Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
File: OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft (raw, json)
Hash identifier: 53uuoBtqoulbyiWyRtHA6Z3WuIC0ogzXAUTSMjatnxk=
Subject key identifier: EC:47:FC:C2:35:9B:7A:8E:2D:67:D6:B5:A8:BD:75:CF:6E:1D:C0:5B
Authority key identifier: 39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7
Certificate issuer: /CN=3979b435a3cfefe7c33a84b22f6033009a5225c7
Certificate serial: 019CE5C8B1FCAB45F0B20C07B752B099528C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
Manifest number: 17F5
Signing time: Fri 13 Mar 2026 06:01:01 +0000
Manifest this update: Fri 13 Mar 2026 06:01:01 +0000
Manifest next update: Sat 14 Mar 2026 06:01:01 +0000
Files and hashes: 1: OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl (hash: da1+bUs38JtcnxcW2RDp8wUcrSOJGB6cqcJkzq0sb3g=)
2: TFyydJckZZxmvJ2kyZiqerxMndc.roa (hash: 1M8O0DEiBMTzRovUAkdLb42byd8jCd0k32zelG/wKMY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e5:c8:b1:fc:ab:45:f0:b2:0c:07:b7:52:b0:99:52:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3979b435a3cfefe7c33a84b22f6033009a5225c7
Validity
Not Before: Mar 13 06:01:01 2026 GMT
Not After : Mar 14 06:01:01 2026 GMT
Subject: CN=ec47fcc2359b7a8e2d67d6b5a8bd75cf6e1dc05b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2b:94:16:e2:72:6d:bd:93:42:b0:bb:91:b6:
06:72:11:c1:75:0b:85:5a:a8:45:89:43:4b:62:de:
f8:ec:86:36:a6:b9:b6:50:0a:2d:60:4a:f7:dd:d2:
6d:86:1d:3d:25:38:fc:ca:a9:24:bf:42:fe:eb:de:
1f:93:98:43:ff:ac:f0:fa:44:28:bf:cf:10:e7:26:
43:56:61:0d:dd:28:c3:54:ae:c1:25:c9:c3:b9:0a:
9a:41:41:a3:7f:d1:89:f8:c6:0b:eb:7d:64:79:db:
02:f8:f5:f3:b3:ff:4b:4e:6d:7f:3a:de:41:d0:17:
61:c6:74:e0:30:bf:73:d0:25:4f:fd:86:b6:63:5f:
cd:00:bd:77:97:2d:a0:f4:33:f2:2d:fa:55:bf:f0:
c1:4a:00:79:74:96:ca:54:4f:a9:b1:e8:1a:c0:3c:
88:df:67:bf:42:7a:eb:e3:b6:40:38:ae:9b:53:a7:
66:b1:7c:88:28:e3:c4:43:48:e2:cf:9a:ee:81:73:
41:0c:fa:e1:24:b1:1d:45:73:fc:e5:7c:80:2b:fa:
1b:68:8a:4d:e1:dd:7d:f6:78:65:d8:9b:e1:ad:a2:
26:ad:3b:09:1f:f5:6e:33:83:0e:8f:b8:d3:78:48:
ca:9f:38:85:b1:8e:0c:f8:c9:59:ae:7f:9c:9b:38:
17:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:47:FC:C2:35:9B:7A:8E:2D:67:D6:B5:A8:BD:75:CF:6E:1D:C0:5B
X509v3 Authority Key Identifier:
keyid:39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:6c:b9:3b:22:bb:72:3d:c3:2c:0b:68:8d:11:89:69:a6:4b:
3c:32:2d:4a:6b:02:85:1e:67:88:8d:79:6e:b3:ce:c2:c0:9b:
31:43:77:44:b8:70:b3:58:66:b6:aa:d9:66:9c:c2:a6:af:96:
e0:ce:16:59:bd:ab:13:b4:48:28:39:a2:c6:6d:10:6f:2e:e5:
cc:cc:7f:8a:e6:dc:42:a3:35:47:9b:ba:c4:ab:a9:c7:89:13:
c0:87:8a:aa:30:e4:9d:48:fe:82:47:dc:ef:39:87:bf:dd:81:
06:77:aa:d1:f9:ed:52:6c:51:c2:f4:8b:c4:b0:4f:f8:2c:57:
01:70:ce:89:34:75:76:b4:32:89:65:2c:76:49:80:ae:22:78:
36:c5:31:75:b8:bb:be:01:9e:c2:8c:87:c4:7f:f3:f3:79:99:
36:e2:e7:fd:d2:9e:0f:86:c3:bf:a2:cc:c7:27:84:2e:78:ce:
4f:da:48:d5:11:35:44:e4:02:ae:7a:0d:72:47:1e:5c:9f:55:
39:da:12:55:bf:4d:08:51:a5:72:8f:6e:42:45:78:5a:d1:8b:
a3:62:9e:75:61:d9:1f:26:29:88:fd:a0:18:9c:b7:83:b4:83:
00:c3:dd:80:aa:fe:aa:60:ea:d6:16:6a:3c:a7:f7:7f:2c:f0:
71:eb:67:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzlyLH8q0XwsgwHt1KwmVKMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzliNDM1YTNjZmVmZTdjMzNhODRiMjJmNjAzMzAwOWE1
MjI1YzcwHhcNMjYwMzEzMDYwMTAxWhcNMjYwMzE0MDYwMTAxWjAzMTEwLwYDVQQD
EyhlYzQ3ZmNjMjM1OWI3YThlMmQ2N2Q2YjVhOGJkNzVjZjZlMWRjMDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiuUFuJybb2TQrC7kbYGchHBdQuF
WqhFiUNLYt747IY2prm2UAotYEr33dJthh09JTj8yqkkv0L+694fk5hD/6zw+kQo
v88Q5yZDVmEN3SjDVK7BJcnDuQqaQUGjf9GJ+MYL631kedsC+PXzs/9LTm1/Ot5B
0BdhxnTgML9z0CVP/Ya2Y1/NAL13ly2g9DPyLfpVv/DBSgB5dJbKVE+psegawDyI
32e/Qnrr47ZAOK6bU6dmsXyIKOPEQ0jiz5rugXNBDPrhJLEdRXP85XyAK/obaIpN
4d199nhl2JvhraImrTsJH/VuM4MOj7jTeEjKnziFsY4M+MlZrn+cmzgXNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOxH/MI1m3qOLWfWtai9dc9uHcBbMB8GA1UdIwQY
MBaAFDl5tDWjz+/nwzqEsi9gMwCaUiXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYt
ZDViYzIzOWY2YTk4LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYtZDViYzIzOWY2YTk4
LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASWy5OyK7
cj3DLAtojRGJaaZLPDItSmsChR5niI15brPOwsCbMUN3RLhws1hmtqrZZpzCpq+W
4M4WWb2rE7RIKDmixm0Qby7lzMx/iubcQqM1R5u6xKupx4kTwIeKqjDknUj+gkfc
7zmHv92BBneq0fntUmxRwvSLxLBP+CxXAXDOiTR1drQyiWUsdkmAriJ4NsUxdbi7
vgGewoyHxH/z83mZNuLn/dKeD4bDv6LMxyeELnjOT9pI1RE1ROQCrnoNckceXJ9V
OdoSVb9NCFGlco9uQkV4WtGLo2KedWHZHyYpiP2gGJy3g7SDAMPdgKr+qmDq1hZq
PKf3fyzwcetnMw==
-----END CERTIFICATE-----
Generated at Fri Mar 13 10:37:20 2026 by rpki-client