Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
File: _OTzlnKb9HjmNlSYIfb2lw2JP1I.mft (raw, json)
Hash identifier: JOCP7qbzOXDm7V4J2HAPDNNDkw6e/hEQwyOEYeEh2eo=
Subject key identifier: D5:A3:A8:5B:C8:ED:97:EE:68:DD:A0:BE:35:B7:26:38:40:78:55:D1
Authority key identifier: FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
Certificate issuer: /CN=fce4f396729bf478e636549821f6f6970d893f52
Certificate serial: 019DA41D1D071BB58C8E4F344779BD0EA427
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
Manifest number: 18C8
Signing time: Sun 19 Apr 2026 05:01:04 +0000
Manifest this update: Sun 19 Apr 2026 05:01:04 +0000
Manifest next update: Mon 20 Apr 2026 05:01:04 +0000
Files and hashes: 1: C9Ra18IQZMYPkfBHca82xhr0cTA.roa (hash: SV7yW/23Qp7R5wgSCdgQtEDtBATncL3nb2e5yjh6BqQ=)
2: _OTzlnKb9HjmNlSYIfb2lw2JP1I.crl (hash: W4U8sxz88N5bNvQqdhW7bZ27Fq6Dzd4Pr7FmPZaYrN8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:1d:1d:07:1b:b5:8c:8e:4f:34:47:79:bd:0e:a4:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fce4f396729bf478e636549821f6f6970d893f52
Validity
Not Before: Apr 19 05:01:04 2026 GMT
Not After : Apr 20 05:01:04 2026 GMT
Subject: CN=d5a3a85bc8ed97ee68dda0be35b72638407855d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2e:7a:f4:c8:3c:99:80:e4:18:42:e7:42:83:
73:f2:93:75:74:e6:15:0f:08:9d:55:21:17:d5:d8:
dc:cd:d0:57:76:99:3e:ef:7e:c1:19:3f:f5:ef:d5:
9d:d7:a1:ac:b3:75:2a:4a:3f:90:01:5a:e1:28:51:
2b:02:b3:ea:d8:52:9f:fd:e9:69:5a:98:7a:14:4e:
d7:4a:71:4e:37:9d:42:20:c2:f0:d3:82:24:e5:a0:
49:57:cb:d1:fe:46:04:9f:7d:0c:fe:93:85:93:22:
c6:61:13:38:4e:df:35:e4:aa:9f:97:7a:11:e4:ba:
74:c7:06:ae:77:13:69:25:0c:77:60:99:1c:92:96:
3f:8c:74:62:04:37:86:0c:3c:57:7b:3f:94:d1:3a:
6e:24:b6:15:82:16:e6:f6:9a:0f:0d:ac:04:83:f3:
1a:2a:2e:83:ce:e2:0a:c2:7c:e1:92:b8:03:31:1f:
7a:4d:c8:08:23:0b:ce:5a:c1:c2:38:49:d3:e8:d4:
e7:1d:15:6f:bb:f9:28:db:41:fe:31:24:fe:d8:53:
63:78:7b:3f:d5:52:6f:ef:af:aa:7d:08:80:21:e1:
b6:c1:2d:28:b8:8f:75:90:55:7d:54:6f:5d:e6:07:
d8:9c:f4:0e:ba:ed:81:b7:ab:49:26:8a:cd:ac:91:
a5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A3:A8:5B:C8:ED:97:EE:68:DD:A0:BE:35:B7:26:38:40:78:55:D1
X509v3 Authority Key Identifier:
keyid:FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
e5:cc:bd:e8:69:7e:97:67:da:50:3b:86:9e:a9:61:7f:76:e4:
29:37:22:bd:d8:f9:07:8a:58:61:0a:2b:08:2b:5c:91:05:ea:
bb:6b:96:7a:a6:d4:a9:85:a6:48:c7:58:4b:92:05:56:ad:2a:
cf:bc:21:32:b8:5f:83:ae:1d:53:b1:dd:46:73:e0:d7:95:74:
3b:54:50:32:e1:33:89:ab:09:85:64:12:83:b9:f4:44:49:c8:
70:61:6d:43:61:13:32:20:67:42:34:8a:e4:03:63:32:ef:ab:
a0:f5:cb:ab:56:94:80:87:a9:1f:02:2c:75:08:b5:f2:56:e4:
8e:2e:58:8d:29:66:e1:3b:99:84:8b:ca:96:f9:f7:28:d9:a4:
a2:87:9b:ca:40:d0:21:66:0b:65:05:cb:34:a5:eb:02:6f:c5:
03:9d:9c:76:db:75:22:26:70:32:d0:ba:53:49:64:5c:c5:67:
a5:0c:de:75:48:16:76:ac:a7:14:80:e7:45:c6:5f:28:fd:0a:
56:00:e6:50:b1:1d:f4:88:df:26:d7:f6:b0:1d:00:8b:f3:d3:
6d:f2:05:99:ed:4e:cf:72:7f:24:8d:4e:10:a3:b4:d1:d7:b0:
90:a0:ec:3a:c5:30:c6:7c:b7:e7:a3:b4:48:c4:2c:e0:2b:4c:
4c:b1:1d:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kHR0HG7WMjk80R3m9DqQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTRmMzk2NzI5YmY0NzhlNjM2NTQ5ODIxZjZmNjk3MGQ4
OTNmNTIwHhcNMjYwNDE5MDUwMTA0WhcNMjYwNDIwMDUwMTA0WjAzMTEwLwYDVQQD
EyhkNWEzYTg1YmM4ZWQ5N2VlNjhkZGEwYmUzNWI3MjYzODQwNzg1NWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy569Mg8mYDkGELnQoNz8pN1dOYV
DwidVSEX1djczdBXdpk+737BGT/179Wd16Gss3UqSj+QAVrhKFErArPq2FKf/elp
Wph6FE7XSnFON51CIMLw04Ik5aBJV8vR/kYEn30M/pOFkyLGYRM4Tt815Kqfl3oR
5Lp0xwaudxNpJQx3YJkckpY/jHRiBDeGDDxXez+U0TpuJLYVghbm9poPDawEg/Ma
Ki6DzuIKwnzhkrgDMR96TcgIIwvOWsHCOEnT6NTnHRVvu/ko20H+MST+2FNjeHs/
1VJv76+qfQiAIeG2wS0ouI91kFV9VG9d5gfYnPQOuu2Bt6tJJorNrJGlYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWjqFvI7ZfuaN2gvjW3JjhAeFXRMB8GA1UdIwQY
MBaAFPzk85Zym/R45jZUmCH29pcNiT9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEt
OGM3MGRlOWU5YjlkLzEvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEtOGM3MGRlOWU5Yjlk
LzEvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5cy96Gl+
l2faUDuGnqlhf3bkKTcivdj5B4pYYQorCCtckQXqu2uWeqbUqYWmSMdYS5IFVq0q
z7whMrhfg64dU7HdRnPg15V0O1RQMuEziasJhWQSg7n0REnIcGFtQ2ETMiBnQjSK
5ANjMu+roPXLq1aUgIepHwIsdQi18lbkji5YjSlm4TuZhIvKlvn3KNmkooebykDQ
IWYLZQXLNKXrAm/FA52cdtt1IiZwMtC6U0lkXMVnpQzedUgWdqynFIDnRcZfKP0K
VgDmULEd9IjfJtf2sB0Ai/PTbfIFme1Oz3J/JI1OEKO00dewkKDsOsUwxny356O0
SMQs4CtMTLEd0Q==
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:45:16 2026 by rpki-client