Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
File: ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft (raw, json)
Hash identifier: vtW6iqS2G/jiiQpf4+FDmPy99j9jhnNNhSNCtbK46Ec=
Subject key identifier: 5A:D1:BC:09:6E:BF:F2:D6:26:82:8F:AD:7E:6A:FD:D2:AA:28:0B:66
Authority key identifier: A2:0C:C6:71:54:B4:03:14:5D:13:94:69:88:61:27:AB:62:9E:B9:28
Certificate issuer: /CN=a20cc67154b403145d139469886127ab629eb928
Certificate serial: 019D992B80F522A44F92E9999E6AD5E7B54B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
Manifest number: 1335
Signing time: Fri 17 Apr 2026 02:00:58 +0000
Manifest this update: Fri 17 Apr 2026 02:00:58 +0000
Manifest next update: Sat 18 Apr 2026 02:00:58 +0000
Files and hashes: 1: IBksnf3WkTvoF5rkP1mUy15812I.roa (hash: HD4RkTmAf3uLEci/QM2BCfZRy1s1DoklxIvLjDBwxb4=)
2: NdOYrmb6RnvhyXZ1Skocw4HNEj4.roa (hash: i19fewp2gqVX7ORfnbVNxiNhHz8sRGSZyn7wRBbQZfc=)
3: ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl (hash: NilVv0cs7jkTubgsvY427hlOg18BVP2o5BfcW5nr+60=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:2b:80:f5:22:a4:4f:92:e9:99:9e:6a:d5:e7:b5:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a20cc67154b403145d139469886127ab629eb928
Validity
Not Before: Apr 17 02:00:58 2026 GMT
Not After : Apr 18 02:00:58 2026 GMT
Subject: CN=5ad1bc096ebff2d626828fad7e6afdd2aa280b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:63:05:47:eb:e2:c0:cc:7e:4a:04:0b:1e:54:
ad:ed:bb:a4:b3:5d:0b:4d:87:51:d2:0a:01:ef:51:
55:e2:0c:69:89:5d:27:81:ab:9b:b1:aa:8d:ee:e2:
f1:8b:ad:91:b9:4b:41:88:64:89:ba:60:9d:e8:bb:
3f:b3:30:4a:59:0f:41:e7:4f:7c:72:4c:2f:b9:83:
aa:d6:9a:97:4b:da:5b:34:50:20:9c:d3:85:c4:b5:
5a:1d:0f:14:23:ec:b4:f4:46:fb:eb:88:32:dc:a4:
df:3d:f5:c9:44:87:25:77:8a:75:e6:82:b0:4c:dd:
47:fb:e2:2d:80:45:b6:d4:24:22:c0:53:9b:34:08:
77:b1:87:4f:4d:fa:eb:97:89:4a:2e:18:2b:b1:61:
a9:6b:fe:45:7c:0f:95:4a:e1:08:10:b6:a7:3a:c9:
95:2f:68:f8:b6:cf:8e:9e:95:c8:cc:23:16:13:9b:
8f:aa:16:4b:8c:47:ae:19:88:e3:16:48:50:2e:7d:
22:88:7f:7f:b1:f4:1a:e3:67:b0:10:f4:d4:d3:12:
5e:66:f0:14:c5:ed:42:61:57:30:75:c9:cc:34:05:
1b:d7:88:ea:ef:11:c3:97:98:c7:cd:ed:91:d6:51:
fb:a5:05:59:ee:21:7d:e5:55:f1:44:0f:37:20:25:
b1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D1:BC:09:6E:BF:F2:D6:26:82:8F:AD:7E:6A:FD:D2:AA:28:0B:66
X509v3 Authority Key Identifier:
keyid:A2:0C:C6:71:54:B4:03:14:5D:13:94:69:88:61:27:AB:62:9E:B9:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:09:52:d3:db:61:1b:f3:4f:27:ac:69:8f:73:63:d3:ad:94:
d6:fc:08:85:d0:43:c4:d2:43:e7:67:29:00:69:28:dd:db:a4:
9d:ab:6b:6b:b1:fd:a8:0b:ae:38:0a:00:8b:dc:48:e6:b5:cf:
b6:0b:90:a1:6b:56:f9:16:d8:c7:d5:06:b1:3a:c7:c9:ee:fa:
24:d8:40:45:82:85:64:cf:26:2d:9c:71:4b:6d:1d:9d:0d:5a:
dc:c2:a2:66:c9:53:4c:2d:59:03:f1:63:eb:82:c6:aa:72:52:
23:e6:ee:e5:04:9f:99:0f:d8:62:64:71:33:98:cd:83:e2:eb:
da:64:3f:69:0c:22:ad:1f:a8:6d:4a:2e:10:e6:e1:63:7a:0f:
b1:65:65:31:9f:ed:2f:e7:fd:3d:db:c4:a9:02:0b:a1:32:c3:
f4:fc:9d:f7:dc:2c:67:e2:f0:60:89:ed:2e:14:fc:85:6b:74:
02:06:24:ec:c8:7d:1d:22:fb:1f:56:f4:db:92:39:31:99:89:
a0:84:49:84:80:4d:0c:48:c1:ca:5c:26:1e:b5:d2:dc:04:de:
8b:f0:ea:e4:35:aa:1c:25:b6:9b:93:86:55:f0:02:5b:46:10:
eb:03:f4:17:b7:8d:c7:28:5e:ed:86:11:1a:a3:29:c9:19:ee:
97:e9:da:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK4D1IqRPkumZnmrV57VLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMGNjNjcxNTRiNDAzMTQ1ZDEzOTQ2OTg4NjEyN2FiNjI5
ZWI5MjgwHhcNMjYwNDE3MDIwMDU4WhcNMjYwNDE4MDIwMDU4WjAzMTEwLwYDVQQD
Eyg1YWQxYmMwOTZlYmZmMmQ2MjY4MjhmYWQ3ZTZhZmRkMmFhMjgwYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WMFR+viwMx+SgQLHlSt7buks10L
TYdR0goB71FV4gxpiV0ngaubsaqN7uLxi62RuUtBiGSJumCd6Ls/szBKWQ9B5098
ckwvuYOq1pqXS9pbNFAgnNOFxLVaHQ8UI+y09Eb764gy3KTfPfXJRIcld4p15oKw
TN1H++ItgEW21CQiwFObNAh3sYdPTfrrl4lKLhgrsWGpa/5FfA+VSuEIELanOsmV
L2j4ts+OnpXIzCMWE5uPqhZLjEeuGYjjFkhQLn0iiH9/sfQa42ewEPTU0xJeZvAU
xe1CYVcwdcnMNAUb14jq7xHDl5jHze2R1lH7pQVZ7iF95VXxRA83ICWxxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrRvAluv/LWJoKPrX5q/dKqKAtmMB8GA1UdIwQY
MBaAFKIMxnFUtAMUXROUaYhhJ6tinrkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kZDg4NzgtMjk0MS00YzE1LWIyMDQt
OGZjMzM3MzdjZWFiLzEvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kZDg4NzgtMjk0MS00YzE1LWIyMDQtOGZjMzM3MzdjZWFi
LzEvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoAlS09th
G/NPJ6xpj3Nj062U1vwIhdBDxNJD52cpAGko3duknatra7H9qAuuOAoAi9xI5rXP
tguQoWtW+RbYx9UGsTrHye76JNhARYKFZM8mLZxxS20dnQ1a3MKiZslTTC1ZA/Fj
64LGqnJSI+bu5QSfmQ/YYmRxM5jNg+Lr2mQ/aQwirR+obUouEObhY3oPsWVlMZ/t
L+f9PdvEqQILoTLD9Pyd99wsZ+LwYIntLhT8hWt0AgYk7Mh9HSL7H1b025I5MZmJ
oIRJhIBNDEjBylwmHrXS3ATei/Dq5DWqHCW2m5OGVfACW0YQ6wP0F7eNxyhe7YYR
GqMpyRnul+naxQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:05:55 2026 by rpki-client