Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
File: oKrlhQo22yiCKmwa_F_6z_AH7vI.mft (raw, json)
Hash identifier: xQr+AVUitDMS07zl+aSq1SW1f6ksePk3RXJuigh/VNg=
Subject key identifier: A5:4F:F1:59:8D:96:C1:31:1A:D9:1F:77:AA:50:81:5F:A5:6B:30:89
Authority key identifier: A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2
Certificate issuer: /CN=a0aae5850a36db28822a6c1afc5ffacff007eef2
Certificate serial: 019D9998CEB7D54CA96943FBB40D2D91892F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
Manifest number: 0BB8
Signing time: Fri 17 Apr 2026 04:00:21 +0000
Manifest this update: Fri 17 Apr 2026 04:00:21 +0000
Manifest next update: Sat 18 Apr 2026 04:00:21 +0000
Files and hashes: 1: A2RZ0gbyKC5gzoQeKin0HSE-ZqQ.roa (hash: GGeYGfyoQGlOlTO2uMYQdKl/MdtFY8veEw/Zc71doVs=)
2: oKrlhQo22yiCKmwa_F_6z_AH7vI.crl (hash: T8gHhB7f4uaVrm0sY/njIj7WI0/8l4LQFb1+4A5ylTk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 04:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:98:ce:b7:d5:4c:a9:69:43:fb:b4:0d:2d:91:89:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0aae5850a36db28822a6c1afc5ffacff007eef2
Validity
Not Before: Apr 17 04:00:21 2026 GMT
Not After : Apr 18 04:00:21 2026 GMT
Subject: CN=a54ff1598d96c1311ad91f77aa50815fa56b3089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:90:57:9b:18:bf:02:72:2a:e7:76:67:75:4e:
74:2a:3a:74:be:e6:15:b1:d9:9e:0d:16:00:50:b4:
63:af:30:3a:49:ec:23:13:e2:b1:18:0d:12:39:37:
06:84:74:9f:af:39:65:aa:87:0d:68:08:bd:91:45:
39:4a:89:7b:c8:16:d1:ad:21:1c:4f:eb:71:88:2b:
f8:e7:93:26:8c:a9:b9:3b:fc:f3:8e:04:c1:09:70:
ea:fa:f3:22:c3:9e:9e:db:ef:61:b5:cf:d5:ea:39:
1c:bf:5f:94:5a:7b:e0:86:4a:a1:b0:18:10:75:bb:
41:8b:f2:b5:bd:5d:4f:d7:a8:b8:59:d1:eb:f9:f3:
1a:57:8c:1f:32:29:f2:b8:dc:7e:61:0f:6f:2c:5f:
31:42:57:c4:1b:4a:d4:f9:27:16:e5:07:ba:dc:ed:
95:5b:38:e1:de:07:e9:cd:6f:cc:c7:56:c3:00:e5:
25:e7:66:d6:a7:f2:75:b1:65:41:07:a9:30:13:b3:
f3:f5:f9:42:98:26:66:55:47:74:b8:e0:86:86:fd:
7a:c9:6a:16:75:57:dc:08:81:f4:b3:54:51:e9:9d:
99:58:f2:22:22:7e:e8:89:28:98:ae:44:1c:1c:b3:
e8:15:aa:3d:bb:d5:99:38:1b:a0:78:b6:2b:54:18:
2c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:4F:F1:59:8D:96:C1:31:1A:D9:1F:77:AA:50:81:5F:A5:6B:30:89
X509v3 Authority Key Identifier:
keyid:A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:3b:09:86:00:8e:fc:9c:76:98:45:cf:f1:90:42:76:0c:fc:
41:6c:25:0f:92:7c:57:6b:e4:4d:be:e3:3c:ee:4b:5e:5c:c7:
aa:d4:ac:3f:62:6a:d3:48:f1:62:08:91:9a:b7:d8:85:11:df:
ed:c1:0e:2d:cc:11:90:4b:b4:a6:ea:29:82:e9:28:cf:17:c9:
51:ae:40:c0:24:55:a8:75:a0:d0:2b:f3:9e:cf:2e:71:75:ee:
fb:65:eb:c7:7a:62:4e:a0:c9:27:72:ed:ad:cb:f0:6b:d5:2a:
cb:9c:b5:c1:78:11:a9:1a:9e:f5:2c:3d:25:8f:36:d6:7a:0d:
b9:ed:f1:a8:8a:0f:ac:b0:83:6b:79:8e:75:85:76:02:6c:ae:
8f:b3:a0:fe:a8:64:6b:cf:6a:1e:04:15:ff:8c:9f:2b:f0:94:
b1:4f:1e:50:bb:00:14:7c:b8:f6:07:0f:88:0e:7a:02:ee:90:
91:3b:c3:3c:a0:c5:30:27:ae:7a:72:d2:87:9c:89:20:02:d3:
e2:e2:8d:8d:c0:ca:d1:62:a1:4e:d4:d8:34:bb:84:7b:f1:f2:
93:0c:22:25:d5:87:a4:ce:37:ac:50:32:10:e7:f1:54:ae:ab:
6e:52:59:e9:f8:91:10:9e:65:53:db:84:6c:90:52:94:97:7e:
ed:af:ef:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmM631UypaUP7tA0tkYkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYWFlNTg1MGEzNmRiMjg4MjJhNmMxYWZjNWZmYWNmZjAw
N2VlZjIwHhcNMjYwNDE3MDQwMDIxWhcNMjYwNDE4MDQwMDIxWjAzMTEwLwYDVQQD
EyhhNTRmZjE1OThkOTZjMTMxMWFkOTFmNzdhYTUwODE1ZmE1NmIzMDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJBXmxi/AnIq53ZndU50Kjp0vuYV
sdmeDRYAULRjrzA6SewjE+KxGA0SOTcGhHSfrzllqocNaAi9kUU5Sol7yBbRrSEc
T+txiCv455MmjKm5O/zzjgTBCXDq+vMiw56e2+9htc/V6jkcv1+UWnvghkqhsBgQ
dbtBi/K1vV1P16i4WdHr+fMaV4wfMinyuNx+YQ9vLF8xQlfEG0rU+ScW5Qe63O2V
Wzjh3gfpzW/Mx1bDAOUl52bWp/J1sWVBB6kwE7Pz9flCmCZmVUd0uOCGhv16yWoW
dVfcCIH0s1RR6Z2ZWPIiIn7oiSiYrkQcHLPoFao9u9WZOBugeLYrVBgs5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKVP8VmNlsExGtkfd6pQgV+lazCJMB8GA1UdIwQY
MBaAFKCq5YUKNtsogipsGvxf+s/wB+7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODIt
MjgxOWU0YzVmMTIzLzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODItMjgxOWU0YzVmMTIz
LzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAjsJhgCO
/Jx2mEXP8ZBCdgz8QWwlD5J8V2vkTb7jPO5LXlzHqtSsP2Jq00jxYgiRmrfYhRHf
7cEOLcwRkEu0puopgukozxfJUa5AwCRVqHWg0Cvzns8ucXXu+2Xrx3piTqDJJ3Lt
rcvwa9Uqy5y1wXgRqRqe9Sw9JY821noNue3xqIoPrLCDa3mOdYV2Amyuj7Og/qhk
a89qHgQV/4yfK/CUsU8eULsAFHy49gcPiA56Au6QkTvDPKDFMCeuenLSh5yJIALT
4uKNjcDK0WKhTtTYNLuEe/HykwwiJdWHpM43rFAyEOfxVK6rblJZ6fiREJ5lU9uE
bJBSlJd+7a/vrA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:43:46 2026 by rpki-client