Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/2b5374-d405-4ff1-8563-026a7b654f88/1/OgcxihMUIz9WI8D4Nfrhj5EmQS8.mft
File: OgcxihMUIz9WI8D4Nfrhj5EmQS8.mft (raw, json)
Hash identifier: RAPg9PUSsBtBis4EYAr41R7J7gR8zu8J62swaU7fdT8=
Subject key identifier: E3:2F:6F:39:56:44:BC:4A:2D:7B:B3:F1:6E:50:38:72:B3:9F:16:74
Authority key identifier: 3A:07:31:8A:13:14:23:3F:56:23:C0:F8:35:FA:E1:8F:91:26:41:2F
Certificate issuer: /CN=3a07318a1314233f5623c0f835fae18f9126412f
Certificate serial: 019CAA8FAFF3D5150EE1B164203B887746EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgcxihMUIz9WI8D4Nfrhj5EmQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/2b5374-d405-4ff1-8563-026a7b654f88/1/OgcxihMUIz9WI8D4Nfrhj5EmQS8.mft
Manifest number: 0217
Signing time: Sun 01 Mar 2026 18:01:09 +0000
Manifest this update: Sun 01 Mar 2026 18:01:09 +0000
Manifest next update: Mon 02 Mar 2026 18:01:09 +0000
Files and hashes: 1: OgcxihMUIz9WI8D4Nfrhj5EmQS8.crl (hash: hmFlyAW23NV8qJE/gz+CmH0ZrpU0pzJxAia23FUT1iQ=)
2: rcu1nZGmL_S7ccczhF-sESIVSFg.roa (hash: bYUYTaJymdrEh9zrcfZKEG7i+z1i30upCc49kr4zBNw=)
3: wGPQkCyZBLF64nqCVCJB0ISUzBg.roa (hash: EYYn9hWCHtPsq8G1cxHiPJEhzM/YA2ywjRpNXuGftg8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/2b5374-d405-4ff1-8563-026a7b654f88/1/OgcxihMUIz9WI8D4Nfrhj5EmQS8.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/2b5374-d405-4ff1-8563-026a7b654f88/1/OgcxihMUIz9WI8D4Nfrhj5EmQS8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OgcxihMUIz9WI8D4Nfrhj5EmQS8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:af:f3:d5:15:0e:e1:b1:64:20:3b:88:77:46:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a07318a1314233f5623c0f835fae18f9126412f
Validity
Not Before: Mar 1 18:01:09 2026 GMT
Not After : Mar 2 18:01:09 2026 GMT
Subject: CN=e32f6f395644bc4a2d7bb3f16e503872b39f1674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bf:3e:22:aa:93:f5:8c:a3:03:ca:08:46:dc:
09:74:b9:ff:0b:cb:1b:6e:6c:9e:7f:fa:cb:88:cd:
f8:7a:02:6f:53:a4:88:85:fa:80:fb:d4:01:d7:25:
f9:6c:4a:14:2e:d2:c6:4a:0c:eb:c3:f4:7c:90:09:
1a:0b:c5:37:d1:cf:ec:97:d8:4a:6b:08:15:17:5a:
b2:d2:af:0a:49:5e:3a:e4:6f:9c:11:f9:0b:47:df:
a2:0d:4a:30:08:12:b7:b5:31:e3:67:e3:73:b4:7a:
11:16:ba:a1:64:bd:8a:d0:cc:7f:18:03:12:cc:59:
84:8c:a2:e6:20:83:0a:81:54:0a:f5:49:ad:85:ef:
94:75:ac:40:f1:9f:37:4e:be:b6:b6:78:02:c6:ae:
6f:96:ee:2c:cf:25:8f:84:9b:9b:dd:8a:7c:c3:76:
aa:18:42:79:9c:2b:a4:c9:87:6d:0e:01:ee:90:99:
51:4b:df:c0:c3:61:c7:f2:ff:b6:47:41:7d:69:9f:
f4:4d:fd:ee:8c:43:12:e3:0a:87:dd:2d:2d:2b:f7:
d6:0f:58:16:8a:06:b5:70:05:60:19:91:16:44:13:
8f:46:d9:6c:b9:77:44:55:21:11:5a:5c:6d:2a:ca:
64:e0:ae:f2:f1:b4:3e:e2:20:8e:86:ef:ca:dc:8d:
af:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:2F:6F:39:56:44:BC:4A:2D:7B:B3:F1:6E:50:38:72:B3:9F:16:74
X509v3 Authority Key Identifier:
keyid:3A:07:31:8A:13:14:23:3F:56:23:C0:F8:35:FA:E1:8F:91:26:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgcxihMUIz9WI8D4Nfrhj5EmQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/2b5374-d405-4ff1-8563-026a7b654f88/1/OgcxihMUIz9WI8D4Nfrhj5EmQS8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/2b5374-d405-4ff1-8563-026a7b654f88/1/OgcxihMUIz9WI8D4Nfrhj5EmQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:a0:8b:7f:83:cf:29:86:57:5f:c1:b6:aa:f5:45:76:25:9e:
8c:26:50:ab:1d:f0:fd:7e:04:82:60:31:67:99:38:fc:31:7f:
2e:ac:24:87:ae:63:ca:8c:b6:98:73:64:6e:89:18:b7:5f:04:
cf:10:d9:2f:6a:fd:ee:05:e7:51:94:3e:91:ac:94:9f:73:08:
62:b8:75:54:9f:7f:45:37:7a:cb:52:4b:b7:48:91:04:90:99:
41:a9:f3:a7:d1:d0:0e:f5:c5:e0:20:a8:eb:5f:08:1e:db:31:
f6:ca:fd:4c:ab:18:16:3a:bd:49:d6:b0:a1:8e:31:ac:59:ea:
95:ea:83:0c:26:c6:e5:99:a6:92:1e:20:7c:ac:e7:03:00:80:
03:be:e6:6d:ad:9d:bf:a9:7c:80:2e:78:90:06:bb:0e:63:ec:
8e:b9:6e:ef:72:79:51:79:d7:7c:8f:2a:f9:87:a5:ec:36:ac:
87:80:81:a2:02:73:02:57:bd:d6:6c:f3:71:e3:6d:32:0f:c5:
8f:24:d3:bd:83:79:cb:ff:f8:46:44:7b:d3:d5:f6:b6:e4:67:
26:a6:a2:b7:fa:5d:69:72:86:67:03:86:9f:bb:7b:b9:e9:d3:
46:10:d5:8b:0d:e7:cc:5e:14:6c:86:0b:53:ec:29:d0:fa:f8:
84:03:aa:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj6/z1RUO4bFkIDuId0bvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDczMThhMTMxNDIzM2Y1NjIzYzBmODM1ZmFlMThmOTEy
NjQxMmYwHhcNMjYwMzAxMTgwMTA5WhcNMjYwMzAyMTgwMTA5WjAzMTEwLwYDVQQD
EyhlMzJmNmYzOTU2NDRiYzRhMmQ3YmIzZjE2ZTUwMzg3MmIzOWYxNjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir8+IqqT9YyjA8oIRtwJdLn/C8sb
bmyef/rLiM34egJvU6SIhfqA+9QB1yX5bEoULtLGSgzrw/R8kAkaC8U30c/sl9hK
awgVF1qy0q8KSV465G+cEfkLR9+iDUowCBK3tTHjZ+NztHoRFrqhZL2K0Mx/GAMS
zFmEjKLmIIMKgVQK9Umthe+UdaxA8Z83Tr62tngCxq5vlu4szyWPhJub3Yp8w3aq
GEJ5nCukyYdtDgHukJlRS9/Aw2HH8v+2R0F9aZ/0Tf3ujEMS4wqH3S0tK/fWD1gW
iga1cAVgGZEWRBOPRtlsuXdEVSERWlxtKspk4K7y8bQ+4iCOhu/K3I2v9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOMvbzlWRLxKLXuz8W5QOHKznxZ0MB8GA1UdIwQY
MBaAFDoHMYoTFCM/ViPA+DX64Y+RJkEvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2djeGloTVVJejlXSThENE5mcmhqNUVtUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8yYjUzNzQtZDQwNS00ZmYxLTg1NjMt
MDI2YTdiNjU0Zjg4LzEvT2djeGloTVVJejlXSThENE5mcmhqNUVtUVM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8yYjUzNzQtZDQwNS00ZmYxLTg1NjMtMDI2YTdiNjU0Zjg4
LzEvT2djeGloTVVJejlXSThENE5mcmhqNUVtUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgaCLf4PP
KYZXX8G2qvVFdiWejCZQqx3w/X4EgmAxZ5k4/DF/Lqwkh65jyoy2mHNkbokYt18E
zxDZL2r97gXnUZQ+kayUn3MIYrh1VJ9/RTd6y1JLt0iRBJCZQanzp9HQDvXF4CCo
618IHtsx9sr9TKsYFjq9SdawoY4xrFnqleqDDCbG5Zmmkh4gfKznAwCAA77mba2d
v6l8gC54kAa7DmPsjrlu73J5UXnXfI8q+Yel7Dash4CBogJzAle91mzzceNtMg/F
jyTTvYN5y//4RkR709X2tuRnJqait/pdaXKGZwOGn7t7uenTRhDViw3nzF4UbIYL
U+wp0Pr4hAOqag==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:51:10 2026 by rpki-client