Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/ocG-CYGk51dsVi9vCeZcF8GA48o.mft
File: ocG-CYGk51dsVi9vCeZcF8GA48o.mft (raw, json)
Hash identifier: +KtGx45zMZUvdcrab9Doig266/o+XUT4LqWFXg1tKHs=
Subject key identifier: 66:5A:A7:22:D3:DE:FE:DB:3C:52:0C:78:22:2C:00:27:19:40:B7:BB
Authority key identifier: A1:C1:BE:09:81:A4:E7:57:6C:56:2F:6F:09:E6:5C:17:C1:80:E3:CA
Certificate issuer: /CN=a1c1be0981a4e7576c562f6f09e65c17c180e3ca
Certificate serial: 019D3AC1CE9441C6D0ED740B1FD577A04DF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ocG-CYGk51dsVi9vCeZcF8GA48o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/ocG-CYGk51dsVi9vCeZcF8GA48o.mft
Manifest number: 1893
Signing time: Sun 29 Mar 2026 18:01:12 +0000
Manifest this update: Sun 29 Mar 2026 18:01:12 +0000
Manifest next update: Mon 30 Mar 2026 18:01:12 +0000
Files and hashes: 1: ocG-CYGk51dsVi9vCeZcF8GA48o.crl (hash: i71CCeo/AmqantkNupBjrabTUbDdpqvYvyjr3mInjjk=)
2: wu-G3RyBE4hAU-OLiWD-QOCIX_4.roa (hash: rgoDex3C8KLhszdHAASmB1VMl9HshjIiBd1RRJ0afb4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/ocG-CYGk51dsVi9vCeZcF8GA48o.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/ocG-CYGk51dsVi9vCeZcF8GA48o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ocG-CYGk51dsVi9vCeZcF8GA48o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:c1:ce:94:41:c6:d0:ed:74:0b:1f:d5:77:a0:4d:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1c1be0981a4e7576c562f6f09e65c17c180e3ca
Validity
Not Before: Mar 29 18:01:12 2026 GMT
Not After : Mar 30 18:01:12 2026 GMT
Subject: CN=665aa722d3defedb3c520c78222c00271940b7bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bd:06:06:a0:11:5b:aa:ac:8a:a4:b5:bd:cd:
c3:d5:7a:bc:08:14:9a:36:c7:e3:d8:f8:33:fb:55:
98:7d:30:36:79:25:9d:a3:2f:c7:f1:2e:6e:72:a2:
0a:6a:5c:8d:cb:6f:93:44:60:64:38:e0:39:46:d1:
1d:75:e5:5f:ea:c1:26:c6:54:86:a5:0a:be:1b:6b:
b6:c2:06:3e:3d:5f:6e:43:35:0b:7f:73:bf:c9:17:
a0:5b:37:0f:4e:b5:38:d4:f2:9d:36:26:69:67:fe:
4a:4e:6d:c8:60:16:fc:32:9c:f4:5a:94:70:84:84:
00:b6:da:fb:ed:07:1b:a0:8f:d5:99:4f:83:05:b2:
bf:6d:bc:e6:cc:23:bd:a6:87:f7:0b:78:8a:8f:72:
45:60:af:d4:51:e7:6b:36:21:42:8b:98:db:ba:d3:
66:b5:fd:d9:3a:c3:d5:d8:9a:ae:99:b6:1c:83:a6:
22:51:91:59:52:0f:db:56:ef:08:a4:6e:73:a9:37:
a8:85:3d:d8:6b:08:88:c4:f6:4d:dc:a7:6e:44:96:
65:9a:c8:50:81:6e:d2:5a:f5:c1:c2:f3:3a:15:31:
84:49:e4:f3:dc:86:29:49:04:ef:cb:49:53:d8:f8:
16:92:f8:9a:2b:d4:20:c5:0c:fa:5f:fb:24:d5:16:
a3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:5A:A7:22:D3:DE:FE:DB:3C:52:0C:78:22:2C:00:27:19:40:B7:BB
X509v3 Authority Key Identifier:
keyid:A1:C1:BE:09:81:A4:E7:57:6C:56:2F:6F:09:E6:5C:17:C1:80:E3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ocG-CYGk51dsVi9vCeZcF8GA48o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/ocG-CYGk51dsVi9vCeZcF8GA48o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/ocG-CYGk51dsVi9vCeZcF8GA48o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:3c:30:23:16:59:8a:08:43:69:23:4e:57:e0:eb:3a:61:d2:
80:10:2b:af:7f:6f:b9:86:eb:ec:77:44:8b:37:32:70:02:c5:
9d:f1:4b:33:8b:20:4e:fe:3d:ad:6d:48:bb:c6:da:16:e6:46:
e3:4d:fb:82:d5:9c:ef:bc:97:bb:72:e8:7a:8f:b0:a5:59:9c:
c8:3a:00:a5:21:1c:94:34:16:52:66:b2:29:ae:c2:39:c9:69:
30:a6:38:5f:10:45:95:91:ca:8a:5b:29:6f:11:64:55:88:d3:
04:52:1c:73:8d:16:a2:71:f4:0e:d0:c6:a2:4a:0e:5f:56:13:
cb:12:e7:2c:e5:25:d8:16:7e:c3:20:ae:1b:ed:24:49:8f:f9:
1e:a0:2d:51:bf:2b:81:dd:47:47:08:5a:6d:c1:90:ef:16:47:
e7:51:75:38:df:1c:c5:99:dc:0b:fb:09:2c:6b:a2:cc:da:2f:
1c:f4:06:37:ff:64:4c:84:f8:95:ba:da:7f:6b:16:6a:8a:d1:
2d:f8:0c:2d:d0:4e:6e:00:bf:db:5b:82:4d:d6:75:6c:a7:9a:
e3:f8:9b:9a:2d:02:bb:25:db:5c:c1:5d:84:88:29:a0:c6:98:
81:86:a9:ac:70:36:f9:c6:ed:a1:1f:91:89:12:96:16:af:f1:
f6:67:62:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06wc6UQcbQ7XQLH9V3oE3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYzFiZTA5ODFhNGU3NTc2YzU2MmY2ZjA5ZTY1YzE3YzE4
MGUzY2EwHhcNMjYwMzI5MTgwMTEyWhcNMjYwMzMwMTgwMTEyWjAzMTEwLwYDVQQD
Eyg2NjVhYTcyMmQzZGVmZWRiM2M1MjBjNzgyMjJjMDAyNzE5NDBiN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr0GBqARW6qsiqS1vc3D1Xq8CBSa
Nsfj2Pgz+1WYfTA2eSWdoy/H8S5ucqIKalyNy2+TRGBkOOA5RtEddeVf6sEmxlSG
pQq+G2u2wgY+PV9uQzULf3O/yRegWzcPTrU41PKdNiZpZ/5KTm3IYBb8Mpz0WpRw
hIQAttr77QcboI/VmU+DBbK/bbzmzCO9pof3C3iKj3JFYK/UUedrNiFCi5jbutNm
tf3ZOsPV2JqumbYcg6YiUZFZUg/bVu8IpG5zqTeohT3YawiIxPZN3KduRJZlmshQ
gW7SWvXBwvM6FTGESeTz3IYpSQTvy0lT2PgWkviaK9QgxQz6X/sk1RajUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZapyLT3v7bPFIMeCIsACcZQLe7MB8GA1UdIwQY
MBaAFKHBvgmBpOdXbFYvbwnmXBfBgOPKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2NHLUNZR2s1MWRzVmk5dkNlWmNGOEdBNDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84MWU1YTUtYWMzOS00M2MxLTg3MmYt
OThkZmMyZWU2ZTBjLzEvb2NHLUNZR2s1MWRzVmk5dkNlWmNGOEdBNDhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84MWU1YTUtYWMzOS00M2MxLTg3MmYtOThkZmMyZWU2ZTBj
LzEvb2NHLUNZR2s1MWRzVmk5dkNlWmNGOEdBNDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOTwwIxZZ
ighDaSNOV+DrOmHSgBArr39vuYbr7HdEizcycALFnfFLM4sgTv49rW1Iu8baFuZG
4037gtWc77yXu3Loeo+wpVmcyDoApSEclDQWUmayKa7COclpMKY4XxBFlZHKilsp
bxFkVYjTBFIcc40WonH0DtDGokoOX1YTyxLnLOUl2BZ+wyCuG+0kSY/5HqAtUb8r
gd1HRwhabcGQ7xZH51F1ON8cxZncC/sJLGuizNovHPQGN/9kTIT4lbraf2sWaorR
LfgMLdBObgC/21uCTdZ1bKea4/ibmi0CuyXbXMFdhIgpoMaYgYaprHA2+cbtoR+R
iRKWFq/x9mdiFw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:24:51 2026 by rpki-client