Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.mft
File: OCUoqxzRttxzwLCbZ9Pn41hPNj0.mft (raw, json)
Hash identifier: uC0KTKh26XqBVmlZy1NM8ij+X1rTwBPxxxNkM6iCqV4=
Subject key identifier: 06:21:83:56:70:43:2E:4A:7B:B7:E0:37:C2:AD:5C:96:1E:13:EB:B5
Authority key identifier: 38:25:28:AB:1C:D1:B6:DC:73:C0:B0:9B:67:D3:E7:E3:58:4F:36:3D
Certificate issuer: /CN=382528ab1cd1b6dc73c0b09b67d3e7e3584f363d
Certificate serial: 019D389C0B09F6B22F390794D7850238856F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCUoqxzRttxzwLCbZ9Pn41hPNj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 08:00:43 +0000
Manifest this update: Sun 29 Mar 2026 08:00:43 +0000
Manifest next update: Mon 30 Mar 2026 08:00:43 +0000
Files and hashes: 1: CA-MzpWp9Dx3CrADIEvJQZw4E7E.roa (hash: cFLJlMvt+zbdg7Xdn6mpst0pNhdveJ/oPmHZEhv3T5Y=)
2: OCUoqxzRttxzwLCbZ9Pn41hPNj0.crl (hash: 0RkGgu96nf9X16wukLOdQb9ODl80kRgj+yzmsmbOUq4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCUoqxzRttxzwLCbZ9Pn41hPNj0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:0b:09:f6:b2:2f:39:07:94:d7:85:02:38:85:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382528ab1cd1b6dc73c0b09b67d3e7e3584f363d
Validity
Not Before: Mar 29 08:00:43 2026 GMT
Not After : Mar 30 08:00:43 2026 GMT
Subject: CN=0621835670432e4a7bb7e037c2ad5c961e13ebb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:54:2f:3d:51:33:d5:94:c6:45:8e:0a:ab:35:
ee:43:6c:b5:5e:f5:d8:72:a4:14:72:62:d9:0e:bf:
e2:a0:a0:16:4e:f8:9b:ca:1a:8d:3f:c5:f1:dc:c6:
e1:a4:e2:77:b7:a2:46:21:da:bc:a4:13:a9:7b:28:
1b:91:fa:1d:a7:5a:0a:1f:09:1a:b4:a8:fd:c4:52:
7f:d5:82:83:45:5c:c6:1a:ef:77:a9:15:72:75:43:
a0:5e:dd:d0:38:4a:e7:8b:75:55:41:96:ae:b8:e2:
17:89:6e:c3:38:89:a9:f9:81:52:d5:61:f2:42:c9:
30:cd:6b:f9:94:45:2d:a2:30:ea:0c:76:54:b7:96:
29:e4:2c:73:ed:ff:bd:6c:0c:38:39:66:2a:b7:38:
28:96:f4:5f:0f:76:11:e9:e3:b8:8f:88:53:0d:52:
b3:07:50:e0:32:8b:e9:d4:b2:42:12:63:27:cc:ef:
e5:a1:9f:b5:22:45:39:00:00:1d:db:10:23:20:b2:
fa:4b:60:df:60:60:e8:fc:92:07:dd:61:4f:7d:f9:
16:fb:6b:83:ed:09:93:eb:36:67:9b:63:f4:2b:92:
f7:67:d3:5f:f6:3b:23:32:b3:db:0f:6e:8b:cd:f3:
fc:3b:a3:76:c2:f0:35:6d:f8:07:9b:6e:2d:62:d8:
0b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:21:83:56:70:43:2E:4A:7B:B7:E0:37:C2:AD:5C:96:1E:13:EB:B5
X509v3 Authority Key Identifier:
keyid:38:25:28:AB:1C:D1:B6:DC:73:C0:B0:9B:67:D3:E7:E3:58:4F:36:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCUoqxzRttxzwLCbZ9Pn41hPNj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:8a:31:ac:cd:82:ae:74:8c:50:d4:2e:0e:13:99:48:69:51:
07:83:13:92:f4:c9:3a:79:4d:c5:b5:a1:39:dd:88:2d:24:da:
33:3a:e7:8f:ce:32:65:ef:28:20:ce:37:63:b6:81:c1:3e:f8:
2a:ea:61:8b:82:cd:e2:73:01:21:2e:90:6e:c4:c6:83:63:ee:
9b:50:17:ba:1d:b1:73:31:46:46:dd:20:d4:ab:7d:53:e7:2c:
0f:05:16:2a:20:68:e2:45:2d:e3:48:c2:87:74:21:09:70:55:
89:4d:b3:eb:8e:2c:52:ef:ee:f3:bd:87:08:15:11:a6:35:f1:
1f:45:5c:0c:14:de:9c:fc:7e:9d:43:3d:ef:9d:15:b8:39:2d:
25:1a:1a:23:c5:8c:65:10:66:92:9d:8f:20:fd:a2:3f:b5:33:
b8:0c:ff:7c:af:70:fc:20:86:95:55:07:b9:54:99:cc:5b:76:
e0:77:06:fe:78:36:1b:b1:34:34:f3:6d:bd:cc:95:30:88:e4:
eb:41:1c:fa:f2:61:67:1d:56:c3:fd:c2:3b:e5:57:25:a3:b1:
67:b3:be:79:be:8c:b3:bc:f6:51:02:c7:43:83:9b:7a:cb:a0:
1b:96:1f:c8:31:2d:a8:53:e7:7d:bc:6e:a3:84:ae:dc:bb:65:
79:6f:a8:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nAsJ9rIvOQeU14UCOIVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjUyOGFiMWNkMWI2ZGM3M2MwYjA5YjY3ZDNlN2UzNTg0
ZjM2M2QwHhcNMjYwMzI5MDgwMDQzWhcNMjYwMzMwMDgwMDQzWjAzMTEwLwYDVQQD
EygwNjIxODM1NjcwNDMyZTRhN2JiN2UwMzdjMmFkNWM5NjFlMTNlYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVQvPVEz1ZTGRY4KqzXuQ2y1XvXY
cqQUcmLZDr/ioKAWTvibyhqNP8Xx3MbhpOJ3t6JGIdq8pBOpeygbkfodp1oKHwka
tKj9xFJ/1YKDRVzGGu93qRVydUOgXt3QOErni3VVQZauuOIXiW7DOImp+YFS1WHy
QskwzWv5lEUtojDqDHZUt5Yp5Cxz7f+9bAw4OWYqtzgolvRfD3YR6eO4j4hTDVKz
B1DgMovp1LJCEmMnzO/loZ+1IkU5AAAd2xAjILL6S2DfYGDo/JIH3WFPffkW+2uD
7QmT6zZnm2P0K5L3Z9Nf9jsjMrPbD26LzfP8O6N2wvA1bfgHm24tYtgLHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAYhg1ZwQy5Ke7fgN8KtXJYeE+u1MB8GA1UdIwQY
MBaAFDglKKsc0bbcc8Cwm2fT5+NYTzY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NVb3F4elJ0dHh6d0xDYlo5UG40MWhQTmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wMDgxNmEtZWVkZi00MTkwLWJjMzMt
M2EwMmEyNDJmNDQ0LzEvT0NVb3F4elJ0dHh6d0xDYlo5UG40MWhQTmowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wMDgxNmEtZWVkZi00MTkwLWJjMzMtM2EwMmEyNDJmNDQ0
LzEvT0NVb3F4elJ0dHh6d0xDYlo5UG40MWhQTmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhIoxrM2C
rnSMUNQuDhOZSGlRB4MTkvTJOnlNxbWhOd2ILSTaMzrnj84yZe8oIM43Y7aBwT74
Kuphi4LN4nMBIS6QbsTGg2Pum1AXuh2xczFGRt0g1Kt9U+csDwUWKiBo4kUt40jC
h3QhCXBViU2z644sUu/u872HCBURpjXxH0VcDBTenPx+nUM9750VuDktJRoaI8WM
ZRBmkp2PIP2iP7UzuAz/fK9w/CCGlVUHuVSZzFt24HcG/ng2G7E0NPNtvcyVMIjk
60Ec+vJhZx1Ww/3CO+VXJaOxZ7O+eb6Ms7z2UQLHQ4ObesugG5YfyDEtqFPnfbxu
o4Su3LtleW+oiA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:01:00 2026 by rpki-client