Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/e2a8f4-7065-474b-a03d-27509711e37f/1/OCvsQ90a_pemT1brhUx58WP6TuY.mft
File: OCvsQ90a_pemT1brhUx58WP6TuY.mft (raw, json)
Hash identifier: XawZfm8QRFE0J7ltolGYM87eBT8eeriNl/FSu0TIanw=
Subject key identifier: A5:70:E3:3A:7A:D7:0E:F8:DA:9A:6D:B9:EF:6C:68:96:32:0F:C2:DE
Authority key identifier: 38:2B:EC:43:DD:1A:FE:97:A6:4F:56:EB:85:4C:79:F1:63:FA:4E:E6
Certificate issuer: /CN=382bec43dd1afe97a64f56eb854c79f163fa4ee6
Certificate serial: 019D3977A9F8199207491151EAF5349B8E8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCvsQ90a_pemT1brhUx58WP6TuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/e2a8f4-7065-474b-a03d-27509711e37f/1/OCvsQ90a_pemT1brhUx58WP6TuY.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 12:00:36 +0000
Manifest this update: Sun 29 Mar 2026 12:00:36 +0000
Manifest next update: Mon 30 Mar 2026 12:00:36 +0000
Files and hashes: 1: OCvsQ90a_pemT1brhUx58WP6TuY.crl (hash: V9sdwCAL6IdQQA6StNXap4U69S6+iWBLrTAoTEIeuzA=)
2: koNJsw7rhD5IJatTFzpoPL-Nrc0.roa (hash: Wndxcrvpmd8iBNHp55napUJ/eEMGTsK13AYEaJxB1y8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/e2a8f4-7065-474b-a03d-27509711e37f/1/OCvsQ90a_pemT1brhUx58WP6TuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/e2a8f4-7065-474b-a03d-27509711e37f/1/OCvsQ90a_pemT1brhUx58WP6TuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCvsQ90a_pemT1brhUx58WP6TuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:a9:f8:19:92:07:49:11:51:ea:f5:34:9b:8e:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382bec43dd1afe97a64f56eb854c79f163fa4ee6
Validity
Not Before: Mar 29 12:00:36 2026 GMT
Not After : Mar 30 12:00:36 2026 GMT
Subject: CN=a570e33a7ad70ef8da9a6db9ef6c6896320fc2de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f5:04:f4:97:0c:56:f6:58:a9:d5:08:c9:32:
72:fd:f0:0a:a3:65:73:32:7d:f0:89:20:67:a6:35:
c2:9f:51:cf:ed:cc:13:db:44:40:77:3a:e1:20:2e:
c3:2e:7b:62:1b:8a:0f:fa:fc:ff:49:2d:6e:0a:06:
90:d7:99:90:6e:ed:8f:14:96:1a:55:09:d3:2b:fa:
78:b8:1d:a7:56:b0:19:8f:8c:bc:c3:0e:c3:39:70:
63:75:07:8b:e5:e5:c3:4a:47:3b:81:d7:7d:4f:9d:
9d:45:3a:41:7b:1e:3d:9a:20:2a:19:90:e1:bc:ed:
65:77:18:aa:03:57:68:53:02:c7:03:6f:c7:4c:c6:
42:27:05:2a:86:b2:d7:cd:b6:0a:c0:05:12:cb:65:
fe:d5:7b:8f:ba:08:08:60:bd:32:7b:3c:44:52:0d:
ec:ab:46:f3:98:eb:0b:1d:45:05:1f:df:e8:5c:49:
a2:36:d9:37:8a:05:43:75:40:b1:63:10:ab:a6:65:
c9:b3:69:a5:c7:4e:cd:90:71:3d:b8:f4:85:21:b1:
66:8f:ae:d6:11:ad:9e:4c:1f:07:16:5c:4c:b5:d3:
8a:11:b0:b9:07:18:66:32:20:fa:d6:2e:9f:fe:5e:
96:4d:69:fd:bb:ad:de:70:b6:98:26:fc:52:ae:7d:
66:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:70:E3:3A:7A:D7:0E:F8:DA:9A:6D:B9:EF:6C:68:96:32:0F:C2:DE
X509v3 Authority Key Identifier:
keyid:38:2B:EC:43:DD:1A:FE:97:A6:4F:56:EB:85:4C:79:F1:63:FA:4E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCvsQ90a_pemT1brhUx58WP6TuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e2a8f4-7065-474b-a03d-27509711e37f/1/OCvsQ90a_pemT1brhUx58WP6TuY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e2a8f4-7065-474b-a03d-27509711e37f/1/OCvsQ90a_pemT1brhUx58WP6TuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:eb:b4:b4:3a:f7:d0:b8:85:3c:9b:b3:cf:5f:e2:63:a2:1c:
40:e1:60:25:2e:3d:4a:94:94:9a:8e:6b:cb:d9:04:dd:26:23:
06:c1:b1:87:17:b5:05:f2:7d:4a:96:37:a4:da:c0:c0:0d:0a:
3a:c8:97:f7:f7:48:3c:a1:cf:5e:93:73:57:e1:be:ee:01:69:
a7:95:db:e3:a3:be:b9:eb:45:68:6d:7c:b1:8e:26:11:e1:6a:
fc:09:4f:9c:ff:f6:48:0e:96:e0:36:61:79:af:1c:c5:4b:10:
3a:3c:46:a4:de:b1:fb:eb:39:4f:9d:c9:ec:fe:ef:e1:8d:6b:
ab:92:32:11:b1:61:0a:3d:92:41:72:55:d3:b0:12:06:e2:c1:
7e:53:06:c9:ca:b0:ed:b9:e3:3c:32:e4:d6:05:b1:b9:58:20:
1b:50:2a:97:9d:5a:d5:7c:d6:3c:15:3e:9c:e1:4e:c8:0d:33:
a1:f1:19:09:9a:37:95:07:ab:ba:ea:82:51:8f:23:ea:d5:c2:
55:41:60:75:4c:b5:5a:bb:39:62:d7:e7:c9:55:cf:f6:41:a7:
fe:54:b9:dd:cd:40:22:78:f8:b8:fe:cc:f4:0f:c8:70:f6:be:
0e:b1:bb:89:d5:83:8c:fe:09:70:d4:bb:2e:68:9d:a7:cd:27:
38:08:ef:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d6n4GZIHSRFR6vU0m46MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmJlYzQzZGQxYWZlOTdhNjRmNTZlYjg1NGM3OWYxNjNm
YTRlZTYwHhcNMjYwMzI5MTIwMDM2WhcNMjYwMzMwMTIwMDM2WjAzMTEwLwYDVQQD
EyhhNTcwZTMzYTdhZDcwZWY4ZGE5YTZkYjllZjZjNjg5NjMyMGZjMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPUE9JcMVvZYqdUIyTJy/fAKo2Vz
Mn3wiSBnpjXCn1HP7cwT20RAdzrhIC7DLntiG4oP+vz/SS1uCgaQ15mQbu2PFJYa
VQnTK/p4uB2nVrAZj4y8ww7DOXBjdQeL5eXDSkc7gdd9T52dRTpBex49miAqGZDh
vO1ldxiqA1doUwLHA2/HTMZCJwUqhrLXzbYKwAUSy2X+1XuPuggIYL0yezxEUg3s
q0bzmOsLHUUFH9/oXEmiNtk3igVDdUCxYxCrpmXJs2mlx07NkHE9uPSFIbFmj67W
Ea2eTB8HFlxMtdOKEbC5BxhmMiD61i6f/l6WTWn9u63ecLaYJvxSrn1mpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKVw4zp61w742pptue9saJYyD8LeMB8GA1UdIwQY
MBaAFDgr7EPdGv6Xpk9W64VMefFj+k7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0N2c1E5MGFfcGVtVDFicmhVeDU4V1A2VHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lMmE4ZjQtNzA2NS00NzRiLWEwM2Qt
Mjc1MDk3MTFlMzdmLzEvT0N2c1E5MGFfcGVtVDFicmhVeDU4V1A2VHVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9lMmE4ZjQtNzA2NS00NzRiLWEwM2QtMjc1MDk3MTFlMzdm
LzEvT0N2c1E5MGFfcGVtVDFicmhVeDU4V1A2VHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT+u0tDr3
0LiFPJuzz1/iY6IcQOFgJS49SpSUmo5ry9kE3SYjBsGxhxe1BfJ9SpY3pNrAwA0K
OsiX9/dIPKHPXpNzV+G+7gFpp5Xb46O+uetFaG18sY4mEeFq/AlPnP/2SA6W4DZh
ea8cxUsQOjxGpN6x++s5T53J7P7v4Y1rq5IyEbFhCj2SQXJV07ASBuLBflMGycqw
7bnjPDLk1gWxuVggG1Aql51a1XzWPBU+nOFOyA0zofEZCZo3lQeruuqCUY8j6tXC
VUFgdUy1Wrs5YtfnyVXP9kGn/lS53c1AInj4uP7M9A/IcPa+DrG7idWDjP4JcNS7
Lmidp80nOAjvFw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:27:52 2026 by rpki-client