Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/1f0955-4d62-433b-b18c-7c37e639bf0f/1/OcqgvSVNGof0uzDbO1E_25r2JfY.mft
File: OcqgvSVNGof0uzDbO1E_25r2JfY.mft (raw, json)
Hash identifier: MnNH1dcr2dYzTXc24GcRRycZEQIniCtO9MNCcIqpFFA=
Subject key identifier: B4:B9:0E:D0:71:43:2E:0B:7C:3D:D0:99:91:63:E4:AE:35:2C:18:C0
Authority key identifier: 39:CA:A0:BD:25:4D:1A:87:F4:BB:30:DB:3B:51:3F:DB:9A:F6:25:F6
Certificate issuer: /CN=39caa0bd254d1a87f4bb30db3b513fdb9af625f6
Certificate serial: 019DA9E84EC9E78DBC9BC1A7A07F1596F1F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OcqgvSVNGof0uzDbO1E_25r2JfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/1f0955-4d62-433b-b18c-7c37e639bf0f/1/OcqgvSVNGof0uzDbO1E_25r2JfY.mft
Manifest number: 0ADC
Signing time: Mon 20 Apr 2026 08:01:07 +0000
Manifest this update: Mon 20 Apr 2026 08:01:07 +0000
Manifest next update: Tue 21 Apr 2026 08:01:07 +0000
Files and hashes: 1: OcqgvSVNGof0uzDbO1E_25r2JfY.crl (hash: oLx3DjyJPQHeO5hrReg6hjNVCryK8T3yt4leJyCRjBk=)
2: UlsTdR6iXILlELiEa_LKJSYv9dE.roa (hash: TsAC0FSS4xzyyilfdtL8K8wERh4UskS3qmNYtY3fKi8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/1f0955-4d62-433b-b18c-7c37e639bf0f/1/OcqgvSVNGof0uzDbO1E_25r2JfY.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/1f0955-4d62-433b-b18c-7c37e639bf0f/1/OcqgvSVNGof0uzDbO1E_25r2JfY.mft
rsync://rpki.ripe.net/repository/DEFAULT/OcqgvSVNGof0uzDbO1E_25r2JfY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Apr 2026 08:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a9:e8:4e:c9:e7:8d:bc:9b:c1:a7:a0:7f:15:96:f1:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39caa0bd254d1a87f4bb30db3b513fdb9af625f6
Validity
Not Before: Apr 20 08:01:07 2026 GMT
Not After : Apr 21 08:01:07 2026 GMT
Subject: CN=b4b90ed071432e0b7c3dd0999163e4ae352c18c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a1:ab:69:1a:2f:62:5e:eb:40:8a:4b:78:a0:
5f:9d:77:4c:3c:de:f5:a0:43:67:36:24:bc:32:47:
04:08:ac:ac:0c:4b:87:36:b8:fb:03:d8:96:2d:d1:
2d:21:c9:a1:8c:b1:96:e2:86:7d:d6:72:a6:49:d2:
34:3c:54:13:6b:0f:02:08:8a:76:e9:02:ae:ff:8c:
a0:77:eb:16:62:66:d5:a3:56:56:f2:e9:0b:ee:05:
3e:96:54:10:58:e5:b9:52:8c:65:6e:19:2b:27:7e:
17:3c:7e:08:cb:29:20:61:9a:41:f0:c5:3b:2f:3c:
26:2c:04:70:d5:a9:c9:0a:6b:27:0e:8c:9c:0b:8c:
ef:a0:73:38:6c:4d:d1:9c:da:30:fc:be:97:d0:b9:
ba:b5:2c:96:09:b3:75:70:e6:2b:5b:86:3d:c9:6a:
96:a6:1d:a7:db:30:9b:4c:ed:c9:e6:0c:90:55:73:
cf:cf:be:db:16:13:ec:59:68:14:80:d5:de:13:e1:
f1:88:ce:da:f6:16:c2:83:a2:20:14:d3:9e:4c:ee:
fc:96:20:7f:b5:bb:03:b8:7a:bb:fd:bf:a5:04:77:
10:e6:b9:4d:24:76:ce:6d:3c:2f:7d:ba:64:be:4d:
ee:cc:6a:df:28:6a:91:31:83:3d:85:1c:85:40:1a:
35:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B9:0E:D0:71:43:2E:0B:7C:3D:D0:99:91:63:E4:AE:35:2C:18:C0
X509v3 Authority Key Identifier:
keyid:39:CA:A0:BD:25:4D:1A:87:F4:BB:30:DB:3B:51:3F:DB:9A:F6:25:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OcqgvSVNGof0uzDbO1E_25r2JfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1f0955-4d62-433b-b18c-7c37e639bf0f/1/OcqgvSVNGof0uzDbO1E_25r2JfY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1f0955-4d62-433b-b18c-7c37e639bf0f/1/OcqgvSVNGof0uzDbO1E_25r2JfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b9:e7:c5:5d:24:70:0f:b3:43:b0:09:de:fa:2d:74:69:7e:fd:
c4:48:11:4a:d7:4a:b1:0d:f7:13:b3:b9:4b:05:e4:60:c2:2d:
f0:f3:b3:0f:c5:a7:1b:8f:65:80:22:5c:27:79:5e:8e:2a:b4:
9c:17:98:50:bb:2c:26:ec:fa:a4:f5:d6:1c:37:2c:12:bd:d7:
f0:d1:0c:0f:36:e2:17:f5:d0:c9:36:35:7e:3a:14:bf:88:90:
87:3e:0b:7d:a1:76:78:17:41:9a:ad:1f:0c:5c:26:86:ea:e4:
43:6f:54:93:3a:71:94:29:7b:23:75:55:8d:61:c4:15:09:06:
9e:b1:34:0f:a1:e4:e5:a4:68:d1:93:b5:fa:45:37:3f:55:c6:
ea:b9:d8:84:ed:07:dc:a3:0f:46:bf:e1:03:af:ad:0a:c4:d7:
f5:fb:0a:d5:1e:03:04:68:39:a1:eb:aa:9e:0c:94:dc:be:d8:
ec:5d:eb:b7:17:13:1c:2b:57:82:e5:a8:8d:42:50:db:35:41:
3c:eb:d0:09:f4:0d:35:33:29:38:fc:94:c1:b9:21:87:ca:52:
9b:a5:bf:64:51:6a:e8:8a:13:d2:68:98:0d:19:df:ce:6b:d8:
23:4a:a1:53:7a:2d:4d:d4:5d:82:d9:4f:bd:d8:1b:17:41:c2:
5c:de:a2:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2p6E7J5428m8GnoH8VlvH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Y2FhMGJkMjU0ZDFhODdmNGJiMzBkYjNiNTEzZmRiOWFm
NjI1ZjYwHhcNMjYwNDIwMDgwMTA3WhcNMjYwNDIxMDgwMTA3WjAzMTEwLwYDVQQD
EyhiNGI5MGVkMDcxNDMyZTBiN2MzZGQwOTk5MTYzZTRhZTM1MmMxOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKGraRovYl7rQIpLeKBfnXdMPN71
oENnNiS8MkcECKysDEuHNrj7A9iWLdEtIcmhjLGW4oZ91nKmSdI0PFQTaw8CCIp2
6QKu/4ygd+sWYmbVo1ZW8ukL7gU+llQQWOW5UoxlbhkrJ34XPH4IyykgYZpB8MU7
LzwmLARw1anJCmsnDoycC4zvoHM4bE3RnNow/L6X0Lm6tSyWCbN1cOYrW4Y9yWqW
ph2n2zCbTO3J5gyQVXPPz77bFhPsWWgUgNXeE+HxiM7a9hbCg6IgFNOeTO78liB/
tbsDuHq7/b+lBHcQ5rlNJHbObTwvfbpkvk3uzGrfKGqRMYM9hRyFQBo1QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLS5DtBxQy4LfD3QmZFj5K41LBjAMB8GA1UdIwQY
MBaAFDnKoL0lTRqH9Lsw2ztRP9ua9iX2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2NxZ3ZTVk5Hb2YwdXpEYk8xRV8yNXIySmZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xZjA5NTUtNGQ2Mi00MzNiLWIxOGMt
N2MzN2U2MzliZjBmLzEvT2NxZ3ZTVk5Hb2YwdXpEYk8xRV8yNXIySmZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8xZjA5NTUtNGQ2Mi00MzNiLWIxOGMtN2MzN2U2MzliZjBm
LzEvT2NxZ3ZTVk5Hb2YwdXpEYk8xRV8yNXIySmZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuefFXSRw
D7NDsAne+i10aX79xEgRStdKsQ33E7O5SwXkYMIt8POzD8WnG49lgCJcJ3lejiq0
nBeYULssJuz6pPXWHDcsEr3X8NEMDzbiF/XQyTY1fjoUv4iQhz4LfaF2eBdBmq0f
DFwmhurkQ29UkzpxlCl7I3VVjWHEFQkGnrE0D6Hk5aRo0ZO1+kU3P1XG6rnYhO0H
3KMPRr/hA6+tCsTX9fsK1R4DBGg5oeuqngyU3L7Y7F3rtxcTHCtXguWojUJQ2zVB
POvQCfQNNTMpOPyUwbkhh8pSm6W/ZFFq6IoT0miYDRnfzmvYI0qhU3otTdRdgtlP
vdgbF0HCXN6iaA==
-----END CERTIFICATE-----
Generated at Mon Apr 20 17:13:07 2026 by rpki-client