Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
File: OC-G8tvQd2xOUZycmuT60EJvOf8.mft (raw, json)
Hash identifier: kqS74hma91n9CNP6A5QtJJo3pkyGw6OlKRwZ/NMhRYU=
Subject key identifier: 99:EA:95:6F:82:82:54:B4:FE:A0:57:9F:68:77:87:56:B5:EE:A2:CC
Authority key identifier: 38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
Certificate issuer: /CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Certificate serial: 019D2704476E0196999D67F720F1556AEA78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
Manifest number: 0469
Signing time: Wed 25 Mar 2026 22:01:25 +0000
Manifest this update: Wed 25 Mar 2026 22:01:25 +0000
Manifest next update: Thu 26 Mar 2026 22:01:25 +0000
Files and hashes: 1: 1-CvN4vL-gOumnUiw8kqYnlyhsGg.roa (hash: j8Mlx4J1MdSRge54lSRG985DTWF3u6cnasrSWFkZ6ac=)
2: OC-G8tvQd2xOUZycmuT60EJvOf8.crl (hash: W6fKytu0Z+viBHDlUh4ZEzeL9T35EWdNJbBILw8qQVo=)
3: t25FS3p7VfnEPbzfHv-DyXEln4A.roa (hash: 71ZKU18culvAhzrOg6y8Lw3IENicOoZIJiAlIOqPr8E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:47:6e:01:96:99:9d:67:f7:20:f1:55:6a:ea:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Validity
Not Before: Mar 25 22:01:25 2026 GMT
Not After : Mar 26 22:01:25 2026 GMT
Subject: CN=99ea956f828254b4fea0579f68778756b5eea2cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:16:17:fb:b5:ac:32:7e:26:c7:6b:e2:dd:5d:
8d:0f:68:67:b0:d6:d8:06:09:11:93:47:52:24:1e:
05:75:07:1e:6c:e2:70:80:c7:01:aa:d6:c5:1f:b2:
a5:7a:30:f3:ec:5c:c1:a3:ec:a7:f1:1a:9f:0a:3b:
74:10:31:07:59:1e:f9:c9:b1:ce:46:26:d9:62:a9:
c7:37:47:40:04:b5:d8:09:87:58:7b:26:8d:10:c3:
09:61:59:27:af:b8:d3:17:e8:c7:85:53:7b:48:2c:
c7:46:91:05:03:1c:11:7b:79:97:8f:54:2e:72:f9:
fb:8c:0e:13:7e:97:bd:a7:88:8e:6d:48:85:d3:96:
60:65:12:a1:5c:d1:2b:43:42:e9:ed:53:f5:6b:0a:
40:d9:65:eb:2f:54:fc:29:c9:a7:19:fa:e4:1e:fa:
1e:e3:a9:74:67:43:3d:02:48:5c:ae:31:69:28:ea:
ee:ed:61:8f:ae:16:15:85:ba:1f:a3:ae:fe:0e:64:
8c:f0:7b:4b:2f:3a:25:3f:78:f8:69:f7:cd:67:c1:
50:b5:c6:b8:9c:34:c3:0e:51:12:e6:99:26:b3:e3:
47:f0:4f:2b:d5:48:cf:3b:92:43:f5:a9:b0:1a:da:
1e:8c:fd:69:5c:e2:4d:ec:ff:86:34:f9:a2:a7:a2:
06:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:EA:95:6F:82:82:54:B4:FE:A0:57:9F:68:77:87:56:B5:EE:A2:CC
X509v3 Authority Key Identifier:
keyid:38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:ef:a9:56:aa:a6:18:90:9a:36:0c:4e:d3:4b:83:d1:14:1f:
9c:b2:38:3c:5f:6c:96:2e:83:60:98:95:de:cc:26:54:80:d8:
f6:1f:1d:b7:26:2f:7a:84:ab:ce:1d:58:eb:01:f1:8e:09:6d:
aa:8d:e1:22:bd:c3:07:95:60:cf:76:df:8d:c5:2a:e2:4b:2d:
ff:ca:df:3c:ac:21:1a:40:eb:41:2c:a9:f6:35:24:c2:83:6b:
48:d5:b5:f8:3c:65:ec:3d:16:fe:d5:18:af:0f:3c:1e:e6:0a:
1e:da:5e:57:0c:b5:58:c5:2e:78:00:51:8a:fa:55:d2:cc:5e:
8d:89:a3:5e:6c:e8:66:59:f2:7a:7d:bf:64:20:5e:f8:f2:f0:
31:61:e1:b9:5c:cc:11:e9:d9:23:ef:98:08:90:62:2a:d7:01:
00:bb:a6:88:a8:5d:ac:e0:29:64:00:97:19:29:7f:a8:96:7d:
aa:80:1b:42:22:51:d1:e2:72:c3:02:e8:3e:f3:13:d3:79:a4:
af:33:a7:39:b3:e4:75:8a:1a:97:b3:b5:8a:51:31:95:1e:62:
29:13:61:d2:49:61:76:91:9b:73:8d:d5:85:3b:da:7c:55:3e:
ea:20:ae:bb:8c:09:ec:c9:88:c3:98:62:33:ac:74:53:8c:a7:
13:8d:6b:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBEduAZaZnWf3IPFVaup4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmY4NmYyZGJkMDc3NmM0ZTUxOWM5YzlhZTRmYWQwNDI2
ZjM5ZmYwHhcNMjYwMzI1MjIwMTI1WhcNMjYwMzI2MjIwMTI1WjAzMTEwLwYDVQQD
Eyg5OWVhOTU2ZjgyODI1NGI0ZmVhMDU3OWY2ODc3ODc1NmI1ZWVhMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhYX+7WsMn4mx2vi3V2ND2hnsNbY
BgkRk0dSJB4FdQcebOJwgMcBqtbFH7KlejDz7FzBo+yn8RqfCjt0EDEHWR75ybHO
RibZYqnHN0dABLXYCYdYeyaNEMMJYVknr7jTF+jHhVN7SCzHRpEFAxwRe3mXj1Qu
cvn7jA4Tfpe9p4iObUiF05ZgZRKhXNErQ0Lp7VP1awpA2WXrL1T8KcmnGfrkHvoe
46l0Z0M9AkhcrjFpKOru7WGPrhYVhbofo67+DmSM8HtLLzolP3j4affNZ8FQtca4
nDTDDlES5pkms+NH8E8r1UjPO5JD9amwGtoejP1pXOJN7P+GNPmip6IGAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnqlW+CglS0/qBXn2h3h1a17qLMMB8GA1UdIwQY
MBaAFDgvhvLb0HdsTlGcnJrk+tBCbzn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2Mjgt
MjAzNTYzZjg0NWJiLzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2MjgtMjAzNTYzZjg0NWJi
LzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAku+pVqqm
GJCaNgxO00uD0RQfnLI4PF9sli6DYJiV3swmVIDY9h8dtyYveoSrzh1Y6wHxjglt
qo3hIr3DB5Vgz3bfjcUq4kst/8rfPKwhGkDrQSyp9jUkwoNrSNW1+Dxl7D0W/tUY
rw88HuYKHtpeVwy1WMUueABRivpV0sxejYmjXmzoZlnyen2/ZCBe+PLwMWHhuVzM
EenZI++YCJBiKtcBALumiKhdrOApZACXGSl/qJZ9qoAbQiJR0eJywwLoPvMT03mk
rzOnObPkdYoal7O1ilExlR5iKRNh0klhdpGbc43VhTvafFU+6iCuu4wJ7MmIw5hi
M6x0U4ynE41r7g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:10:56 2026 by rpki-client