Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.mft
File: oso33tG3DIG3SkMPm016zGKAXtg.mft (raw, json)
Hash identifier: 2743z++yTfiJets7U3NgV1LXfdvKAhD9uVlm+9igmZA=
Subject key identifier: 35:B4:4E:76:80:6B:6B:92:D6:C5:F7:FF:F2:8A:56:E8:48:83:50:F3
Authority key identifier: A2:CA:37:DE:D1:B7:0C:81:B7:4A:43:0F:9B:4D:7A:CC:62:80:5E:D8
Certificate issuer: /CN=a2ca37ded1b70c81b74a430f9b4d7acc62805ed8
Certificate serial: 019CAAC6EB83C8D80458ADBDFF38B856A570
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.mft
Manifest number: 0683
Signing time: Sun 01 Mar 2026 19:01:28 +0000
Manifest this update: Sun 01 Mar 2026 19:01:28 +0000
Manifest next update: Mon 02 Mar 2026 19:01:28 +0000
Files and hashes: 1: 8y7GNNa3VSZ0w99_9ipLylxWc2w.roa (hash: 5mPkRAu5BGZlM5kj1fiinENXANd4dMpIzIY3DWFLsx0=)
2: oso33tG3DIG3SkMPm016zGKAXtg.crl (hash: kQqExGoQYYbWGdxvySr438FZW/6WEP2z5uJRSeO83mo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:eb:83:c8:d8:04:58:ad:bd:ff:38:b8:56:a5:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2ca37ded1b70c81b74a430f9b4d7acc62805ed8
Validity
Not Before: Mar 1 19:01:28 2026 GMT
Not After : Mar 2 19:01:28 2026 GMT
Subject: CN=35b44e76806b6b92d6c5f7fff28a56e8488350f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:57:43:fc:3a:52:0e:45:4e:41:67:27:fb:d6:
67:95:84:bb:4c:86:d4:a0:0b:5b:02:6e:df:73:dc:
17:1c:06:df:19:21:48:c5:84:d2:57:fd:90:c3:c1:
23:52:19:42:31:33:1e:fe:6c:47:1b:49:0e:68:5c:
6f:c9:5c:65:09:4f:1a:95:57:a2:1e:8f:fd:dc:b0:
e1:08:f5:9c:66:bc:88:f1:f2:b5:4a:41:6d:c7:ad:
33:0a:18:c1:af:de:89:07:af:56:3c:ec:b3:92:1d:
d1:23:4e:ec:eb:15:e4:b8:a9:f1:41:84:85:70:1e:
b2:d4:99:ea:7b:a9:e0:d8:3f:f5:7d:68:3c:44:f8:
6d:e8:b7:a6:3e:84:11:1d:dc:8a:3c:f2:ad:34:aa:
28:14:e8:02:67:54:43:8e:27:b2:32:58:bc:1f:18:
f8:ba:2f:d9:4f:db:49:38:99:4a:93:69:7c:71:6a:
ce:ce:83:0b:5e:b7:5c:fb:89:e9:1a:17:00:53:b9:
5e:d6:05:87:fe:34:c4:3d:23:83:a1:9c:91:f4:fe:
4c:1f:63:21:26:65:1d:ce:e0:c5:fd:ea:82:92:30:
84:cf:55:cb:28:2c:be:7e:db:c6:56:0a:64:df:6f:
86:ee:38:a0:26:92:1e:68:4d:09:88:0a:24:dd:88:
9a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B4:4E:76:80:6B:6B:92:D6:C5:F7:FF:F2:8A:56:E8:48:83:50:F3
X509v3 Authority Key Identifier:
keyid:A2:CA:37:DE:D1:B7:0C:81:B7:4A:43:0F:9B:4D:7A:CC:62:80:5E:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:3b:ec:59:11:b4:04:9e:a0:c3:5f:3b:2a:cd:d8:32:d4:0e:
08:90:e6:d9:1c:60:02:c9:dd:08:36:6f:62:8e:ad:b4:47:af:
d9:29:38:40:0e:b2:b3:a8:9d:fb:67:6b:aa:f0:d9:d3:91:2e:
6f:f4:fa:da:c1:6d:91:b5:79:3a:b0:e9:89:e3:b4:b8:32:3f:
cb:a6:19:f1:bd:7a:31:b5:15:44:b5:03:36:46:73:28:3f:a4:
88:78:38:a8:36:96:d8:8e:81:f6:2a:d4:bc:de:53:c4:fd:62:
44:17:48:5d:c5:75:f6:6f:3e:45:76:cd:9c:4c:78:3d:65:78:
1d:db:bc:12:d7:f8:7d:26:11:e4:9a:15:4e:16:02:29:8a:28:
c9:08:8f:b8:66:ad:7c:cf:8a:8a:a4:1d:32:b1:f6:b4:cf:b1:
b8:59:94:89:3a:b7:8d:e1:72:fc:69:cc:16:77:2f:ed:9a:d9:
99:1e:a3:62:62:05:50:31:ff:56:dd:29:bc:2d:08:6a:56:54:
9b:1b:19:a4:ec:be:23:cb:f2:41:a9:94:aa:4f:cb:a5:37:cd:
bb:90:f3:c5:84:cc:bc:4f:ba:e1:a4:80:c2:e3:bc:76:80:4a:
3e:7c:d8:14:4c:f5:28:ca:6c:54:02:b5:94:4f:61:38:1a:0b:
2c:3e:16:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxuuDyNgEWK29/zi4VqVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyY2EzN2RlZDFiNzBjODFiNzRhNDMwZjliNGQ3YWNjNjI4
MDVlZDgwHhcNMjYwMzAxMTkwMTI4WhcNMjYwMzAyMTkwMTI4WjAzMTEwLwYDVQQD
EygzNWI0NGU3NjgwNmI2YjkyZDZjNWY3ZmZmMjhhNTZlODQ4ODM1MGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8VdD/DpSDkVOQWcn+9ZnlYS7TIbU
oAtbAm7fc9wXHAbfGSFIxYTSV/2Qw8EjUhlCMTMe/mxHG0kOaFxvyVxlCU8alVei
Ho/93LDhCPWcZryI8fK1SkFtx60zChjBr96JB69WPOyzkh3RI07s6xXkuKnxQYSF
cB6y1Jnqe6ng2D/1fWg8RPht6LemPoQRHdyKPPKtNKooFOgCZ1RDjieyMli8Hxj4
ui/ZT9tJOJlKk2l8cWrOzoMLXrdc+4npGhcAU7le1gWH/jTEPSODoZyR9P5MH2Mh
JmUdzuDF/eqCkjCEz1XLKCy+ftvGVgpk32+G7jigJpIeaE0JiAok3Yia4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDW0TnaAa2uS1sX3//KKVuhIg1DzMB8GA1UdIwQY
MBaAFKLKN97RtwyBt0pDD5tNesxigF7YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iMmFjZTctNDhkYi00ZjdkLTkxN2Yt
MzA2MTg5ZDVjMDQ5LzEvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iMmFjZTctNDhkYi00ZjdkLTkxN2YtMzA2MTg5ZDVjMDQ5
LzEvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnjvsWRG0
BJ6gw187Ks3YMtQOCJDm2RxgAsndCDZvYo6ttEev2Sk4QA6ys6id+2drqvDZ05Eu
b/T62sFtkbV5OrDpieO0uDI/y6YZ8b16MbUVRLUDNkZzKD+kiHg4qDaW2I6B9irU
vN5TxP1iRBdIXcV19m8+RXbNnEx4PWV4Hdu8Etf4fSYR5JoVThYCKYooyQiPuGat
fM+KiqQdMrH2tM+xuFmUiTq3jeFy/GnMFncv7ZrZmR6jYmIFUDH/Vt0pvC0IalZU
mxsZpOy+I8vyQamUqk/LpTfNu5DzxYTMvE+64aSAwuO8doBKPnzYFEz1KMpsVAK1
lE9hOBoLLD4Wbw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:13:04 2026 by rpki-client