Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
File: OCrZBtcZpmqFoxPRBSlAAstlf3s.mft (raw, json)
Hash identifier: vw5V8a+24WHiJJR4BpEo7TRahj5LEdLTS9nGPmMD7uE=
Subject key identifier: CB:A6:23:34:4E:91:2C:55:DC:2A:B0:F1:87:64:F0:C3:58:8F:8B:E9
Authority key identifier: 38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B
Certificate issuer: /CN=382ad906d719a66a85a313d105294002cb657f7b
Certificate serial: 019D37522ED16D15C97800CD1BA080D012CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
Manifest number: 046F
Signing time: Sun 29 Mar 2026 02:00:25 +0000
Manifest this update: Sun 29 Mar 2026 02:00:25 +0000
Manifest next update: Mon 30 Mar 2026 02:00:25 +0000
Files and hashes: 1: OCrZBtcZpmqFoxPRBSlAAstlf3s.crl (hash: tTHGl4xAPeSOcYstLZECHTSaCc0dicdjS3PPrnEEP4I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:2e:d1:6d:15:c9:78:00:cd:1b:a0:80:d0:12:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382ad906d719a66a85a313d105294002cb657f7b
Validity
Not Before: Mar 29 02:00:25 2026 GMT
Not After : Mar 30 02:00:25 2026 GMT
Subject: CN=cba623344e912c55dc2ab0f18764f0c3588f8be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:13:50:89:8d:44:fe:c7:f2:31:48:0c:f6:24:
42:0a:44:bc:40:f0:03:00:3b:5f:73:5b:42:7b:ff:
04:37:99:15:b8:79:11:99:55:4f:fd:4c:1b:6c:ef:
3b:6a:86:4e:11:09:5f:d3:21:9d:06:fb:79:79:99:
e1:30:52:eb:53:83:27:46:1c:37:38:e5:53:c5:c9:
4d:d5:ba:8a:78:2a:3e:e5:aa:aa:1b:2a:f0:18:90:
d5:6e:a1:27:8c:e0:16:c6:6a:e8:11:42:13:b9:6f:
82:b1:36:8b:01:33:71:cd:45:94:0d:74:81:37:2c:
4f:73:4e:67:47:a2:56:7d:c8:c2:32:17:40:5c:09:
3f:94:c9:e4:7c:9f:f9:42:58:34:80:bb:5e:72:b0:
5e:3e:99:28:cd:c3:25:f5:e2:e3:dd:8e:ca:b4:ea:
78:68:94:51:02:99:d5:37:33:65:34:de:56:64:56:
71:aa:5c:38:a6:c5:88:02:1e:8e:a5:bf:f2:58:ed:
35:56:cd:dd:6a:cd:15:a1:44:9a:e4:d7:84:1a:9b:
de:be:1d:60:6d:2b:da:6b:4f:ce:31:7c:1b:41:f0:
9b:64:c1:2e:09:f1:c6:41:9b:a5:86:e9:a0:ed:59:
b9:87:b8:17:e6:88:f8:38:55:2c:d6:ad:15:f0:98:
3e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:A6:23:34:4E:91:2C:55:DC:2A:B0:F1:87:64:F0:C3:58:8F:8B:E9
X509v3 Authority Key Identifier:
keyid:38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:63:36:fb:c2:a8:36:97:11:90:c2:29:a9:f6:7b:e1:99:78:
c6:ab:c7:fb:92:ba:54:a5:ba:68:b1:f4:7a:cf:0e:95:ef:a2:
56:d7:be:ab:44:64:be:8f:ec:13:b3:cb:8b:b2:b6:26:1b:3b:
e7:b1:46:fb:d4:9e:9e:c8:c7:59:ba:32:84:5e:9f:66:6e:2f:
01:9a:39:6e:e3:0b:48:7f:63:12:b5:ba:0f:e3:be:8b:40:e0:
a7:b2:62:f4:3c:0b:70:39:48:0f:00:96:36:58:fc:eb:da:7d:
aa:e5:90:ed:fd:fb:76:1e:40:f1:82:70:c0:1c:7b:6e:02:c8:
77:37:99:3b:13:9c:5d:5e:af:29:69:18:fe:99:0d:d1:7a:2c:
1c:8f:1e:89:e1:0a:30:c5:5a:4f:c3:a0:8c:f1:e8:2c:78:c9:
47:45:3e:62:30:8d:07:65:4b:1f:9b:3b:4c:17:b4:37:13:43:
34:69:a1:ee:cb:fd:b7:b0:4d:f5:00:60:34:8c:47:f7:22:76:
50:41:e4:0e:19:5c:3e:dd:47:13:de:59:23:4c:fd:3b:e6:a8:
dd:89:32:7f:52:e3:b0:58:b5:f6:15:22:15:98:c7:a5:d4:af:
8e:4e:f7:61:8b:6e:99:92:d3:89:b4:4b:27:4c:85:38:0a:19:
64:45:aa:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Ui7RbRXJeADNG6CA0BLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmFkOTA2ZDcxOWE2NmE4NWEzMTNkMTA1Mjk0MDAyY2I2
NTdmN2IwHhcNMjYwMzI5MDIwMDI1WhcNMjYwMzMwMDIwMDI1WjAzMTEwLwYDVQQD
EyhjYmE2MjMzNDRlOTEyYzU1ZGMyYWIwZjE4NzY0ZjBjMzU4OGY4YmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBNQiY1E/sfyMUgM9iRCCkS8QPAD
ADtfc1tCe/8EN5kVuHkRmVVP/UwbbO87aoZOEQlf0yGdBvt5eZnhMFLrU4MnRhw3
OOVTxclN1bqKeCo+5aqqGyrwGJDVbqEnjOAWxmroEUITuW+CsTaLATNxzUWUDXSB
NyxPc05nR6JWfcjCMhdAXAk/lMnkfJ/5Qlg0gLtecrBePpkozcMl9eLj3Y7KtOp4
aJRRApnVNzNlNN5WZFZxqlw4psWIAh6Opb/yWO01Vs3das0VoUSa5NeEGpvevh1g
bSvaa0/OMXwbQfCbZMEuCfHGQZulhumg7Vm5h7gX5oj4OFUs1q0V8Jg+PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMumIzROkSxV3Cqw8Ydk8MNYj4vpMB8GA1UdIwQY
MBaAFDgq2QbXGaZqhaMT0QUpQALLZX97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAt
NmNlNTJiZWU2NjZhLzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAtNmNlNTJiZWU2NjZh
LzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUGM2+8Ko
NpcRkMIpqfZ74Zl4xqvH+5K6VKW6aLH0es8Ole+iVte+q0Rkvo/sE7PLi7K2Jhs7
57FG+9SensjHWboyhF6fZm4vAZo5buMLSH9jErW6D+O+i0Dgp7Ji9DwLcDlIDwCW
Nlj869p9quWQ7f37dh5A8YJwwBx7bgLIdzeZOxOcXV6vKWkY/pkN0XosHI8eieEK
MMVaT8OgjPHoLHjJR0U+YjCNB2VLH5s7TBe0NxNDNGmh7sv9t7BN9QBgNIxH9yJ2
UEHkDhlcPt1HE95ZI0z9O+ao3Ykyf1LjsFi19hUiFZjHpdSvjk73YYtumZLTibRL
J0yFOAoZZEWqDQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:32:00 2026 by rpki-client