Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
File: otCM3GpDDvDaiCmRcla2rY0KNvk.mft (raw, json)
Hash identifier: 9mvtDqC/ShkOjB5OJG2o8OlhkyYp8ZtQWD28zU/26lo=
Subject key identifier: 7E:DF:86:23:98:83:5F:2E:65:DA:6D:44:0D:8B:5A:1A:BD:1E:90:6D
Authority key identifier: A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9
Certificate issuer: /CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9
Certificate serial: 019D2884D276AF40A3A0AA1343DFB6373E49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
Manifest number: 0AAA
Signing time: Thu 26 Mar 2026 05:01:26 +0000
Manifest this update: Thu 26 Mar 2026 05:01:26 +0000
Manifest next update: Fri 27 Mar 2026 05:01:26 +0000
Files and hashes: 1: SjIFpOv8CU5TAe5BOSptvm-t2X8.roa (hash: noG1uYmKn+lp5DHEKlchBRM5lgdWGa4N1VmV9ta3T+w=)
2: otCM3GpDDvDaiCmRcla2rY0KNvk.crl (hash: 7AWbMDCin5q6NlO0QNWKBoHbsyj0qb2LL98iogFa6EY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 05:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:84:d2:76:af:40:a3:a0:aa:13:43:df:b6:37:3e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9
Validity
Not Before: Mar 26 05:01:26 2026 GMT
Not After : Mar 27 05:01:26 2026 GMT
Subject: CN=7edf862398835f2e65da6d440d8b5a1abd1e906d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:93:db:78:7a:f8:64:00:aa:88:82:d0:68:51:
7f:4c:17:8b:eb:c5:c4:74:43:5e:e5:4f:bd:22:5e:
7b:ce:ee:1b:a6:d2:d7:4e:9c:28:ee:b7:b4:ae:4f:
e9:a1:dc:b1:a9:4e:2b:98:28:5c:3e:3c:13:f0:52:
c3:7a:e6:ab:ab:ed:39:91:0d:96:63:fb:57:dc:08:
91:53:15:5e:d3:c2:ae:46:dd:fe:65:a1:8c:a8:88:
a1:08:14:49:bb:be:42:f4:a0:ca:43:98:b9:ff:24:
58:1f:c6:32:44:8c:80:72:3e:e7:4a:11:8d:b8:bf:
3d:47:1d:13:b5:df:18:53:29:7c:5b:46:84:04:09:
e8:8b:de:c9:83:e5:5a:ee:30:12:fb:ce:d0:15:c1:
fb:52:66:14:64:40:9b:d3:83:b6:2a:0d:0a:13:7e:
76:90:6b:30:d7:74:bb:70:9d:ed:8b:83:1e:21:78:
7d:52:db:ff:d3:9f:26:58:1c:e0:b7:d8:1e:df:41:
b0:0c:53:da:07:78:ed:5f:2d:d9:b6:62:42:87:6e:
51:e7:91:09:38:4e:bd:21:78:70:9c:34:ec:dd:8e:
f2:6a:d0:34:38:df:8c:b5:2b:c9:41:76:01:8a:49:
9f:16:8d:ee:3c:6d:02:55:d5:3e:f9:8c:d4:2d:e5:
fb:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:DF:86:23:98:83:5F:2E:65:DA:6D:44:0D:8B:5A:1A:BD:1E:90:6D
X509v3 Authority Key Identifier:
keyid:A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:bf:73:0a:52:e5:26:b0:58:a5:90:e9:5e:f0:7a:f7:7a:67:
44:50:57:da:c8:a7:79:84:e5:39:8b:30:25:42:05:c5:bf:82:
a6:14:ba:0b:dd:a4:12:15:24:0b:5f:df:41:53:1e:91:c5:55:
81:55:c9:2a:6a:bf:f3:92:32:ad:41:8c:3b:96:f2:79:0b:fc:
3f:35:f3:42:d0:2b:58:93:8a:8b:39:db:a6:53:28:b2:7f:80:
76:a2:25:34:71:4d:58:0c:b7:b6:59:b8:2b:22:d0:76:32:2c:
c8:fa:c2:9c:f7:b5:0a:bb:53:3b:ee:35:29:16:cb:13:c2:93:
79:8c:13:5e:79:54:e6:6e:c2:5a:7f:42:a1:a4:6e:d3:2d:6c:
0b:58:c8:e5:02:ac:5f:00:60:30:8b:eb:41:df:45:1f:53:04:
78:82:ec:72:5c:23:3c:c2:9e:d1:60:ca:3e:0d:c0:16:4c:17:
77:d9:30:9d:d2:6f:60:1f:e6:5f:6b:00:8c:f5:e7:84:e5:06:
de:ca:54:b5:8c:7b:dd:0b:6b:22:5a:1d:4c:2c:89:02:e1:d4:
32:55:48:10:ab:ff:6a:99:92:97:0c:eb:0a:f5:ee:c0:5d:05:
55:cc:b6:af:54:19:ff:3a:77:c2:96:0f:65:2a:70:90:04:8f:
8c:2b:a2:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohNJ2r0CjoKoTQ9+2Nz5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDA4Y2RjNmE0MzBlZjBkYTg4Mjk5MTcyNTZiNmFkOGQw
YTM2ZjkwHhcNMjYwMzI2MDUwMTI2WhcNMjYwMzI3MDUwMTI2WjAzMTEwLwYDVQQD
Eyg3ZWRmODYyMzk4ODM1ZjJlNjVkYTZkNDQwZDhiNWExYWJkMWU5MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpPbeHr4ZACqiILQaFF/TBeL68XE
dENe5U+9Il57zu4bptLXTpwo7re0rk/podyxqU4rmChcPjwT8FLDeuarq+05kQ2W
Y/tX3AiRUxVe08KuRt3+ZaGMqIihCBRJu75C9KDKQ5i5/yRYH8YyRIyAcj7nShGN
uL89Rx0Ttd8YUyl8W0aEBAnoi97Jg+Va7jAS+87QFcH7UmYUZECb04O2Kg0KE352
kGsw13S7cJ3ti4MeIXh9Utv/058mWBzgt9ge30GwDFPaB3jtXy3ZtmJCh25R55EJ
OE69IXhwnDTs3Y7yatA0ON+MtSvJQXYBikmfFo3uPG0CVdU++YzULeX71wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7fhiOYg18uZdptRA2LWhq9HpBtMB8GA1UdIwQY
MBaAFKLQjNxqQw7w2ogpkXJWtq2NCjb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMt
ZGMwMWExOWIyODU2LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMtZGMwMWExOWIyODU2
LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAb9zClLl
JrBYpZDpXvB693pnRFBX2sineYTlOYswJUIFxb+CphS6C92kEhUkC1/fQVMekcVV
gVXJKmq/85IyrUGMO5byeQv8PzXzQtArWJOKiznbplMosn+AdqIlNHFNWAy3tlm4
KyLQdjIsyPrCnPe1CrtTO+41KRbLE8KTeYwTXnlU5m7CWn9CoaRu0y1sC1jI5QKs
XwBgMIvrQd9FH1MEeILsclwjPMKe0WDKPg3AFkwXd9kwndJvYB/mX2sAjPXnhOUG
3spUtYx73QtrIlodTCyJAuHUMlVIEKv/apmSlwzrCvXuwF0FVcy2r1QZ/zp3wpYP
ZSpwkASPjCuiQw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:26:39 2026 by rpki-client