Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
File: oCN2bGLetRKXFVcI7MtCHIsEeAo.mft (raw, json)
Hash identifier: V3yH31/Za9SdTk02dnutkTxvojvFCXuto/bImNLARA4=
Subject key identifier: A7:70:84:E8:F2:5B:A9:70:CC:B1:18:34:71:89:84:C3:A9:64:7D:CD
Authority key identifier: A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
Certificate issuer: /CN=a023766c62deb51297155708eccb421c8b04780a
Certificate serial: 019D37F70EEDDDB2808035AFA2BE9C702D20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
Manifest number: 15E1
Signing time: Sun 29 Mar 2026 05:00:31 +0000
Manifest this update: Sun 29 Mar 2026 05:00:31 +0000
Manifest next update: Mon 30 Mar 2026 05:00:31 +0000
Files and hashes: 1: g0-HGh4bznaFgiFX5KCpF3Q8z70.roa (hash: kuqsXcay0qN76iKLs/AKqPrHvwfsG46t73MVLxZfYe0=)
2: oCN2bGLetRKXFVcI7MtCHIsEeAo.crl (hash: Qrag4YjfuyH8DVAnFgVips84YAvuLmuVRb+GfGyaldg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:0e:ed:dd:b2:80:80:35:af:a2:be:9c:70:2d:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a023766c62deb51297155708eccb421c8b04780a
Validity
Not Before: Mar 29 05:00:31 2026 GMT
Not After : Mar 30 05:00:31 2026 GMT
Subject: CN=a77084e8f25ba970ccb11834718984c3a9647dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1e:a7:fe:08:39:19:e9:12:be:b2:ec:e2:7a:
33:25:76:ba:50:79:5d:35:f0:8b:68:a4:87:d4:df:
de:27:4c:66:81:69:7d:e3:6e:34:c7:a8:0f:9a:e8:
41:f9:fb:46:ff:4d:3f:a1:fc:2a:45:83:cb:f5:0b:
a0:f8:fa:11:6f:42:61:a7:f3:9c:47:fe:7d:78:e7:
36:de:e0:8d:34:4b:e6:5d:3f:3d:3a:f7:e7:4b:0e:
ef:54:45:17:66:e5:65:b8:e7:8a:97:d2:da:89:d0:
97:88:79:b0:34:15:2e:e3:e5:e4:6d:ca:37:f0:a8:
f9:3b:57:ff:f8:6c:9d:77:ff:77:07:0c:96:7d:be:
57:e2:f8:d0:2d:f5:f5:1f:7e:92:67:78:14:3f:77:
67:8e:ed:29:75:b9:a2:5f:1e:38:6d:17:a9:f0:ba:
a6:95:d6:81:36:a0:17:87:9d:73:28:70:24:b6:8f:
6c:45:3e:fc:c7:bf:c8:10:32:5d:4c:5a:34:47:12:
5d:de:28:ec:a3:83:c6:11:e2:00:4a:13:77:b8:41:
f5:96:3b:79:4e:07:b9:ec:f9:4f:b8:c9:bf:8b:36:
af:7e:a8:76:88:32:b7:98:0e:ee:8c:e5:d6:9b:8d:
1b:68:f4:fe:37:38:4a:35:b9:da:57:70:25:57:a2:
c8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:70:84:E8:F2:5B:A9:70:CC:B1:18:34:71:89:84:C3:A9:64:7D:CD
X509v3 Authority Key Identifier:
keyid:A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:f5:67:0e:11:eb:96:f0:d8:b9:d5:1c:66:e2:31:82:20:62:
66:47:b0:09:32:e0:e0:ef:74:ff:85:97:ec:37:ea:47:6d:67:
48:a3:55:0b:c2:43:27:76:30:4f:fb:52:e0:b2:fa:2e:b6:12:
0f:23:05:e6:93:86:07:8a:01:53:2d:7a:39:8d:03:90:3f:7d:
ca:3e:52:0d:e7:2c:9d:12:63:ec:14:6f:13:16:cf:f9:ff:0c:
f9:52:30:30:60:73:d8:66:b8:08:21:11:78:e5:71:27:52:78:
ed:d8:c2:2b:b6:99:57:80:c6:7b:0f:6c:55:98:4a:1b:e9:33:
f3:fd:62:32:d0:70:3b:43:7d:cb:54:11:73:82:5b:b2:7c:0c:
4b:09:4b:1a:87:e3:09:8c:6d:c4:f7:75:04:90:7f:e0:c0:d9:
f0:2e:e0:15:c3:b0:f2:38:fd:45:76:8c:dd:1b:10:29:be:02:
43:6b:8f:9c:b9:38:41:4e:ee:45:67:99:d4:07:1b:90:62:13:
9d:16:58:70:4b:de:3b:ef:85:06:d9:6d:58:f8:35:0f:24:7b:
30:fb:af:f8:b8:6e:22:14:a4:ac:d7:67:43:46:97:e2:c5:a2:
4d:95:53:b6:d5:a9:09:f4:0e:a5:c8:a1:d3:58:81:80:4a:6d:
07:c1:e3:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039w7t3bKAgDWvor6ccC0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjM3NjZjNjJkZWI1MTI5NzE1NTcwOGVjY2I0MjFjOGIw
NDc4MGEwHhcNMjYwMzI5MDUwMDMxWhcNMjYwMzMwMDUwMDMxWjAzMTEwLwYDVQQD
EyhhNzcwODRlOGYyNWJhOTcwY2NiMTE4MzQ3MTg5ODRjM2E5NjQ3ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR6n/gg5GekSvrLs4nozJXa6UHld
NfCLaKSH1N/eJ0xmgWl94240x6gPmuhB+ftG/00/ofwqRYPL9Qug+PoRb0Jhp/Oc
R/59eOc23uCNNEvmXT89OvfnSw7vVEUXZuVluOeKl9LaidCXiHmwNBUu4+Xkbco3
8Kj5O1f/+Gydd/93BwyWfb5X4vjQLfX1H36SZ3gUP3dnju0pdbmiXx44bRep8Lqm
ldaBNqAXh51zKHAkto9sRT78x7/IEDJdTFo0RxJd3ijso4PGEeIAShN3uEH1ljt5
Tge57PlPuMm/izavfqh2iDK3mA7ujOXWm40baPT+NzhKNbnaV3AlV6LIPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKdwhOjyW6lwzLEYNHGJhMOpZH3NMB8GA1UdIwQY
MBaAFKAjdmxi3rUSlxVXCOzLQhyLBHgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAt
YTNhMTAwZWY4NmRlLzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAtYTNhMTAwZWY4NmRl
LzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANPVnDhHr
lvDYudUcZuIxgiBiZkewCTLg4O90/4WX7DfqR21nSKNVC8JDJ3YwT/tS4LL6LrYS
DyMF5pOGB4oBUy16OY0DkD99yj5SDecsnRJj7BRvExbP+f8M+VIwMGBz2Ga4CCER
eOVxJ1J47djCK7aZV4DGew9sVZhKG+kz8/1iMtBwO0N9y1QRc4JbsnwMSwlLGofj
CYxtxPd1BJB/4MDZ8C7gFcOw8jj9RXaM3RsQKb4CQ2uPnLk4QU7uRWeZ1AcbkGIT
nRZYcEveO++FBtltWPg1DyR7MPuv+LhuIhSkrNdnQ0aX4sWiTZVTttWpCfQOpcih
01iBgEptB8Hj8A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:04 2026 by rpki-client