Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
File: ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft (raw, json)
Hash identifier: 1Gbnks/Ibo1z0mZO0ftm81fGhj0nFrzO1snOLI2r4Vo=
Subject key identifier: E6:52:B8:89:33:5D:D4:5F:2C:62:18:6D:87:66:D2:41:4A:83:59:E3
Authority key identifier: A2:0C:C6:71:54:B4:03:14:5D:13:94:69:88:61:27:AB:62:9E:B9:28
Certificate issuer: /CN=a20cc67154b403145d139469886127ab629eb928
Certificate serial: 019CAD909C57ED36071CCB9E558031DD55D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
Manifest number: 12BB
Signing time: Mon 02 Mar 2026 08:01:01 +0000
Manifest this update: Mon 02 Mar 2026 08:01:01 +0000
Manifest next update: Tue 03 Mar 2026 08:01:01 +0000
Files and hashes: 1: IBksnf3WkTvoF5rkP1mUy15812I.roa (hash: HD4RkTmAf3uLEci/QM2BCfZRy1s1DoklxIvLjDBwxb4=)
2: NdOYrmb6RnvhyXZ1Skocw4HNEj4.roa (hash: i19fewp2gqVX7ORfnbVNxiNhHz8sRGSZyn7wRBbQZfc=)
3: ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl (hash: U1OiGXF2B3V64qdy78RJoc0cWLoAPZLfcMzG+T4E3pA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:9c:57:ed:36:07:1c:cb:9e:55:80:31:dd:55:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a20cc67154b403145d139469886127ab629eb928
Validity
Not Before: Mar 2 08:01:01 2026 GMT
Not After : Mar 3 08:01:01 2026 GMT
Subject: CN=e652b889335dd45f2c62186d8766d2414a8359e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:84:6d:6b:32:ac:2d:e3:50:ba:3b:fa:40:1c:
e4:dd:2f:fb:c5:6d:8d:74:2a:7a:ca:7d:82:0b:17:
5c:0f:0d:b7:ca:52:99:05:67:48:94:aa:01:5d:5e:
21:be:f3:e6:ba:c5:fe:82:a3:26:05:60:11:a9:19:
ba:12:2b:2f:a3:7e:e7:da:d3:24:4a:bb:df:68:2d:
c5:e1:ee:9d:07:bc:49:91:29:6c:ab:f8:1c:da:44:
9d:c6:39:f1:e5:91:0e:bf:73:f1:54:f7:67:53:f3:
5d:d4:fd:76:8f:a0:6f:d1:02:ef:85:62:76:d3:2b:
57:df:f5:eb:22:4a:81:b4:8d:14:49:ba:54:2f:60:
17:e7:44:22:83:10:b8:94:e6:ec:fd:df:8d:2a:fd:
40:3e:91:a1:09:6b:a9:cf:05:4f:26:c8:cc:08:4b:
cf:03:de:9a:b3:75:cf:9d:79:9c:c8:0f:ef:8a:66:
0e:41:28:98:30:ab:e7:7e:77:85:ef:48:8c:ee:77:
8c:79:50:57:12:29:96:d7:27:33:08:0c:30:cb:99:
90:21:f7:60:ee:12:72:cb:98:da:dd:fb:37:86:c1:
1f:47:52:1d:10:a6:b1:d4:44:6e:1d:fb:db:2b:0b:
11:b8:25:ca:78:62:e3:4b:a7:3b:48:8e:30:17:69:
c4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:52:B8:89:33:5D:D4:5F:2C:62:18:6D:87:66:D2:41:4A:83:59:E3
X509v3 Authority Key Identifier:
keyid:A2:0C:C6:71:54:B4:03:14:5D:13:94:69:88:61:27:AB:62:9E:B9:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:2d:b9:90:af:1e:d6:c9:46:27:81:d9:04:9d:9a:6f:f0:46:
28:8f:d8:30:7a:40:4a:ed:c2:f9:09:c6:b5:f1:8c:e9:97:7b:
21:2c:7e:00:90:fd:7f:19:4c:cf:3c:28:70:64:02:0f:e8:16:
1d:fc:1b:02:dd:16:67:97:1a:2c:bb:fc:5f:c9:f4:e7:de:c1:
13:d5:cd:2c:11:7f:a8:4f:8b:20:1d:05:cb:a9:cb:d6:62:23:
2c:84:50:c9:6f:05:25:d7:43:e6:0a:c7:eb:ff:0a:d1:d0:a6:
11:af:26:c8:0f:00:35:2e:a8:e3:00:f3:bc:9b:a4:8e:f8:08:
95:b2:5f:0c:be:99:2b:d6:ca:f8:e9:cf:ea:e9:be:71:06:ac:
be:85:ee:60:45:5d:d6:e6:b0:5d:cb:56:47:d4:c4:d0:92:dc:
56:a7:68:f9:ff:c1:fb:cd:87:81:41:f2:cb:de:26:c3:64:38:
a7:f6:d0:6c:4d:4b:a9:65:69:67:c0:6a:e1:39:34:44:6d:86:
b4:c9:56:e3:61:f3:96:f5:30:bb:58:04:09:49:a5:7a:0e:14:
ca:84:56:c0:37:cc:c2:7e:43:99:43:b0:cd:70:c6:2d:48:2a:
e7:c0:c8:b9:a0:03:71:6d:27:22:dd:49:d9:71:89:b4:e6:52:
a0:1e:f0:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkJxX7TYHHMueVYAx3VXZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMGNjNjcxNTRiNDAzMTQ1ZDEzOTQ2OTg4NjEyN2FiNjI5
ZWI5MjgwHhcNMjYwMzAyMDgwMTAxWhcNMjYwMzAzMDgwMTAxWjAzMTEwLwYDVQQD
EyhlNjUyYjg4OTMzNWRkNDVmMmM2MjE4NmQ4NzY2ZDI0MTRhODM1OWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYRtazKsLeNQujv6QBzk3S/7xW2N
dCp6yn2CCxdcDw23ylKZBWdIlKoBXV4hvvPmusX+gqMmBWARqRm6Eisvo37n2tMk
SrvfaC3F4e6dB7xJkSlsq/gc2kSdxjnx5ZEOv3PxVPdnU/Nd1P12j6Bv0QLvhWJ2
0ytX3/XrIkqBtI0USbpUL2AX50QigxC4lObs/d+NKv1APpGhCWupzwVPJsjMCEvP
A96as3XPnXmcyA/vimYOQSiYMKvnfneF70iM7neMeVBXEimW1yczCAwwy5mQIfdg
7hJyy5ja3fs3hsEfR1IdEKax1ERuHfvbKwsRuCXKeGLjS6c7SI4wF2nEIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOZSuIkzXdRfLGIYbYdm0kFKg1njMB8GA1UdIwQY
MBaAFKIMxnFUtAMUXROUaYhhJ6tinrkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kZDg4NzgtMjk0MS00YzE1LWIyMDQt
OGZjMzM3MzdjZWFiLzEvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kZDg4NzgtMjk0MS00YzE1LWIyMDQtOGZjMzM3MzdjZWFi
LzEvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcC25kK8e
1slGJ4HZBJ2ab/BGKI/YMHpASu3C+QnGtfGM6Zd7ISx+AJD9fxlMzzwocGQCD+gW
HfwbAt0WZ5caLLv8X8n0597BE9XNLBF/qE+LIB0Fy6nL1mIjLIRQyW8FJddD5grH
6/8K0dCmEa8myA8ANS6o4wDzvJukjvgIlbJfDL6ZK9bK+OnP6um+cQasvoXuYEVd
1uawXctWR9TE0JLcVqdo+f/B+82HgUHyy94mw2Q4p/bQbE1LqWVpZ8Bq4Tk0RG2G
tMlW42HzlvUwu1gECUmleg4UyoRWwDfMwn5DmUOwzXDGLUgq58DIuaADcW0nIt1J
2XGJtOZSoB7w4A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:04:30 2026 by rpki-client