Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
File: OC5TMDOzzpXklyvyOC3awpPC3AE.mft (raw, json)
Hash identifier: 9LCkEq1I6lMLPWhPV3ZJ6sl/fEVOZuDO7JDDnXfiAKI=
Subject key identifier: 42:EE:08:23:13:EF:A4:70:46:5B:C6:A1:AC:A0:BD:4C:DE:81:CF:A3
Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Certificate serial: 019CC0052372B3B4081C17CCF76C02E4C89D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
Manifest number: 0BB0
Signing time: Thu 05 Mar 2026 22:01:28 +0000
Manifest this update: Thu 05 Mar 2026 22:01:28 +0000
Manifest next update: Fri 06 Mar 2026 22:01:28 +0000
Files and hashes: 1: 16Wly6tf9ZCRlJ1eLRRr8Q4xzIw.roa (hash: Kp7oiL6STzpmE+EAdvQJo2k6GaSB6dYQxfvWJmxfMsM=)
2: JTe6rZdralZYMfrallY8D9l18pI.roa (hash: nAhU2MmHuPgFOMieOuqyCTSQGexpWdZSuDuOtmxyLp0=)
3: OC5TMDOzzpXklyvyOC3awpPC3AE.crl (hash: VwJmAE65ej8QOFBdeyyGXq94sxA6z5P2ALMO2XRlCXc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 22:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c0:05:23:72:b3:b4:08:1c:17:cc:f7:6c:02:e4:c8:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Validity
Not Before: Mar 5 22:01:28 2026 GMT
Not After : Mar 6 22:01:28 2026 GMT
Subject: CN=42ee082313efa470465bc6a1aca0bd4cde81cfa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:dd:05:34:10:41:aa:0e:4a:94:20:55:d1:8f:
42:c0:87:94:84:f2:a6:21:66:64:99:3f:30:8c:bc:
c1:85:78:56:ba:12:e5:d7:e8:f0:5a:e9:2a:7f:87:
28:d7:9c:e3:38:f8:e8:6f:dc:24:6b:6f:2b:cd:df:
81:6a:78:79:16:75:ef:53:c4:15:2d:a9:c4:f0:36:
6a:12:ec:dc:28:9a:22:cd:81:4d:1c:1f:b9:cf:64:
2a:69:15:db:2f:52:40:86:60:ab:53:8b:8c:2a:e9:
0d:e1:b1:96:d0:79:b9:b7:91:90:97:f3:d9:98:b6:
c7:6b:8b:7d:cd:65:d3:8a:d2:df:11:5b:0e:13:bc:
5d:b8:21:61:71:cf:27:a5:e2:7e:b8:d0:36:60:53:
cb:12:2a:df:84:45:97:b1:28:69:cc:90:ad:b7:dd:
5e:9c:d8:85:25:57:94:fe:73:dd:77:71:b8:34:1a:
c7:f7:4a:07:fa:86:9c:c6:b3:61:46:14:1c:fd:d5:
28:a0:d9:9d:d1:9b:2b:fb:62:65:65:58:53:40:85:
6f:a1:52:32:52:b9:01:9b:38:a3:e2:e8:17:52:3b:
6e:3c:6d:ef:33:5c:eb:ab:17:ef:21:94:7c:a0:c1:
18:d0:66:d1:20:02:68:52:5b:5a:46:3d:f6:85:b7:
6e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:EE:08:23:13:EF:A4:70:46:5B:C6:A1:AC:A0:BD:4C:DE:81:CF:A3
X509v3 Authority Key Identifier:
keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:da:c1:6a:9c:99:30:f2:73:77:50:bd:f5:f6:91:7f:b6:7e:
a5:2a:20:1a:4d:8f:63:7f:a3:bf:21:ed:fc:38:75:49:08:6c:
2a:5c:f8:9b:3b:27:2b:36:2c:0b:96:6a:65:6d:ee:73:04:76:
7a:d3:50:76:82:ca:8c:da:c2:1e:d0:77:26:62:15:82:31:b5:
f4:73:bc:e8:bb:58:a0:56:1b:a4:46:62:95:10:85:3f:7c:21:
fb:74:a4:98:76:3a:ae:1c:86:d8:d0:d0:47:a9:7a:32:8c:fc:
9a:d2:e8:69:f5:2d:65:17:2d:fc:ad:a0:23:e2:03:87:02:11:
da:2c:76:8c:e8:9f:d1:63:7f:56:24:f4:0c:d1:9e:8a:87:ba:
af:82:85:95:41:54:9a:cf:e0:f1:0c:cb:bb:c8:2a:a2:4c:6c:
c3:9e:6d:c6:ce:7b:34:67:c2:83:dc:93:0b:68:3c:7d:3c:9c:
89:7c:d6:4b:16:e8:3a:6e:03:11:47:e0:c5:04:be:eb:b2:ea:
c6:56:c1:8e:1b:fe:8b:3f:87:ef:11:f2:39:8b:83:c8:14:5b:
0c:b0:7c:14:d7:eb:c6:e4:dd:2d:46:56:73:af:8d:e2:82:d3:
79:c4:3a:42:2b:b3:b6:14:38:b9:bf:01:48:3e:02:81:08:19:
64:16:c3:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzABSNys7QIHBfM92wC5MidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj
MmRjMDEwHhcNMjYwMzA1MjIwMTI4WhcNMjYwMzA2MjIwMTI4WjAzMTEwLwYDVQQD
Eyg0MmVlMDgyMzEzZWZhNDcwNDY1YmM2YTFhY2EwYmQ0Y2RlODFjZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw90FNBBBqg5KlCBV0Y9CwIeUhPKm
IWZkmT8wjLzBhXhWuhLl1+jwWukqf4co15zjOPjob9wka28rzd+Banh5FnXvU8QV
LanE8DZqEuzcKJoizYFNHB+5z2QqaRXbL1JAhmCrU4uMKukN4bGW0Hm5t5GQl/PZ
mLbHa4t9zWXTitLfEVsOE7xduCFhcc8npeJ+uNA2YFPLEirfhEWXsShpzJCtt91e
nNiFJVeU/nPdd3G4NBrH90oH+oacxrNhRhQc/dUooNmd0Zsr+2JlZVhTQIVvoVIy
UrkBmzij4ugXUjtuPG3vM1zrqxfvIZR8oMEY0GbRIAJoUltaRj32hbduowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELuCCMT76RwRlvGoaygvUzegc+jMB8GA1UdIwQY
MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt
ZWFhMDkwNTE0YjUyLzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy
LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfdrBapyZ
MPJzd1C99faRf7Z+pSogGk2PY3+jvyHt/Dh1SQhsKlz4mzsnKzYsC5ZqZW3ucwR2
etNQdoLKjNrCHtB3JmIVgjG19HO86LtYoFYbpEZilRCFP3wh+3SkmHY6rhyG2NDQ
R6l6Moz8mtLoafUtZRct/K2gI+IDhwIR2ix2jOif0WN/ViT0DNGeioe6r4KFlUFU
ms/g8QzLu8gqokxsw55txs57NGfCg9yTC2g8fTyciXzWSxboOm4DEUfgxQS+67Lq
xlbBjhv+iz+H7xHyOYuDyBRbDLB8FNfrxuTdLUZWc6+N4oLTecQ6QiuzthQ4ub8B
SD4CgQgZZBbD+w==
-----END CERTIFICATE-----
Generated at Fri Mar 6 04:46:49 2026 by rpki-client