Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
File: OC-G8tvQd2xOUZycmuT60EJvOf8.mft (raw, json)
Hash identifier: aH1avUp7ED8OTx98vXeZKuu/HkK06CPS8sw6KWDHVaw=
Subject key identifier: F7:A0:38:4D:6F:A2:70:DB:E3:33:0A:14:21:D2:DE:DC:0F:8E:85:7E
Authority key identifier: 38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
Certificate issuer: /CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Certificate serial: 019CAD59FB1BDD979F8B0B4D8B1FFA29303B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
Manifest number: 042A
Signing time: Mon 02 Mar 2026 07:01:21 +0000
Manifest this update: Mon 02 Mar 2026 07:01:21 +0000
Manifest next update: Tue 03 Mar 2026 07:01:21 +0000
Files and hashes: 1: 1-CvN4vL-gOumnUiw8kqYnlyhsGg.roa (hash: j8Mlx4J1MdSRge54lSRG985DTWF3u6cnasrSWFkZ6ac=)
2: OC-G8tvQd2xOUZycmuT60EJvOf8.crl (hash: +y1o52xnGFZf368Sn5lz6obNU248mfOQboi9aNJtqu0=)
3: t25FS3p7VfnEPbzfHv-DyXEln4A.roa (hash: 71ZKU18culvAhzrOg6y8Lw3IENicOoZIJiAlIOqPr8E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:59:fb:1b:dd:97:9f:8b:0b:4d:8b:1f:fa:29:30:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Validity
Not Before: Mar 2 07:01:21 2026 GMT
Not After : Mar 3 07:01:21 2026 GMT
Subject: CN=f7a0384d6fa270dbe3330a1421d2dedc0f8e857e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6b:6e:11:64:c1:d5:d1:51:ff:09:a7:cc:32:
d8:20:94:22:dc:9a:90:e0:13:66:18:be:04:08:84:
05:b0:de:1a:61:8c:a7:07:77:f7:69:74:65:e0:b7:
77:33:8a:2b:55:38:9f:75:e0:1a:71:5d:b7:23:ab:
02:0e:17:0f:f4:94:55:64:5c:01:7f:c8:41:cc:ce:
12:b2:79:3c:0d:98:07:36:5c:fd:aa:ae:89:8e:f1:
c0:69:d1:f0:a1:17:6d:ba:b1:85:99:80:7b:bb:01:
59:5b:32:b1:a8:d2:8a:6e:d7:ca:63:3c:34:ab:d3:
5e:6c:8c:56:ff:f0:a5:fe:f7:05:a2:1c:50:0e:5e:
25:4a:ed:74:b2:49:14:13:66:42:20:ed:48:33:b2:
9e:bb:d0:0a:2a:79:81:97:83:27:b7:6b:ba:88:df:
f1:e6:29:82:01:0a:4d:9b:0c:94:f7:4e:10:18:92:
a3:67:e0:da:4d:ff:cb:db:87:fa:97:da:9f:86:bd:
b8:60:6e:a2:36:29:14:8f:4d:01:3a:8f:8a:95:91:
a3:91:d8:66:fe:65:a5:39:c5:35:10:1b:02:55:7f:
76:5c:8d:26:f7:2f:f8:ad:23:81:12:d4:05:f5:65:
b6:b2:c0:8a:bd:dc:64:aa:5d:94:5c:69:cd:00:53:
69:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A0:38:4D:6F:A2:70:DB:E3:33:0A:14:21:D2:DE:DC:0F:8E:85:7E
X509v3 Authority Key Identifier:
keyid:38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:71:51:34:c1:14:9c:d3:53:74:b5:36:02:9b:46:32:ca:b8:
1b:65:20:bf:ed:7b:9f:ec:0f:ba:2c:bf:1a:83:48:c1:6f:af:
d6:e6:0e:47:5b:b1:25:53:c5:d1:5b:29:e6:b4:a3:6c:85:d2:
fd:ba:39:e7:be:71:ad:c3:a4:93:2e:48:23:a7:3c:e8:c5:4c:
a6:58:a3:14:d9:b2:3e:2e:e6:5d:41:31:d5:d8:dc:31:8c:30:
ef:7d:f4:21:e8:04:48:fc:9d:dc:9a:23:38:37:b5:a2:2f:82:
e4:c8:4d:05:51:57:a8:77:09:8a:78:82:48:ed:ce:9f:7a:96:
1f:a7:de:ed:77:c5:bf:c7:c3:c6:b9:b4:89:a5:7f:43:7b:0a:
23:d8:a3:f5:a1:3b:c1:81:04:7a:9c:e9:f2:5b:5c:ef:01:66:
47:03:53:8b:0f:5e:6a:be:44:cd:56:aa:8d:e6:fe:73:60:6c:
cf:dc:d2:53:9f:36:f7:c2:e9:d3:f8:f2:7c:bf:57:c9:50:a9:
ff:7f:71:18:26:57:44:2a:d3:8c:39:73:a9:9f:da:c9:a6:9f:
61:2c:a1:7d:da:25:9d:d2:8a:8c:17:5d:2e:35:7c:91:6c:2d:
8c:9e:58:bb:99:d7:79:5a:07:d2:d6:43:7e:61:65:91:67:4e:
6d:4d:8a:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWfsb3ZefiwtNix/6KTA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmY4NmYyZGJkMDc3NmM0ZTUxOWM5YzlhZTRmYWQwNDI2
ZjM5ZmYwHhcNMjYwMzAyMDcwMTIxWhcNMjYwMzAzMDcwMTIxWjAzMTEwLwYDVQQD
EyhmN2EwMzg0ZDZmYTI3MGRiZTMzMzBhMTQyMWQyZGVkYzBmOGU4NTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mtuEWTB1dFR/wmnzDLYIJQi3JqQ
4BNmGL4ECIQFsN4aYYynB3f3aXRl4Ld3M4orVTifdeAacV23I6sCDhcP9JRVZFwB
f8hBzM4Ssnk8DZgHNlz9qq6JjvHAadHwoRdturGFmYB7uwFZWzKxqNKKbtfKYzw0
q9NebIxW//Cl/vcFohxQDl4lSu10skkUE2ZCIO1IM7Keu9AKKnmBl4Mnt2u6iN/x
5imCAQpNmwyU904QGJKjZ+DaTf/L24f6l9qfhr24YG6iNikUj00BOo+KlZGjkdhm
/mWlOcU1EBsCVX92XI0m9y/4rSOBEtQF9WW2ssCKvdxkql2UXGnNAFNpqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPegOE1vonDb4zMKFCHS3twPjoV+MB8GA1UdIwQY
MBaAFDgvhvLb0HdsTlGcnJrk+tBCbzn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2Mjgt
MjAzNTYzZjg0NWJiLzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2MjgtMjAzNTYzZjg0NWJi
LzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPnFRNMEU
nNNTdLU2AptGMsq4G2Ugv+17n+wPuiy/GoNIwW+v1uYOR1uxJVPF0Vsp5rSjbIXS
/bo5575xrcOkky5II6c86MVMplijFNmyPi7mXUEx1djcMYww7330IegESPyd3Joj
ODe1oi+C5MhNBVFXqHcJiniCSO3On3qWH6fe7XfFv8fDxrm0iaV/Q3sKI9ij9aE7
wYEEepzp8ltc7wFmRwNTiw9ear5EzVaqjeb+c2Bsz9zSU58298Lp0/jyfL9XyVCp
/39xGCZXRCrTjDlzqZ/ayaafYSyhfdolndKKjBddLjV8kWwtjJ5Yu5nXeVoH0tZD
fmFlkWdObU2KoA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:38:43 2026 by rpki-client