Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
File: oCN2bGLetRKXFVcI7MtCHIsEeAo.mft (raw, json)
Hash identifier: 2/3PXp2mrI2ICcU7CZwAdmXRbJTm1FTtJT+RC4CUL0U=
Subject key identifier: BF:F2:81:86:77:59:30:56:F9:A4:51:78:6F:E8:4F:2C:DC:62:AD:0F
Authority key identifier: A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
Certificate issuer: /CN=a023766c62deb51297155708eccb421c8b04780a
Certificate serial: 019E9D3C62414A3CC56CA481F8533CC5E903
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
Manifest number: 169A
Signing time: Sat 06 Jun 2026 14:00:40 +0000
Manifest this update: Sat 06 Jun 2026 14:00:40 +0000
Manifest next update: Sun 07 Jun 2026 14:00:40 +0000
Files and hashes: 1: g0-HGh4bznaFgiFX5KCpF3Q8z70.roa (hash: kuqsXcay0qN76iKLs/AKqPrHvwfsG46t73MVLxZfYe0=)
2: oCN2bGLetRKXFVcI7MtCHIsEeAo.crl (hash: TibWQw0A6uM6d/b1Y1gwVxPqSFB0gIWG0Lxd8uqX94I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 12:50:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:9d:3c:62:41:4a:3c:c5:6c:a4:81:f8:53:3c:c5:e9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a023766c62deb51297155708eccb421c8b04780a
Validity
Not Before: Jun 6 14:00:40 2026 GMT
Not After : Jun 7 14:00:40 2026 GMT
Subject: CN=bff2818677593056f9a451786fe84f2cdc62ad0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:91:12:64:30:88:c8:d2:23:a0:d9:f3:1a:9a:
0e:7c:6e:01:3d:7f:3f:39:9b:5e:a1:b0:23:09:e7:
e9:60:af:ef:d5:8e:b9:98:a7:3e:49:c5:54:9e:5f:
5c:11:35:dc:e2:be:ca:71:24:2c:8d:1e:20:a1:c3:
57:a0:9c:0e:a5:fa:66:6f:26:1d:29:73:f8:ee:56:
3b:38:02:e1:23:8e:15:57:e3:23:c0:b8:41:80:32:
b0:4f:00:84:96:95:8d:c9:e6:f9:76:4e:eb:bf:93:
e6:56:c2:4b:80:fa:34:58:91:d7:88:11:7e:14:4f:
ea:33:9c:52:b3:97:56:79:97:b8:8e:52:4e:e6:85:
4c:6f:7d:0f:9b:23:cb:72:64:26:c8:e7:d0:ad:39:
d4:03:ce:86:e4:ab:b0:8d:42:87:6f:e3:e4:4d:9f:
71:24:2a:df:e2:9b:c2:14:86:4c:9a:a3:19:cd:46:
bb:70:17:cf:e4:52:69:52:46:01:65:37:0e:45:9d:
26:3b:1f:8c:7a:a2:86:3a:e2:94:4b:d4:e5:01:23:
e1:4d:06:24:af:b1:cf:31:92:01:5d:ed:7c:fc:89:
e3:04:9b:42:b5:a6:de:c4:1c:9b:4d:bc:63:a1:84:
90:1b:ee:a0:83:a6:36:c5:b8:e6:44:c4:d2:f8:38:
59:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F2:81:86:77:59:30:56:F9:A4:51:78:6F:E8:4F:2C:DC:62:AD:0F
X509v3 Authority Key Identifier:
keyid:A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:14:0e:ad:df:a2:d4:35:56:18:fa:72:b3:ed:87:a8:b5:eb:
1f:dc:6f:fb:bc:bd:52:ff:d3:ec:9a:c8:f4:33:32:06:d0:57:
1e:c6:9d:95:01:4d:7a:82:12:2e:f6:fd:c6:e5:06:3c:00:68:
48:68:97:ec:d4:4e:f3:e3:9d:fb:a6:7e:9d:bb:e7:3f:32:25:
a5:13:ac:ac:e0:e1:24:39:a2:0c:bc:70:33:51:0c:d9:6d:c7:
d6:62:85:33:f4:38:ab:c4:a8:21:63:dc:80:04:a5:cd:68:d9:
69:e3:33:0c:fd:7b:f1:19:2f:9f:9a:f5:c7:d7:cc:37:c7:32:
1d:d1:00:35:5c:c8:02:0b:0f:c6:25:16:28:5b:71:23:be:85:
3e:e8:54:5f:cd:cf:b8:00:4e:a1:fb:67:94:6b:06:16:86:8d:
aa:12:93:12:45:ed:fd:cb:3f:39:4c:5f:be:a9:b0:3a:c1:a8:
89:b5:81:91:00:e2:be:6e:f7:9f:b6:74:bf:dc:60:09:59:6b:
cd:96:95:4f:e8:18:3a:e5:54:c5:7c:77:7a:2a:e8:f4:dc:c2:
e4:7e:e9:90:23:36:5b:92:c5:51:4a:b2:71:68:2c:2b:47:9e:
18:b4:d1:f8:33:25:e0:0b:41:42:ef:7c:43:3b:35:6b:08:48:
49:57:5b:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6dPGJBSjzFbKSB+FM8xekDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjM3NjZjNjJkZWI1MTI5NzE1NTcwOGVjY2I0MjFjOGIw
NDc4MGEwHhcNMjYwNjA2MTQwMDQwWhcNMjYwNjA3MTQwMDQwWjAzMTEwLwYDVQQD
EyhiZmYyODE4Njc3NTkzMDU2ZjlhNDUxNzg2ZmU4NGYyY2RjNjJhZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5ESZDCIyNIjoNnzGpoOfG4BPX8/
OZteobAjCefpYK/v1Y65mKc+ScVUnl9cETXc4r7KcSQsjR4gocNXoJwOpfpmbyYd
KXP47lY7OALhI44VV+MjwLhBgDKwTwCElpWNyeb5dk7rv5PmVsJLgPo0WJHXiBF+
FE/qM5xSs5dWeZe4jlJO5oVMb30PmyPLcmQmyOfQrTnUA86G5KuwjUKHb+PkTZ9x
JCrf4pvCFIZMmqMZzUa7cBfP5FJpUkYBZTcORZ0mOx+MeqKGOuKUS9TlASPhTQYk
r7HPMZIBXe18/InjBJtCtabexBybTbxjoYSQG+6gg6Y2xbjmRMTS+DhZqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/ygYZ3WTBW+aRReG/oTyzcYq0PMB8GA1UdIwQY
MBaAFKAjdmxi3rUSlxVXCOzLQhyLBHgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAt
YTNhMTAwZWY4NmRlLzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAtYTNhMTAwZWY4NmRl
LzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAahQOrd+i
1DVWGPpys+2HqLXrH9xv+7y9Uv/T7JrI9DMyBtBXHsadlQFNeoISLvb9xuUGPABo
SGiX7NRO8+Od+6Z+nbvnPzIlpROsrODhJDmiDLxwM1EM2W3H1mKFM/Q4q8SoIWPc
gASlzWjZaeMzDP178Rkvn5r1x9fMN8cyHdEANVzIAgsPxiUWKFtxI76FPuhUX83P
uABOoftnlGsGFoaNqhKTEkXt/cs/OUxfvqmwOsGoibWBkQDivm73n7Z0v9xgCVlr
zZaVT+gYOuVUxXx3eiro9NzC5H7pkCM2W5LFUUqycWgsK0eeGLTR+DMl4AtBQu98
Qzs1awhISVdbew==
-----END CERTIFICATE-----
Generated at Sat Jun 6 16:57:50 2026 by rpki-client