Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/f5bb51-708f-4dd2-880f-87d90561aa48/1/ocEwBy0s6c9WK4MZjtqtr6SPbbQ.mft
File: ocEwBy0s6c9WK4MZjtqtr6SPbbQ.mft (raw, json)
Hash identifier: kvvD7TDBzZN1QAfHMfA7UJB4nPtcnrDjYt+lW/8nkAU=
Subject key identifier: BC:89:FC:09:F1:39:2F:C8:8E:77:CC:85:6F:78:80:DB:B0:9B:EF:36
Authority key identifier: A1:C1:30:07:2D:2C:E9:CF:56:2B:83:19:8E:DA:AD:AF:A4:8F:6D:B4
Certificate issuer: /CN=a1c130072d2ce9cf562b83198edaadafa48f6db4
Certificate serial: 019D27E05FE07C689359B86D3CD0E2637B66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ocEwBy0s6c9WK4MZjtqtr6SPbbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/f5bb51-708f-4dd2-880f-87d90561aa48/1/ocEwBy0s6c9WK4MZjtqtr6SPbbQ.mft
Manifest number: 1158
Signing time: Thu 26 Mar 2026 02:01:49 +0000
Manifest this update: Thu 26 Mar 2026 02:01:49 +0000
Manifest next update: Fri 27 Mar 2026 02:01:49 +0000
Files and hashes: 1: c7MPDF7AuIz_xunWDuFI6Zip6nY.roa (hash: 7iUKf2Xowp5SQqf2eZSh0VXwG8m3+M8eOQtKtEsx4Q4=)
2: ocEwBy0s6c9WK4MZjtqtr6SPbbQ.crl (hash: 8yg6aBJJUXUoQrroHpugAJJ8ioghnIUTuNw/fpQgIlQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/f5bb51-708f-4dd2-880f-87d90561aa48/1/ocEwBy0s6c9WK4MZjtqtr6SPbbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/f5bb51-708f-4dd2-880f-87d90561aa48/1/ocEwBy0s6c9WK4MZjtqtr6SPbbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ocEwBy0s6c9WK4MZjtqtr6SPbbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:e0:5f:e0:7c:68:93:59:b8:6d:3c:d0:e2:63:7b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1c130072d2ce9cf562b83198edaadafa48f6db4
Validity
Not Before: Mar 26 02:01:49 2026 GMT
Not After : Mar 27 02:01:49 2026 GMT
Subject: CN=bc89fc09f1392fc88e77cc856f7880dbb09bef36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:85:c0:ca:53:a9:34:ea:ec:bf:8d:15:4b:ea:
68:a0:ed:b6:52:6e:75:37:16:ae:bb:79:c9:4d:53:
3e:c0:10:5f:a2:71:aa:d0:8f:53:39:ea:39:02:c8:
44:11:19:52:af:52:f9:fd:bc:1a:ee:69:ff:10:2c:
94:28:7e:1d:a2:19:2d:8d:f4:1d:56:38:4c:e6:17:
1c:86:fe:cd:57:14:c9:42:3a:e8:9b:c9:92:80:34:
86:8a:2c:6a:5c:c0:a1:40:f1:41:a3:19:29:a9:0f:
62:e9:17:e7:42:e7:ab:12:1f:36:1a:94:97:de:c1:
cf:e3:9c:65:f6:d4:66:5b:83:c5:c8:a5:ab:c3:99:
44:b2:d3:1f:9c:e4:22:7e:5c:a0:a9:8d:19:ae:5c:
8a:f5:b5:84:47:be:17:03:17:d8:70:d1:40:b6:6d:
87:1d:2f:8c:3b:56:f0:50:cc:78:76:ad:f1:e8:c3:
26:9a:80:8f:c7:b4:07:00:6d:d4:27:d6:ab:e0:75:
15:d3:74:31:38:ca:64:4e:6e:fb:98:a0:41:de:2b:
61:18:4e:96:d3:ad:54:fb:ed:03:5c:6b:fb:a5:61:
2f:57:73:c1:76:47:d2:52:7f:5f:5d:68:d2:59:80:
d5:05:2b:bd:8a:57:c9:03:61:5a:65:c0:1e:3e:18:
5d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:89:FC:09:F1:39:2F:C8:8E:77:CC:85:6F:78:80:DB:B0:9B:EF:36
X509v3 Authority Key Identifier:
keyid:A1:C1:30:07:2D:2C:E9:CF:56:2B:83:19:8E:DA:AD:AF:A4:8F:6D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ocEwBy0s6c9WK4MZjtqtr6SPbbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/f5bb51-708f-4dd2-880f-87d90561aa48/1/ocEwBy0s6c9WK4MZjtqtr6SPbbQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/f5bb51-708f-4dd2-880f-87d90561aa48/1/ocEwBy0s6c9WK4MZjtqtr6SPbbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:26:ef:e8:3c:b0:14:83:26:5f:41:44:01:c4:94:3d:9b:17:
49:45:d0:cd:86:92:0e:97:5e:4d:69:46:cd:01:3a:c0:1b:fa:
b4:f4:de:cf:03:b6:dc:9b:89:28:e0:c3:da:a7:e8:0c:07:bb:
3b:04:1c:83:4a:df:fd:dd:77:ad:50:38:d4:a2:bc:80:9a:c1:
1a:86:15:42:1c:75:99:f4:55:7c:44:fa:3d:91:03:91:c4:8d:
d8:74:0d:75:02:cc:09:d2:fb:be:c4:db:2e:8c:92:14:42:01:
ea:e5:b4:9e:3c:f2:6d:ba:80:9f:e8:94:4a:58:d1:3b:88:70:
af:70:fd:5e:6c:fe:6e:18:0f:3d:3d:06:0e:15:48:f4:8f:38:
a8:13:24:a6:4e:6a:9c:c9:76:b1:05:9e:fa:38:9b:09:17:eb:
53:42:5d:81:84:96:3c:58:53:6d:3a:3e:02:ea:f2:d2:26:3e:
09:a3:30:12:cb:2f:bd:47:64:3a:98:98:70:c3:a8:89:43:98:
af:9d:a3:c3:29:a9:02:7f:af:41:e2:7b:2d:a9:15:dc:59:c8:
e2:30:9a:c7:ee:9b:04:02:68:c3:c1:a5:d0:97:a7:d2:97:8e:
d8:a4:c0:b5:66:3a:d5:6e:5d:a6:e0:79:62:2a:a4:49:4e:69:
b4:c4:22:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4F/gfGiTWbhtPNDiY3tmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYzEzMDA3MmQyY2U5Y2Y1NjJiODMxOThlZGFhZGFmYTQ4
ZjZkYjQwHhcNMjYwMzI2MDIwMTQ5WhcNMjYwMzI3MDIwMTQ5WjAzMTEwLwYDVQQD
EyhiYzg5ZmMwOWYxMzkyZmM4OGU3N2NjODU2Zjc4ODBkYmIwOWJlZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoXAylOpNOrsv40VS+pooO22Um51
Nxauu3nJTVM+wBBfonGq0I9TOeo5AshEERlSr1L5/bwa7mn/ECyUKH4dohktjfQd
VjhM5hcchv7NVxTJQjrom8mSgDSGiixqXMChQPFBoxkpqQ9i6RfnQuerEh82GpSX
3sHP45xl9tRmW4PFyKWrw5lEstMfnOQiflygqY0ZrlyK9bWER74XAxfYcNFAtm2H
HS+MO1bwUMx4dq3x6MMmmoCPx7QHAG3UJ9ar4HUV03QxOMpkTm77mKBB3ithGE6W
061U++0DXGv7pWEvV3PBdkfSUn9fXWjSWYDVBSu9ilfJA2FaZcAePhhdpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLyJ/AnxOS/IjnfMhW94gNuwm+82MB8GA1UdIwQY
MBaAFKHBMActLOnPViuDGY7ara+kj220MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2NFd0J5MHM2YzlXSzRNWmp0cXRyNlNQYmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9mNWJiNTEtNzA4Zi00ZGQyLTg4MGYt
ODdkOTA1NjFhYTQ4LzEvb2NFd0J5MHM2YzlXSzRNWmp0cXRyNlNQYmJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9mNWJiNTEtNzA4Zi00ZGQyLTg4MGYtODdkOTA1NjFhYTQ4
LzEvb2NFd0J5MHM2YzlXSzRNWmp0cXRyNlNQYmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQybv6Dyw
FIMmX0FEAcSUPZsXSUXQzYaSDpdeTWlGzQE6wBv6tPTezwO23JuJKODD2qfoDAe7
OwQcg0rf/d13rVA41KK8gJrBGoYVQhx1mfRVfET6PZEDkcSN2HQNdQLMCdL7vsTb
LoySFEIB6uW0njzybbqAn+iUSljRO4hwr3D9Xmz+bhgPPT0GDhVI9I84qBMkpk5q
nMl2sQWe+jibCRfrU0JdgYSWPFhTbTo+Aury0iY+CaMwEssvvUdkOpiYcMOoiUOY
r52jwympAn+vQeJ7LakV3FnI4jCax+6bBAJow8Gl0Jen0peO2KTAtWY61W5dpuB5
YiqkSU5ptMQiVw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:57:06 2026 by rpki-client