Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft
File: OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft (raw, json)
Hash identifier: nIw9kNoxIp40GjVHI+cyaJ1/QUa/LlcF4yRPan4R6S0=
Subject key identifier: 3D:9A:FC:D0:D9:45:42:C8:B7:A1:35:A1:5B:1E:25:5C:DF:B7:76:10
Authority key identifier: 38:22:7A:96:FA:64:AD:95:24:0F:0A:EE:0B:D3:74:64:6C:6B:BE:E2
Certificate issuer: /CN=38227a96fa64ad95240f0aee0bd374646c6bbee2
Certificate serial: 019D254CA3412D2C98A0BD04FCD1880FCBD5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft
Manifest number: 1403
Signing time: Wed 25 Mar 2026 14:01:12 +0000
Manifest this update: Wed 25 Mar 2026 14:01:12 +0000
Manifest next update: Thu 26 Mar 2026 14:01:12 +0000
Files and hashes: 1: OCJ6lvpkrZUkDwruC9N0ZGxrvuI.crl (hash: jECTd7bFFcDg1tHiJqW6DnGyHsz5vwJfA+CDPMDBMUk=)
2: wHo6ZTM3-jzipse2lB9xc8s3uRA.roa (hash: 4oFkl4sS+vN5C2DeyY08mCPgjzjmSD8SNhBeGnmU75Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 14:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:4c:a3:41:2d:2c:98:a0:bd:04:fc:d1:88:0f:cb:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38227a96fa64ad95240f0aee0bd374646c6bbee2
Validity
Not Before: Mar 25 14:01:12 2026 GMT
Not After : Mar 26 14:01:12 2026 GMT
Subject: CN=3d9afcd0d94542c8b7a135a15b1e255cdfb77610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:84:42:18:a6:4c:28:dc:4e:9e:1c:04:91:b1:
3e:98:31:33:4e:5e:6c:f1:d7:ae:6a:5c:ca:fa:cb:
03:15:f4:06:33:88:a0:a7:00:be:e4:a4:2e:9f:57:
f6:46:10:c0:16:85:0a:43:d3:e5:b2:f7:5d:3c:3b:
53:a8:46:33:0a:80:be:33:33:58:a9:bf:85:8f:c7:
5f:48:8c:30:54:22:41:1d:43:87:ac:2b:c8:c0:9e:
81:7b:1e:48:7b:3c:9f:79:d1:db:92:bc:22:03:d4:
21:bf:dd:6c:ea:c4:4d:68:48:ee:5b:c7:09:51:ba:
39:be:e8:32:76:3f:72:d5:73:68:1d:6b:58:8f:cd:
ff:13:47:c9:9d:d7:ca:d0:56:c4:dd:1c:fc:47:25:
3f:30:5e:a7:5e:8c:5f:33:2b:a9:88:fa:0e:f0:18:
40:24:f8:b9:e5:3c:8e:c6:7b:26:95:68:51:84:2f:
93:cc:b1:0b:9d:a9:e1:5a:b2:b3:89:2f:f3:cd:ca:
bf:be:de:c9:54:3b:0f:c9:23:3c:72:3e:44:f2:dd:
a3:c2:27:41:66:b2:c8:fc:2b:8d:71:c5:19:db:35:
c9:59:4d:44:00:81:59:92:82:64:bb:d3:ee:7f:36:
cf:e5:8a:b4:18:2f:df:8b:c7:4d:01:0e:4f:2f:96:
71:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9A:FC:D0:D9:45:42:C8:B7:A1:35:A1:5B:1E:25:5C:DF:B7:76:10
X509v3 Authority Key Identifier:
keyid:38:22:7A:96:FA:64:AD:95:24:0F:0A:EE:0B:D3:74:64:6C:6B:BE:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:b1:57:ed:c3:98:ee:83:5d:10:2f:0c:5d:bb:20:18:57:bd:
90:32:e1:1b:4a:16:92:d8:e3:51:9e:f9:2e:ce:37:36:64:cd:
87:8c:37:da:a9:72:d8:f0:0e:2a:48:f7:e6:13:27:4e:07:b6:
bf:22:9e:37:05:b6:19:2d:8c:17:ad:90:91:a5:de:f0:5e:98:
49:94:a2:db:3b:5b:58:c5:21:b6:07:90:fc:49:5e:a9:03:29:
5a:83:b2:3d:fb:83:87:17:98:dc:e7:3c:87:7c:c5:b7:70:ca:
c6:9c:d2:65:bc:4c:fc:53:02:a5:09:61:35:78:8f:60:70:84:
cc:de:db:e9:62:f4:1a:73:74:79:39:72:e6:d4:30:dd:d1:11:
08:40:ad:7a:a5:92:e1:38:00:c8:e9:9a:06:48:38:e2:3c:33:
6f:ca:52:f5:af:d7:fc:d2:18:37:94:38:b8:cf:f4:87:9d:fd:
25:33:f6:0a:10:cb:5c:c8:8d:da:c0:20:ed:7f:65:dd:92:8a:
a1:00:1b:e5:f7:8d:22:ea:a5:4c:fd:b3:c2:2d:9b:24:d8:a6:
e1:80:dd:d1:31:71:5c:a6:f3:88:3a:66:d9:9e:62:63:f2:f2:
e6:9f:a0:84:c2:38:49:85:88:2e:b5:ea:ce:48:33:80:00:21:
3b:b1:fe:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lTKNBLSyYoL0E/NGID8vVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjI3YTk2ZmE2NGFkOTUyNDBmMGFlZTBiZDM3NDY0NmM2
YmJlZTIwHhcNMjYwMzI1MTQwMTEyWhcNMjYwMzI2MTQwMTEyWjAzMTEwLwYDVQQD
EygzZDlhZmNkMGQ5NDU0MmM4YjdhMTM1YTE1YjFlMjU1Y2RmYjc3NjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIRCGKZMKNxOnhwEkbE+mDEzTl5s
8deualzK+ssDFfQGM4igpwC+5KQun1f2RhDAFoUKQ9PlsvddPDtTqEYzCoC+MzNY
qb+Fj8dfSIwwVCJBHUOHrCvIwJ6Bex5IezyfedHbkrwiA9Qhv91s6sRNaEjuW8cJ
Ubo5vugydj9y1XNoHWtYj83/E0fJndfK0FbE3Rz8RyU/MF6nXoxfMyupiPoO8BhA
JPi55TyOxnsmlWhRhC+TzLELnanhWrKziS/zzcq/vt7JVDsPySM8cj5E8t2jwidB
ZrLI/CuNccUZ2zXJWU1EAIFZkoJku9PufzbP5Yq0GC/fi8dNAQ5PL5Zx3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2a/NDZRULIt6E1oVseJVzft3YQMB8GA1UdIwQY
MBaAFDgiepb6ZK2VJA8K7gvTdGRsa77iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NKNmx2cGtyWlVrRHdydUM5TjBaR3hydnVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xY2Y5YWMtMTBkNC00YTVlLWE3MDYt
ZDFjOWJhMDhmNTU5LzEvT0NKNmx2cGtyWlVrRHdydUM5TjBaR3hydnVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xY2Y5YWMtMTBkNC00YTVlLWE3MDYtZDFjOWJhMDhmNTU5
LzEvT0NKNmx2cGtyWlVrRHdydUM5TjBaR3hydnVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGbFX7cOY
7oNdEC8MXbsgGFe9kDLhG0oWktjjUZ75Ls43NmTNh4w32qly2PAOKkj35hMnTge2
vyKeNwW2GS2MF62QkaXe8F6YSZSi2ztbWMUhtgeQ/EleqQMpWoOyPfuDhxeY3Oc8
h3zFt3DKxpzSZbxM/FMCpQlhNXiPYHCEzN7b6WL0GnN0eTly5tQw3dERCECteqWS
4TgAyOmaBkg44jwzb8pS9a/X/NIYN5Q4uM/0h539JTP2ChDLXMiN2sAg7X9l3ZKK
oQAb5feNIuqlTP2zwi2bJNim4YDd0TFxXKbziDpm2Z5iY/Ly5p+ghMI4SYWILrXq
zkgzgAAhO7H+Rw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:55:43 2026 by rpki-client