Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
File: O-lZPSkOAlAninOzE1UDKTJ71Yk.mft (raw, json)
Hash identifier: g31wvzbkfFr7NR3v7ab+wHTsahixUUKGTAVDhyMEKlE=
Subject key identifier: B7:E6:D2:99:63:A3:E2:1F:03:BE:2F:CF:81:4A:16:28:97:72:42:63
Authority key identifier: 3B:E9:59:3D:29:0E:02:50:27:8A:73:B3:13:55:03:29:32:7B:D5:89
Certificate issuer: /CN=3be9593d290e0250278a73b313550329327bd589
Certificate serial: 019D992BB0C82FE3ED577645319DA4A5F97E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
Manifest number: 18C3
Signing time: Fri 17 Apr 2026 02:01:10 +0000
Manifest this update: Fri 17 Apr 2026 02:01:10 +0000
Manifest next update: Sat 18 Apr 2026 02:01:10 +0000
Files and hashes: 1: O-lZPSkOAlAninOzE1UDKTJ71Yk.crl (hash: wJxGZMTiwvwP8So5n0SyAD3V4fAP5onH5vd6+4UlO2k=)
2: ihgnIXHoUMYh-WaWeIPaPydWbUk.roa (hash: iBsCj7b0mjUZuRLfwoBEpzWhtX6/cZQAGCmkWVKeq/Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:2b:b0:c8:2f:e3:ed:57:76:45:31:9d:a4:a5:f9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3be9593d290e0250278a73b313550329327bd589
Validity
Not Before: Apr 17 02:01:10 2026 GMT
Not After : Apr 18 02:01:10 2026 GMT
Subject: CN=b7e6d29963a3e21f03be2fcf814a162897724263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6f:73:09:86:67:af:ad:3e:58:67:07:9c:ec:
8a:48:6a:32:39:14:53:2a:eb:4f:80:5b:ce:cf:4e:
a7:68:26:21:2d:f2:6e:a1:cf:4e:04:d6:d5:82:88:
79:cf:3a:94:d0:3f:60:7d:e1:18:e0:72:d5:b2:2b:
95:aa:f9:ee:37:92:d4:c1:19:be:c9:92:4a:8a:7c:
cd:67:e9:cf:43:e5:51:b0:a1:cd:9b:b2:f0:6b:b1:
31:03:f7:56:f4:61:c7:e1:0a:8c:d7:0b:67:3d:1e:
54:e1:70:42:6a:80:4f:0c:2f:29:da:39:2c:73:3e:
8d:eb:91:6f:f6:ae:96:9e:16:ed:8a:36:44:58:f9:
01:e0:02:e8:c3:d4:76:aa:ac:01:82:cf:62:e9:5b:
ed:a2:18:f5:30:d4:04:ca:2f:7b:e5:f0:7f:41:93:
5a:8a:ff:6e:b5:e7:ad:c9:59:93:3f:95:d3:c7:94:
e8:4c:39:df:ab:c7:e9:79:d0:ff:1a:ee:50:ae:7f:
e0:7a:8c:7e:34:c9:20:c2:42:81:8d:07:1d:ff:83:
90:4c:54:0c:bf:11:26:09:cf:32:31:aa:91:2b:81:
85:e1:cf:7f:b9:44:b0:47:db:65:7a:3e:12:e8:11:
14:44:aa:1a:62:3f:75:29:62:6d:16:66:f7:d2:64:
65:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:E6:D2:99:63:A3:E2:1F:03:BE:2F:CF:81:4A:16:28:97:72:42:63
X509v3 Authority Key Identifier:
keyid:3B:E9:59:3D:29:0E:02:50:27:8A:73:B3:13:55:03:29:32:7B:D5:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:94:bf:fb:28:81:e0:cf:1a:3a:4b:ec:5b:cb:c5:89:f8:61:
44:e2:9c:7b:0d:5c:54:c0:99:93:29:7a:7f:3c:7b:08:ce:bd:
4c:64:68:cd:d2:37:56:1c:af:4f:ed:fc:be:3b:51:5a:81:f3:
9b:4c:12:3a:57:ec:57:a1:a9:35:21:ac:3e:43:2d:a6:b2:7d:
68:48:9a:ff:65:35:6f:db:c5:96:4a:ab:71:b7:e0:63:58:39:
b9:10:89:b8:60:f3:e1:cb:02:00:58:f6:af:70:aa:84:6f:e9:
8e:6d:a3:db:cc:16:bd:f7:b2:91:16:69:ce:8e:15:16:56:9d:
b5:b6:7c:8f:81:0b:f2:46:4c:12:dd:cc:ad:29:e1:43:78:08:
f2:0c:66:bc:b1:ae:00:e9:3b:88:28:62:a2:b6:be:52:b6:d8:
d3:27:cf:da:24:e0:13:df:c2:08:4e:a3:27:b7:aa:c6:8f:a1:
c0:1e:2c:f2:66:72:1e:04:d9:4f:d2:ea:57:68:1a:a0:7f:88:
c9:05:f9:16:68:1e:b0:df:97:67:9b:69:c7:e2:ad:3c:ea:c2:
cb:fb:5c:a8:98:2d:cf:ce:ba:c4:92:95:fb:5a:49:d7:6c:c5:
e3:da:eb:de:fd:7d:a1:c6:9b:11:93:c5:51:c7:c0:c7:66:c7:
24:54:11:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK7DIL+PtV3ZFMZ2kpfl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZTk1OTNkMjkwZTAyNTAyNzhhNzNiMzEzNTUwMzI5MzI3
YmQ1ODkwHhcNMjYwNDE3MDIwMTEwWhcNMjYwNDE4MDIwMTEwWjAzMTEwLwYDVQQD
EyhiN2U2ZDI5OTYzYTNlMjFmMDNiZTJmY2Y4MTRhMTYyODk3NzI0MjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAym9zCYZnr60+WGcHnOyKSGoyORRT
KutPgFvOz06naCYhLfJuoc9OBNbVgoh5zzqU0D9gfeEY4HLVsiuVqvnuN5LUwRm+
yZJKinzNZ+nPQ+VRsKHNm7Lwa7ExA/dW9GHH4QqM1wtnPR5U4XBCaoBPDC8p2jks
cz6N65Fv9q6WnhbtijZEWPkB4ALow9R2qqwBgs9i6Vvtohj1MNQEyi975fB/QZNa
iv9uteetyVmTP5XTx5ToTDnfq8fpedD/Gu5Qrn/geox+NMkgwkKBjQcd/4OQTFQM
vxEmCc8yMaqRK4GF4c9/uUSwR9tlej4S6BEURKoaYj91KWJtFmb30mRlHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfm0pljo+IfA74vz4FKFiiXckJjMB8GA1UdIwQY
MBaAFDvpWT0pDgJQJ4pzsxNVAykye9WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS83NDRhNmUtZjNhMi00MGRkLWEwMmUt
NGVhYjA2MGYxNWZhLzEvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS83NDRhNmUtZjNhMi00MGRkLWEwMmUtNGVhYjA2MGYxNWZh
LzEvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFpS/+yiB
4M8aOkvsW8vFifhhROKcew1cVMCZkyl6fzx7CM69TGRozdI3VhyvT+38vjtRWoHz
m0wSOlfsV6GpNSGsPkMtprJ9aEia/2U1b9vFlkqrcbfgY1g5uRCJuGDz4csCAFj2
r3CqhG/pjm2j28wWvfeykRZpzo4VFladtbZ8j4EL8kZMEt3MrSnhQ3gI8gxmvLGu
AOk7iChiora+UrbY0yfP2iTgE9/CCE6jJ7eqxo+hwB4s8mZyHgTZT9LqV2gaoH+I
yQX5FmgesN+XZ5tpx+KtPOrCy/tcqJgtz866xJKV+1pJ12zF49rr3v19ocabEZPF
UcfAx2bHJFQRgA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:44:53 2026 by rpki-client