Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/8c4de6-794f-481a-840f-4714e097f885/1/OcusfjYtShke59dOz7obYN9Z5iM.mft
File: OcusfjYtShke59dOz7obYN9Z5iM.mft (raw, json)
Hash identifier: ZOKhn+UDfuRLmhQTDLvQhkq5ryp5dc9RGpbarvgPam0=
Subject key identifier: D2:78:11:D4:92:B5:EF:3B:43:48:C1:34:F0:FF:B3:F7:C3:48:D2:FE
Authority key identifier: 39:CB:AC:7E:36:2D:4A:19:1E:E7:D7:4E:CF:BA:1B:60:DF:59:E6:23
Certificate issuer: /CN=39cbac7e362d4a191ee7d74ecfba1b60df59e623
Certificate serial: 019D32D0A428344B30404C90A19D853418A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OcusfjYtShke59dOz7obYN9Z5iM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/8c4de6-794f-481a-840f-4714e097f885/1/OcusfjYtShke59dOz7obYN9Z5iM.mft
Manifest number: 42
Signing time: Sat 28 Mar 2026 05:00:27 +0000
Manifest this update: Sat 28 Mar 2026 05:00:27 +0000
Manifest next update: Sun 29 Mar 2026 05:00:27 +0000
Files and hashes: 1: 9jeQsBy8Ek6DJCckVcCct4bxdfk.roa (hash: N82CYTcY2mhkb6XQxmPcOuNAWExezJ21HpiQd43onXQ=)
2: OcusfjYtShke59dOz7obYN9Z5iM.crl (hash: bFh6SmEc5hfHz9wpJeREWmJLhu3SV5vP7lLmaYvxows=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/8c4de6-794f-481a-840f-4714e097f885/1/OcusfjYtShke59dOz7obYN9Z5iM.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/8c4de6-794f-481a-840f-4714e097f885/1/OcusfjYtShke59dOz7obYN9Z5iM.mft
rsync://rpki.ripe.net/repository/DEFAULT/OcusfjYtShke59dOz7obYN9Z5iM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:32:d0:a4:28:34:4b:30:40:4c:90:a1:9d:85:34:18:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39cbac7e362d4a191ee7d74ecfba1b60df59e623
Validity
Not Before: Mar 28 05:00:27 2026 GMT
Not After : Mar 29 05:00:27 2026 GMT
Subject: CN=d27811d492b5ef3b4348c134f0ffb3f7c348d2fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d3:c5:3d:50:89:5c:e8:09:8d:7a:a3:32:2b:
e7:4e:09:36:c9:e1:f5:0a:3f:b9:7c:f8:d3:a6:0e:
1c:81:87:b3:61:76:70:3a:bc:ed:4e:41:be:48:ec:
e8:d9:1b:25:67:a9:3e:89:dc:a0:cb:e5:37:94:2a:
16:72:b3:3e:91:d5:b1:c1:53:17:2d:a3:e8:70:4e:
9d:66:c0:e9:0c:77:4b:ef:c5:44:ea:66:b9:83:d2:
f4:e1:1b:97:de:07:68:72:a2:f6:75:c7:f2:3a:af:
8d:40:ea:7f:1c:b7:26:99:9c:c5:3e:f4:ee:73:a5:
ec:d8:3c:1e:2a:33:41:46:58:d3:5d:fe:87:4b:d3:
60:b0:b8:e9:ce:65:35:76:e8:f3:da:55:5c:62:46:
21:4d:8c:98:1c:20:d4:61:b1:04:9a:41:fa:c0:53:
ab:94:4f:65:d4:45:a8:92:70:30:07:52:b0:33:70:
53:3d:11:dd:09:a1:1b:b5:70:09:e6:db:87:a7:63:
23:ca:0e:6c:07:a6:d5:d2:4f:aa:d6:61:52:02:f2:
b5:a4:8e:3f:03:89:58:0e:1b:38:74:95:76:3b:d4:
7d:b1:b9:ca:2f:9f:4a:90:0e:1f:17:a2:c3:d5:b8:
38:43:58:58:b5:a2:f2:09:3d:a2:c7:18:ef:7f:53:
23:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:78:11:D4:92:B5:EF:3B:43:48:C1:34:F0:FF:B3:F7:C3:48:D2:FE
X509v3 Authority Key Identifier:
keyid:39:CB:AC:7E:36:2D:4A:19:1E:E7:D7:4E:CF:BA:1B:60:DF:59:E6:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OcusfjYtShke59dOz7obYN9Z5iM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8c4de6-794f-481a-840f-4714e097f885/1/OcusfjYtShke59dOz7obYN9Z5iM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8c4de6-794f-481a-840f-4714e097f885/1/OcusfjYtShke59dOz7obYN9Z5iM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:82:29:7b:a9:19:5a:97:60:16:e9:e2:50:47:f5:35:d2:ac:
94:bc:b4:45:f4:1f:aa:43:f6:6b:56:59:84:77:41:fa:5f:8f:
1d:5d:7b:c6:5d:2b:ae:3d:de:25:65:b7:f5:d7:57:30:57:96:
de:f5:dc:14:d8:76:e8:b7:80:ea:63:ab:b1:25:5d:68:5d:6b:
5e:ff:d1:c9:86:0f:f1:83:d2:66:af:a9:bd:dc:7f:e0:35:8f:
ad:32:22:40:c5:16:81:a7:8c:2f:72:1f:54:cf:10:36:7c:d7:
c5:2b:a3:c7:9b:ae:df:fd:f9:6d:0b:28:5f:1f:7e:2c:70:39:
53:e0:52:d8:64:eb:9a:b4:ad:87:2e:43:b9:6b:25:72:2e:2c:
42:65:fa:39:cb:2b:03:48:07:0a:16:e9:0c:b9:ea:bf:35:d0:
2f:94:0a:8b:80:00:ad:52:10:af:a8:48:38:c2:97:b0:95:c1:
55:89:b0:0e:b4:de:0a:a6:60:29:57:76:39:66:59:f3:84:dd:
8d:b9:79:5c:5c:01:15:c4:ab:00:49:20:34:c1:93:66:27:54:
cf:06:24:5f:15:86:02:65:93:c1:32:a8:4e:1f:e4:77:70:79:
2d:73:00:76:6b:63:8a:30:6e:28:ba:b7:57:56:90:bf:cc:64:
48:f8:d1:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0y0KQoNEswQEyQoZ2FNBijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Y2JhYzdlMzYyZDRhMTkxZWU3ZDc0ZWNmYmExYjYwZGY1
OWU2MjMwHhcNMjYwMzI4MDUwMDI3WhcNMjYwMzI5MDUwMDI3WjAzMTEwLwYDVQQD
EyhkMjc4MTFkNDkyYjVlZjNiNDM0OGMxMzRmMGZmYjNmN2MzNDhkMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptPFPVCJXOgJjXqjMivnTgk2yeH1
Cj+5fPjTpg4cgYezYXZwOrztTkG+SOzo2RslZ6k+idygy+U3lCoWcrM+kdWxwVMX
LaPocE6dZsDpDHdL78VE6ma5g9L04RuX3gdocqL2dcfyOq+NQOp/HLcmmZzFPvTu
c6Xs2DweKjNBRljTXf6HS9NgsLjpzmU1dujz2lVcYkYhTYyYHCDUYbEEmkH6wFOr
lE9l1EWoknAwB1KwM3BTPRHdCaEbtXAJ5tuHp2Mjyg5sB6bV0k+q1mFSAvK1pI4/
A4lYDhs4dJV2O9R9sbnKL59KkA4fF6LD1bg4Q1hYtaLyCT2ixxjvf1MjbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNJ4EdSSte87Q0jBNPD/s/fDSNL+MB8GA1UdIwQY
MBaAFDnLrH42LUoZHufXTs+6G2DfWeYjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2N1c2ZqWXRTaGtlNTlkT3o3b2JZTjlaNWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC84YzRkZTYtNzk0Zi00ODFhLTg0MGYt
NDcxNGUwOTdmODg1LzEvT2N1c2ZqWXRTaGtlNTlkT3o3b2JZTjlaNWlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC84YzRkZTYtNzk0Zi00ODFhLTg0MGYtNDcxNGUwOTdmODg1
LzEvT2N1c2ZqWXRTaGtlNTlkT3o3b2JZTjlaNWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPYIpe6kZ
WpdgFuniUEf1NdKslLy0RfQfqkP2a1ZZhHdB+l+PHV17xl0rrj3eJWW39ddXMFeW
3vXcFNh26LeA6mOrsSVdaF1rXv/RyYYP8YPSZq+pvdx/4DWPrTIiQMUWgaeML3If
VM8QNnzXxSujx5uu3/35bQsoXx9+LHA5U+BS2GTrmrSthy5DuWslci4sQmX6Ocsr
A0gHChbpDLnqvzXQL5QKi4AArVIQr6hIOMKXsJXBVYmwDrTeCqZgKVd2OWZZ84Td
jbl5XFwBFcSrAEkgNMGTZidUzwYkXxWGAmWTwTKoTh/kd3B5LXMAdmtjijBuKLq3
V1aQv8xkSPjR7Q==
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:19:07 2026 by rpki-client