Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
File: OC5TMDOzzpXklyvyOC3awpPC3AE.mft (raw, json)
Hash identifier: K2YEk3yjkNY7pt9FP8YJjlfq6bymie3TuGRzMoCsogg=
Subject key identifier: 39:83:F5:53:C6:ED:80:37:F3:22:FD:00:45:63:63:93:7B:B5:54:7B
Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Certificate serial: 019DA7C2DFC54FC263B58FE45A974A83BBC3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
Manifest number: 0C28
Signing time: Sun 19 Apr 2026 22:00:59 +0000
Manifest this update: Sun 19 Apr 2026 22:00:59 +0000
Manifest next update: Mon 20 Apr 2026 22:00:59 +0000
Files and hashes: 1: 16Wly6tf9ZCRlJ1eLRRr8Q4xzIw.roa (hash: Kp7oiL6STzpmE+EAdvQJo2k6GaSB6dYQxfvWJmxfMsM=)
2: JTe6rZdralZYMfrallY8D9l18pI.roa (hash: nAhU2MmHuPgFOMieOuqyCTSQGexpWdZSuDuOtmxyLp0=)
3: OC5TMDOzzpXklyvyOC3awpPC3AE.crl (hash: p45+W3M8/UXm7aqMSlYs4WseZoyTE7PHWrhyqN9NxHo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a7:c2:df:c5:4f:c2:63:b5:8f:e4:5a:97:4a:83:bb:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Validity
Not Before: Apr 19 22:00:59 2026 GMT
Not After : Apr 20 22:00:59 2026 GMT
Subject: CN=3983f553c6ed8037f322fd00456363937bb5547b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e1:42:a4:06:85:34:08:d8:23:d7:ee:79:35:
0a:6d:c1:66:51:6a:cb:d7:84:63:0c:5d:00:11:ed:
3d:8c:f5:2b:78:20:c9:96:b8:c7:fa:ea:73:17:5d:
84:57:6f:d5:b1:6b:87:a7:5f:6b:c9:9e:32:27:34:
73:b1:5f:7c:b6:df:a3:e7:15:6a:07:a9:5d:04:56:
12:04:1a:df:e5:b3:b4:9b:11:17:95:ba:f7:7c:1c:
f6:fd:a1:d7:3e:61:ba:0e:d6:84:f0:5e:f5:bb:fe:
81:4a:66:8d:3b:b6:02:0e:94:d7:e3:b4:59:59:d0:
b2:20:7d:20:79:72:d9:d3:06:35:a1:ba:db:8f:e4:
bf:d8:60:4a:bf:3a:d4:12:7c:1b:4b:f3:76:52:d1:
a2:d6:d3:82:e5:39:a7:04:2c:98:a5:dc:a5:db:b1:
d6:ca:c8:78:b5:a9:25:3e:44:89:57:3f:7d:b9:8e:
5d:54:e1:86:c0:46:cb:5a:d2:dc:00:03:5b:b5:c2:
e3:e0:07:18:85:15:d6:30:04:90:1e:7b:12:bf:63:
cf:c3:de:f0:07:d0:2c:c6:a5:ed:ab:c9:2c:75:61:
25:9b:7f:c9:14:cb:96:19:61:91:4d:bc:fd:40:dd:
14:c3:6f:cb:1e:b8:d2:81:c6:c4:22:5f:00:74:42:
d1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:83:F5:53:C6:ED:80:37:F3:22:FD:00:45:63:63:93:7B:B5:54:7B
X509v3 Authority Key Identifier:
keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:eb:1a:41:1a:b6:8c:4f:7e:28:12:b4:ee:d1:84:3b:85:83:
c6:78:6f:11:3a:20:1e:03:98:83:fc:b0:bc:b1:c7:41:d2:22:
59:e8:37:12:30:d4:a9:92:20:71:19:8c:71:0c:77:c7:8d:70:
0a:78:67:16:50:db:0d:e3:06:88:0b:cd:7d:e9:94:ca:cd:a5:
50:db:c8:80:4d:63:a3:8a:0e:e9:74:61:d9:d4:5c:a2:ce:f2:
a4:c9:d9:c4:6f:30:45:ee:83:96:57:3d:0b:26:83:d4:c5:85:
19:9d:25:4f:ac:e0:43:e1:1b:f8:f3:df:d4:91:a1:08:f8:ed:
b6:7f:70:41:04:af:02:26:2b:4c:fe:59:ba:7c:93:25:9c:7f:
90:c0:56:6a:b6:1f:2c:a5:24:e5:0f:be:95:50:23:90:e7:a5:
fa:61:cb:67:50:7b:cd:bd:bd:bb:9e:1e:ce:25:5f:18:d8:91:
b6:d0:9a:a9:e3:89:c8:01:5d:06:95:b6:90:b2:36:9a:c3:f1:
fd:24:cb:0e:a3:f6:bb:68:3d:0f:12:2f:46:d6:51:ce:fc:e5:
b9:5f:87:a5:10:f3:1d:c4:1f:43:61:f6:5f:19:1d:fd:5e:64:
7d:53:d0:53:c1:24:b5:59:f7:b2:97:16:af:8d:bf:85:58:9e:
93:aa:8f:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2nwt/FT8JjtY/kWpdKg7vDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj
MmRjMDEwHhcNMjYwNDE5MjIwMDU5WhcNMjYwNDIwMjIwMDU5WjAzMTEwLwYDVQQD
EygzOTgzZjU1M2M2ZWQ4MDM3ZjMyMmZkMDA0NTYzNjM5MzdiYjU1NDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+FCpAaFNAjYI9fueTUKbcFmUWrL
14RjDF0AEe09jPUreCDJlrjH+upzF12EV2/VsWuHp19ryZ4yJzRzsV98tt+j5xVq
B6ldBFYSBBrf5bO0mxEXlbr3fBz2/aHXPmG6DtaE8F71u/6BSmaNO7YCDpTX47RZ
WdCyIH0geXLZ0wY1obrbj+S/2GBKvzrUEnwbS/N2UtGi1tOC5TmnBCyYpdyl27HW
ysh4taklPkSJVz99uY5dVOGGwEbLWtLcAANbtcLj4AcYhRXWMASQHnsSv2PPw97w
B9AsxqXtq8ksdWElm3/JFMuWGWGRTbz9QN0Uw2/LHrjSgcbEIl8AdELR0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDmD9VPG7YA38yL9AEVjY5N7tVR7MB8GA1UdIwQY
MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt
ZWFhMDkwNTE0YjUyLzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy
LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf+saQRq2
jE9+KBK07tGEO4WDxnhvETogHgOYg/ywvLHHQdIiWeg3EjDUqZIgcRmMcQx3x41w
CnhnFlDbDeMGiAvNfemUys2lUNvIgE1jo4oO6XRh2dRcos7ypMnZxG8wRe6Dllc9
CyaD1MWFGZ0lT6zgQ+Eb+PPf1JGhCPjttn9wQQSvAiYrTP5ZunyTJZx/kMBWarYf
LKUk5Q++lVAjkOel+mHLZ1B7zb29u54eziVfGNiRttCaqeOJyAFdBpW2kLI2msPx
/STLDqP2u2g9DxIvRtZRzvzluV+HpRDzHcQfQ2H2Xxkd/V5kfVPQU8EktVn3spcW
r42/hViek6qPYQ==
-----END CERTIFICATE-----
Generated at Mon Apr 20 08:32:28 2026 by rpki-client