Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
File: OCrZBtcZpmqFoxPRBSlAAstlf3s.mft (raw, json)
Hash identifier: degBjHAZp0/JffntBi6uPMTXsRfXPapABHrQieRFXjI=
Subject key identifier: DD:C4:E4:60:7A:97:FB:5A:5C:75:8E:B5:45:D8:DB:BA:19:F9:0C:62
Authority key identifier: 38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B
Certificate issuer: /CN=382ad906d719a66a85a313d105294002cb657f7b
Certificate serial: 019D679A6C44D3C5BCB4C7270EB6D7B1E644
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
Manifest number: 0488
Signing time: Tue 07 Apr 2026 11:01:06 +0000
Manifest this update: Tue 07 Apr 2026 11:01:06 +0000
Manifest next update: Wed 08 Apr 2026 11:01:06 +0000
Files and hashes: 1: OCrZBtcZpmqFoxPRBSlAAstlf3s.crl (hash: sonFCb2yRHF8fzP008Fy5UrePSGlFhjewjgvTtl8U2Y=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:67:9a:6c:44:d3:c5:bc:b4:c7:27:0e:b6:d7:b1:e6:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382ad906d719a66a85a313d105294002cb657f7b
Validity
Not Before: Apr 7 11:01:06 2026 GMT
Not After : Apr 8 11:01:06 2026 GMT
Subject: CN=ddc4e4607a97fb5a5c758eb545d8dbba19f90c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7c:c1:61:ff:bd:5a:ab:3e:98:47:68:43:52:
41:26:e0:1d:38:2e:68:be:85:ac:9c:29:15:0c:6d:
6e:dc:95:b9:38:64:6b:15:ca:2b:70:85:fb:5c:75:
7c:23:ad:08:e3:56:8d:0a:93:ed:2f:20:85:7b:b8:
4d:7d:c3:a7:7c:39:84:6e:74:8c:df:1a:2c:7c:49:
fa:12:d7:e4:f7:4c:7c:c5:ec:74:e2:8a:df:76:e3:
7f:02:98:a8:b3:73:f4:fa:b8:87:f4:92:45:8c:a8:
e0:9b:1a:ea:55:c1:1d:58:6c:e5:9e:f4:a3:c9:cf:
d1:ad:65:2d:5b:3b:d7:1d:68:3b:09:f2:ac:6f:13:
ab:c1:cc:aa:47:a2:84:e3:5e:86:60:f7:49:5a:f6:
96:6b:81:08:5c:3a:02:e4:dd:9a:ef:9e:7a:1c:9c:
ab:7f:a3:5b:d8:52:d0:d9:ae:e3:e7:dd:67:3a:8b:
39:eb:98:ef:91:48:a6:d5:77:59:b1:a8:c2:88:89:
16:ef:d5:04:95:a4:fa:73:4b:6c:c9:a3:69:81:6b:
ee:9a:85:75:bf:d7:13:bf:15:07:03:c9:d8:60:f3:
b4:04:84:7e:31:f7:6b:d1:60:d3:dd:90:ee:a9:22:
8d:9b:2e:d0:6d:35:30:77:33:86:48:b7:87:50:7b:
00:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C4:E4:60:7A:97:FB:5A:5C:75:8E:B5:45:D8:DB:BA:19:F9:0C:62
X509v3 Authority Key Identifier:
keyid:38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:42:a8:85:9e:55:f5:9a:6a:3e:13:e0:d6:d0:8c:da:a3:d7:
e7:de:47:f6:01:0c:a2:21:44:cd:14:df:5a:44:fa:9f:d7:2c:
eb:f9:5b:d7:5e:bf:0c:71:b9:15:69:81:b1:5a:1a:09:42:3c:
ea:0d:2f:db:08:41:e0:8f:e2:0c:3e:86:50:fc:f9:5b:de:3b:
a7:af:b4:b0:4e:e3:20:e8:48:7c:21:08:05:80:78:be:19:ad:
44:d1:43:b9:12:65:54:e0:68:1c:70:0f:f5:33:e1:38:9c:08:
90:d6:6b:8c:47:af:3f:c9:0b:c8:a4:0a:7f:93:45:17:fb:b2:
1c:f3:c9:1e:2d:71:b6:af:d6:b1:0d:99:a7:d6:95:c4:fd:3f:
15:de:92:44:68:5f:db:83:b3:09:17:24:5a:8e:66:77:a1:30:
1d:b4:c1:cc:ef:2a:94:53:70:6c:80:5b:64:8e:19:fb:cc:4e:
78:28:45:d0:df:c5:74:c3:1e:6f:39:e0:79:37:88:80:e7:94:
9e:47:85:a1:03:4e:53:9c:4d:ee:0a:b1:fc:8f:2d:e3:d8:b3:
7a:5d:ee:52:0a:ce:15:dc:58:22:5b:6a:36:2e:03:e2:8e:b0:
29:13:cc:cc:bb:04:f5:8f:74:96:20:74:5b:b7:f8:cc:37:b4:
b7:31:18:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ1nmmxE08W8tMcnDrbXseZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmFkOTA2ZDcxOWE2NmE4NWEzMTNkMTA1Mjk0MDAyY2I2
NTdmN2IwHhcNMjYwNDA3MTEwMTA2WhcNMjYwNDA4MTEwMTA2WjAzMTEwLwYDVQQD
EyhkZGM0ZTQ2MDdhOTdmYjVhNWM3NThlYjU0NWQ4ZGJiYTE5ZjkwYzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnzBYf+9Wqs+mEdoQ1JBJuAdOC5o
voWsnCkVDG1u3JW5OGRrFcorcIX7XHV8I60I41aNCpPtLyCFe7hNfcOnfDmEbnSM
3xosfEn6Etfk90x8xex04orfduN/Apios3P0+riH9JJFjKjgmxrqVcEdWGzlnvSj
yc/RrWUtWzvXHWg7CfKsbxOrwcyqR6KE416GYPdJWvaWa4EIXDoC5N2a7556HJyr
f6Nb2FLQ2a7j591nOos565jvkUim1XdZsajCiIkW79UElaT6c0tsyaNpgWvumoV1
v9cTvxUHA8nYYPO0BIR+Mfdr0WDT3ZDuqSKNmy7QbTUwdzOGSLeHUHsAzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3E5GB6l/taXHWOtUXY27oZ+QxiMB8GA1UdIwQY
MBaAFDgq2QbXGaZqhaMT0QUpQALLZX97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAt
NmNlNTJiZWU2NjZhLzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAtNmNlNTJiZWU2NjZh
LzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVkKohZ5V
9ZpqPhPg1tCM2qPX595H9gEMoiFEzRTfWkT6n9cs6/lb116/DHG5FWmBsVoaCUI8
6g0v2whB4I/iDD6GUPz5W947p6+0sE7jIOhIfCEIBYB4vhmtRNFDuRJlVOBoHHAP
9TPhOJwIkNZrjEevP8kLyKQKf5NFF/uyHPPJHi1xtq/WsQ2Zp9aVxP0/Fd6SRGhf
24OzCRckWo5md6EwHbTBzO8qlFNwbIBbZI4Z+8xOeChF0N/FdMMebzngeTeIgOeU
nkeFoQNOU5xN7gqx/I8t49izel3uUgrOFdxYIltqNi4D4o6wKRPMzLsE9Y90liB0
W7f4zDe0tzEYwg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:02:36 2026 by rpki-client