Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
File: OxRinHZc4axPaIlW47kPatjEtYI.mft (raw, json)
Hash identifier: RCvNu16YJXE0afsAF/UupQPfMVTY/smHDNKygwLXCVM=
Subject key identifier: 0E:FF:80:3D:89:AF:A6:BD:43:D3:76:29:7B:F1:2D:08:A2:33:83:BC
Authority key identifier: 3B:14:62:9C:76:5C:E1:AC:4F:68:89:56:E3:B9:0F:6A:D8:C4:B5:82
Certificate issuer: /CN=3b14629c765ce1ac4f688956e3b90f6ad8c4b582
Certificate serial: 019D99D008434839CF4410AFF59FCE214CB0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OxRinHZc4axPaIlW47kPatjEtYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
Manifest number: 1856
Signing time: Fri 17 Apr 2026 05:00:40 +0000
Manifest this update: Fri 17 Apr 2026 05:00:40 +0000
Manifest next update: Sat 18 Apr 2026 05:00:40 +0000
Files and hashes: 1: 0yRcFcA3OBSplazAFaiD6lfC3B0.roa (hash: 2qPLWspuMTgkMxkS4l/YyisgXYynSeGYaJD2ttoyg+o=)
2: OxRinHZc4axPaIlW47kPatjEtYI.crl (hash: yIQl3Xdujo54SvaJwYe3rsJrlRWgEslkXtwmSeuTNjc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OxRinHZc4axPaIlW47kPatjEtYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:d0:08:43:48:39:cf:44:10:af:f5:9f:ce:21:4c:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b14629c765ce1ac4f688956e3b90f6ad8c4b582
Validity
Not Before: Apr 17 05:00:40 2026 GMT
Not After : Apr 18 05:00:40 2026 GMT
Subject: CN=0eff803d89afa6bd43d376297bf12d08a23383bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f3:48:bc:62:21:f0:f2:70:35:78:40:46:69:
1a:eb:8c:36:f1:4f:20:9a:d8:16:4d:21:8a:fc:28:
84:c6:d2:fc:fa:70:5d:5f:78:fa:1c:31:d3:15:ba:
9c:a6:ee:7d:dc:66:6a:23:02:a3:4a:e8:25:b7:c6:
20:3e:e0:8a:5d:67:a5:78:94:0e:62:f0:7e:0e:a9:
67:be:69:85:e4:7c:dc:d6:80:1c:6b:a0:f7:a8:41:
4f:62:58:09:ce:40:0d:70:4d:7f:a3:7f:dc:c5:95:
ef:9a:ec:c2:ca:fd:34:8b:d1:f5:54:b8:bb:7b:d8:
57:e5:66:2d:de:e9:63:9b:55:ad:c1:04:50:bb:a1:
94:bc:1b:44:47:38:0f:c6:f5:30:5e:f5:f7:ac:f4:
81:89:bf:4b:bc:8b:c2:99:a1:c4:28:15:63:08:8e:
3f:48:e0:8a:ab:5d:26:44:67:a3:1f:c1:9d:d9:9c:
c8:3b:54:23:f4:3e:29:f2:ae:4b:30:0c:eb:09:44:
9d:d0:87:3d:0c:e0:46:b1:22:5c:31:88:55:4d:aa:
80:b7:89:15:c6:0a:68:e6:81:dd:50:49:1b:53:9f:
bb:76:34:a9:b6:74:95:8f:2e:f6:dd:2d:96:ef:48:
e3:3a:dc:81:d5:85:12:40:ef:e8:7a:51:ef:09:f3:
61:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:FF:80:3D:89:AF:A6:BD:43:D3:76:29:7B:F1:2D:08:A2:33:83:BC
X509v3 Authority Key Identifier:
keyid:3B:14:62:9C:76:5C:E1:AC:4F:68:89:56:E3:B9:0F:6A:D8:C4:B5:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OxRinHZc4axPaIlW47kPatjEtYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a37f9c-1e6a-4665-a0e2-fe31100d081f/1/OxRinHZc4axPaIlW47kPatjEtYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c8:fc:0e:66:05:48:ee:97:b8:07:a6:b8:d5:09:52:61:84:20:
a9:28:4a:7d:55:33:0a:11:44:85:da:4a:0a:2e:93:d6:73:91:
a4:04:0c:2b:6f:26:ca:f6:cd:6e:35:77:42:29:d4:84:13:84:
f3:b4:fe:2b:18:f0:c7:c0:e7:f7:bb:1a:7a:e0:d3:ce:f8:2c:
d1:6a:2a:a7:41:5b:e6:5f:b6:cb:73:eb:d8:e0:8d:46:f3:87:
c2:9e:d3:e5:5a:8b:60:26:34:ea:09:d0:e2:23:fa:49:d9:0e:
16:e5:f1:cc:2f:d9:12:93:af:09:f7:0f:f3:1a:20:11:c5:6d:
01:2e:35:f1:56:97:27:14:f9:47:89:17:69:be:47:79:6e:ec:
a9:47:5e:85:98:03:a4:8a:8b:0b:4e:2c:15:2d:55:f3:e2:d5:
1e:38:18:59:47:10:09:4d:5e:87:88:b2:dc:31:69:30:21:23:
5d:85:38:07:94:cf:c4:bb:70:0f:bb:d9:0c:69:42:26:70:b8:
bc:a9:39:80:2d:7e:c9:99:86:b4:7c:92:1c:2b:df:6e:a9:d2:
87:23:75:91:9d:f0:cc:87:78:7e:98:6b:6e:bd:a7:ef:6c:12:
30:7d:75:09:d5:b1:9d:f5:3d:75:af:78:88:f5:1b:f0:20:a9:
cd:78:58:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0AhDSDnPRBCv9Z/OIUywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMTQ2MjljNzY1Y2UxYWM0ZjY4ODk1NmUzYjkwZjZhZDhj
NGI1ODIwHhcNMjYwNDE3MDUwMDQwWhcNMjYwNDE4MDUwMDQwWjAzMTEwLwYDVQQD
EygwZWZmODAzZDg5YWZhNmJkNDNkMzc2Mjk3YmYxMmQwOGEyMzM4M2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vNIvGIh8PJwNXhARmka64w28U8g
mtgWTSGK/CiExtL8+nBdX3j6HDHTFbqcpu593GZqIwKjSuglt8YgPuCKXWeleJQO
YvB+DqlnvmmF5Hzc1oAca6D3qEFPYlgJzkANcE1/o3/cxZXvmuzCyv00i9H1VLi7
e9hX5WYt3uljm1WtwQRQu6GUvBtERzgPxvUwXvX3rPSBib9LvIvCmaHEKBVjCI4/
SOCKq10mRGejH8Gd2ZzIO1Qj9D4p8q5LMAzrCUSd0Ic9DOBGsSJcMYhVTaqAt4kV
xgpo5oHdUEkbU5+7djSptnSVjy723S2W70jjOtyB1YUSQO/oelHvCfNhKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA7/gD2Jr6a9Q9N2KXvxLQiiM4O8MB8GA1UdIwQY
MBaAFDsUYpx2XOGsT2iJVuO5D2rYxLWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3hSaW5IWmM0YXhQYUlsVzQ3a1BhdGpFdFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hMzdmOWMtMWU2YS00NjY1LWEwZTIt
ZmUzMTEwMGQwODFmLzEvT3hSaW5IWmM0YXhQYUlsVzQ3a1BhdGpFdFlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hMzdmOWMtMWU2YS00NjY1LWEwZTItZmUzMTEwMGQwODFm
LzEvT3hSaW5IWmM0YXhQYUlsVzQ3a1BhdGpFdFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyPwOZgVI
7pe4B6a41QlSYYQgqShKfVUzChFEhdpKCi6T1nORpAQMK28myvbNbjV3QinUhBOE
87T+Kxjwx8Dn97saeuDTzvgs0Woqp0Fb5l+2y3Pr2OCNRvOHwp7T5VqLYCY06gnQ
4iP6SdkOFuXxzC/ZEpOvCfcP8xogEcVtAS418VaXJxT5R4kXab5HeW7sqUdehZgD
pIqLC04sFS1V8+LVHjgYWUcQCU1eh4iy3DFpMCEjXYU4B5TPxLtwD7vZDGlCJnC4
vKk5gC1+yZmGtHySHCvfbqnShyN1kZ3wzId4fphrbr2n72wSMH11CdWxnfU9da94
iPUb8CCpzXhYXQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:48:03 2026 by rpki-client