Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft
File: OpNtLymObP1WYEVz0e-eDoKZtSk.mft (raw, json)
Hash identifier: nvasIoBnihgzYJhV/E5oSas6e3cg4XsnETdaWSJl2Sk=
Subject key identifier: 29:8B:48:EB:15:AA:F6:3F:BB:71:2C:A3:F6:D4:A2:9D:A3:33:45:41
Authority key identifier: 3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29
Certificate issuer: /CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
Certificate serial: 019D97AB3D0ACCEFFF8EC6D3669AF3BA66E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft
Manifest number: 1185
Signing time: Thu 16 Apr 2026 19:01:14 +0000
Manifest this update: Thu 16 Apr 2026 19:01:14 +0000
Manifest next update: Fri 17 Apr 2026 19:01:14 +0000
Files and hashes: 1: OpNtLymObP1WYEVz0e-eDoKZtSk.crl (hash: vTh3YlIDa9lBXSkM4n7cOkdkya8CaZPpDihe1LkJI+M=)
2: e4qPjYtVZNjFgNgoQb6aifisJTs.roa (hash: 1M+oNLSG3cS6v1C1UyKbtqc0oXSkYgVWMgvB/761VUE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:ab:3d:0a:cc:ef:ff:8e:c6:d3:66:9a:f3:ba:66:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
Validity
Not Before: Apr 16 19:01:14 2026 GMT
Not After : Apr 17 19:01:14 2026 GMT
Subject: CN=298b48eb15aaf63fbb712ca3f6d4a29da3334541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f9:ec:ea:e0:06:a2:c9:a1:ac:4a:ea:d4:87:
29:5f:2c:48:37:e7:3a:58:73:ac:3a:07:eb:cd:3a:
9a:94:b5:40:e2:17:f0:57:81:ed:e5:19:96:b0:08:
19:db:b4:76:2a:94:a4:4d:c5:be:48:87:d6:af:4b:
83:f8:69:18:e3:b1:28:a6:74:a8:3b:60:af:ee:8c:
d7:99:db:70:44:db:7b:c9:7c:c1:84:ae:d8:f2:f5:
eb:f2:9a:c9:3a:ce:7f:39:44:d5:d1:a2:8c:87:de:
52:94:16:f4:74:2c:89:4b:2d:8d:f2:11:eb:e7:37:
46:1c:b8:80:e2:c1:a8:48:48:ca:99:45:9d:9b:26:
2a:54:7a:e0:5a:54:c5:d3:26:db:2d:4e:3e:79:43:
26:90:b9:74:01:ae:57:ee:5c:84:83:7e:91:30:fb:
fb:1b:e5:3f:57:89:8a:3c:6b:7b:ee:e2:66:7a:41:
78:7b:c2:83:22:9f:71:21:5b:27:90:ed:16:cf:9f:
47:3a:1a:a1:87:fe:b1:c2:3f:33:7d:97:d8:63:ec:
ea:0a:16:aa:e6:5b:fb:ee:2a:f5:7b:dd:41:93:97:
90:cd:98:af:82:e2:71:f3:a5:0f:cc:a7:03:53:c3:
dc:84:2e:80:ad:5f:16:6b:e1:07:e8:4f:ef:7f:1e:
06:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:8B:48:EB:15:AA:F6:3F:BB:71:2C:A3:F6:D4:A2:9D:A3:33:45:41
X509v3 Authority Key Identifier:
keyid:3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:21:c8:f7:5b:e0:38:10:38:89:0a:f1:84:e1:ba:95:67:2b:
a2:0d:32:68:b6:fe:1b:9f:87:82:34:a4:ad:30:62:65:30:12:
d8:94:56:ab:9f:92:49:a6:d5:d2:78:2e:a3:d6:84:bd:13:5a:
6e:ff:20:b3:13:52:80:a9:5b:f3:5e:f7:6d:53:93:aa:37:1e:
dd:39:ed:57:29:8d:92:2a:e5:03:77:be:44:d5:e8:d9:f9:ca:
45:42:b6:40:11:2e:76:04:5d:81:4d:c9:68:3d:fd:21:82:4a:
33:25:59:57:5d:7c:65:6d:15:6d:95:62:9a:3b:ac:3a:36:38:
3e:97:5b:55:db:53:46:fe:e3:b2:ef:e6:39:b3:44:1f:84:48:
76:a6:8e:78:c4:3c:e3:9b:04:6f:18:e7:8c:bc:80:1b:78:77:
9e:4f:d3:cd:59:5e:45:5d:f0:85:ba:99:d3:b9:19:67:85:10:
1c:12:c1:71:1d:45:3f:4c:d2:87:a8:65:f5:79:68:95:1b:1b:
e9:c3:c6:f0:9a:11:2f:c5:b2:86:ee:06:aa:5d:c8:0b:27:56:
1b:b7:e0:71:42:c6:c1:64:e0:69:0e:16:87:c2:89:a6:70:40:
fd:e8:27:5e:eb:bb:8e:cb:6a:e5:6f:a2:c6:2d:d8:98:db:5d:
31:e6:d2:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Xqz0KzO//jsbTZprzumbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTM2ZDJmMjk4ZTZjZmQ1NjYwNDU3M2QxZWY5ZTBlODI5
OWI1MjkwHhcNMjYwNDE2MTkwMTE0WhcNMjYwNDE3MTkwMTE0WjAzMTEwLwYDVQQD
EygyOThiNDhlYjE1YWFmNjNmYmI3MTJjYTNmNmQ0YTI5ZGEzMzM0NTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPns6uAGosmhrErq1IcpXyxIN+c6
WHOsOgfrzTqalLVA4hfwV4Ht5RmWsAgZ27R2KpSkTcW+SIfWr0uD+GkY47EopnSo
O2Cv7ozXmdtwRNt7yXzBhK7Y8vXr8prJOs5/OUTV0aKMh95SlBb0dCyJSy2N8hHr
5zdGHLiA4sGoSEjKmUWdmyYqVHrgWlTF0ybbLU4+eUMmkLl0Aa5X7lyEg36RMPv7
G+U/V4mKPGt77uJmekF4e8KDIp9xIVsnkO0Wz59HOhqhh/6xwj8zfZfYY+zqChaq
5lv77ir1e91Bk5eQzZivguJx86UPzKcDU8PchC6ArV8Wa+EH6E/vfx4GwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmLSOsVqvY/u3Eso/bUop2jM0VBMB8GA1UdIwQY
MBaAFDqTbS8pjmz9VmBFc9Hvng6CmbUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQt
YjVmOGVjMGFhZDdjLzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQtYjVmOGVjMGFhZDdj
LzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAryHI91vg
OBA4iQrxhOG6lWcrog0yaLb+G5+HgjSkrTBiZTAS2JRWq5+SSabV0nguo9aEvRNa
bv8gsxNSgKlb8173bVOTqjce3TntVymNkirlA3e+RNXo2fnKRUK2QBEudgRdgU3J
aD39IYJKMyVZV118ZW0VbZVimjusOjY4PpdbVdtTRv7jsu/mObNEH4RIdqaOeMQ8
45sEbxjnjLyAG3h3nk/TzVleRV3whbqZ07kZZ4UQHBLBcR1FP0zSh6hl9XlolRsb
6cPG8JoRL8Wyhu4Gql3ICydWG7fgcULGwWTgaQ4Wh8KJpnBA/egnXuu7jstq5W+i
xi3YmNtdMebSNQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:28:09 2026 by rpki-client