Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/8595c8-4834-4d54-a391-312e5b491146/1/oYanahiZ2_kCnhrv2QUXe7CdNo0.mft
File: oYanahiZ2_kCnhrv2QUXe7CdNo0.mft (raw, json)
Hash identifier: JqwSrJOmsAIQGhAjoSMpjyW1TiIWjAWSKPW5hUDVv4Q=
Subject key identifier: 5D:05:CD:9F:88:96:9A:A3:DB:54:41:56:C3:DB:96:4F:75:39:D9:86
Authority key identifier: A1:86:A7:6A:18:99:DB:F9:02:9E:1A:EF:D9:05:17:7B:B0:9D:36:8D
Certificate issuer: /CN=a186a76a1899dbf9029e1aefd905177bb09d368d
Certificate serial: 019CAAC70E47B11B6521F52C75DE5C4DB2F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYanahiZ2_kCnhrv2QUXe7CdNo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/8595c8-4834-4d54-a391-312e5b491146/1/oYanahiZ2_kCnhrv2QUXe7CdNo0.mft
Manifest number: 0CD7
Signing time: Sun 01 Mar 2026 19:01:37 +0000
Manifest this update: Sun 01 Mar 2026 19:01:37 +0000
Manifest next update: Mon 02 Mar 2026 19:01:37 +0000
Files and hashes: 1: NN02RYdDSld5Y_Gaa2L7Y6KMwlg.roa (hash: kmXA/OCGhyiId8hIHYYzQ+3ut/BaLBRzEWv/qUUmjqo=)
2: oYanahiZ2_kCnhrv2QUXe7CdNo0.crl (hash: gP6boKrAj+gcLgt2Y2mhb4k6kUhc87WxSGcRVcn9IgQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/8595c8-4834-4d54-a391-312e5b491146/1/oYanahiZ2_kCnhrv2QUXe7CdNo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/8595c8-4834-4d54-a391-312e5b491146/1/oYanahiZ2_kCnhrv2QUXe7CdNo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oYanahiZ2_kCnhrv2QUXe7CdNo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c7:0e:47:b1:1b:65:21:f5:2c:75:de:5c:4d:b2:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a186a76a1899dbf9029e1aefd905177bb09d368d
Validity
Not Before: Mar 1 19:01:37 2026 GMT
Not After : Mar 2 19:01:37 2026 GMT
Subject: CN=5d05cd9f88969aa3db544156c3db964f7539d986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:15:3f:f8:c3:c2:12:c5:25:aa:53:5a:e6:97:
7c:aa:ea:19:7a:66:fa:f0:e3:4c:ce:32:46:6e:fc:
30:b7:c2:ce:94:fc:61:92:11:db:1a:1e:d0:af:da:
92:ab:49:82:b4:75:fe:16:e3:4a:73:55:3e:5e:11:
97:de:65:19:19:e5:d5:40:7c:f4:9e:cc:d1:4b:b5:
11:9e:2c:97:ac:14:d5:64:ea:07:00:65:34:47:3e:
3a:6f:69:df:a0:7f:98:6a:20:4c:bc:4c:8a:17:0c:
3a:be:ca:08:9e:c4:ee:54:00:64:a2:0f:a8:79:21:
22:41:da:5f:a7:df:af:48:68:3b:12:d1:9c:25:a8:
9f:4a:73:5f:0d:85:75:a9:36:0b:35:e0:e9:31:40:
6a:9f:3e:a5:cf:72:5a:a9:9c:44:a9:d0:00:4d:8c:
a5:ec:70:0b:df:99:fa:dc:18:b6:33:19:9d:18:45:
a7:a9:29:34:31:a4:30:6d:e6:8e:74:0d:a3:0e:14:
4c:5d:f8:e0:95:a0:75:5c:5c:b3:26:bc:70:f0:b9:
fd:67:ed:14:71:3a:e9:de:e4:e6:6f:8b:4d:a4:c2:
8f:c5:16:a1:6f:fd:f6:19:b6:fc:b4:6c:72:ba:8e:
cb:a0:39:b5:43:8e:c1:06:c3:36:e4:66:94:90:ae:
a3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:05:CD:9F:88:96:9A:A3:DB:54:41:56:C3:DB:96:4F:75:39:D9:86
X509v3 Authority Key Identifier:
keyid:A1:86:A7:6A:18:99:DB:F9:02:9E:1A:EF:D9:05:17:7B:B0:9D:36:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYanahiZ2_kCnhrv2QUXe7CdNo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8595c8-4834-4d54-a391-312e5b491146/1/oYanahiZ2_kCnhrv2QUXe7CdNo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8595c8-4834-4d54-a391-312e5b491146/1/oYanahiZ2_kCnhrv2QUXe7CdNo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:ac:93:f1:bb:c8:0b:c6:ec:e9:5f:9c:10:9b:5b:41:fb:48:
a3:ca:85:6b:95:2e:c7:5b:b9:41:64:f0:4f:11:46:4d:8c:c5:
c3:6f:8b:f3:fb:e7:fe:bb:55:87:5a:58:c3:2e:0e:4c:08:b2:
94:c4:fb:fc:99:d5:7a:e5:41:2c:a0:bf:70:18:18:26:38:5d:
0b:1d:7e:32:a5:49:09:f1:dc:55:71:29:66:c5:28:45:58:d7:
84:3e:19:ab:17:06:7b:2f:6d:d7:d6:ca:9d:80:2e:22:67:68:
1f:c8:f9:1d:b4:e0:b8:49:bb:f6:6e:a8:52:8d:a0:5d:d1:d1:
b0:83:99:d5:37:a5:41:8f:bb:fe:95:4a:55:1d:15:36:7a:fe:
0e:4c:65:5a:b6:b0:4d:ad:da:7a:b1:dc:f4:1a:9a:5b:cf:fb:
a0:5d:2c:8c:48:2e:c7:5e:03:49:28:03:8c:8d:28:8b:ab:c5:
de:34:93:fd:ed:69:fd:db:89:ca:bc:9a:3d:89:d9:9e:2c:6a:
51:98:2b:92:2e:0d:19:3d:c2:74:9f:89:ca:c5:a4:30:7d:ab:
1e:53:d9:0e:3d:2f:f3:1a:2f:a7:4b:35:c9:cc:f2:a8:34:4e:
75:e1:37:e1:24:7d:7e:c2:8a:6e:15:02:4a:af:18:5a:c3:93:
d2:13:af:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxw5HsRtlIfUsdd5cTbL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODZhNzZhMTg5OWRiZjkwMjllMWFlZmQ5MDUxNzdiYjA5
ZDM2OGQwHhcNMjYwMzAxMTkwMTM3WhcNMjYwMzAyMTkwMTM3WjAzMTEwLwYDVQQD
Eyg1ZDA1Y2Q5Zjg4OTY5YWEzZGI1NDQxNTZjM2RiOTY0Zjc1MzlkOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BU/+MPCEsUlqlNa5pd8quoZemb6
8ONMzjJGbvwwt8LOlPxhkhHbGh7Qr9qSq0mCtHX+FuNKc1U+XhGX3mUZGeXVQHz0
nszRS7URniyXrBTVZOoHAGU0Rz46b2nfoH+YaiBMvEyKFww6vsoInsTuVABkog+o
eSEiQdpfp9+vSGg7EtGcJaifSnNfDYV1qTYLNeDpMUBqnz6lz3JaqZxEqdAATYyl
7HAL35n63Bi2MxmdGEWnqSk0MaQwbeaOdA2jDhRMXfjglaB1XFyzJrxw8Ln9Z+0U
cTrp3uTmb4tNpMKPxRahb/32Gbb8tGxyuo7LoDm1Q47BBsM25GaUkK6jKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0FzZ+Ilpqj21RBVsPblk91OdmGMB8GA1UdIwQY
MBaAFKGGp2oYmdv5Ap4a79kFF3uwnTaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lhbmFoaVoyX2tDbmhydjJRVVhlN0NkTm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84NTk1YzgtNDgzNC00ZDU0LWEzOTEt
MzEyZTViNDkxMTQ2LzEvb1lhbmFoaVoyX2tDbmhydjJRVVhlN0NkTm8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84NTk1YzgtNDgzNC00ZDU0LWEzOTEtMzEyZTViNDkxMTQ2
LzEvb1lhbmFoaVoyX2tDbmhydjJRVVhlN0NkTm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeKyT8bvI
C8bs6V+cEJtbQftIo8qFa5Uux1u5QWTwTxFGTYzFw2+L8/vn/rtVh1pYwy4OTAiy
lMT7/JnVeuVBLKC/cBgYJjhdCx1+MqVJCfHcVXEpZsUoRVjXhD4ZqxcGey9t19bK
nYAuImdoH8j5HbTguEm79m6oUo2gXdHRsIOZ1TelQY+7/pVKVR0VNnr+DkxlWraw
Ta3aerHc9BqaW8/7oF0sjEgux14DSSgDjI0oi6vF3jST/e1p/duJyryaPYnZnixq
UZgrki4NGT3CdJ+JysWkMH2rHlPZDj0v8xovp0s1yczyqDROdeE34SR9fsKKbhUC
Sq8YWsOT0hOvNg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:44:39 2026 by rpki-client