Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
File: O-lZPSkOAlAninOzE1UDKTJ71Yk.mft (raw, json)
Hash identifier: My/DXK7FYxMAHG/ky0TZpSFrHxJSZXXTNW/UfmQQRjY=
Subject key identifier: 4E:3D:30:1B:03:C5:21:04:1B:49:C5:45:78:F8:36:D2:A7:85:3C:27
Authority key identifier: 3B:E9:59:3D:29:0E:02:50:27:8A:73:B3:13:55:03:29:32:7B:D5:89
Certificate issuer: /CN=3be9593d290e0250278a73b313550329327bd589
Certificate serial: 019CABA1D45DA9A505D54B2093EB7D94F9AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
Manifest number: 1848
Signing time: Sun 01 Mar 2026 23:00:35 +0000
Manifest this update: Sun 01 Mar 2026 23:00:35 +0000
Manifest next update: Mon 02 Mar 2026 23:00:35 +0000
Files and hashes: 1: O-lZPSkOAlAninOzE1UDKTJ71Yk.crl (hash: AwSUCz0GTw2SzB5GRdy0DBPzAzYI01/L1AHECCf33DQ=)
2: ihgnIXHoUMYh-WaWeIPaPydWbUk.roa (hash: iBsCj7b0mjUZuRLfwoBEpzWhtX6/cZQAGCmkWVKeq/Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a1:d4:5d:a9:a5:05:d5:4b:20:93:eb:7d:94:f9:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3be9593d290e0250278a73b313550329327bd589
Validity
Not Before: Mar 1 23:00:35 2026 GMT
Not After : Mar 2 23:00:35 2026 GMT
Subject: CN=4e3d301b03c521041b49c54578f836d2a7853c27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7d:b0:92:0e:b8:60:39:71:89:b5:8a:12:d4:
63:43:bf:79:a8:e7:8c:31:34:53:7c:9d:99:39:d2:
e4:fc:3c:64:cf:7e:bc:4f:92:32:79:66:e3:70:d1:
d4:23:80:4c:0b:98:f2:02:3c:e7:77:f8:8e:8a:08:
64:cb:c3:63:91:26:3a:1c:8c:64:52:91:e8:ad:05:
47:b9:6d:50:fb:74:8b:a8:b9:d4:f3:cc:6e:c2:98:
4b:29:bb:4b:3f:d0:07:77:75:8b:fc:21:36:8d:0c:
5b:c3:ca:6f:e9:47:34:10:e2:ce:53:45:8f:6f:ab:
09:83:b4:d5:e9:9d:c0:26:e7:f0:8e:7d:94:04:cd:
f0:0e:e3:c6:6f:af:ed:ab:b4:71:c6:97:30:79:eb:
f9:25:67:8a:12:b4:2b:e2:23:26:26:8a:70:c8:d4:
9e:89:53:f3:75:de:15:dc:38:51:20:3a:b6:bc:96:
a7:c3:2d:5e:30:a1:30:f9:60:ba:87:e4:b2:a7:3c:
4c:b6:e6:61:b0:60:65:50:16:f5:76:84:d0:22:1d:
04:be:de:89:97:56:1c:c7:59:ec:69:fb:83:9b:90:
00:80:de:50:86:a2:aa:b9:de:8f:91:1e:96:83:5d:
11:cc:0b:be:5c:61:32:f9:22:65:c5:a7:54:28:03:
7e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:3D:30:1B:03:C5:21:04:1B:49:C5:45:78:F8:36:D2:A7:85:3C:27
X509v3 Authority Key Identifier:
keyid:3B:E9:59:3D:29:0E:02:50:27:8A:73:B3:13:55:03:29:32:7B:D5:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:53:58:d6:9a:17:c7:b3:b7:f1:00:59:ea:3e:d9:79:54:bb:
e1:13:15:6f:db:8a:40:2a:6f:7d:93:6c:2a:7e:4e:92:07:6c:
fd:97:8e:30:17:9a:1e:78:9a:8d:a3:59:c5:77:73:00:f2:05:
d8:0f:ce:7e:4d:11:c3:13:ae:4d:a4:11:93:4e:2c:05:ec:ca:
fe:f2:47:57:dc:85:c8:12:43:30:c3:5b:b0:07:27:19:71:ba:
8d:75:5d:6b:c9:ba:84:f7:fa:cb:da:63:3e:56:0a:b9:6b:60:
79:d6:37:9c:f1:5a:79:2c:5b:48:b3:e6:a3:ab:6c:cb:b8:0f:
35:49:b3:c0:80:c2:7c:31:d1:ec:ed:0c:ca:d2:f4:62:be:b4:
b9:8b:a6:0c:e3:75:dc:bd:93:4f:09:4d:46:cc:69:0d:eb:6a:
fa:01:84:6a:30:73:69:ae:5a:b5:7c:f3:13:a5:88:df:8f:bc:
ce:c0:f3:6f:1d:f5:34:c5:26:7a:29:fe:8e:e6:f2:71:90:cd:
75:d6:b1:a5:77:d1:29:14:1e:15:30:b5:0b:69:e2:85:48:cb:
47:b0:61:08:78:b0:aa:33:18:c8:e8:3e:ff:8c:88:0e:46:48:
d2:ab:87:0a:3c:37:66:f5:32:35:e0:c6:3b:f3:c6:e7:ef:ee:
70:ac:b4:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrodRdqaUF1Usgk+t9lPmrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZTk1OTNkMjkwZTAyNTAyNzhhNzNiMzEzNTUwMzI5MzI3
YmQ1ODkwHhcNMjYwMzAxMjMwMDM1WhcNMjYwMzAyMjMwMDM1WjAzMTEwLwYDVQQD
Eyg0ZTNkMzAxYjAzYzUyMTA0MWI0OWM1NDU3OGY4MzZkMmE3ODUzYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX2wkg64YDlxibWKEtRjQ795qOeM
MTRTfJ2ZOdLk/Dxkz368T5IyeWbjcNHUI4BMC5jyAjznd/iOighky8NjkSY6HIxk
UpHorQVHuW1Q+3SLqLnU88xuwphLKbtLP9AHd3WL/CE2jQxbw8pv6Uc0EOLOU0WP
b6sJg7TV6Z3AJufwjn2UBM3wDuPGb6/tq7Rxxpcweev5JWeKErQr4iMmJopwyNSe
iVPzdd4V3DhRIDq2vJanwy1eMKEw+WC6h+SypzxMtuZhsGBlUBb1doTQIh0Evt6J
l1Ycx1nsafuDm5AAgN5QhqKqud6PkR6Wg10RzAu+XGEy+SJlxadUKAN+lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE49MBsDxSEEG0nFRXj4NtKnhTwnMB8GA1UdIwQY
MBaAFDvpWT0pDgJQJ4pzsxNVAykye9WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS83NDRhNmUtZjNhMi00MGRkLWEwMmUt
NGVhYjA2MGYxNWZhLzEvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS83NDRhNmUtZjNhMi00MGRkLWEwMmUtNGVhYjA2MGYxNWZh
LzEvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZFNY1poX
x7O38QBZ6j7ZeVS74RMVb9uKQCpvfZNsKn5Okgds/ZeOMBeaHniajaNZxXdzAPIF
2A/Ofk0RwxOuTaQRk04sBezK/vJHV9yFyBJDMMNbsAcnGXG6jXVda8m6hPf6y9pj
PlYKuWtgedY3nPFaeSxbSLPmo6tsy7gPNUmzwIDCfDHR7O0MytL0Yr60uYumDON1
3L2TTwlNRsxpDetq+gGEajBzaa5atXzzE6WI34+8zsDzbx31NMUmein+jubycZDN
ddaxpXfRKRQeFTC1C2nihUjLR7BhCHiwqjMYyOg+/4yIDkZI0quHCjw3ZvUyNeDG
O/PG5+/ucKy0Gg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:07:51 2026 by rpki-client