Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.mft
File: o4nnA1sI4YGjQfN-2nND0j8cr6Q.mft (raw, json)
Hash identifier: TgQ4lGQEVwd69WI2xsuqMhjKaOM5VEJS66id4dKd7PY=
Subject key identifier: 8A:14:F5:6E:FC:BC:4A:8F:EB:17:B4:D1:BC:73:02:31:92:AA:D6:50
Authority key identifier: A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
Certificate issuer: /CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Certificate serial: 019CAB3497FB6B3F91C7252AC1351859EDE6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.mft
Manifest number: 1778
Signing time: Sun 01 Mar 2026 21:01:16 +0000
Manifest this update: Sun 01 Mar 2026 21:01:16 +0000
Manifest next update: Mon 02 Mar 2026 21:01:16 +0000
Files and hashes: 1: 2zvlLx0eZAbOYhxgIyqrlDoVC1g.roa (hash: KQYOWqTXbXwvtekOLsVc2rxud/hR8A87QDGRubzzTXw=)
2: 4Ry_mlzBaUQ6UP1sVtEjuUsTD1M.roa (hash: Cbb+P8Z0r4y6AjDJgLqHTENuD/Go8wmcnnMVwTktU/4=)
3: D757pdeWdoida8GHOUdKTXVzQLA.roa (hash: 9oAemx2TPMquAep4lORrFPAoBV6BakfDEYxe+lt7IJE=)
4: o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl (hash: FXWjMAWJ4taahVPdIIGzz37rpK1lJGdr7TdU8RVAsps=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:97:fb:6b:3f:91:c7:25:2a:c1:35:18:59:ed:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Validity
Not Before: Mar 1 21:01:16 2026 GMT
Not After : Mar 2 21:01:16 2026 GMT
Subject: CN=8a14f56efcbc4a8feb17b4d1bc73023192aad650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0d:53:d8:96:03:21:09:9d:9a:28:e1:63:9a:
e6:9c:ec:12:9c:10:b3:1c:90:79:ef:1d:21:95:06:
50:6b:8b:b3:91:b5:69:dc:1a:c9:88:a7:2a:44:5e:
54:b4:8c:20:7c:55:a2:e3:e4:19:43:a2:00:0f:44:
ad:28:4f:e9:6a:ad:cd:c0:0d:80:37:f4:35:d7:de:
9c:47:19:bd:62:2c:23:1e:5a:4a:0f:55:c9:20:e6:
2a:14:02:8c:c7:c5:7a:32:20:e9:5f:36:9f:84:ec:
ee:94:61:54:ac:a1:0c:0c:77:fe:60:de:db:ac:8a:
37:e9:2e:63:3c:a6:bf:0f:fd:b5:2a:6e:df:6f:d5:
c0:30:38:6b:4c:9a:b7:e7:b7:57:1f:ef:a6:15:26:
f8:cc:da:e5:81:d9:e2:5f:61:ef:5b:6d:bf:29:d6:
8a:3d:a3:cd:ff:6a:0e:99:82:46:3b:4c:79:8a:95:
ea:9e:c1:20:a5:1d:23:ed:3f:43:77:bb:97:6c:08:
92:58:aa:e8:13:f8:67:37:42:92:77:0c:a0:77:62:
0b:7c:9c:c8:4a:b5:d4:4f:fa:00:df:92:61:37:4f:
c7:40:68:7e:e2:46:24:3f:de:ca:64:ff:cf:b7:21:
42:0a:14:96:67:6a:92:3c:93:62:08:58:ef:ce:ea:
81:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:14:F5:6E:FC:BC:4A:8F:EB:17:B4:D1:BC:73:02:31:92:AA:D6:50
X509v3 Authority Key Identifier:
keyid:A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:b8:6e:77:ec:56:45:25:c1:f1:af:63:33:1b:3f:69:28:b9:
7f:c8:9d:e4:43:b1:90:7f:cd:0d:4e:7e:ab:64:14:9b:8b:9a:
9b:c0:75:8b:36:db:b2:8e:7a:09:15:f7:5f:d9:a1:0d:b1:8b:
be:6a:ba:34:00:11:61:6d:3e:0e:3f:49:04:cd:ef:34:50:a2:
5d:92:47:ca:e4:56:6a:f2:53:e5:1a:28:db:5a:fe:76:e8:9b:
d7:d6:cf:1d:eb:15:bb:28:98:d7:2e:0c:32:ff:50:61:0b:f6:
20:a5:a5:1f:86:8c:df:9b:5f:5d:c1:02:0c:98:d5:f6:2c:5d:
27:7f:0c:11:23:51:7b:c4:67:a3:4a:bc:12:06:7e:41:99:2c:
f1:74:80:3d:ca:f0:7f:e8:0b:f9:d9:24:cd:d8:88:fb:31:c1:
f4:fa:0e:8f:8a:04:55:cc:a7:37:0f:56:d0:6b:5c:25:aa:58:
31:1c:cd:8d:71:6e:2f:71:d5:7b:d5:f2:d8:0f:d4:a1:d2:de:
a0:d9:8a:0d:7c:d4:03:48:7d:2d:e5:c8:0a:1a:7f:63:5b:f2:
a0:dd:33:98:e0:57:cb:1b:57:f0:51:1c:9c:3e:f2:a9:e3:89:
5f:1c:89:c4:2d:d4:0c:77:e8:36:49:6a:b5:2c:53:27:c6:eb:
ab:7d:da:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNJf7az+RxyUqwTUYWe3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzODllNzAzNWIwOGUxODFhMzQxZjM3ZWRhNzM0M2QyM2Yx
Y2FmYTQwHhcNMjYwMzAxMjEwMTE2WhcNMjYwMzAyMjEwMTE2WjAzMTEwLwYDVQQD
Eyg4YTE0ZjU2ZWZjYmM0YThmZWIxN2I0ZDFiYzczMDIzMTkyYWFkNjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q1T2JYDIQmdmijhY5rmnOwSnBCz
HJB57x0hlQZQa4uzkbVp3BrJiKcqRF5UtIwgfFWi4+QZQ6IAD0StKE/paq3NwA2A
N/Q1196cRxm9YiwjHlpKD1XJIOYqFAKMx8V6MiDpXzafhOzulGFUrKEMDHf+YN7b
rIo36S5jPKa/D/21Km7fb9XAMDhrTJq357dXH++mFSb4zNrlgdniX2HvW22/KdaK
PaPN/2oOmYJGO0x5ipXqnsEgpR0j7T9Dd7uXbAiSWKroE/hnN0KSdwygd2ILfJzI
SrXUT/oA35JhN0/HQGh+4kYkP97KZP/PtyFCChSWZ2qSPJNiCFjvzuqBjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIoU9W78vEqP6xe00bxzAjGSqtZQMB8GA1UdIwQY
MBaAFKOJ5wNbCOGBo0HzftpzQ9I/HK+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWIt
MGU3MjQxNmI0ZGM3LzEvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWItMGU3MjQxNmI0ZGM3
LzEvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAbhud+xW
RSXB8a9jMxs/aSi5f8id5EOxkH/NDU5+q2QUm4uam8B1izbbso56CRX3X9mhDbGL
vmq6NAARYW0+Dj9JBM3vNFCiXZJHyuRWavJT5Roo21r+duib19bPHesVuyiY1y4M
Mv9QYQv2IKWlH4aM35tfXcECDJjV9ixdJ38MESNRe8Rno0q8EgZ+QZks8XSAPcrw
f+gL+dkkzdiI+zHB9PoOj4oEVcynNw9W0GtcJapYMRzNjXFuL3HVe9Xy2A/UodLe
oNmKDXzUA0h9LeXIChp/Y1vyoN0zmOBXyxtX8FEcnD7yqeOJXxyJxC3UDHfoNklq
tSxTJ8brq33aUQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:31:40 2026 by rpki-client