Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
File: oCN2bGLetRKXFVcI7MtCHIsEeAo.mft (raw, json)
Hash identifier: tDiriXuCvF56eDs7KZA3oxlLWLSDs1uqjsoiQxZPCK8=
Subject key identifier: F2:E1:D4:3B:F0:35:8E:D3:12:1D:DC:D0:18:50:4D:77:D4:92:1A:CA
Authority key identifier: A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
Certificate issuer: /CN=a023766c62deb51297155708eccb421c8b04780a
Certificate serial: 019DA41CAADC406B6D06B5C1F47CBD314296
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
Manifest number: 1619
Signing time: Sun 19 Apr 2026 05:00:35 +0000
Manifest this update: Sun 19 Apr 2026 05:00:35 +0000
Manifest next update: Mon 20 Apr 2026 05:00:35 +0000
Files and hashes: 1: g0-HGh4bznaFgiFX5KCpF3Q8z70.roa (hash: kuqsXcay0qN76iKLs/AKqPrHvwfsG46t73MVLxZfYe0=)
2: oCN2bGLetRKXFVcI7MtCHIsEeAo.crl (hash: 9CkMCWq0TXmkvsW70SU57lck6Czvc8I3+bk71ml+0Hg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:1c:aa:dc:40:6b:6d:06:b5:c1:f4:7c:bd:31:42:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a023766c62deb51297155708eccb421c8b04780a
Validity
Not Before: Apr 19 05:00:35 2026 GMT
Not After : Apr 20 05:00:35 2026 GMT
Subject: CN=f2e1d43bf0358ed3121ddcd018504d77d4921aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1f:91:fc:d9:bb:ab:9b:0d:b6:55:74:2d:0c:
b6:08:a3:27:6e:57:f1:e9:5a:a9:28:3f:25:bd:a1:
49:e1:86:29:21:86:93:f0:7a:82:f9:c7:e4:2b:43:
ad:2f:6a:cf:07:a7:fa:83:ca:25:a7:2e:f4:85:e8:
5f:71:13:e9:1e:c7:50:1b:34:ce:d4:e0:e8:98:72:
1e:32:f3:cf:34:d1:81:95:7b:f3:d3:a9:85:6b:58:
e1:7c:4c:2d:b4:27:a8:ac:3c:54:ec:35:38:1b:44:
6c:2e:f0:85:38:01:8d:d6:ec:24:71:e9:ec:bc:64:
6d:54:b0:e9:e7:91:3e:22:c0:94:74:0c:7c:72:34:
47:bf:ea:98:73:e6:7c:51:4f:82:29:a3:fd:87:ca:
b7:9a:03:ee:59:c7:c8:f9:1f:49:16:46:38:f9:b6:
78:4a:14:de:22:66:1d:06:ae:e0:f3:3d:d4:b0:7d:
e3:92:cc:e5:44:72:91:69:be:a3:b8:8a:1b:1e:c9:
70:52:3b:82:f7:2d:c9:a9:2d:68:d9:84:3d:df:4b:
19:25:ec:f3:2a:55:e6:cf:31:ea:a7:ba:38:ec:04:
4e:78:74:1d:0a:85:97:0a:0a:57:ec:f4:8f:44:25:
52:06:87:2c:41:8d:bc:e8:d6:28:89:10:19:7d:c9:
d6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:E1:D4:3B:F0:35:8E:D3:12:1D:DC:D0:18:50:4D:77:D4:92:1A:CA
X509v3 Authority Key Identifier:
keyid:A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:74:3a:5a:90:8f:fd:fe:9f:55:f5:a9:c5:ee:af:0b:61:fe:
7a:16:65:e1:32:c3:73:b6:61:8f:69:31:a9:d4:1e:94:39:ab:
32:2a:37:40:49:22:76:6d:ad:2c:bf:31:50:b9:34:5c:61:0c:
f4:a9:04:8b:10:0b:83:27:d1:75:58:41:53:44:b2:35:5d:56:
8f:da:ef:4c:c1:5a:0b:1d:c3:3c:5b:7a:97:1d:99:c2:34:69:
e5:b6:a2:b8:d7:62:28:0a:9f:88:84:c2:dc:13:6f:bd:3e:af:
8a:30:a3:20:b6:12:b2:87:af:1f:af:0d:89:75:9b:26:af:7d:
90:14:ae:72:f1:bd:a1:5b:6c:69:ae:25:7e:20:32:a1:68:51:
4c:05:16:8a:52:c6:d0:44:89:f9:57:3a:79:06:4e:4a:5b:98:
58:84:18:ee:04:1b:9e:ef:af:cd:50:3f:01:1a:b2:22:3e:25:
53:23:4c:25:1a:45:f8:a7:71:d2:22:08:11:b9:84:c4:28:00:
be:ad:e4:cb:bd:ee:b1:94:d4:6a:77:c9:56:31:6b:96:a8:29:
20:e6:49:b7:b9:b9:d8:25:fd:51:cf:af:76:aa:0c:74:6b:73:
f2:da:07:6d:7c:71:34:3e:86:4e:84:28:bd:2d:ad:7f:1e:1c:
fb:d7:a5:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kHKrcQGttBrXB9Hy9MUKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjM3NjZjNjJkZWI1MTI5NzE1NTcwOGVjY2I0MjFjOGIw
NDc4MGEwHhcNMjYwNDE5MDUwMDM1WhcNMjYwNDIwMDUwMDM1WjAzMTEwLwYDVQQD
EyhmMmUxZDQzYmYwMzU4ZWQzMTIxZGRjZDAxODUwNGQ3N2Q0OTIxYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx+R/Nm7q5sNtlV0LQy2CKMnblfx
6VqpKD8lvaFJ4YYpIYaT8HqC+cfkK0OtL2rPB6f6g8olpy70hehfcRPpHsdQGzTO
1ODomHIeMvPPNNGBlXvz06mFa1jhfEwttCeorDxU7DU4G0RsLvCFOAGN1uwkcens
vGRtVLDp55E+IsCUdAx8cjRHv+qYc+Z8UU+CKaP9h8q3mgPuWcfI+R9JFkY4+bZ4
ShTeImYdBq7g8z3UsH3jkszlRHKRab6juIobHslwUjuC9y3JqS1o2YQ930sZJezz
KlXmzzHqp7o47AROeHQdCoWXCgpX7PSPRCVSBocsQY286NYoiRAZfcnW7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPLh1DvwNY7TEh3c0BhQTXfUkhrKMB8GA1UdIwQY
MBaAFKAjdmxi3rUSlxVXCOzLQhyLBHgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAt
YTNhMTAwZWY4NmRlLzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAtYTNhMTAwZWY4NmRl
LzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC3Q6WpCP
/f6fVfWpxe6vC2H+ehZl4TLDc7Zhj2kxqdQelDmrMio3QEkidm2tLL8xULk0XGEM
9KkEixALgyfRdVhBU0SyNV1Wj9rvTMFaCx3DPFt6lx2ZwjRp5baiuNdiKAqfiITC
3BNvvT6vijCjILYSsoevH68NiXWbJq99kBSucvG9oVtsaa4lfiAyoWhRTAUWilLG
0ESJ+Vc6eQZOSluYWIQY7gQbnu+vzVA/ARqyIj4lUyNMJRpF+Kdx0iIIEbmExCgA
vq3ky73usZTUanfJVjFrlqgpIOZJt7m52CX9Uc+vdqoMdGtz8toHbXxxND6GToQo
vS2tfx4c+9eleA==
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:03:07 2026 by rpki-client