Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/e4163b-a2d2-4a48-8648-a230f2017338/1/ojKhc4Do4liY3qnCIzIaKs5SNvE.mft
File: ojKhc4Do4liY3qnCIzIaKs5SNvE.mft (raw, json)
Hash identifier: VYjShdIqlMU5eQ8WhQVuJXrxpfHUjh8VIARwtIKnsb8=
Subject key identifier: 5F:2B:3C:DC:45:DC:D1:5C:EF:B0:BC:1D:5F:6E:98:16:21:DD:D7:FF
Authority key identifier: A2:32:A1:73:80:E8:E2:58:98:DE:A9:C2:23:32:1A:2A:CE:52:36:F1
Certificate issuer: /CN=a232a17380e8e25898dea9c223321a2ace5236f1
Certificate serial: 019D9C9A4E6534212366DC9765AE946B0F6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ojKhc4Do4liY3qnCIzIaKs5SNvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/e4163b-a2d2-4a48-8648-a230f2017338/1/ojKhc4Do4liY3qnCIzIaKs5SNvE.mft
Manifest number: 03
Signing time: Fri 17 Apr 2026 18:00:51 +0000
Manifest this update: Fri 17 Apr 2026 18:00:51 +0000
Manifest next update: Sat 18 Apr 2026 18:00:51 +0000
Files and hashes: 1: ojKhc4Do4liY3qnCIzIaKs5SNvE.crl (hash: c/8QZsCSFaGO4ouGUmIx2MRG5/PkNGA6wyEg+sY6ap8=)
2: xyoH9R_BmdJ-gyu7Oy-9rS-zs-0.roa (hash: HGNIvY3ULeEgQ68bK1r/+JhRNbs682fuQL9Y7B95gbw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/e4163b-a2d2-4a48-8648-a230f2017338/1/ojKhc4Do4liY3qnCIzIaKs5SNvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/e4163b-a2d2-4a48-8648-a230f2017338/1/ojKhc4Do4liY3qnCIzIaKs5SNvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ojKhc4Do4liY3qnCIzIaKs5SNvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:9a:4e:65:34:21:23:66:dc:97:65:ae:94:6b:0f:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a232a17380e8e25898dea9c223321a2ace5236f1
Validity
Not Before: Apr 17 18:00:51 2026 GMT
Not After : Apr 18 18:00:51 2026 GMT
Subject: CN=5f2b3cdc45dcd15cefb0bc1d5f6e981621ddd7ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fb:3b:cd:0b:dd:93:4d:ac:a6:70:24:e9:b0:
39:ca:3b:75:1f:af:69:0d:55:79:4b:87:e2:53:95:
77:c7:b0:0e:73:f0:32:46:05:ef:da:ad:fd:3e:c7:
c0:5c:a4:39:a4:ed:bb:d9:31:14:15:7e:a4:14:31:
da:2c:39:22:0f:08:24:ed:7a:7a:13:24:64:61:3f:
1d:27:50:d8:4e:ef:83:a1:ac:aa:6b:a0:a6:ae:e8:
31:fa:13:e1:6d:c7:6c:7b:4c:74:80:52:00:95:e1:
57:5c:5f:44:f8:f3:bb:83:8d:8d:8a:8c:74:69:1c:
7c:06:59:be:fb:ac:78:c0:14:6b:4b:43:6b:68:17:
ec:b8:ba:c9:ed:92:55:11:9a:d9:d7:c9:f4:9a:01:
32:fd:27:0b:f0:23:77:ff:35:a7:36:bc:2d:cd:15:
c7:03:b7:b3:23:05:a7:87:cd:e4:7c:17:fc:1a:c9:
5f:75:8c:b7:f0:3c:3c:a9:ca:97:28:9d:a3:3c:eb:
30:be:80:e2:74:25:e9:46:9f:ef:2c:f2:cb:82:fb:
f9:4a:f7:c1:e5:c3:2b:5f:e4:d1:5f:44:96:cd:02:
53:82:50:c2:3d:39:ef:c4:b9:ee:4f:12:84:2f:97:
71:f6:7b:80:dd:c1:c5:02:af:f2:41:89:de:b3:0f:
fd:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2B:3C:DC:45:DC:D1:5C:EF:B0:BC:1D:5F:6E:98:16:21:DD:D7:FF
X509v3 Authority Key Identifier:
keyid:A2:32:A1:73:80:E8:E2:58:98:DE:A9:C2:23:32:1A:2A:CE:52:36:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ojKhc4Do4liY3qnCIzIaKs5SNvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/e4163b-a2d2-4a48-8648-a230f2017338/1/ojKhc4Do4liY3qnCIzIaKs5SNvE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/e4163b-a2d2-4a48-8648-a230f2017338/1/ojKhc4Do4liY3qnCIzIaKs5SNvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:4f:af:26:16:68:3a:1d:fe:9d:25:a4:ca:a4:77:7b:b0:49:
ed:25:03:80:70:41:ee:73:80:75:b6:08:eb:a7:0b:85:16:2d:
64:6d:10:14:1c:95:07:4d:37:b6:64:95:1b:38:cd:20:c9:3a:
6d:82:9a:ce:be:3d:88:d5:ff:ba:37:b8:35:51:0b:c9:fb:60:
9f:5d:48:9b:09:27:a3:3b:30:af:3f:76:08:c0:16:4b:25:24:
06:be:a4:88:9c:59:c6:b3:f9:f4:b4:95:23:e3:2e:99:16:43:
61:60:d4:ab:5d:67:40:1c:1c:65:04:91:18:3c:02:92:66:d4:
55:85:ec:0c:ec:e8:19:be:74:a8:01:9c:7b:4a:27:6d:de:fb:
9f:a7:3a:97:92:b8:3c:fd:f2:b0:5c:e9:96:3c:70:76:3a:d1:
61:8b:2f:9d:03:12:6d:ea:49:a9:2c:76:c0:5d:ec:14:a4:19:
3f:4b:c3:27:d0:aa:e2:03:41:bb:08:64:ef:2a:97:8e:e9:15:
1e:a5:6a:e5:b4:8b:f8:ce:e7:23:c4:e4:0e:85:9c:44:81:c2:
59:73:cd:ba:17:52:0a:df:c5:c1:97:7a:c6:da:2b:24:3a:0c:
6f:49:f4:87:7f:19:0b:59:f8:85:4b:75:70:43:5a:10:00:18:
c3:5a:2c:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cmk5lNCEjZtyXZa6Uaw9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMzJhMTczODBlOGUyNTg5OGRlYTljMjIzMzIxYTJhY2U1
MjM2ZjEwHhcNMjYwNDE3MTgwMDUxWhcNMjYwNDE4MTgwMDUxWjAzMTEwLwYDVQQD
Eyg1ZjJiM2NkYzQ1ZGNkMTVjZWZiMGJjMWQ1ZjZlOTgxNjIxZGRkN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/s7zQvdk02spnAk6bA5yjt1H69p
DVV5S4fiU5V3x7AOc/AyRgXv2q39PsfAXKQ5pO272TEUFX6kFDHaLDkiDwgk7Xp6
EyRkYT8dJ1DYTu+Doayqa6Cmrugx+hPhbcdse0x0gFIAleFXXF9E+PO7g42Niox0
aRx8Blm++6x4wBRrS0NraBfsuLrJ7ZJVEZrZ18n0mgEy/ScL8CN3/zWnNrwtzRXH
A7ezIwWnh83kfBf8GslfdYy38Dw8qcqXKJ2jPOswvoDidCXpRp/vLPLLgvv5SvfB
5cMrX+TRX0SWzQJTglDCPTnvxLnuTxKEL5dx9nuA3cHFAq/yQYnesw/9bwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8rPNxF3NFc77C8HV9umBYh3df/MB8GA1UdIwQY
MBaAFKIyoXOA6OJYmN6pwiMyGirOUjbxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2pLaGM0RG80bGlZM3FuQ0l6SWFLczVTTnZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9lNDE2M2ItYTJkMi00YTQ4LTg2NDgt
YTIzMGYyMDE3MzM4LzEvb2pLaGM0RG80bGlZM3FuQ0l6SWFLczVTTnZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9lNDE2M2ItYTJkMi00YTQ4LTg2NDgtYTIzMGYyMDE3MzM4
LzEvb2pLaGM0RG80bGlZM3FuQ0l6SWFLczVTTnZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEU+vJhZo
Oh3+nSWkyqR3e7BJ7SUDgHBB7nOAdbYI66cLhRYtZG0QFByVB003tmSVGzjNIMk6
bYKazr49iNX/uje4NVELyftgn11Imwknozswrz92CMAWSyUkBr6kiJxZxrP59LSV
I+MumRZDYWDUq11nQBwcZQSRGDwCkmbUVYXsDOzoGb50qAGce0onbd77n6c6l5K4
PP3ysFzpljxwdjrRYYsvnQMSbepJqSx2wF3sFKQZP0vDJ9Cq4gNBuwhk7yqXjukV
HqVq5bSL+M7nI8TkDoWcRIHCWXPNuhdSCt/FwZd6xtorJDoMb0n0h38ZC1n4hUt1
cENaEAAYw1os/Q==
-----END CERTIFICATE-----
Generated at Sat Apr 18 00:57:41 2026 by rpki-client