2 00:01:34 2026 GMT
Not After : Mar 3 00:01:34 2026 GMT
Subject: CN=6640c5bc69a3eb55957a1c97cba139530fb32f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:44:a9:c6:c4:57:b8:59:e6:c3:58:3e:61:7c:
37:7f:e8:52:01:37:5e:5b:08:f3:d7:9a:64:10:8d:
69:2b:b6:89:2f:68:d1:28:43:72:a3:24:d2:85:98:
8a:95:1f:44:cf:1b:40:5d:a5:20:5a:97:1e:a5:08:
cc:d7:eb:b5:a4:3f:9c:62:01:4e:51:b3:ae:7a:23:
92:00:42:02:2d:da:d7:88:f6:ee:bc:f3:4d:fc:c2:
6a:09:44:55:3b:32:c9:7a:5b:76:ed:d1:9f:54:07:
b9:aa:9e:57:e2:b6:4a:c1:d3:47:fb:68:1b:09:92:
d0:e9:80:c0:bd:81:9e:57:24:cd:9b:ee:71:29:21:
8a:c9:44:12:e3:c1:57:b5:eb:8c:99:a1:36:ad:1b:
31:92:aa:93:0d:13:0a:52:b0:d8:89:48:05:ab:dc:
f4:05:ea:7d:1c:00:51:39:dc:91:a8:98:cf:54:d4:
d0:95:2e:75:ba:d6:bb:a8:63:40:6c:b8:bb:0a:87:
7a:18:93:ee:45:2a:20:f9:d2:95:08:a9:f1:94:7e:
34:92:da:29:3b:52:89:69:d7:ff:69:f4:40:e3:c2:
64:34:2c:66:52:5e:af:92:bf:cf:ac:a4:91:0f:9c:
00:6b:36:41:73:0d:db:c9:ed:1b:82:d4:5a:cd:8e:
bf:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:40:C5:BC:69:A3:EB:55:95:7A:1C:97:CB:A1:39:53:0F:B3:2F:83
X509v3 Authority Key Identifier:
keyid:39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:e4:ec:c9:25:42:7b:8f:a7:03:34:e9:bd:6e:63:4b:da:16:
bd:2e:22:d8:77:9e:63:20:2e:91:a4:ea:96:f0:84:53:a1:18:
2a:9e:fc:35:78:c4:51:2c:60:51:a2:9a:a2:d0:52:04:54:db:
52:34:a8:c0:2f:c2:7d:db:aa:65:93:98:10:cb:c5:de:cc:03:
e7:37:1e:02:6a:55:01:3b:a3:fc:77:ee:45:b8:77:58:15:68:
ff:df:05:da:79:bd:83:32:20:3f:0e:76:4d:66:54:aa:1b:34:
0e:be:6c:c7:a0:bb:c7:b0:54:f4:72:9e:22:e7:b8:e1:16:4b:
ed:9d:21:41:a0:f9:aa:72:14:23:cd:2d:05:88:da:2c:02:c2:
16:4d:2c:fa:59:ba:26:24:11:33:52:f8:36:22:28:4d:42:d5:
7b:a8:be:83:68:af:50:02:7c:8b:8b:de:eb:02:23:93:61:82:
57:44:64:26:90:11:b4:5c:4c:77:64:97:63:b0:a6:bb:de:fe:
0f:17:60:1c:d8:fa:4f:13:5b:75:7b:ff:c7:0f:8b:a8:29:43:
77:9d:8a:fa:a3:03:02:cd:a6:d6:71:24:42:50:b3:dd:c7:b7:
be:36:66:4e:ab:6c:c8:02:da:9b:72:40:1e:bb:57:e1:e9:06:
fd:8d:bf:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2agl/ENHuodl6ypwJdxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzhhODFhNDQxMjc3NDFkOTQ5YTM1NWE0N2YzY2I1OTkz
ODlhNzgwHhcNMjYwMzAyMDAwMTM0WhcNMjYwMzAzMDAwMTM0WjAzMTEwLwYDVQQD
Eyg2NjQwYzViYzY5YTNlYjU1OTU3YTFjOTdjYmExMzk1MzBmYjMyZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0SpxsRXuFnmw1g+YXw3f+hSATde
Wwjz15pkEI1pK7aJL2jRKENyoyTShZiKlR9EzxtAXaUgWpcepQjM1+u1pD+cYgFO
UbOueiOSAEICLdrXiPbuvPNN/MJqCURVOzLJelt27dGfVAe5qp5X4rZKwdNH+2gb
CZLQ6YDAvYGeVyTNm+5xKSGKyUQS48FXteuMmaE2rRsxkqqTDRMKUrDYiUgFq9z0
Bep9HABROdyRqJjPVNTQlS51uta7qGNAbLi7Cod6GJPuRSog+dKVCKnxlH40ktop
O1KJadf/afRA48JkNCxmUl6vkr/PrKSRD5wAazZBcw3bye0bgtRazY6/9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZAxbxpo+tVlXocl8uhOVMPsy+DMB8GA1UdIwQY
MBaAFDk4qBpEEndB2UmjVaR/PLWZOJp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGIt
ZmQyMTRjYWNmYjYyLzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGItZmQyMTRjYWNmYjYy
LzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASOTsySVC
e4+nAzTpvW5jS9oWvS4i2HeeYyAukaTqlvCEU6EYKp78NXjEUSxgUaKaotBSBFTb
UjSowC/CfduqZZOYEMvF3swD5zceAmpVATuj/HfuRbh3WBVo/98F2nm9gzIgPw52
TWZUqhs0Dr5sx6C7x7BU9HKeIue44RZL7Z0hQaD5qnIUI80tBYjaLALCFk0s+lm6
JiQRM1L4NiIoTULVe6i+g2ivUAJ8i4ve6wIjk2GCV0RkJpARtFxMd2SXY7Cmu97+
DxdgHNj6TxNbdXv/xw+LqClDd52K+qMDAs2m1nEkQlCz3ce3vjZmTqtsyALam3JA
HrtX4ekG/Y2/uA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:39:53 2026 by rpki-client