Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft
File: Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft (raw, json)
Hash identifier: g2WQWeqq3tru25x+9eDnyOVTT+oo2e18OkATR+0M8A4=
Subject key identifier: 21:F2:8E:F1:35:0B:F4:02:C5:74:D7:C0:6D:E0:A5:B6:D8:AA:3B:C3
Authority key identifier: 39:CD:1D:5B:B8:89:58:C6:9C:BD:DE:90:A9:E0:56:B4:8C:4F:AB:F8
Certificate issuer: /CN=39cd1d5bb88958c69cbdde90a9e056b48c4fabf8
Certificate serial: 019D27042482C369E958E4B3479FCB6C0462
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oc0dW7iJWMacvd6QqeBWtIxPq_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft
Manifest number: 1883
Signing time: Wed 25 Mar 2026 22:01:15 +0000
Manifest this update: Wed 25 Mar 2026 22:01:15 +0000
Manifest next update: Thu 26 Mar 2026 22:01:15 +0000
Files and hashes: 1: Oc0dW7iJWMacvd6QqeBWtIxPq_g.crl (hash: tYtBJgVlgm0K0qFYDGtxOC8TG5RSJ+cRb5FKzpK5g68=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft
rsync://rpki.ripe.net/repository/DEFAULT/Oc0dW7iJWMacvd6QqeBWtIxPq_g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:24:82:c3:69:e9:58:e4:b3:47:9f:cb:6c:04:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39cd1d5bb88958c69cbdde90a9e056b48c4fabf8
Validity
Not Before: Mar 25 22:01:15 2026 GMT
Not After : Mar 26 22:01:15 2026 GMT
Subject: CN=21f28ef1350bf402c574d7c06de0a5b6d8aa3bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c1:10:bc:c1:9a:53:d0:c7:47:f0:bd:56:62:
a9:14:d5:e4:35:45:24:1e:3b:3d:41:1d:73:b8:aa:
19:7b:e7:81:50:42:c1:87:18:a5:b4:7c:ce:20:5f:
5c:07:4a:1f:0e:36:a4:84:e8:15:69:6c:cd:4f:d2:
7a:b5:fb:ce:0b:a7:30:b6:ec:7f:43:c9:3a:ec:a3:
e5:1f:53:60:f6:b1:15:cd:bc:15:62:7c:3c:f1:bc:
97:d5:be:91:82:f0:a0:30:1a:1d:b3:ea:e7:c9:21:
b1:6c:cb:6e:ce:a4:cb:db:04:c1:71:bb:53:aa:28:
a2:e3:67:ab:67:5b:8a:ea:3c:fb:1b:42:6a:3d:89:
3b:e0:15:b4:da:71:83:24:68:a8:a1:2b:91:e4:1d:
b8:12:d0:48:f0:a5:0c:ed:24:0e:a5:65:f0:56:d6:
5b:0e:1d:c8:e9:6f:f1:02:22:2d:b8:2e:aa:9e:e7:
76:18:d1:e9:d9:89:52:ba:27:be:98:6f:6c:92:1f:
cb:75:fd:c1:79:a7:c6:f7:f7:47:80:2d:c7:23:4c:
3d:5a:80:50:97:2f:b3:3b:2f:fb:b6:8c:93:68:f8:
6d:48:5c:ad:9d:0b:b3:5d:20:b5:5e:86:83:d1:45:
5d:99:94:33:c6:82:2b:38:19:42:60:d1:95:7a:b9:
b8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F2:8E:F1:35:0B:F4:02:C5:74:D7:C0:6D:E0:A5:B6:D8:AA:3B:C3
X509v3 Authority Key Identifier:
keyid:39:CD:1D:5B:B8:89:58:C6:9C:BD:DE:90:A9:E0:56:B4:8C:4F:AB:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oc0dW7iJWMacvd6QqeBWtIxPq_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:dd:05:05:01:c7:c0:fb:40:ec:78:07:5a:01:d2:e3:b3:c7:
d6:29:2a:04:63:14:91:3c:bd:86:e7:37:77:8d:20:4e:33:b8:
b0:32:08:c7:cd:07:a0:51:d1:b9:e0:85:37:19:a4:80:cc:6c:
98:1a:ef:57:a2:d2:df:06:ec:db:64:3a:9a:fe:1f:0f:e8:98:
49:85:52:c4:2d:fb:78:20:ba:91:f4:f9:77:c8:8f:8a:f6:2c:
6a:a9:26:d1:55:dc:96:08:38:60:cc:d2:8b:11:77:f8:78:89:
57:12:49:25:62:f7:ef:83:a0:99:0a:2a:a0:e3:d9:be:ed:b9:
f2:55:77:4f:b8:e7:0d:ba:13:38:44:03:31:dd:2f:85:96:08:
6d:21:23:a7:fa:dd:38:da:99:c6:23:6f:d2:bd:27:02:ae:16:
f9:45:9e:78:89:42:bc:bd:ca:46:d7:8f:15:b6:5b:f2:ec:1c:
54:ea:fb:12:70:0b:6b:d9:4f:8f:ed:2c:98:b5:04:38:c2:54:
d6:d5:6c:24:70:78:85:ae:90:c0:46:6c:cb:90:ba:13:59:60:
67:2f:99:0b:f6:dd:4f:1d:b8:98:b7:1e:31:fc:8d:65:3e:3a:
27:20:0c:26:1d:1b:d9:45:0e:24:c4:93:f8:f2:ce:2d:a9:67:
c9:14:d1:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBCSCw2npWOSzR5/LbARiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Y2QxZDViYjg4OTU4YzY5Y2JkZGU5MGE5ZTA1NmI0OGM0
ZmFiZjgwHhcNMjYwMzI1MjIwMTE1WhcNMjYwMzI2MjIwMTE1WjAzMTEwLwYDVQQD
EygyMWYyOGVmMTM1MGJmNDAyYzU3NGQ3YzA2ZGUwYTViNmQ4YWEzYmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsEQvMGaU9DHR/C9VmKpFNXkNUUk
Hjs9QR1zuKoZe+eBUELBhxiltHzOIF9cB0ofDjakhOgVaWzNT9J6tfvOC6cwtux/
Q8k67KPlH1Ng9rEVzbwVYnw88byX1b6RgvCgMBods+rnySGxbMtuzqTL2wTBcbtT
qiii42erZ1uK6jz7G0JqPYk74BW02nGDJGiooSuR5B24EtBI8KUM7SQOpWXwVtZb
Dh3I6W/xAiItuC6qnud2GNHp2YlSuie+mG9skh/Ldf3BeafG9/dHgC3HI0w9WoBQ
ly+zOy/7toyTaPhtSFytnQuzXSC1XoaD0UVdmZQzxoIrOBlCYNGVerm4uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHyjvE1C/QCxXTXwG3gpbbYqjvDMB8GA1UdIwQY
MBaAFDnNHVu4iVjGnL3ekKngVrSMT6v4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2MwZFc3aUpXTWFjdmQ2UXFlQld0SXhQcV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81N2FjN2YtZjVjOC00MGZmLTgyNWMt
NDZhODVhMjhlNzQ5LzEvT2MwZFc3aUpXTWFjdmQ2UXFlQld0SXhQcV9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81N2FjN2YtZjVjOC00MGZmLTgyNWMtNDZhODVhMjhlNzQ5
LzEvT2MwZFc3aUpXTWFjdmQ2UXFlQld0SXhQcV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHd0FBQHH
wPtA7HgHWgHS47PH1ikqBGMUkTy9huc3d40gTjO4sDIIx80HoFHRueCFNxmkgMxs
mBrvV6LS3wbs22Q6mv4fD+iYSYVSxC37eCC6kfT5d8iPivYsaqkm0VXclgg4YMzS
ixF3+HiJVxJJJWL374OgmQoqoOPZvu258lV3T7jnDboTOEQDMd0vhZYIbSEjp/rd
ONqZxiNv0r0nAq4W+UWeeIlCvL3KRtePFbZb8uwcVOr7EnALa9lPj+0smLUEOMJU
1tVsJHB4ha6QwEZsy5C6E1lgZy+ZC/bdTx24mLceMfyNZT46JyAMJh0b2UUOJMST
+PLOLalnyRTRyg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:37:39 2026 by rpki-client