Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
File: roOCT9wp6-SsKGygGETfhtTXXsA.mft (raw, json)
Hash identifier: Q91I95o9QYewcxSZLCNA7NJibhcSuORny04Hqz6dgOo=
Subject key identifier: AE:23:61:01:F1:9C:47:17:F4:32:01:B2:B9:D2:FC:45:CC:B8:FB:3A
Authority key identifier: AE:83:82:4F:DC:29:EB:E4:AC:28:6C:A0:18:44:DF:86:D4:D7:5E:C0
Certificate issuer: /CN=ae83824fdc29ebe4ac286ca01844df86d4d75ec0
Certificate serial: 019D36E4C5153A985031E07A326DB9494297
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/roOCT9wp6-SsKGygGETfhtTXXsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
Manifest number: 04B4
Signing time: Sun 29 Mar 2026 00:00:55 +0000
Manifest this update: Sun 29 Mar 2026 00:00:55 +0000
Manifest next update: Mon 30 Mar 2026 00:00:55 +0000
Files and hashes: 1: 5LuAukBT-PYtoVc1x_YPxle1wsc.roa (hash: h17Dfweg2VbRUUt3KQP8Gh9v6kUcdiw65gP5QtU0txQ=)
2: roOCT9wp6-SsKGygGETfhtTXXsA.crl (hash: ZB6rdwPPaGwP1/3nLqwbwLGVkfrLZi8dRhqP1bryGFc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
rsync://rpki.ripe.net/repository/DEFAULT/roOCT9wp6-SsKGygGETfhtTXXsA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 00:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:36:e4:c5:15:3a:98:50:31:e0:7a:32:6d:b9:49:42:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae83824fdc29ebe4ac286ca01844df86d4d75ec0
Validity
Not Before: Mar 29 00:00:55 2026 GMT
Not After : Mar 30 00:00:55 2026 GMT
Subject: CN=ae236101f19c4717f43201b2b9d2fc45ccb8fb3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d8:01:5e:a0:3d:bc:62:aa:c1:15:de:fa:53:
e8:f0:b2:0f:3b:47:ce:7c:84:e5:b7:69:9d:d2:a0:
ae:db:ce:63:7b:73:51:c0:27:da:2f:94:b2:1a:ea:
6a:43:64:8a:f0:b3:ec:17:68:1e:62:82:82:ec:d2:
78:2b:5d:26:79:88:1c:16:2c:45:59:90:4a:8c:c3:
a7:9e:e8:5d:c1:b7:01:0c:01:72:f8:14:a8:49:86:
c1:8c:33:93:b4:7e:cd:9f:ff:b5:ec:b8:29:fe:4b:
bc:04:84:20:76:6f:b4:27:5e:85:80:4f:59:f8:db:
e2:45:0c:66:b9:55:46:fa:b4:4a:b3:f9:56:a9:67:
83:4d:38:08:89:13:f1:c5:68:09:d3:ed:1b:91:25:
a6:63:c8:61:cd:7b:78:d7:46:38:e8:9d:47:bb:c2:
1f:26:e5:48:e5:73:07:e1:34:fd:02:21:67:6d:1d:
1e:29:c3:d6:a1:6c:82:b9:d6:6b:6c:44:f4:b8:5b:
94:e1:63:23:98:ae:66:a7:e7:2c:5c:24:74:7c:df:
12:ae:db:70:2f:5e:24:11:d5:f6:61:64:73:5a:c1:
c2:34:ef:fd:2e:d8:5a:42:dc:16:96:e6:89:e8:12:
45:b6:71:d0:bf:aa:dc:0f:35:bf:31:74:fb:c3:da:
a3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:23:61:01:F1:9C:47:17:F4:32:01:B2:B9:D2:FC:45:CC:B8:FB:3A
X509v3 Authority Key Identifier:
keyid:AE:83:82:4F:DC:29:EB:E4:AC:28:6C:A0:18:44:DF:86:D4:D7:5E:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/roOCT9wp6-SsKGygGETfhtTXXsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/7174ee-3076-496c-b259-9700546b5711/1/roOCT9wp6-SsKGygGETfhtTXXsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:c5:25:a1:61:13:dd:4a:2a:de:06:8d:7b:cf:f9:bc:60:a6:
f6:8c:75:22:21:6f:7d:da:2d:31:5f:ea:f8:e2:a6:94:cd:dc:
4c:68:07:93:53:6a:0b:7d:47:31:11:91:ec:ac:fe:02:b5:0c:
db:90:ec:1e:1d:e9:a2:6f:d7:f6:ff:51:4f:bb:c4:56:91:b0:
fe:11:aa:08:36:ea:2c:03:f9:f8:7a:8a:b0:03:a3:c6:c8:c5:
32:98:02:b4:bf:56:6f:1e:43:09:bf:11:21:93:c7:87:45:59:
48:85:70:0c:10:3e:43:c8:c3:7e:76:cf:eb:4e:04:bb:a3:a6:
b8:6f:fb:eb:39:6c:1b:c6:ab:12:d2:1d:68:3e:df:df:dc:ac:
76:49:96:16:40:b0:1f:fc:a2:41:ef:ac:cb:96:6f:4a:36:30:
50:56:db:7e:16:f8:de:cd:c0:40:67:b7:a0:5f:47:c5:4c:d4:
b0:3f:12:00:d5:3a:14:54:c6:4f:a1:9e:8b:ad:cc:31:b1:43:
ea:dd:f2:d8:0a:64:c9:a9:3f:b1:a7:c9:97:f5:07:5c:35:2f:
e9:bf:a2:c6:48:6b:a5:c1:6d:60:4c:60:37:b0:2a:38:71:ce:
b3:16:3c:b9:a1:2c:b9:02:9c:96:39:84:3a:94:60:bb:4f:fa:
02:9e:bc:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ025MUVOphQMeB6Mm25SUKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlODM4MjRmZGMyOWViZTRhYzI4NmNhMDE4NDRkZjg2ZDRk
NzVlYzAwHhcNMjYwMzI5MDAwMDU1WhcNMjYwMzMwMDAwMDU1WjAzMTEwLwYDVQQD
EyhhZTIzNjEwMWYxOWM0NzE3ZjQzMjAxYjJiOWQyZmM0NWNjYjhmYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtgBXqA9vGKqwRXe+lPo8LIPO0fO
fITlt2md0qCu285je3NRwCfaL5SyGupqQ2SK8LPsF2geYoKC7NJ4K10meYgcFixF
WZBKjMOnnuhdwbcBDAFy+BSoSYbBjDOTtH7Nn/+17Lgp/ku8BIQgdm+0J16FgE9Z
+NviRQxmuVVG+rRKs/lWqWeDTTgIiRPxxWgJ0+0bkSWmY8hhzXt410Y46J1Hu8If
JuVI5XMH4TT9AiFnbR0eKcPWoWyCudZrbET0uFuU4WMjmK5mp+csXCR0fN8Srttw
L14kEdX2YWRzWsHCNO/9LthaQtwWluaJ6BJFtnHQv6rcDzW/MXT7w9qjLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK4jYQHxnEcX9DIBsrnS/EXMuPs6MB8GA1UdIwQY
MBaAFK6Dgk/cKevkrChsoBhE34bU117AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm9PQ1Q5d3A2LVNzS0d5Z0dFVGZodFRYWHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC83MTc0ZWUtMzA3Ni00OTZjLWIyNTkt
OTcwMDU0NmI1NzExLzEvcm9PQ1Q5d3A2LVNzS0d5Z0dFVGZodFRYWHNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC83MTc0ZWUtMzA3Ni00OTZjLWIyNTktOTcwMDU0NmI1NzEx
LzEvcm9PQ1Q5d3A2LVNzS0d5Z0dFVGZodFRYWHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAocUloWET
3Uoq3gaNe8/5vGCm9ox1IiFvfdotMV/q+OKmlM3cTGgHk1NqC31HMRGR7Kz+ArUM
25DsHh3pom/X9v9RT7vEVpGw/hGqCDbqLAP5+HqKsAOjxsjFMpgCtL9Wbx5DCb8R
IZPHh0VZSIVwDBA+Q8jDfnbP604Eu6OmuG/76zlsG8arEtIdaD7f39ysdkmWFkCw
H/yiQe+sy5ZvSjYwUFbbfhb43s3AQGe3oF9HxUzUsD8SANU6FFTGT6Gei63MMbFD
6t3y2Apkyak/safJl/UHXDUv6b+ixkhrpcFtYExgN7AqOHHOsxY8uaEsuQKcljmE
OpRgu0/6Ap68lA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:19:26 2026 by rpki-client