Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.mft
File: oso33tG3DIG3SkMPm016zGKAXtg.mft (raw, json)
Hash identifier: 5+yl3ZvbptixXZ0d4iFwtxFKvfNTNRi+Ab8hRy3a51E=
Subject key identifier: B8:59:F4:8E:1A:F2:DA:D9:19:63:36:F0:75:A8:D3:CA:EE:DE:A2:BB
Authority key identifier: A2:CA:37:DE:D1:B7:0C:81:B7:4A:43:0F:9B:4D:7A:CC:62:80:5E:D8
Certificate issuer: /CN=a2ca37ded1b70c81b74a430f9b4d7acc62805ed8
Certificate serial: 019D9A3DF290DFA0905E6E542F3874B07C4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.mft
Manifest number: 06FF
Signing time: Fri 17 Apr 2026 07:00:44 +0000
Manifest this update: Fri 17 Apr 2026 07:00:44 +0000
Manifest next update: Sat 18 Apr 2026 07:00:44 +0000
Files and hashes: 1: 8y7GNNa3VSZ0w99_9ipLylxWc2w.roa (hash: 5mPkRAu5BGZlM5kj1fiinENXANd4dMpIzIY3DWFLsx0=)
2: oso33tG3DIG3SkMPm016zGKAXtg.crl (hash: X9vl/2n6sAEajIy7RhKSV0/zi7JiiXxej5HVbBQVoQA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:3d:f2:90:df:a0:90:5e:6e:54:2f:38:74:b0:7c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2ca37ded1b70c81b74a430f9b4d7acc62805ed8
Validity
Not Before: Apr 17 07:00:44 2026 GMT
Not After : Apr 18 07:00:44 2026 GMT
Subject: CN=b859f48e1af2dad9196336f075a8d3caeedea2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cc:8c:66:60:2c:13:b3:57:a8:80:be:5d:b0:
8e:06:28:70:cc:6d:01:e8:5d:2b:96:5f:0e:9d:e9:
56:be:16:07:d0:73:47:ba:4f:00:ac:4d:50:dd:85:
40:42:b6:21:c6:5a:7d:9b:ed:8c:3e:93:f0:22:cc:
54:62:78:f0:23:9f:e4:ae:90:7d:79:ee:07:87:42:
4b:69:69:65:a2:7c:99:51:e5:d7:c8:d1:67:23:8f:
b8:f5:ad:03:83:91:1a:7c:df:ba:d8:ac:9f:c5:96:
49:f7:e7:7e:d1:a6:90:6c:6e:16:52:69:e8:d2:07:
62:de:12:eb:57:1b:53:5e:c8:8e:9f:98:66:c3:ef:
bf:66:1e:b4:5b:a1:f1:8a:d5:f3:f4:61:16:b1:2a:
e9:5e:26:5a:7a:3e:a0:14:e9:e5:a4:b6:55:20:65:
4c:93:36:7a:73:b7:49:e2:4a:7e:01:73:f1:82:e4:
fa:a3:70:57:3f:40:a4:00:34:53:79:b4:21:03:da:
7a:1c:87:36:c7:13:86:86:e4:ad:cb:9b:b3:0d:b4:
d1:48:e3:3d:dd:db:c6:c7:b9:17:1f:05:bc:89:f4:
5d:f8:38:43:fe:4f:3f:06:61:b7:93:5c:ab:0d:41:
fb:9e:0c:2e:e0:a0:87:16:b4:be:c0:53:56:fd:0b:
80:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:59:F4:8E:1A:F2:DA:D9:19:63:36:F0:75:A8:D3:CA:EE:DE:A2:BB
X509v3 Authority Key Identifier:
keyid:A2:CA:37:DE:D1:B7:0C:81:B7:4A:43:0F:9B:4D:7A:CC:62:80:5E:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:ad:72:de:91:25:b5:f0:1f:47:3f:96:c4:d6:0c:a5:e8:35:
cb:e8:f3:12:d5:88:fc:51:6c:cd:82:35:da:83:20:c0:44:95:
c7:8a:8c:52:f9:67:45:de:b2:cb:ad:77:3b:ae:8d:70:91:b4:
a4:24:2a:6e:b6:30:4d:4d:ba:e4:fb:0c:ce:4e:6c:b5:bb:ca:
93:88:4a:cb:ac:a8:2e:9b:b8:5b:81:11:71:e8:3c:ee:50:a9:
54:08:49:17:3c:e0:25:13:2d:e3:15:80:72:a7:71:75:c5:0f:
0a:a1:44:d0:9e:e7:0d:66:ff:df:ac:33:46:91:b3:18:12:e4:
ee:24:97:45:01:37:88:b2:03:3a:5f:e0:be:5f:9a:ce:81:f9:
8b:cf:73:e0:87:94:64:cf:29:83:af:ac:f6:8c:01:0a:cd:73:
24:9e:f3:26:1d:14:62:0f:e7:c1:ce:dc:4a:ce:ef:a5:3c:33:
ea:c9:09:86:89:ea:5c:ee:c3:58:b0:7f:8a:c8:81:6e:b6:6c:
b0:8c:74:00:51:af:c8:0a:c4:cb:da:fb:9f:6c:74:d4:08:ad:
91:07:b1:b1:39:59:aa:6e:2e:59:b1:5b:41:80:c9:58:ac:88:
6d:c4:a2:d9:97:6e:47:4d:f3:09:28:65:d8:78:b3:86:9c:82:
65:88:f0:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPfKQ36CQXm5ULzh0sHxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyY2EzN2RlZDFiNzBjODFiNzRhNDMwZjliNGQ3YWNjNjI4
MDVlZDgwHhcNMjYwNDE3MDcwMDQ0WhcNMjYwNDE4MDcwMDQ0WjAzMTEwLwYDVQQD
EyhiODU5ZjQ4ZTFhZjJkYWQ5MTk2MzM2ZjA3NWE4ZDNjYWVlZGVhMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcyMZmAsE7NXqIC+XbCOBihwzG0B
6F0rll8OnelWvhYH0HNHuk8ArE1Q3YVAQrYhxlp9m+2MPpPwIsxUYnjwI5/krpB9
ee4Hh0JLaWllonyZUeXXyNFnI4+49a0Dg5EafN+62KyfxZZJ9+d+0aaQbG4WUmno
0gdi3hLrVxtTXsiOn5hmw++/Zh60W6HxitXz9GEWsSrpXiZaej6gFOnlpLZVIGVM
kzZ6c7dJ4kp+AXPxguT6o3BXP0CkADRTebQhA9p6HIc2xxOGhuSty5uzDbTRSOM9
3dvGx7kXHwW8ifRd+DhD/k8/BmG3k1yrDUH7ngwu4KCHFrS+wFNW/QuAzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLhZ9I4a8trZGWM28HWo08ru3qK7MB8GA1UdIwQY
MBaAFKLKN97RtwyBt0pDD5tNesxigF7YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iMmFjZTctNDhkYi00ZjdkLTkxN2Yt
MzA2MTg5ZDVjMDQ5LzEvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iMmFjZTctNDhkYi00ZjdkLTkxN2YtMzA2MTg5ZDVjMDQ5
LzEvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASq1y3pEl
tfAfRz+WxNYMpeg1y+jzEtWI/FFszYI12oMgwESVx4qMUvlnRd6yy613O66NcJG0
pCQqbrYwTU265PsMzk5stbvKk4hKy6yoLpu4W4ERceg87lCpVAhJFzzgJRMt4xWA
cqdxdcUPCqFE0J7nDWb/36wzRpGzGBLk7iSXRQE3iLIDOl/gvl+azoH5i89z4IeU
ZM8pg6+s9owBCs1zJJ7zJh0UYg/nwc7cSs7vpTwz6skJhonqXO7DWLB/isiBbrZs
sIx0AFGvyArEy9r7n2x01AitkQexsTlZqm4uWbFbQYDJWKyIbcSi2ZduR03zCShl
2HizhpyCZYjwug==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:07:52 2026 by rpki-client