Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
File: OC5TMDOzzpXklyvyOC3awpPC3AE.mft (raw, json)
Hash identifier: a07hbokMUz2t62KjxiHgy3GAoi2FYdOo5l6jTh3Zlfo=
Subject key identifier: B1:37:25:F3:41:5B:CB:DC:7C:E2:3F:1E:70:DD:16:2D:D8:87:4C:0C
Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Certificate serial: 019E916FE84228FD03ECE689F6907FF323E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
Manifest number: 0CA1
Signing time: Thu 04 Jun 2026 07:01:30 +0000
Manifest this update: Thu 04 Jun 2026 07:01:30 +0000
Manifest next update: Fri 05 Jun 2026 07:01:30 +0000
Files and hashes: 1: 16Wly6tf9ZCRlJ1eLRRr8Q4xzIw.roa (hash: Kp7oiL6STzpmE+EAdvQJo2k6GaSB6dYQxfvWJmxfMsM=)
2: JTe6rZdralZYMfrallY8D9l18pI.roa (hash: nAhU2MmHuPgFOMieOuqyCTSQGexpWdZSuDuOtmxyLp0=)
3: OC5TMDOzzpXklyvyOC3awpPC3AE.crl (hash: TS63VeyKpFL0VYGk3bNtUUQ01vxpJT8oAqSx1/uqfsg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:91:6f:e8:42:28:fd:03:ec:e6:89:f6:90:7f:f3:23:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Validity
Not Before: Jun 4 07:01:30 2026 GMT
Not After : Jun 5 07:01:30 2026 GMT
Subject: CN=b13725f3415bcbdc7ce23f1e70dd162dd8874c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:97:8a:81:bc:b5:b2:47:e3:6a:6b:1d:7a:34:
0d:2d:13:8d:49:4c:c3:34:83:b4:e2:b3:52:a1:85:
af:52:a9:ee:0f:7c:85:d6:45:0f:d0:eb:2c:64:0e:
69:39:11:66:9a:cf:39:19:16:b4:74:88:f1:bd:cc:
53:54:29:bf:a9:b7:ef:ce:3a:f1:42:b6:ae:e9:3e:
db:6f:b4:4e:1c:3e:29:ae:ad:26:29:b4:30:1d:ee:
29:53:cc:91:28:aa:8a:f0:39:29:dc:a0:88:d2:b0:
d0:12:09:b0:e4:e2:62:ae:e3:85:0e:49:24:c6:0e:
00:7f:4e:b6:25:d1:e7:02:15:96:b5:43:dd:f5:bf:
6e:5e:2f:0d:69:ac:4b:d8:56:b6:ed:fa:bf:65:3d:
95:5b:a0:54:42:b3:82:24:a8:a9:54:52:cb:1b:23:
dc:1d:3c:10:72:e8:74:2d:65:02:43:31:37:28:12:
0b:ed:50:9e:72:2e:1c:8f:e0:ed:87:72:51:ba:d6:
8b:83:cd:22:96:8d:f3:13:65:29:f4:80:7d:79:d7:
be:43:d9:1e:55:51:f0:78:f9:c3:4a:35:af:7a:64:
50:f3:ef:9b:ba:33:f3:e9:55:2c:01:b6:8c:00:b5:
00:2f:23:88:3c:10:fe:21:06:b2:53:b5:5e:2b:d7:
82:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:37:25:F3:41:5B:CB:DC:7C:E2:3F:1E:70:DD:16:2D:D8:87:4C:0C
X509v3 Authority Key Identifier:
keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:51:9a:23:b3:9c:0a:6c:f3:34:14:9a:2b:d1:53:05:b4:7c:
19:bb:90:37:34:a3:74:f1:67:03:a6:b3:9d:82:0a:6e:fb:7a:
d9:5c:79:f8:42:70:5f:3e:9e:9d:6b:db:d4:a5:84:5c:3f:ff:
dc:e1:3f:6b:82:26:7c:3d:66:59:54:a1:94:48:79:a7:b1:8b:
82:40:f5:1a:bd:8a:cf:f8:a9:ba:f1:69:5b:29:8e:59:5a:f9:
5a:ba:5e:c7:6e:6f:57:60:86:93:60:cb:3a:b8:4a:3a:30:cb:
36:81:9c:e7:46:d9:62:ff:7a:8c:01:93:d8:8c:b4:be:d5:77:
91:c2:96:ad:ce:d7:bb:fb:2e:1b:9a:9a:f4:9d:48:0d:a0:69:
f8:fb:a6:1e:73:70:f5:5a:ed:99:53:9f:c6:a9:32:21:c7:17:
20:77:37:e4:22:52:67:6f:c6:b4:c0:05:a1:e0:fd:29:fb:be:
7b:f7:1c:2f:9c:a9:fd:a5:74:bc:b0:a8:21:48:39:59:13:ae:
79:4a:49:a7:59:76:32:e5:29:b8:83:45:fa:3d:22:21:80:e4:
e0:19:d0:3c:56:d5:b8:fd:ea:81:ea:bc:d9:38:26:10:07:71:
69:8b:08:a9:cc:af:ad:d9:91:16:d4:2f:cb:77:6b:f7:ac:6d:
bc:06:26:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6Rb+hCKP0D7OaJ9pB/8yPgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj
MmRjMDEwHhcNMjYwNjA0MDcwMTMwWhcNMjYwNjA1MDcwMTMwWjAzMTEwLwYDVQQD
EyhiMTM3MjVmMzQxNWJjYmRjN2NlMjNmMWU3MGRkMTYyZGQ4ODc0YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspeKgby1skfjamsdejQNLRONSUzD
NIO04rNSoYWvUqnuD3yF1kUP0OssZA5pORFmms85GRa0dIjxvcxTVCm/qbfvzjrx
Qrau6T7bb7ROHD4prq0mKbQwHe4pU8yRKKqK8Dkp3KCI0rDQEgmw5OJiruOFDkkk
xg4Af062JdHnAhWWtUPd9b9uXi8NaaxL2Fa27fq/ZT2VW6BUQrOCJKipVFLLGyPc
HTwQcuh0LWUCQzE3KBIL7VCeci4cj+Dth3JRutaLg80ilo3zE2Up9IB9ede+Q9ke
VVHwePnDSjWvemRQ8++bujPz6VUsAbaMALUALyOIPBD+IQayU7VeK9eCUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLE3JfNBW8vcfOI/HnDdFi3Yh0wMMB8GA1UdIwQY
MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt
ZWFhMDkwNTE0YjUyLzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy
LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ1GaI7Oc
CmzzNBSaK9FTBbR8GbuQNzSjdPFnA6aznYIKbvt62Vx5+EJwXz6enWvb1KWEXD//
3OE/a4ImfD1mWVShlEh5p7GLgkD1Gr2Kz/ipuvFpWymOWVr5Wrpex25vV2CGk2DL
OrhKOjDLNoGc50bZYv96jAGT2Iy0vtV3kcKWrc7Xu/suG5qa9J1IDaBp+PumHnNw
9VrtmVOfxqkyIccXIHc35CJSZ2/GtMAFoeD9Kfu+e/ccL5yp/aV0vLCoIUg5WROu
eUpJp1l2MuUpuINF+j0iIYDk4BnQPFbVuP3qgeq82TgmEAdxaYsIqcyvrdmRFtQv
y3dr96xtvAYm+A==
-----END CERTIFICATE-----
Generated at Thu Jun 4 12:13:51 2026 by rpki-client