Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier: +fEECQiOvluy7gaWRnDlopax6/sFXzrSUI5WM1VGxJk=
Subject key identifier: C0:EA:AD:59:26:70:99:B9:0C:72:58:19:32:EE:8E:C4:AE:32:C8:DE
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 019D9C2C46734E28230AD23B92A83A84C90E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number: 1111
Signing time: Fri 17 Apr 2026 16:00:40 +0000
Manifest this update: Fri 17 Apr 2026 16:00:40 +0000
Manifest next update: Sat 18 Apr 2026 16:00:40 +0000
Files and hashes: 1: RvaTJRlt29ftCtqE0WpwZqGpE9g.roa (hash: StTKZA1GU7wGVFQWDEqlmDXT/zh0mjE1gXIOwpYnhZU=)
2: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: P5oebWuc2Fda5PAEynONS8cobrS1LdgeaeG7fuzxAbo=)
3: oTJ_SiNI-sTWNycV04ya44fLP9Q.roa (hash: oQAMQxzLon76LhylB305yCYYWrb8zMDw4+N6NR6rHCY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:2c:46:73:4e:28:23:0a:d2:3b:92:a8:3a:84:c9:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Apr 17 16:00:40 2026 GMT
Not After : Apr 18 16:00:40 2026 GMT
Subject: CN=c0eaad59267099b90c72581932ee8ec4ae32c8de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d0:d2:5c:df:50:7d:86:b5:75:75:b2:82:7b:
33:6a:a1:4e:77:3a:58:13:74:e2:7d:a8:14:59:97:
5f:25:f0:66:0e:ab:68:3d:de:96:59:4b:45:b8:a7:
a9:6f:41:d2:2d:91:90:7d:34:dd:67:58:7f:a1:2b:
b1:4c:20:cd:a5:ac:c1:ef:67:2c:95:19:3e:3e:38:
16:fb:44:26:83:3b:48:c4:7a:89:e3:59:fa:5c:bb:
77:e3:da:e4:fb:76:1c:50:b3:08:f8:c1:e5:2b:ba:
4e:11:cc:48:d9:94:91:a5:45:bf:b1:42:1f:a0:ae:
fe:fe:4f:c8:45:3d:5b:c2:e2:fd:63:01:c8:90:d0:
34:66:ad:2c:58:c5:2f:a9:14:df:31:04:bd:3d:34:
7c:16:0b:8a:1d:39:72:63:c1:47:57:c0:98:bb:0c:
a5:81:4b:c5:a2:07:a1:22:4a:dd:29:95:75:07:d6:
9c:91:7c:61:30:1e:22:1e:fb:37:25:77:8a:24:98:
d4:34:3c:68:b0:f3:f2:f6:6f:94:7d:a3:71:98:88:
87:3f:14:22:22:87:bb:c5:e1:1f:2e:74:31:ef:13:
6d:60:a3:8d:3e:20:e8:43:72:6d:7a:bd:16:73:83:
ba:a5:f0:19:cb:3c:a0:6e:48:b9:10:f9:21:d8:ce:
51:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:EA:AD:59:26:70:99:B9:0C:72:58:19:32:EE:8E:C4:AE:32:C8:DE
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:b5:e2:dd:25:f5:ed:a7:5f:87:c3:20:06:6b:ee:e0:c2:10:
0b:50:cf:49:1d:c2:f4:21:b8:41:bb:8d:58:12:37:16:de:09:
77:d5:9a:dd:9c:70:94:06:f9:4d:8e:18:57:75:9b:fe:0f:a7:
b3:cc:99:8f:38:38:87:d0:4e:6e:31:14:4a:f3:75:fb:46:31:
8d:50:cb:31:0e:54:87:32:99:91:93:69:c0:3a:f9:43:58:95:
aa:47:36:ff:c4:fb:47:0d:2e:c9:35:2a:11:17:2f:06:6f:47:
e4:5a:57:77:d6:f5:40:3e:af:75:16:a9:0b:d7:ff:5f:4a:a0:
f2:22:a3:ff:fb:ae:91:93:94:6d:05:f9:32:ac:75:18:cd:c7:
d6:4c:72:52:16:92:f3:42:15:47:0d:43:ad:6e:1f:cd:ab:72:
92:77:b4:d9:9a:13:25:09:50:0e:36:47:94:86:6f:99:af:74:
b1:f2:ae:d0:fa:74:fd:5d:98:e2:90:f7:3f:b4:bc:d7:0b:a0:
15:91:eb:1c:58:95:19:96:5d:ff:a7:40:f8:35:81:7e:43:ca:
1d:e8:6e:72:9d:f2:08:2c:90:92:8e:b4:4b:1a:a6:82:61:df:
a9:19:76:4f:f4:09:e1:ea:3c:5f:67:26:03:ab:69:35:fb:00:
35:9a:ad:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cLEZzTigjCtI7kqg6hMkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjYwNDE3MTYwMDQwWhcNMjYwNDE4MTYwMDQwWjAzMTEwLwYDVQQD
EyhjMGVhYWQ1OTI2NzA5OWI5MGM3MjU4MTkzMmVlOGVjNGFlMzJjOGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtDSXN9QfYa1dXWygnszaqFOdzpY
E3TifagUWZdfJfBmDqtoPd6WWUtFuKepb0HSLZGQfTTdZ1h/oSuxTCDNpazB72cs
lRk+PjgW+0QmgztIxHqJ41n6XLt349rk+3YcULMI+MHlK7pOEcxI2ZSRpUW/sUIf
oK7+/k/IRT1bwuL9YwHIkNA0Zq0sWMUvqRTfMQS9PTR8FguKHTlyY8FHV8CYuwyl
gUvFogehIkrdKZV1B9ackXxhMB4iHvs3JXeKJJjUNDxosPPy9m+UfaNxmIiHPxQi
Ioe7xeEfLnQx7xNtYKONPiDoQ3Jter0Wc4O6pfAZyzygbki5EPkh2M5RuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMDqrVkmcJm5DHJYGTLujsSuMsjeMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIrXi3SX1
7adfh8MgBmvu4MIQC1DPSR3C9CG4QbuNWBI3Ft4Jd9Wa3ZxwlAb5TY4YV3Wb/g+n
s8yZjzg4h9BObjEUSvN1+0YxjVDLMQ5UhzKZkZNpwDr5Q1iVqkc2/8T7Rw0uyTUq
ERcvBm9H5FpXd9b1QD6vdRapC9f/X0qg8iKj//uukZOUbQX5Mqx1GM3H1kxyUhaS
80IVRw1DrW4fzatykne02ZoTJQlQDjZHlIZvma90sfKu0Pp0/V2Y4pD3P7S81wug
FZHrHFiVGZZd/6dA+DWBfkPKHehucp3yCCyQko60SxqmgmHfqRl2T/QJ4eo8X2cm
A6tpNfsANZqtWQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:38:29 2026 by rpki-client