Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/O-0CE2aYcB90xJ-KKp5z6E7JgbY.mft
File: O-0CE2aYcB90xJ-KKp5z6E7JgbY.mft (raw, json)
Hash identifier: iyDjvAfcp8TuLUZcJnPo80KGy+ke3b7S351ICqp01Fg=
Subject key identifier: 18:28:A4:62:43:EB:C0:A1:94:FE:D2:BA:63:7D:76:9F:72:2C:64:2B
Authority key identifier: 3B:ED:02:13:66:98:70:1F:74:C4:9F:8A:2A:9E:73:E8:4E:C9:81:B6
Certificate issuer: /CN=3bed02136698701f74c49f8a2a9e73e84ec981b6
Certificate serial: 019D9B50903F1CEF430BB589AF8E22E51C70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-0CE2aYcB90xJ-KKp5z6E7JgbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/O-0CE2aYcB90xJ-KKp5z6E7JgbY.mft
Manifest number: 0CFB
Signing time: Fri 17 Apr 2026 12:00:41 +0000
Manifest this update: Fri 17 Apr 2026 12:00:41 +0000
Manifest next update: Sat 18 Apr 2026 12:00:41 +0000
Files and hashes: 1: 6OqYpjTrIpJEFTsBWA83LbKcJQ4.roa (hash: XXKKzvXUqSOAEvvL2Pf15G7qc8hgGL7KY3Js1JGQrFI=)
2: O-0CE2aYcB90xJ-KKp5z6E7JgbY.crl (hash: +p6oKtQswQKfOv9d1jX1n3JDSHirau/LhFrpm+ZeL5Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/O-0CE2aYcB90xJ-KKp5z6E7JgbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/O-0CE2aYcB90xJ-KKp5z6E7JgbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/O-0CE2aYcB90xJ-KKp5z6E7JgbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:50:90:3f:1c:ef:43:0b:b5:89:af:8e:22:e5:1c:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bed02136698701f74c49f8a2a9e73e84ec981b6
Validity
Not Before: Apr 17 12:00:41 2026 GMT
Not After : Apr 18 12:00:41 2026 GMT
Subject: CN=1828a46243ebc0a194fed2ba637d769f722c642b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4b:e9:a2:79:2b:16:7c:f1:0a:eb:d6:ae:b1:
5a:30:ee:c6:8d:1e:99:30:cc:32:4f:32:35:92:b9:
8c:77:e2:0b:8c:f0:bf:b2:1c:6f:fc:98:ad:bc:11:
fd:da:f6:a3:ad:3d:89:ba:4d:de:a2:10:3c:20:36:
90:4e:ab:0f:28:ae:25:6c:d9:50:b7:39:5d:27:dc:
f6:4f:32:55:27:49:bb:2f:65:22:07:2c:83:8a:a3:
51:af:b3:f5:85:6f:e0:46:97:70:0d:2d:0e:b8:3d:
ec:08:57:0b:66:d3:eb:00:d1:36:b3:c4:17:13:42:
06:9f:2f:e4:bb:5d:e2:be:71:15:ee:42:25:a9:b6:
07:ff:c5:6a:20:37:25:51:e4:5a:83:ac:5f:d5:d3:
f8:e9:05:c8:bf:13:5c:54:4e:f7:6b:f1:4e:aa:0a:
84:d1:f9:25:9a:d5:86:d3:51:39:a5:29:02:02:64:
bd:ae:ac:25:64:22:a3:42:b5:52:69:84:c1:69:38:
2e:38:cc:00:52:c3:ea:78:0c:ca:6e:f0:49:b4:04:
21:16:f7:14:db:99:9c:06:4d:fa:25:1d:bf:4d:e6:
b6:a3:d4:8a:d8:5b:41:7e:bd:dc:95:81:fe:14:f8:
7f:c1:86:86:e3:dc:78:58:ed:46:40:81:c9:18:45:
af:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:28:A4:62:43:EB:C0:A1:94:FE:D2:BA:63:7D:76:9F:72:2C:64:2B
X509v3 Authority Key Identifier:
keyid:3B:ED:02:13:66:98:70:1F:74:C4:9F:8A:2A:9E:73:E8:4E:C9:81:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-0CE2aYcB90xJ-KKp5z6E7JgbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/O-0CE2aYcB90xJ-KKp5z6E7JgbY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/O-0CE2aYcB90xJ-KKp5z6E7JgbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:85:dc:2f:ab:62:bd:1c:b0:f2:2d:55:eb:3c:e8:06:9d:cf:
ec:1c:59:b9:19:b6:be:f0:b2:0b:90:76:57:98:38:cb:29:f4:
a7:82:2e:3e:a1:49:6a:43:8e:e7:53:f1:37:ef:61:7f:e1:d4:
66:7e:cf:e2:52:7f:a4:54:66:e7:9a:6b:cb:44:34:9c:da:a5:
57:b7:5c:b0:41:1b:20:81:94:de:11:cc:57:d8:6f:d1:49:49:
d5:79:ce:a1:33:d7:d3:29:3d:da:d6:71:67:20:27:13:bb:bd:
0b:6b:68:6e:49:7c:b3:5b:43:e5:0b:d0:98:5b:3e:2d:32:b9:
4b:20:fc:4e:22:db:b7:5c:47:a8:cd:93:1d:8f:3f:05:d2:15:
08:cc:4e:5d:21:86:8e:83:1d:d2:9d:a9:71:cf:aa:dc:b2:90:
69:b9:13:35:c7:a6:c8:35:eb:da:38:53:fa:b8:60:92:85:4a:
83:af:f6:c7:1b:0f:a9:55:f7:df:39:56:fc:1f:d7:8d:dd:6a:
a5:6b:56:c4:c2:c3:3c:49:c1:5d:61:1e:29:1c:62:51:35:57:
59:70:15:a1:af:5e:5d:79:7c:45:cd:9d:3c:c5:86:81:78:12:
ff:93:1b:be:e8:21:6b:37:f3:12:e4:3f:25:cf:19:61:a4:69:
aa:39:8f:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUJA/HO9DC7WJr44i5RxwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZWQwMjEzNjY5ODcwMWY3NGM0OWY4YTJhOWU3M2U4NGVj
OTgxYjYwHhcNMjYwNDE3MTIwMDQxWhcNMjYwNDE4MTIwMDQxWjAzMTEwLwYDVQQD
EygxODI4YTQ2MjQzZWJjMGExOTRmZWQyYmE2MzdkNzY5ZjcyMmM2NDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0vponkrFnzxCuvWrrFaMO7GjR6Z
MMwyTzI1krmMd+ILjPC/shxv/JitvBH92vajrT2Juk3eohA8IDaQTqsPKK4lbNlQ
tzldJ9z2TzJVJ0m7L2UiByyDiqNRr7P1hW/gRpdwDS0OuD3sCFcLZtPrANE2s8QX
E0IGny/ku13ivnEV7kIlqbYH/8VqIDclUeRag6xf1dP46QXIvxNcVE73a/FOqgqE
0fklmtWG01E5pSkCAmS9rqwlZCKjQrVSaYTBaTguOMwAUsPqeAzKbvBJtAQhFvcU
25mcBk36JR2/Tea2o9SK2FtBfr3clYH+FPh/wYaG49x4WO1GQIHJGEWvOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBgopGJD68ChlP7SumN9dp9yLGQrMB8GA1UdIwQY
MBaAFDvtAhNmmHAfdMSfiiqec+hOyYG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy0wQ0UyYVljQjkweEotS0twNXo2RTdKZ2JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS85ZmFlZDEtZjY0Mi00ZTgyLThhNzMt
ZWQ5OWVmNjRhZGJmLzEvTy0wQ0UyYVljQjkweEotS0twNXo2RTdKZ2JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS85ZmFlZDEtZjY0Mi00ZTgyLThhNzMtZWQ5OWVmNjRhZGJm
LzEvTy0wQ0UyYVljQjkweEotS0twNXo2RTdKZ2JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQoXcL6ti
vRyw8i1V6zzoBp3P7BxZuRm2vvCyC5B2V5g4yyn0p4IuPqFJakOO51PxN+9hf+HU
Zn7P4lJ/pFRm55pry0Q0nNqlV7dcsEEbIIGU3hHMV9hv0UlJ1XnOoTPX0yk92tZx
ZyAnE7u9C2tobkl8s1tD5QvQmFs+LTK5SyD8TiLbt1xHqM2THY8/BdIVCMxOXSGG
joMd0p2pcc+q3LKQabkTNcemyDXr2jhT+rhgkoVKg6/2xxsPqVX33zlW/B/Xjd1q
pWtWxMLDPEnBXWEeKRxiUTVXWXAVoa9eXXl8Rc2dPMWGgXgS/5MbvughazfzEuQ/
Jc8ZYaRpqjmPaA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:55:15 2026 by rpki-client