Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
File: OxRinHZc4axPaIlW47kPatjEtYI.mft (raw, json)
Hash identifier: ctiiP+b/oX9tXX8s/DIsRwGM3Jviw/5kmhtIUmtZ2os=
Subject key identifier: 07:5E:47:02:A7:5B:16:14:A3:2B:DC:77:1D:9F:16:BB:A2:D3:58:A7
Authority key identifier: 3B:14:62:9C:76:5C:E1:AC:4F:68:89:56:E3:B9:0F:6A:D8:C4:B5:82
Certificate issuer: /CN=3b14629c765ce1ac4f688956e3b90f6ad8c4b582
Certificate serial: 019CAC47034D474E3E73D9F508E49C21D2D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OxRinHZc4axPaIlW47kPatjEtYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
Manifest number: 17DB
Signing time: Mon 02 Mar 2026 02:01:00 +0000
Manifest this update: Mon 02 Mar 2026 02:01:00 +0000
Manifest next update: Tue 03 Mar 2026 02:01:00 +0000
Files and hashes: 1: 0yRcFcA3OBSplazAFaiD6lfC3B0.roa (hash: 2qPLWspuMTgkMxkS4l/YyisgXYynSeGYaJD2ttoyg+o=)
2: OxRinHZc4axPaIlW47kPatjEtYI.crl (hash: EFJgdbxjfRmwCoM951PaEw0wG9RMOomqXsaKhKCmONA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OxRinHZc4axPaIlW47kPatjEtYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:47:03:4d:47:4e:3e:73:d9:f5:08:e4:9c:21:d2:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b14629c765ce1ac4f688956e3b90f6ad8c4b582
Validity
Not Before: Mar 2 02:01:00 2026 GMT
Not After : Mar 3 02:01:00 2026 GMT
Subject: CN=075e4702a75b1614a32bdc771d9f16bba2d358a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3e:d1:e8:5f:7e:78:89:8e:dd:31:3d:98:d1:
2a:ab:ff:a4:f3:39:ba:52:a1:7e:0f:42:40:05:1c:
96:58:04:bd:b9:79:d4:be:2c:c3:08:e1:d2:79:3f:
ff:58:e8:af:79:d8:7a:ba:25:11:b3:d4:19:95:f3:
13:65:37:03:07:f7:c1:09:6d:45:37:cf:12:e8:38:
59:3b:a2:8e:f3:14:f0:89:6f:7b:43:5d:41:d9:19:
97:a7:a6:d4:39:7a:b3:81:0f:42:18:ae:bb:c5:2a:
f5:fc:7d:d7:83:9b:30:50:d0:0a:2a:b3:08:85:48:
81:78:18:31:05:cc:89:ff:6d:5a:30:6e:55:8b:b5:
c3:07:0c:de:d1:e0:bb:7c:13:54:98:a5:5b:22:2a:
ac:47:4a:31:ca:7d:44:e9:d6:14:88:fa:23:a3:70:
31:88:1b:f1:99:dc:75:bd:f4:09:f6:5e:79:97:cc:
59:6e:de:a5:79:64:d0:26:51:75:5d:86:b1:7e:01:
e5:2e:a1:3a:5c:d0:62:b9:5d:ea:dd:5f:f5:2e:cd:
f1:28:33:43:b7:b2:c0:a4:a9:03:52:8a:1f:6c:18:
55:d7:44:ed:40:27:e1:97:3a:de:08:bf:cd:43:79:
2b:82:15:be:51:6d:fa:6f:d1:ed:b1:b8:73:86:93:
f8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:5E:47:02:A7:5B:16:14:A3:2B:DC:77:1D:9F:16:BB:A2:D3:58:A7
X509v3 Authority Key Identifier:
keyid:3B:14:62:9C:76:5C:E1:AC:4F:68:89:56:E3:B9:0F:6A:D8:C4:B5:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OxRinHZc4axPaIlW47kPatjEtYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:3b:00:77:b0:90:77:30:94:47:fd:e3:f6:f1:d3:4a:c2:32:
c8:be:6c:63:6b:c6:42:d4:cd:f4:82:37:25:67:b5:ec:b8:c4:
f5:47:43:6a:41:a8:08:e6:26:00:04:98:ed:8c:38:e6:4a:da:
b0:53:4e:96:67:88:b4:b7:0b:83:42:f4:42:da:ac:d4:ce:d0:
78:bb:1e:26:49:8b:fe:1a:07:f5:d9:91:00:31:31:97:3b:d3:
01:45:69:47:b0:63:93:65:c2:dd:85:3f:7d:50:f5:f4:d7:5f:
3a:ce:23:aa:2c:c2:01:04:86:81:a7:45:c8:f5:82:bf:59:19:
8f:02:6b:19:58:c1:b9:d5:ff:14:5a:49:b7:31:89:e0:79:26:
90:fb:d2:a6:4c:fb:de:f1:a3:c6:4b:0a:c6:f7:5e:3c:bf:9e:
6e:2e:d6:ac:ed:e8:80:07:8c:0d:53:97:d6:9e:98:ee:12:54:
77:78:29:b1:44:df:06:ca:53:67:19:38:ca:9f:78:4a:2c:2d:
59:62:48:8f:96:27:56:1b:c0:a3:cb:8d:15:f8:64:7f:c7:bc:
70:26:35:07:c9:8d:8f:29:34:32:71:a9:c0:7f:a3:32:29:bf:
56:f9:3a:34:c4:50:ef:af:c9:4b:ef:1a:f4:e1:ba:8a:42:21:
40:7b:de:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRwNNR04+c9n1COScIdLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMTQ2MjljNzY1Y2UxYWM0ZjY4ODk1NmUzYjkwZjZhZDhj
NGI1ODIwHhcNMjYwMzAyMDIwMTAwWhcNMjYwMzAzMDIwMTAwWjAzMTEwLwYDVQQD
EygwNzVlNDcwMmE3NWIxNjE0YTMyYmRjNzcxZDlmMTZiYmEyZDM1OGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD7R6F9+eImO3TE9mNEqq/+k8zm6
UqF+D0JABRyWWAS9uXnUvizDCOHSeT//WOivedh6uiURs9QZlfMTZTcDB/fBCW1F
N88S6DhZO6KO8xTwiW97Q11B2RmXp6bUOXqzgQ9CGK67xSr1/H3Xg5swUNAKKrMI
hUiBeBgxBcyJ/21aMG5Vi7XDBwze0eC7fBNUmKVbIiqsR0oxyn1E6dYUiPojo3Ax
iBvxmdx1vfQJ9l55l8xZbt6leWTQJlF1XYaxfgHlLqE6XNBiuV3q3V/1Ls3xKDND
t7LApKkDUoofbBhV10TtQCfhlzreCL/NQ3krghW+UW36b9HtsbhzhpP48wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAdeRwKnWxYUoyvcdx2fFrui01inMB8GA1UdIwQY
MBaAFDsUYpx2XOGsT2iJVuO5D2rYxLWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3hSaW5IWmM0YXhQYUlsVzQ3a1BhdGpFdFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hMzdmOWMtMWU2YS00NjY1LWEwZTIt
ZmUzMTEwMGQwODFmLzEvT3hSaW5IWmM0YXhQYUlsVzQ3a1BhdGpFdFlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hMzdmOWMtMWU2YS00NjY1LWEwZTItZmUzMTEwMGQwODFm
LzEvT3hSaW5IWmM0YXhQYUlsVzQ3a1BhdGpFdFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAODsAd7CQ
dzCUR/3j9vHTSsIyyL5sY2vGQtTN9II3JWe17LjE9UdDakGoCOYmAASY7Yw45kra
sFNOlmeItLcLg0L0Qtqs1M7QeLseJkmL/hoH9dmRADExlzvTAUVpR7Bjk2XC3YU/
fVD19NdfOs4jqizCAQSGgadFyPWCv1kZjwJrGVjBudX/FFpJtzGJ4HkmkPvSpkz7
3vGjxksKxvdePL+ebi7WrO3ogAeMDVOX1p6Y7hJUd3gpsUTfBspTZxk4yp94Siwt
WWJIj5YnVhvAo8uNFfhkf8e8cCY1B8mNjyk0MnGpwH+jMim/Vvk6NMRQ76/JS+8a
9OG6ikIhQHve5Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:21:42 2026 by rpki-client