Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft
File: OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft (raw, json)
Hash identifier: CADoQch19lx8KOsr7WjmxeBJiOUOheGH/iGzPAPNQH4=
Subject key identifier: 1A:C3:4A:57:EC:7F:5B:74:16:5A:9F:E8:F4:7A:D4:D8:C8:8C:61:AF
Authority key identifier: 38:97:55:42:3F:83:2A:52:8C:93:13:61:10:F0:FE:4B:10:45:35:82
Certificate issuer: /CN=389755423f832a528c93136110f0fe4b10453582
Certificate serial: 019CACB55659295D87273A54EE53270F3E5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft
Manifest number: 0EDD
Signing time: Mon 02 Mar 2026 04:01:31 +0000
Manifest this update: Mon 02 Mar 2026 04:01:31 +0000
Manifest next update: Tue 03 Mar 2026 04:01:31 +0000
Files and hashes: 1: OJdVQj-DKlKMkxNhEPD-SxBFNYI.crl (hash: Yx//3j7Mz0/unC2IffZHruPLalliYl2tl/csgB7kF4c=)
2: dvF-ax6xW9w6QlzjTOaIlgyWKik.roa (hash: E53mXDTZAgvYtLPLUqhUWEPa5aOM6nnfYCB3KgCjcD8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 04:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:b5:56:59:29:5d:87:27:3a:54:ee:53:27:0f:3e:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389755423f832a528c93136110f0fe4b10453582
Validity
Not Before: Mar 2 04:01:31 2026 GMT
Not After : Mar 3 04:01:31 2026 GMT
Subject: CN=1ac34a57ec7f5b74165a9fe8f47ad4d8c88c61af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4f:ea:83:99:93:9a:07:92:c8:d4:d5:96:60:
0d:9e:29:45:6f:aa:a9:82:6c:ce:43:6f:1b:ec:ab:
7e:2e:3f:05:38:0c:56:1d:34:85:ff:35:7e:7b:0e:
21:dc:a8:24:32:38:e7:c2:a6:c0:0c:7e:0f:d8:59:
69:bf:74:cd:b6:58:f9:99:a5:b1:0e:54:7a:c4:ba:
a4:ee:5c:d4:26:16:a7:37:4a:82:ba:03:71:d2:df:
8c:23:20:a2:4b:20:87:91:26:06:f2:f6:bf:2a:da:
b5:73:8a:51:c3:ef:d1:1c:01:48:a0:ab:75:f5:0c:
9d:b8:60:c7:c3:2f:6e:87:03:d3:d4:4b:b9:30:8f:
b5:de:17:b6:7e:69:8e:87:ef:24:47:69:5d:d3:c7:
b1:81:ac:45:5e:a4:36:90:87:26:69:ab:23:70:09:
28:43:7c:c4:41:72:70:90:7e:8e:48:5a:de:f8:f6:
1a:a4:0e:0f:97:c8:1f:77:d6:2a:84:a2:b4:28:e3:
c3:39:53:52:3a:16:be:9d:67:63:eb:80:02:63:7f:
97:75:f1:22:1c:8c:bd:df:83:4e:26:a3:a0:a7:d2:
57:f5:67:56:71:0a:17:8e:4c:22:6f:43:04:82:8b:
54:c9:33:3d:dc:df:db:5c:86:65:9b:3f:59:da:d4:
18:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C3:4A:57:EC:7F:5B:74:16:5A:9F:E8:F4:7A:D4:D8:C8:8C:61:AF
X509v3 Authority Key Identifier:
keyid:38:97:55:42:3F:83:2A:52:8C:93:13:61:10:F0:FE:4B:10:45:35:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:13:b9:0a:c8:8c:f8:6b:3a:99:bb:9e:5d:9c:2d:30:56:b3:
ff:f6:18:22:76:62:ae:ee:3f:47:ba:15:34:fc:bb:4c:77:59:
65:01:a9:37:5b:d3:80:df:10:5d:bc:69:4a:38:d1:0b:c9:e3:
12:14:a8:13:30:50:3c:10:df:d2:cb:62:81:c8:e1:4d:3f:b4:
1d:ec:78:d5:c7:2e:5c:c6:8e:a6:bb:82:49:14:b2:c0:69:7d:
e9:81:bf:d3:d3:f8:c1:4b:dc:a7:88:94:29:32:f1:ef:cd:e3:
27:df:5a:ef:e8:f2:c0:4d:8b:0a:27:b1:da:93:de:0f:06:f0:
dd:39:2f:5f:07:a8:62:29:d3:84:e5:49:cd:a9:c9:ef:5b:12:
0e:3d:f1:a9:bd:19:c7:32:5b:0f:13:d0:08:30:32:3d:95:9b:
d4:00:2f:07:5e:f0:73:fe:60:f8:0a:65:8c:78:3f:60:dd:41:
fb:2f:7d:78:df:cb:1d:7d:16:d6:2c:bb:b0:06:91:b6:96:0a:
d3:d9:9b:55:51:c5:94:83:e6:75:c6:a0:04:39:96:2f:95:ba:
e7:d8:5c:6f:fc:c5:96:17:cf:1d:4f:eb:0e:57:91:6b:f1:1c:
c2:36:60:31:e2:70:03:4d:6c:eb:a7:2d:c0:4d:5e:07:93:37:
d9:b9:df:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystVZZKV2HJzpU7lMnDz5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OTc1NTQyM2Y4MzJhNTI4YzkzMTM2MTEwZjBmZTRiMTA0
NTM1ODIwHhcNMjYwMzAyMDQwMTMxWhcNMjYwMzAzMDQwMTMxWjAzMTEwLwYDVQQD
EygxYWMzNGE1N2VjN2Y1Yjc0MTY1YTlmZThmNDdhZDRkOGM4OGM2MWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk/qg5mTmgeSyNTVlmANnilFb6qp
gmzOQ28b7Kt+Lj8FOAxWHTSF/zV+ew4h3KgkMjjnwqbADH4P2Flpv3TNtlj5maWx
DlR6xLqk7lzUJhanN0qCugNx0t+MIyCiSyCHkSYG8va/Ktq1c4pRw+/RHAFIoKt1
9QyduGDHwy9uhwPT1Eu5MI+13he2fmmOh+8kR2ld08exgaxFXqQ2kIcmaasjcAko
Q3zEQXJwkH6OSFre+PYapA4Pl8gfd9YqhKK0KOPDOVNSOha+nWdj64ACY3+XdfEi
HIy934NOJqOgp9JX9WdWcQoXjkwib0MEgotUyTM93N/bXIZlmz9Z2tQY4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBrDSlfsf1t0Flqf6PR61NjIjGGvMB8GA1UdIwQY
MBaAFDiXVUI/gypSjJMTYRDw/ksQRTWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9kOWI1OTYtNjAxZS00NDI2LWE0Mjgt
NDY5NTdiZDg4NjBkLzEvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9kOWI1OTYtNjAxZS00NDI2LWE0MjgtNDY5NTdiZDg4NjBk
LzEvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADxO5CsiM
+Gs6mbueXZwtMFaz//YYInZiru4/R7oVNPy7THdZZQGpN1vTgN8QXbxpSjjRC8nj
EhSoEzBQPBDf0stigcjhTT+0Hex41ccuXMaOpruCSRSywGl96YG/09P4wUvcp4iU
KTLx783jJ99a7+jywE2LCiex2pPeDwbw3TkvXweoYinThOVJzanJ71sSDj3xqb0Z
xzJbDxPQCDAyPZWb1AAvB17wc/5g+ApljHg/YN1B+y99eN/LHX0W1iy7sAaRtpYK
09mbVVHFlIPmdcagBDmWL5W659hcb/zFlhfPHU/rDleRa/EcwjZgMeJwA01s66ct
wE1eB5M32bnfcg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:14:24 2026 by rpki-client