Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
File: _OTzlnKb9HjmNlSYIfb2lw2JP1I.mft (raw, json)
Hash identifier: Ng1l4y+GwkAloEbuI2Vzb1RsXkWv1O7HaNa7Ds1wTzQ=
Subject key identifier: E2:7F:13:B6:0D:6D:28:13:B5:78:64:27:F1:C4:90:1C:8E:F9:BF:22
Authority key identifier: FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
Certificate issuer: /CN=fce4f396729bf478e636549821f6f6970d893f52
Certificate serial: 019CAAFD853A5CAD6DE4D15AF591E1C3F725
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
Manifest number: 1847
Signing time: Sun 01 Mar 2026 20:01:07 +0000
Manifest this update: Sun 01 Mar 2026 20:01:07 +0000
Manifest next update: Mon 02 Mar 2026 20:01:07 +0000
Files and hashes: 1: C9Ra18IQZMYPkfBHca82xhr0cTA.roa (hash: SV7yW/23Qp7R5wgSCdgQtEDtBATncL3nb2e5yjh6BqQ=)
2: _OTzlnKb9HjmNlSYIfb2lw2JP1I.crl (hash: aVXkl/JBvlc7GhoiT6/R4cZBOgc4t8XdQJklzDNVdNY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fd:85:3a:5c:ad:6d:e4:d1:5a:f5:91:e1:c3:f7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fce4f396729bf478e636549821f6f6970d893f52
Validity
Not Before: Mar 1 20:01:07 2026 GMT
Not After : Mar 2 20:01:07 2026 GMT
Subject: CN=e27f13b60d6d2813b5786427f1c4901c8ef9bf22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:33:35:92:f2:2a:b4:56:a2:3d:a8:93:45:ad:
a6:d9:24:67:66:cb:e7:11:12:c6:44:c7:40:8a:3b:
ac:be:49:5f:99:0f:0f:18:c9:24:05:14:b8:64:8c:
20:be:74:f4:97:4c:52:00:b5:64:cf:3d:5c:b0:07:
03:5c:93:1a:2e:4c:bb:94:1d:2d:34:a9:72:c4:9d:
10:03:85:8e:f9:6b:26:47:69:78:99:80:d9:68:fc:
8c:5a:ef:1f:c1:ff:1d:9d:c4:93:7e:5c:c1:d8:94:
4f:50:b1:7a:4e:3d:ad:27:b8:0d:4d:e9:3a:03:99:
6e:0c:2d:ab:71:f8:76:1e:6a:78:ee:96:56:f8:d3:
46:93:8e:02:a7:e4:57:04:49:e0:36:ff:1f:02:14:
fa:42:1e:9e:09:1f:90:6d:13:5c:98:27:96:fd:1e:
56:08:08:5a:b6:1d:df:62:fd:eb:d6:70:c0:ae:9f:
9b:9a:44:86:f4:68:c0:8a:71:17:f7:77:dd:33:2d:
45:86:19:3c:bb:e2:a7:d1:14:99:f8:18:97:42:d1:
bc:d8:a2:b4:fe:5f:f3:07:f6:20:6e:36:4d:6c:4b:
bf:4d:12:4a:30:99:f9:dc:51:0b:dd:ec:95:20:38:
54:43:3f:b8:68:d5:cc:26:41:ad:bd:c5:d4:72:1e:
5f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:7F:13:B6:0D:6D:28:13:B5:78:64:27:F1:C4:90:1C:8E:F9:BF:22
X509v3 Authority Key Identifier:
keyid:FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:85:4c:32:2f:4a:04:9e:8c:db:c0:c3:aa:e5:4b:81:c1:49:
ff:c9:ad:0b:01:34:4d:33:b2:04:7a:91:30:5f:b5:8a:a7:4f:
a6:61:70:83:3f:a5:35:c2:e5:fb:c9:71:fe:6a:c1:cd:f6:27:
90:83:24:76:58:e9:10:da:ef:bb:ed:19:d6:05:41:be:cc:85:
a6:bb:40:13:07:83:12:4d:cc:a9:5f:98:59:bf:52:06:fd:55:
c3:a6:a6:11:5a:36:3d:f5:93:72:40:6a:3d:f2:09:3a:f6:24:
8b:06:49:a6:24:57:a9:d8:03:bb:df:74:1e:09:e1:4e:75:e0:
24:31:14:15:74:ae:0a:c1:45:72:b4:e5:cf:a0:17:07:22:d3:
53:91:f3:37:05:d1:c9:25:00:78:46:01:25:e1:a4:7e:1d:65:
12:9a:a6:0f:f9:ea:86:41:34:0e:2b:40:70:4f:0e:3e:93:4e:
83:a4:f7:4e:02:39:ad:23:bb:79:16:3c:18:20:1e:53:cd:23:
f3:d2:c6:01:a8:d7:30:8c:d6:41:bd:07:ee:a6:f2:c9:15:36:
39:45:7e:72:9f:e2:d5:26:eb:3a:a4:bf:07:d4:59:fe:79:e8:
bf:b1:1c:bf:3c:61:13:a7:02:1d:78:d7:4e:80:8b:f9:01:10:
b0:ff:36:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/YU6XK1t5NFa9ZHhw/clMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTRmMzk2NzI5YmY0NzhlNjM2NTQ5ODIxZjZmNjk3MGQ4
OTNmNTIwHhcNMjYwMzAxMjAwMTA3WhcNMjYwMzAyMjAwMTA3WjAzMTEwLwYDVQQD
EyhlMjdmMTNiNjBkNmQyODEzYjU3ODY0MjdmMWM0OTAxYzhlZjliZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTM1kvIqtFaiPaiTRa2m2SRnZsvn
ERLGRMdAijusvklfmQ8PGMkkBRS4ZIwgvnT0l0xSALVkzz1csAcDXJMaLky7lB0t
NKlyxJ0QA4WO+WsmR2l4mYDZaPyMWu8fwf8dncSTflzB2JRPULF6Tj2tJ7gNTek6
A5luDC2rcfh2Hmp47pZW+NNGk44Cp+RXBEngNv8fAhT6Qh6eCR+QbRNcmCeW/R5W
CAhath3fYv3r1nDArp+bmkSG9GjAinEX93fdMy1Fhhk8u+Kn0RSZ+BiXQtG82KK0
/l/zB/YgbjZNbEu/TRJKMJn53FEL3eyVIDhUQz+4aNXMJkGtvcXUch5foQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJ/E7YNbSgTtXhkJ/HEkByO+b8iMB8GA1UdIwQY
MBaAFPzk85Zym/R45jZUmCH29pcNiT9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEt
OGM3MGRlOWU5YjlkLzEvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEtOGM3MGRlOWU5Yjlk
LzEvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS4VMMi9K
BJ6M28DDquVLgcFJ/8mtCwE0TTOyBHqRMF+1iqdPpmFwgz+lNcLl+8lx/mrBzfYn
kIMkdljpENrvu+0Z1gVBvsyFprtAEweDEk3MqV+YWb9SBv1Vw6amEVo2PfWTckBq
PfIJOvYkiwZJpiRXqdgDu990HgnhTnXgJDEUFXSuCsFFcrTlz6AXByLTU5HzNwXR
ySUAeEYBJeGkfh1lEpqmD/nqhkE0DitAcE8OPpNOg6T3TgI5rSO7eRY8GCAeU80j
89LGAajXMIzWQb0H7qbyyRU2OUV+cp/i1SbrOqS/B9RZ/nnov7EcvzxhE6cCHXjX
ToCL+QEQsP820A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:21:31 2026 by rpki-client