Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
File: otCM3GpDDvDaiCmRcla2rY0KNvk.mft (raw, json)
Hash identifier: 4Sb2UMLXCH26JwrwpmsGPU8Txn3CE1vZo0nBOwVIdR8=
Subject key identifier: 60:17:FE:16:8F:B5:F7:0D:6D:0B:8A:6A:E0:06:52:FA:14:CE:E5:D2
Authority key identifier: A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9
Certificate issuer: /CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9
Certificate serial: 019D37F750892D59065552C459A342570C0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
Manifest number: 0AB2
Signing time: Sun 29 Mar 2026 05:00:47 +0000
Manifest this update: Sun 29 Mar 2026 05:00:47 +0000
Manifest next update: Mon 30 Mar 2026 05:00:47 +0000
Files and hashes: 1: SjIFpOv8CU5TAe5BOSptvm-t2X8.roa (hash: noG1uYmKn+lp5DHEKlchBRM5lgdWGa4N1VmV9ta3T+w=)
2: otCM3GpDDvDaiCmRcla2rY0KNvk.crl (hash: qYpxZMg720/ofZJ/qZWIw/b+9eQTERL8wL3U3yE+Trw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:50:89:2d:59:06:55:52:c4:59:a3:42:57:0c:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9
Validity
Not Before: Mar 29 05:00:47 2026 GMT
Not After : Mar 30 05:00:47 2026 GMT
Subject: CN=6017fe168fb5f70d6d0b8a6ae00652fa14cee5d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c4:9d:dc:a5:10:d9:67:8e:db:26:86:ef:15:
03:5f:4c:62:9d:fd:25:92:31:db:f8:46:0f:36:e0:
4d:12:ca:2b:96:5b:3b:dc:ed:21:d4:4d:76:f3:91:
4a:26:fe:9e:1e:19:f8:f6:2f:b1:9e:a4:cd:3f:48:
fe:cd:5b:04:d0:a8:93:5b:16:f7:4e:14:33:44:25:
ef:84:1a:18:8e:8e:70:d3:4c:21:ef:b8:1a:fc:58:
7d:20:7b:c7:33:c5:43:85:f7:ed:33:41:1e:6d:5f:
4a:d7:c8:15:63:fc:3b:a0:29:0a:59:12:ae:d7:fc:
39:4a:34:70:20:b4:50:41:5e:2a:da:ea:bb:04:d6:
79:b8:fc:52:c9:9b:1c:a2:da:80:17:e5:cd:b4:30:
2e:b2:ab:b6:d0:ba:f0:28:38:ba:9a:16:2b:a2:9f:
90:7f:5c:48:a9:a7:80:4d:36:cd:0c:75:3b:4c:2e:
cb:f1:24:4a:cf:c4:4f:22:9e:0a:28:62:1c:b3:a5:
5e:b5:5c:e5:56:ea:45:88:6b:5b:f3:f9:2e:ec:68:
46:6f:84:0b:18:17:33:54:2f:61:a3:74:1d:fd:ba:
4d:45:17:72:41:72:a4:d7:3e:8b:48:48:15:21:8d:
2f:20:fb:19:22:52:97:29:9e:c5:2d:b0:ec:9a:d2:
47:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:17:FE:16:8F:B5:F7:0D:6D:0B:8A:6A:E0:06:52:FA:14:CE:E5:D2
X509v3 Authority Key Identifier:
keyid:A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:76:2e:4b:9c:41:3b:ad:d8:f3:c1:58:3c:5c:d7:c2:55:b8:
2f:d3:d6:f7:e6:bb:56:10:cc:4a:8c:cb:13:d5:b7:51:94:82:
ad:46:63:a2:d8:ab:b1:e0:73:da:5b:91:ed:c7:9a:21:38:d4:
1e:63:b3:c8:eb:cc:7b:e6:bf:4a:ed:d2:48:c0:15:d9:5a:ba:
44:49:e0:55:ba:80:87:a6:98:b6:d1:92:62:3d:b2:98:5c:e0:
19:53:9e:3e:fd:99:b6:1f:45:4b:16:10:56:f4:ad:fe:ff:da:
73:cb:42:8c:3d:99:7e:31:4e:c9:f7:78:b3:15:3b:2f:cf:df:
4f:44:d1:89:5f:5b:73:a1:41:3f:7d:79:54:c8:61:6a:98:93:
46:6f:0b:39:80:47:af:af:6d:2b:07:a2:2e:b5:ee:ef:b7:0b:
07:81:a0:86:ed:f6:33:4e:8e:5c:12:c7:e8:40:70:76:aa:7b:
0c:6c:a5:a7:3b:ce:2c:50:06:52:df:d9:bb:3c:d9:ad:56:bf:
64:6d:21:78:26:0c:4d:8e:18:e7:6c:cc:15:e9:2b:46:b4:46:
f9:d5:7c:62:3c:1b:4b:26:8c:3e:10:23:94:8b:2b:b5:6c:b5:
f3:43:39:53:4f:c2:ee:19:3d:ba:14:00:97:c7:c6:28:47:e3:
10:e7:1e:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0391CJLVkGVVLEWaNCVwwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDA4Y2RjNmE0MzBlZjBkYTg4Mjk5MTcyNTZiNmFkOGQw
YTM2ZjkwHhcNMjYwMzI5MDUwMDQ3WhcNMjYwMzMwMDUwMDQ3WjAzMTEwLwYDVQQD
Eyg2MDE3ZmUxNjhmYjVmNzBkNmQwYjhhNmFlMDA2NTJmYTE0Y2VlNWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMSd3KUQ2WeO2yaG7xUDX0xinf0l
kjHb+EYPNuBNEsorlls73O0h1E1285FKJv6eHhn49i+xnqTNP0j+zVsE0KiTWxb3
ThQzRCXvhBoYjo5w00wh77ga/Fh9IHvHM8VDhfftM0EebV9K18gVY/w7oCkKWRKu
1/w5SjRwILRQQV4q2uq7BNZ5uPxSyZscotqAF+XNtDAusqu20LrwKDi6mhYrop+Q
f1xIqaeATTbNDHU7TC7L8SRKz8RPIp4KKGIcs6VetVzlVupFiGtb8/ku7GhGb4QL
GBczVC9ho3Qd/bpNRRdyQXKk1z6LSEgVIY0vIPsZIlKXKZ7FLbDsmtJH2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGAX/haPtfcNbQuKauAGUvoUzuXSMB8GA1UdIwQY
MBaAFKLQjNxqQw7w2ogpkXJWtq2NCjb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMt
ZGMwMWExOWIyODU2LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMtZGMwMWExOWIyODU2
LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAXYuS5xB
O63Y88FYPFzXwlW4L9PW9+a7VhDMSozLE9W3UZSCrUZjotirseBz2luR7ceaITjU
HmOzyOvMe+a/Su3SSMAV2Vq6REngVbqAh6aYttGSYj2ymFzgGVOePv2Zth9FSxYQ
VvSt/v/ac8tCjD2ZfjFOyfd4sxU7L8/fT0TRiV9bc6FBP315VMhhapiTRm8LOYBH
r69tKweiLrXu77cLB4Gghu32M06OXBLH6EBwdqp7DGylpzvOLFAGUt/ZuzzZrVa/
ZG0heCYMTY4Y52zMFekrRrRG+dV8YjwbSyaMPhAjlIsrtWy180M5U0/C7hk9uhQA
l8fGKEfjEOcePw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:25:30 2026 by rpki-client