Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
File: OC-G8tvQd2xOUZycmuT60EJvOf8.mft (raw, json)
Hash identifier: 2vnE1k+9VZwgjMZPmZrbzJzQsk/Kuz9s9grsROv25IE=
Subject key identifier: 24:7C:4E:AA:AC:68:52:FD:9C:CF:B6:C3:64:0E:E6:C2:C9:A1:37:32
Authority key identifier: 38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
Certificate issuer: /CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Certificate serial: 019D9AE3900E61203C46D47504AC99CC0EF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
Manifest number: 04A5
Signing time: Fri 17 Apr 2026 10:01:37 +0000
Manifest this update: Fri 17 Apr 2026 10:01:37 +0000
Manifest next update: Sat 18 Apr 2026 10:01:37 +0000
Files and hashes: 1: 1-CvN4vL-gOumnUiw8kqYnlyhsGg.roa (hash: j8Mlx4J1MdSRge54lSRG985DTWF3u6cnasrSWFkZ6ac=)
2: OC-G8tvQd2xOUZycmuT60EJvOf8.crl (hash: RTVac0jVmVukIQI4OWyeocumgcw+y2YTOwPjH8bbSMg=)
3: t25FS3p7VfnEPbzfHv-DyXEln4A.roa (hash: 71ZKU18culvAhzrOg6y8Lw3IENicOoZIJiAlIOqPr8E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e3:90:0e:61:20:3c:46:d4:75:04:ac:99:cc:0e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Validity
Not Before: Apr 17 10:01:37 2026 GMT
Not After : Apr 18 10:01:37 2026 GMT
Subject: CN=247c4eaaac6852fd9ccfb6c3640ee6c2c9a13732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:01:78:8b:8d:0a:76:0d:7a:92:b1:0f:1c:f3:
14:ad:5a:62:f8:02:9b:1d:65:3d:88:dd:e1:33:44:
99:13:67:49:32:24:d2:7e:f1:91:e5:96:b2:a9:de:
60:72:25:75:a0:76:6a:4f:f5:dd:9c:db:bd:1d:74:
3a:73:c7:5c:b2:8b:2c:1e:b2:11:79:3d:2f:5a:72:
d9:b7:8b:3c:35:0f:e2:2b:21:8e:32:b8:7a:6e:0e:
7a:00:f1:4e:04:1e:97:9a:5e:49:eb:c7:6a:28:41:
a5:5f:00:80:79:91:f2:9f:41:11:ae:33:52:b4:41:
72:65:af:de:e6:a4:47:57:2a:24:f5:ab:45:2a:0e:
72:df:fb:25:2a:e7:08:66:3c:78:a5:62:50:19:66:
79:f5:9e:d0:1e:c6:a6:db:a1:01:d9:f7:9c:18:8a:
77:ba:71:2c:87:e6:89:c6:6d:60:e3:df:f9:f8:fe:
00:7d:89:46:e4:54:a5:57:50:e7:c3:c7:70:44:c5:
b4:a3:73:a6:e9:d1:02:fd:3f:c0:fa:e9:6a:cb:64:
95:69:91:af:ae:50:66:57:a4:e3:db:65:b8:b7:11:
1e:11:31:bf:39:f8:3d:28:c9:46:3b:1c:bb:c7:01:
a3:12:e9:29:d4:20:65:37:61:50:5d:8e:cb:31:38:
c5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:7C:4E:AA:AC:68:52:FD:9C:CF:B6:C3:64:0E:E6:C2:C9:A1:37:32
X509v3 Authority Key Identifier:
keyid:38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:0f:b6:d2:40:29:79:36:42:fa:ec:53:46:3b:5a:62:62:73:
2f:85:36:8b:14:a0:b7:a6:51:03:9e:89:ee:aa:73:eb:c7:d8:
1d:eb:1a:f4:47:4e:df:15:fd:cf:d6:01:87:06:1a:9a:a7:13:
df:9c:ae:bb:25:8e:e9:57:88:2d:de:17:ca:55:0f:b8:23:1e:
ea:ba:ea:2f:31:16:ac:d9:a8:0f:ef:7b:79:69:70:24:54:3a:
95:f6:11:2b:86:11:f7:b2:76:1f:ec:27:15:38:ee:8b:51:37:
1e:ba:83:06:fb:7a:28:db:92:b4:b5:17:22:d5:44:17:c6:f1:
66:3d:cc:34:9a:52:a5:95:3d:b7:1a:5a:26:ac:72:b4:3b:8a:
d2:d8:86:5d:6f:ea:29:98:41:70:85:57:a6:29:c5:28:71:f4:
26:f1:a1:5e:c1:d6:05:d6:1e:7b:3a:d9:ae:69:00:ed:74:43:
0e:49:dd:42:d4:b7:31:af:4f:6d:bd:d5:15:fd:8d:2a:aa:cd:
6e:4e:01:1e:f2:be:c5:0c:35:02:59:7f:0d:2d:05:9a:32:da:
fc:b9:ac:99:d7:a7:a2:01:79:37:f9:d7:78:f6:35:df:96:6b:
b0:8e:08:87:39:c7:ad:ec:15:44:0e:5d:97:70:42:8c:f4:a6:
be:c2:20:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a45AOYSA8RtR1BKyZzA7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmY4NmYyZGJkMDc3NmM0ZTUxOWM5YzlhZTRmYWQwNDI2
ZjM5ZmYwHhcNMjYwNDE3MTAwMTM3WhcNMjYwNDE4MTAwMTM3WjAzMTEwLwYDVQQD
EygyNDdjNGVhYWFjNjg1MmZkOWNjZmI2YzM2NDBlZTZjMmM5YTEzNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAF4i40Kdg16krEPHPMUrVpi+AKb
HWU9iN3hM0SZE2dJMiTSfvGR5Zayqd5gciV1oHZqT/XdnNu9HXQ6c8dcsossHrIR
eT0vWnLZt4s8NQ/iKyGOMrh6bg56APFOBB6Xml5J68dqKEGlXwCAeZHyn0ERrjNS
tEFyZa/e5qRHVyok9atFKg5y3/slKucIZjx4pWJQGWZ59Z7QHsam26EB2fecGIp3
unEsh+aJxm1g49/5+P4AfYlG5FSlV1Dnw8dwRMW0o3Om6dEC/T/A+ulqy2SVaZGv
rlBmV6Tj22W4txEeETG/Ofg9KMlGOxy7xwGjEukp1CBlN2FQXY7LMTjFeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCR8TqqsaFL9nM+2w2QO5sLJoTcyMB8GA1UdIwQY
MBaAFDgvhvLb0HdsTlGcnJrk+tBCbzn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2Mjgt
MjAzNTYzZjg0NWJiLzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2MjgtMjAzNTYzZjg0NWJi
LzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARg+20kAp
eTZC+uxTRjtaYmJzL4U2ixSgt6ZRA56J7qpz68fYHesa9EdO3xX9z9YBhwYamqcT
35yuuyWO6VeILd4XylUPuCMe6rrqLzEWrNmoD+97eWlwJFQ6lfYRK4YR97J2H+wn
FTjui1E3HrqDBvt6KNuStLUXItVEF8bxZj3MNJpSpZU9txpaJqxytDuK0tiGXW/q
KZhBcIVXpinFKHH0JvGhXsHWBdYeezrZrmkA7XRDDkndQtS3Ma9Pbb3VFf2NKqrN
bk4BHvK+xQw1All/DS0FmjLa/LmsmdenogF5N/nXePY135ZrsI4IhznHrewVRA5d
l3BCjPSmvsIgUA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:44:40 2026 by rpki-client