Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier: xuhSDJ937GrJTxAflxeI9XB8tw9wvrJn92mElqbv3f8=
Subject key identifier: C6:51:3B:36:73:26:04:9A:16:38:C5:AE:70:C3:19:6C:5D:DE:A9:E6
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 019CACB4AAA2E1EEAEDE5317DAFD93301D1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number: 1095
Signing time: Mon 02 Mar 2026 04:00:47 +0000
Manifest this update: Mon 02 Mar 2026 04:00:47 +0000
Manifest next update: Tue 03 Mar 2026 04:00:47 +0000
Files and hashes: 1: RvaTJRlt29ftCtqE0WpwZqGpE9g.roa (hash: StTKZA1GU7wGVFQWDEqlmDXT/zh0mjE1gXIOwpYnhZU=)
2: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: QkR13B7Bdl107HHqJSkfs0kIWJWNQ+n92lhp4nH3OKg=)
3: oTJ_SiNI-sTWNycV04ya44fLP9Q.roa (hash: oQAMQxzLon76LhylB305yCYYWrb8zMDw4+N6NR6rHCY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 04:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:b4:aa:a2:e1:ee:ae:de:53:17:da:fd:93:30:1d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Mar 2 04:00:47 2026 GMT
Not After : Mar 3 04:00:47 2026 GMT
Subject: CN=c6513b367326049a1638c5ae70c3196c5ddea9e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dd:13:39:34:5f:85:21:2a:a1:b6:ad:0d:5a:
14:25:cd:61:a6:f1:cc:b5:c4:7d:a8:a0:be:ac:53:
96:ef:c6:3d:54:6f:ec:0c:2d:58:c8:3f:42:84:e4:
16:f0:1b:36:50:90:d9:03:25:e4:5e:41:ac:c3:27:
0b:7d:34:0d:4a:e3:93:46:84:7f:d8:be:54:4c:43:
a8:e5:6b:18:97:85:6d:2c:29:f4:d0:0a:1e:32:e3:
ae:20:d4:e8:8f:ff:2a:df:bc:89:f3:cd:4e:fe:04:
30:3e:d7:7d:c4:64:db:d5:ad:98:a4:25:7b:29:de:
d4:75:57:19:58:7a:a2:ba:5a:7e:1f:ff:ac:bc:32:
b6:46:d4:4b:b2:8c:57:d7:d3:03:d2:ea:db:7a:5a:
4b:54:39:67:50:9c:99:14:94:a6:cd:78:8d:02:3d:
2f:fa:1f:96:9b:02:f1:16:38:cc:c8:0d:ae:64:f4:
dc:88:d3:d1:4a:12:ec:dc:26:39:7d:84:fc:a1:5d:
f3:a6:1a:a0:cf:11:7c:00:36:30:de:d3:fb:b4:d3:
8b:15:e8:e6:8a:c8:01:96:74:d7:58:49:0b:94:3c:
b8:7a:5a:38:05:c4:98:8e:1e:bc:a9:32:f4:94:f8:
b6:5c:0d:bc:38:f4:36:e7:32:1a:af:ea:ee:9f:b0:
f8:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:51:3B:36:73:26:04:9A:16:38:C5:AE:70:C3:19:6C:5D:DE:A9:E6
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:18:ab:0b:91:64:9b:e7:b9:13:de:8a:c6:ae:7c:b0:81:d8:
d5:96:38:9b:e8:91:44:0d:b3:c9:f5:c4:e1:4e:b0:de:c8:13:
44:b9:cd:cd:fa:47:72:9a:6c:cd:51:4e:6a:e0:8c:aa:f9:c5:
08:2c:b4:db:53:53:8f:f7:c2:b5:22:71:97:c3:e2:bb:5f:b0:
55:f6:53:61:8e:45:4f:9a:35:c8:d4:cf:e3:7a:b1:7b:d2:2d:
19:da:64:23:25:03:f5:b0:20:d6:c8:71:a6:a3:41:13:c5:83:
20:e9:b1:14:9e:c2:83:1e:b8:21:75:66:15:d4:59:36:03:b3:
dc:8a:ca:4a:b2:5f:1f:93:9e:06:44:0c:73:f9:80:d4:c6:e3:
62:1d:e6:79:d3:8e:4a:be:4c:16:80:62:a0:ad:9d:3d:b6:d5:
2a:0a:a4:70:29:24:36:b5:b4:9b:7e:e0:64:f6:b4:ae:f4:20:
d3:81:67:15:6c:e9:73:8a:a1:51:00:43:50:8c:25:1f:17:a8:
aa:f5:23:e7:59:70:e2:03:5a:85:7b:52:69:f6:7d:74:df:1a:
1a:d7:77:c0:da:a7:74:84:7c:b5:19:4d:0d:2f:0d:a3:a5:8c:
e6:a2:d6:1f:3f:0f:fb:7c:ea:81:02:c4:f4:21:96:8f:a3:2f:
d8:90:0e:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystKqi4e6u3lMX2v2TMB0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjYwMzAyMDQwMDQ3WhcNMjYwMzAzMDQwMDQ3WjAzMTEwLwYDVQQD
EyhjNjUxM2IzNjczMjYwNDlhMTYzOGM1YWU3MGMzMTk2YzVkZGVhOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud0TOTRfhSEqobatDVoUJc1hpvHM
tcR9qKC+rFOW78Y9VG/sDC1YyD9ChOQW8Bs2UJDZAyXkXkGswycLfTQNSuOTRoR/
2L5UTEOo5WsYl4VtLCn00AoeMuOuINToj/8q37yJ881O/gQwPtd9xGTb1a2YpCV7
Kd7UdVcZWHqiulp+H/+svDK2RtRLsoxX19MD0urbelpLVDlnUJyZFJSmzXiNAj0v
+h+WmwLxFjjMyA2uZPTciNPRShLs3CY5fYT8oV3zphqgzxF8ADYw3tP7tNOLFejm
isgBlnTXWEkLlDy4elo4BcSYjh68qTL0lPi2XA28OPQ25zIar+run7D4+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMZROzZzJgSaFjjFrnDDGWxd3qnmMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZxirC5Fk
m+e5E96Kxq58sIHY1ZY4m+iRRA2zyfXE4U6w3sgTRLnNzfpHcppszVFOauCMqvnF
CCy021NTj/fCtSJxl8Piu1+wVfZTYY5FT5o1yNTP43qxe9ItGdpkIyUD9bAg1shx
pqNBE8WDIOmxFJ7Cgx64IXVmFdRZNgOz3IrKSrJfH5OeBkQMc/mA1MbjYh3medOO
Sr5MFoBioK2dPbbVKgqkcCkkNrW0m37gZPa0rvQg04FnFWzpc4qhUQBDUIwlHxeo
qvUj51lw4gNahXtSafZ9dN8aGtd3wNqndIR8tRlNDS8No6WM5qLWHz8P+3zqgQLE
9CGWj6Mv2JAOGg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:04:22 2026 by rpki-client