Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
File: oCN2bGLetRKXFVcI7MtCHIsEeAo.mft (raw, json)
Hash identifier: 3KSigevtV1wSwDDZ/OFMXnf4juMlnCiaFxoBB9dlanM=
Subject key identifier: CC:E8:CC:18:A4:D4:56:5A:3C:25:6B:37:FC:A4:39:16:D4:EA:8E:C4
Authority key identifier: A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
Certificate issuer: /CN=a023766c62deb51297155708eccb421c8b04780a
Certificate serial: 019CACEBC460A93ED02090FAFF69D1DF49A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
Manifest number: 1599
Signing time: Mon 02 Mar 2026 05:00:58 +0000
Manifest this update: Mon 02 Mar 2026 05:00:58 +0000
Manifest next update: Tue 03 Mar 2026 05:00:58 +0000
Files and hashes: 1: g0-HGh4bznaFgiFX5KCpF3Q8z70.roa (hash: kuqsXcay0qN76iKLs/AKqPrHvwfsG46t73MVLxZfYe0=)
2: oCN2bGLetRKXFVcI7MtCHIsEeAo.crl (hash: OEfNCgMlgMDhcO5mE+SzemV5cQDEeaxJZ6x1TpdwJ68=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:eb:c4:60:a9:3e:d0:20:90:fa:ff:69:d1:df:49:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a023766c62deb51297155708eccb421c8b04780a
Validity
Not Before: Mar 2 05:00:58 2026 GMT
Not After : Mar 3 05:00:58 2026 GMT
Subject: CN=cce8cc18a4d4565a3c256b37fca43916d4ea8ec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:10:68:3d:4e:56:c5:84:e9:7a:e2:4a:86:c7:
69:51:2c:50:01:9b:f5:18:0d:c0:22:d8:dd:71:9d:
a7:10:8a:cd:52:37:13:c1:6b:f8:22:fa:74:20:d3:
aa:5c:8f:27:3b:e8:36:96:28:6a:d1:ed:c0:30:bc:
aa:3a:60:59:53:66:6d:72:a0:bf:64:e1:aa:22:6d:
21:6a:fd:e0:a0:07:27:e3:b5:bd:35:d7:a3:7c:98:
4e:dc:59:12:e1:da:e5:60:dc:62:73:04:7c:f9:38:
c8:29:d1:3b:eb:e3:ed:64:82:bb:a6:ae:e0:a7:f7:
83:0a:18:62:05:3b:6e:e2:4f:b1:86:b1:c0:37:83:
58:ce:20:64:37:bf:04:a3:b1:92:ce:29:a0:99:47:
a2:10:67:24:39:54:1e:25:0c:9c:47:88:08:19:10:
a6:4a:a9:a4:cd:0d:81:74:71:82:c0:46:f7:af:5d:
e7:bb:28:ad:46:84:c7:72:41:76:3b:05:36:0d:aa:
36:1f:9c:a2:df:b7:76:93:46:28:2c:0c:e9:f6:30:
4f:7d:a7:ac:af:49:92:05:71:d8:f6:a0:f7:1c:21:
5d:b9:ec:b1:52:d7:70:d3:cf:4d:57:57:02:2c:a7:
7d:08:fb:ed:84:99:4b:07:cd:04:e5:2e:0f:d8:13:
91:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E8:CC:18:A4:D4:56:5A:3C:25:6B:37:FC:A4:39:16:D4:EA:8E:C4
X509v3 Authority Key Identifier:
keyid:A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:fd:bb:d1:a2:dd:f0:19:44:88:fe:81:49:c3:90:30:da:7d:
fb:38:3f:e9:72:5a:85:f1:e0:ab:9c:a8:ce:2f:ca:94:eb:4f:
01:41:e8:af:98:17:00:a5:31:18:6a:71:a1:90:d9:1f:d6:80:
df:b4:c4:79:a5:74:1c:50:ed:b1:13:d2:04:2f:91:45:07:45:
36:a3:44:f0:fa:58:a3:b4:ad:1f:83:80:4b:2c:8b:47:13:8b:
2b:c9:af:f6:ec:47:23:ef:9f:f4:80:7c:d9:6c:ab:2b:11:9a:
23:9b:87:38:9c:26:aa:8b:9b:19:c8:59:72:46:02:53:31:d4:
fd:74:79:a0:78:7f:1a:5c:d5:63:2d:f3:12:3a:f2:22:c8:88:
66:1d:92:e5:d8:5e:8f:25:b8:33:63:c2:4d:14:62:ee:e2:46:
60:56:cb:74:1a:44:e1:26:64:8d:53:70:a0:3e:bd:ad:9e:30:
5a:f2:66:d0:9f:32:bd:d5:24:1d:75:40:a1:51:40:fb:a8:46:
4f:59:95:0b:84:1e:37:ef:66:e2:e0:f8:da:f7:c3:9a:a3:91:
47:47:9b:ee:73:88:36:ef:31:92:b1:60:5a:e4:d7:77:91:8c:
9d:c2:0e:fc:a5:37:50:01:16:30:a7:11:15:a6:14:e0:b0:28:
58:7a:13:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZys68RgqT7QIJD6/2nR30mgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjM3NjZjNjJkZWI1MTI5NzE1NTcwOGVjY2I0MjFjOGIw
NDc4MGEwHhcNMjYwMzAyMDUwMDU4WhcNMjYwMzAzMDUwMDU4WjAzMTEwLwYDVQQD
EyhjY2U4Y2MxOGE0ZDQ1NjVhM2MyNTZiMzdmY2E0MzkxNmQ0ZWE4ZWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBBoPU5WxYTpeuJKhsdpUSxQAZv1
GA3AItjdcZ2nEIrNUjcTwWv4Ivp0INOqXI8nO+g2lihq0e3AMLyqOmBZU2ZtcqC/
ZOGqIm0hav3goAcn47W9NdejfJhO3FkS4drlYNxicwR8+TjIKdE76+PtZIK7pq7g
p/eDChhiBTtu4k+xhrHAN4NYziBkN78Eo7GSzimgmUeiEGckOVQeJQycR4gIGRCm
SqmkzQ2BdHGCwEb3r13nuyitRoTHckF2OwU2Dao2H5yi37d2k0YoLAzp9jBPfaes
r0mSBXHY9qD3HCFdueyxUtdw089NV1cCLKd9CPvthJlLB80E5S4P2BORYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMzozBik1FZaPCVrN/ykORbU6o7EMB8GA1UdIwQY
MBaAFKAjdmxi3rUSlxVXCOzLQhyLBHgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAt
YTNhMTAwZWY4NmRlLzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAtYTNhMTAwZWY4NmRl
LzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg/270aLd
8BlEiP6BScOQMNp9+zg/6XJahfHgq5yozi/KlOtPAUHor5gXAKUxGGpxoZDZH9aA
37TEeaV0HFDtsRPSBC+RRQdFNqNE8PpYo7StH4OASyyLRxOLK8mv9uxHI++f9IB8
2WyrKxGaI5uHOJwmqoubGchZckYCUzHU/XR5oHh/GlzVYy3zEjryIsiIZh2S5dhe
jyW4M2PCTRRi7uJGYFbLdBpE4SZkjVNwoD69rZ4wWvJm0J8yvdUkHXVAoVFA+6hG
T1mVC4QeN+9m4uD42vfDmqORR0eb7nOINu8xkrFgWuTXd5GMncIO/KU3UAEWMKcR
FaYU4LAoWHoTSg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:36:45 2026 by rpki-client