Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
File: OC-G8tvQd2xOUZycmuT60EJvOf8.mft (raw, json)
Hash identifier: 2FHOAnhgaaj3Hy295hAu3WadC9agj3yfqDrtgj7noDM=
Subject key identifier: 32:36:31:F3:68:8B:47:8B:95:CA:F9:96:5E:EA:8A:11:35:57:A4:60
Authority key identifier: 38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
Certificate issuer: /CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Certificate serial: 019D38667F03D6E98185A4AD26E2C84350D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
Manifest number: 0472
Signing time: Sun 29 Mar 2026 07:02:14 +0000
Manifest this update: Sun 29 Mar 2026 07:02:14 +0000
Manifest next update: Mon 30 Mar 2026 07:02:14 +0000
Files and hashes: 1: 1-CvN4vL-gOumnUiw8kqYnlyhsGg.roa (hash: j8Mlx4J1MdSRge54lSRG985DTWF3u6cnasrSWFkZ6ac=)
2: OC-G8tvQd2xOUZycmuT60EJvOf8.crl (hash: UXnPJZMfi2c1Bu8VPVixIET95vbGIIzZk2d3KrI58ko=)
3: t25FS3p7VfnEPbzfHv-DyXEln4A.roa (hash: 71ZKU18culvAhzrOg6y8Lw3IENicOoZIJiAlIOqPr8E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:7f:03:d6:e9:81:85:a4:ad:26:e2:c8:43:50:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Validity
Not Before: Mar 29 07:02:14 2026 GMT
Not After : Mar 30 07:02:14 2026 GMT
Subject: CN=323631f3688b478b95caf9965eea8a113557a460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:bf:da:5e:ae:5c:01:17:34:9d:0c:f9:45:6c:
ee:32:0c:b7:a2:be:5b:b6:76:76:cf:55:91:27:a5:
3e:20:df:6b:8d:e3:97:34:e7:d4:7b:f1:55:a0:d1:
ac:3a:79:39:3c:c7:32:74:7e:bf:77:11:c1:5f:d0:
09:35:3a:b5:b1:3c:be:f4:ee:9b:d2:be:09:94:64:
8e:ac:14:97:5f:4e:2f:a0:d3:bc:c8:be:6c:e8:d6:
b5:6c:a5:7d:00:0a:72:ee:70:6a:3a:67:2c:25:74:
60:8e:ec:8a:de:96:d1:83:17:8e:ae:1f:a9:3c:d8:
9e:19:6a:d6:85:82:0e:0c:86:6a:a0:9d:10:5b:d2:
fa:e2:a0:dc:fd:d2:18:fb:f4:33:e8:e3:82:5a:3e:
24:36:bd:16:38:6e:2a:30:01:e0:2a:fc:5a:a2:b0:
31:86:31:1e:27:c9:51:4d:7b:03:f2:31:cb:ad:91:
e5:94:39:66:25:be:10:98:ae:dc:34:eb:a7:97:54:
da:68:9b:25:e4:2d:ba:ac:d9:96:8f:d1:62:31:38:
1c:5d:6f:df:14:4a:1b:2c:61:39:c2:36:e2:75:a3:
1d:aa:95:a2:a6:ec:eb:d1:12:e3:1b:f1:a5:2e:dd:
a4:84:54:f1:3c:96:57:14:b5:2c:30:43:1c:79:f5:
57:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:36:31:F3:68:8B:47:8B:95:CA:F9:96:5E:EA:8A:11:35:57:A4:60
X509v3 Authority Key Identifier:
keyid:38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
e0:1f:ae:e7:2f:61:2a:07:72:48:f3:01:ac:ec:de:da:03:d7:
e3:0a:db:ba:d4:88:f6:b0:52:ec:ec:e8:7a:83:91:68:c7:f9:
d9:cd:19:34:fd:a5:37:77:44:46:8d:2e:4a:03:eb:64:d7:97:
f1:7c:48:c0:cf:04:64:53:d7:d4:af:04:28:96:f1:d8:7a:02:
12:81:6c:c5:63:13:c1:2c:b0:93:fe:52:09:79:e2:de:0e:98:
92:46:42:0d:27:70:91:3d:63:30:ff:fe:70:b4:79:e9:8e:25:
1a:b3:42:52:1e:10:9c:ec:2c:f1:fd:46:4f:03:25:92:11:06:
41:ed:59:76:cf:8c:1a:2c:eb:c9:f6:2b:a4:98:f6:b0:50:81:
35:22:01:3d:37:fe:7d:59:d3:cd:00:be:7b:83:fe:f5:97:1d:
29:91:7f:00:c3:ff:dd:fd:36:78:e3:53:d4:30:74:05:57:75:
e9:0f:07:43:ac:ed:ec:d5:62:17:aa:28:27:a3:86:a4:76:b4:
7b:39:0d:64:46:7e:8d:1f:60:7e:36:64:ef:bd:74:5d:28:e6:
fc:a9:4b:a4:14:43:a7:08:89:8e:2e:0c:6a:46:80:46:1a:38:
6a:76:ed:22:bb:8c:48:fe:4d:6d:7e:e0:9c:de:e7:b3:32:c6:
e2:9e:c9:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zn8D1umBhaStJuLIQ1DWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmY4NmYyZGJkMDc3NmM0ZTUxOWM5YzlhZTRmYWQwNDI2
ZjM5ZmYwHhcNMjYwMzI5MDcwMjE0WhcNMjYwMzMwMDcwMjE0WjAzMTEwLwYDVQQD
EygzMjM2MzFmMzY4OGI0NzhiOTVjYWY5OTY1ZWVhOGExMTM1NTdhNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17/aXq5cARc0nQz5RWzuMgy3or5b
tnZ2z1WRJ6U+IN9rjeOXNOfUe/FVoNGsOnk5PMcydH6/dxHBX9AJNTq1sTy+9O6b
0r4JlGSOrBSXX04voNO8yL5s6Na1bKV9AApy7nBqOmcsJXRgjuyK3pbRgxeOrh+p
PNieGWrWhYIODIZqoJ0QW9L64qDc/dIY+/Qz6OOCWj4kNr0WOG4qMAHgKvxaorAx
hjEeJ8lRTXsD8jHLrZHllDlmJb4QmK7cNOunl1TaaJsl5C26rNmWj9FiMTgcXW/f
FEobLGE5wjbidaMdqpWipuzr0RLjG/GlLt2khFTxPJZXFLUsMEMcefVXXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDI2MfNoi0eLlcr5ll7qihE1V6RgMB8GA1UdIwQY
MBaAFDgvhvLb0HdsTlGcnJrk+tBCbzn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2Mjgt
MjAzNTYzZjg0NWJiLzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2MjgtMjAzNTYzZjg0NWJi
LzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4B+u5y9h
KgdySPMBrOze2gPX4wrbutSI9rBS7OzoeoORaMf52c0ZNP2lN3dERo0uSgPrZNeX
8XxIwM8EZFPX1K8EKJbx2HoCEoFsxWMTwSywk/5SCXni3g6YkkZCDSdwkT1jMP/+
cLR56Y4lGrNCUh4QnOws8f1GTwMlkhEGQe1Zds+MGizryfYrpJj2sFCBNSIBPTf+
fVnTzQC+e4P+9ZcdKZF/AMP/3f02eONT1DB0BVd16Q8HQ6zt7NViF6ooJ6OGpHa0
ezkNZEZ+jR9gfjZk7710XSjm/KlLpBRDpwiJji4MakaARho4anbtIruMSP5NbX7g
nN7nszLG4p7JYA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:14 2026 by rpki-client