Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
File: oCN2bGLetRKXFVcI7MtCHIsEeAo.mft (raw, json)
Hash identifier: nQoZhDZAxWJwieurHqUTzP5SRtivWlPRQosQivVT4iw=
Subject key identifier: F5:50:CA:E5:89:FA:F5:8D:D7:85:5C:13:05:A9:A9:A8:F7:F8:97:AC
Authority key identifier: A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
Certificate issuer: /CN=a023766c62deb51297155708eccb421c8b04780a
Certificate serial: 019D269606F30ABABD45774BDF22F7DA0D5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
Manifest number: 15D8
Signing time: Wed 25 Mar 2026 20:00:59 +0000
Manifest this update: Wed 25 Mar 2026 20:00:59 +0000
Manifest next update: Thu 26 Mar 2026 20:00:59 +0000
Files and hashes: 1: g0-HGh4bznaFgiFX5KCpF3Q8z70.roa (hash: kuqsXcay0qN76iKLs/AKqPrHvwfsG46t73MVLxZfYe0=)
2: oCN2bGLetRKXFVcI7MtCHIsEeAo.crl (hash: AE3H4B5enC02jz58tMgPFuI2cO9M8z0uOr4IqYcfXx4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:96:06:f3:0a:ba:bd:45:77:4b:df:22:f7:da:0d:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a023766c62deb51297155708eccb421c8b04780a
Validity
Not Before: Mar 25 20:00:59 2026 GMT
Not After : Mar 26 20:00:59 2026 GMT
Subject: CN=f550cae589faf58dd7855c1305a9a9a8f7f897ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:be:2d:a7:14:d3:32:a9:4e:64:4b:ee:a8:b9:
5b:64:fe:9c:7f:5f:58:2a:31:c5:fb:5b:b9:b8:49:
f5:b1:7d:33:11:e4:f8:ec:ed:73:82:f0:fe:1f:09:
5f:ec:47:5d:64:55:c8:bc:35:69:6f:80:97:0a:bc:
79:7c:61:25:04:b6:a3:34:97:76:2c:a2:69:07:7f:
a0:dc:02:f7:bb:a1:d2:10:1d:10:40:be:3a:e8:14:
6e:a0:9b:73:0c:ca:48:39:b3:da:c5:17:c8:a8:db:
f6:74:c4:09:f8:ca:a7:34:d5:f0:4d:7b:cc:33:0a:
22:ad:10:cd:ae:c5:e3:0e:a8:32:8b:5b:a8:36:27:
2e:87:88:e5:11:ec:1d:cb:aa:5d:92:e2:35:9e:11:
e7:62:ca:da:36:e4:1d:c7:ef:9c:0d:bf:a3:d1:42:
98:14:92:7a:48:77:fa:47:d0:e7:f7:91:58:98:d1:
9b:e4:90:68:40:0c:ca:9c:75:74:46:8f:e1:83:91:
76:04:7e:c2:dd:a8:c1:4e:c9:35:c5:56:4c:7a:f4:
c7:e6:68:59:fd:ec:66:52:c7:b5:84:18:b3:e5:de:
40:94:73:bf:55:1f:79:fc:43:fd:4d:95:84:0b:c0:
b3:fa:40:3d:91:79:fa:a3:23:85:62:ff:8d:ae:f7:
ce:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:50:CA:E5:89:FA:F5:8D:D7:85:5C:13:05:A9:A9:A8:F7:F8:97:AC
X509v3 Authority Key Identifier:
keyid:A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b7:37:57:4b:72:f0:1f:f0:d2:b0:12:e9:ab:a1:b8:d6:3e:ae:
78:63:75:6b:74:bb:e6:27:80:01:29:e8:50:c7:cc:43:aa:40:
d7:3e:71:50:66:bc:bf:43:3d:8a:42:65:3d:45:b2:46:99:2f:
0a:56:82:bb:a0:91:7f:55:0b:66:4b:bd:06:66:89:db:3f:5c:
ec:4b:58:12:59:5a:83:94:c9:be:30:4f:47:e8:43:f8:c0:36:
f1:39:1f:7c:85:9d:ce:ad:b6:8d:f2:e4:5e:e6:85:51:29:44:
c5:d5:d1:99:72:20:cb:f1:ca:2d:9a:40:3c:26:0e:2c:bc:37:
b2:1e:7b:d7:01:04:e1:42:81:05:38:9d:4a:39:f3:1f:84:12:
a2:cf:6c:ce:e1:21:b7:28:5d:c8:9f:cc:2f:83:1e:b4:7a:0d:
7c:69:bd:b6:10:d4:b9:93:f8:e9:04:fe:d8:bc:f6:ba:8d:f6:
07:7c:a3:5f:58:e2:4d:f3:00:dc:b2:56:f1:f3:2d:8f:f1:c4:
73:4e:08:bf:6a:a1:12:3d:af:0e:85:b8:33:d7:d7:5b:a8:d6:
8e:1f:cd:0b:c0:d3:ec:df:0b:93:da:4c:c8:c1:9d:ac:ee:17:
6a:e6:80:1c:20:7a:27:7c:df:4e:3c:cf:03:17:7d:61:c2:0d:
81:59:24:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mlgbzCrq9RXdL3yL32g1cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjM3NjZjNjJkZWI1MTI5NzE1NTcwOGVjY2I0MjFjOGIw
NDc4MGEwHhcNMjYwMzI1MjAwMDU5WhcNMjYwMzI2MjAwMDU5WjAzMTEwLwYDVQQD
EyhmNTUwY2FlNTg5ZmFmNThkZDc4NTVjMTMwNWE5YTlhOGY3Zjg5N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9b4tpxTTMqlOZEvuqLlbZP6cf19Y
KjHF+1u5uEn1sX0zEeT47O1zgvD+Hwlf7EddZFXIvDVpb4CXCrx5fGElBLajNJd2
LKJpB3+g3AL3u6HSEB0QQL466BRuoJtzDMpIObPaxRfIqNv2dMQJ+MqnNNXwTXvM
MwoirRDNrsXjDqgyi1uoNicuh4jlEewdy6pdkuI1nhHnYsraNuQdx++cDb+j0UKY
FJJ6SHf6R9Dn95FYmNGb5JBoQAzKnHV0Ro/hg5F2BH7C3ajBTsk1xVZMevTH5mhZ
/exmUse1hBiz5d5AlHO/VR95/EP9TZWEC8Cz+kA9kXn6oyOFYv+NrvfOwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPVQyuWJ+vWN14VcEwWpqaj3+JesMB8GA1UdIwQY
MBaAFKAjdmxi3rUSlxVXCOzLQhyLBHgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAt
YTNhMTAwZWY4NmRlLzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAtYTNhMTAwZWY4NmRl
LzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtzdXS3Lw
H/DSsBLpq6G41j6ueGN1a3S75ieAASnoUMfMQ6pA1z5xUGa8v0M9ikJlPUWyRpkv
ClaCu6CRf1ULZku9BmaJ2z9c7EtYEllag5TJvjBPR+hD+MA28TkffIWdzq22jfLk
XuaFUSlExdXRmXIgy/HKLZpAPCYOLLw3sh571wEE4UKBBTidSjnzH4QSos9szuEh
tyhdyJ/ML4MetHoNfGm9thDUuZP46QT+2Lz2uo32B3yjX1jiTfMA3LJW8fMtj/HE
c04Iv2qhEj2vDoW4M9fXW6jWjh/NC8DT7N8Lk9pMyMGdrO4XauaAHCB6J3zfTjzP
Axd9YcINgVkk0w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:30:11 2026 by rpki-client