Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
File: OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft (raw, json)
Hash identifier: 025eimQXXM7vA6BWJI98rsJXGSyFRjI6o/VIbCazJTg=
Subject key identifier: 21:49:B8:CA:86:BE:5E:A2:68:BC:64:C8:9B:AE:31:73:16:BE:67:45
Authority key identifier: 38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
Certificate issuer: /CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Certificate serial: 019D99994843E416C926002AE1FC963AEC4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
Manifest number: 1828
Signing time: Fri 17 Apr 2026 04:00:52 +0000
Manifest this update: Fri 17 Apr 2026 04:00:52 +0000
Manifest next update: Sat 18 Apr 2026 04:00:52 +0000
Files and hashes: 1: I5suLRJMCcD3Q-LkLgkHzGSULk4.roa (hash: lLdnBAzP++nZyrTcfhQAr6iSYGM9RrOFuFX70aI206Q=)
2: OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl (hash: I6qssG+m449yXj/pEt469mzBBKQlR5y9N6HMUxvpi+w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 04:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:99:48:43:e4:16:c9:26:00:2a:e1:fc:96:3a:ec:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Validity
Not Before: Apr 17 04:00:52 2026 GMT
Not After : Apr 18 04:00:52 2026 GMT
Subject: CN=2149b8ca86be5ea268bc64c89bae317316be6745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:bf:7c:1d:c0:84:37:47:20:d2:00:39:7e:9c:
a9:29:85:99:12:9b:26:37:06:f1:80:4b:10:5d:7d:
2a:f4:58:0b:cc:3c:fe:80:b5:d4:e9:f8:19:b2:71:
a7:99:7e:f7:d3:1f:f6:17:44:4f:13:60:8e:d3:c4:
3e:b6:a9:50:98:96:86:9f:e9:6b:5a:3b:c1:14:1b:
7b:e1:cb:d3:01:1f:11:16:3d:34:c5:66:3d:90:7b:
97:cf:32:7f:bb:f5:bc:f6:6b:22:95:fb:b1:90:84:
38:d1:9e:f7:b5:ba:2c:81:a8:16:aa:90:b8:c3:a8:
9f:4a:45:c4:5c:27:a2:2f:4c:28:02:f6:24:61:fd:
15:16:63:a7:4c:11:fe:64:47:1c:7e:e8:83:50:ea:
d9:61:c0:5b:51:65:23:f8:65:73:43:63:ba:da:f5:
a3:3f:c9:27:ea:57:e9:45:32:f7:6a:5f:1f:b7:f7:
04:99:71:10:83:1c:b7:9c:7d:c1:54:1f:21:be:a5:
48:46:b7:4c:84:a1:e4:f5:c4:a3:5c:71:32:22:2c:
a0:b4:d3:62:17:f5:54:56:77:4d:5b:be:cc:57:01:
2a:fc:17:db:e5:09:3b:9f:99:8f:07:b8:ca:a6:6b:
17:e0:6f:23:f6:95:f7:98:b9:b8:a2:e4:88:be:1b:
ee:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:49:B8:CA:86:BE:5E:A2:68:BC:64:C8:9B:AE:31:73:16:BE:67:45
X509v3 Authority Key Identifier:
keyid:38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:f1:9a:b6:16:82:57:dd:22:f7:8c:0a:f7:53:56:14:99:33:
2e:73:64:a0:b5:01:50:8f:7f:75:f0:0c:e7:e3:14:a0:e1:60:
10:9d:b4:17:f6:1a:39:cd:14:a5:c6:8f:fa:5f:85:d7:55:93:
9b:f1:55:0f:7b:fb:b7:5c:b0:9e:75:76:15:cc:ad:bc:55:d9:
b5:57:94:fc:07:9f:bf:fb:00:9e:bb:99:d0:e3:93:b4:a2:b2:
10:07:98:96:cf:64:6c:0b:36:b9:d6:3e:bd:38:9d:f8:fd:70:
aa:c7:47:12:cc:5a:77:9c:54:b2:e6:5f:fc:9e:c3:bf:81:25:
41:c7:a4:1d:e4:2c:2e:0d:08:8f:14:09:38:bc:e1:9b:04:6f:
4f:a4:52:71:90:b9:cf:af:2f:82:4b:11:17:c8:ac:ca:eb:0e:
ca:19:6e:46:bd:3d:8b:ed:97:77:7e:7b:f2:a1:bf:68:e6:5a:
13:e2:28:27:8b:be:65:a1:7b:b2:9c:3e:45:47:79:59:93:9d:
ca:7f:a4:87:28:92:68:4b:0e:21:69:e1:13:74:52:7d:cb:68:
6a:c7:78:f0:02:26:32:d7:05:f0:84:47:85:3a:ba:ff:41:d9:
e7:8a:33:49:f6:da:b4:e0:55:c0:60:8e:04:a7:9e:03:f6:4b:
8b:c5:9e:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmUhD5BbJJgAq4fyWOuxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTBjODgyNmMxOGJjZDUxM2FhYTdlNTIwODFmZjlmZDM3
OTE5ZmIwHhcNMjYwNDE3MDQwMDUyWhcNMjYwNDE4MDQwMDUyWjAzMTEwLwYDVQQD
EygyMTQ5YjhjYTg2YmU1ZWEyNjhiYzY0Yzg5YmFlMzE3MzE2YmU2NzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b98HcCEN0cg0gA5fpypKYWZEpsm
NwbxgEsQXX0q9FgLzDz+gLXU6fgZsnGnmX730x/2F0RPE2CO08Q+tqlQmJaGn+lr
WjvBFBt74cvTAR8RFj00xWY9kHuXzzJ/u/W89msilfuxkIQ40Z73tbosgagWqpC4
w6ifSkXEXCeiL0woAvYkYf0VFmOnTBH+ZEccfuiDUOrZYcBbUWUj+GVzQ2O62vWj
P8kn6lfpRTL3al8ft/cEmXEQgxy3nH3BVB8hvqVIRrdMhKHk9cSjXHEyIiygtNNi
F/VUVndNW77MVwEq/Bfb5Qk7n5mPB7jKpmsX4G8j9pX3mLm4ouSIvhvuPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCFJuMqGvl6iaLxkyJuuMXMWvmdFMB8GA1UdIwQY
MBaAFDigyIJsGLzVE6qn5SCB/5/TeRn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTkt
MDUwMmE2YTU0YWFiLzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTktMDUwMmE2YTU0YWFi
LzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN/GathaC
V90i94wK91NWFJkzLnNkoLUBUI9/dfAM5+MUoOFgEJ20F/YaOc0UpcaP+l+F11WT
m/FVD3v7t1ywnnV2FcytvFXZtVeU/Aefv/sAnruZ0OOTtKKyEAeYls9kbAs2udY+
vTid+P1wqsdHEsxad5xUsuZf/J7Dv4ElQcekHeQsLg0IjxQJOLzhmwRvT6RScZC5
z68vgksRF8isyusOyhluRr09i+2Xd3578qG/aOZaE+IoJ4u+ZaF7spw+RUd5WZOd
yn+khyiSaEsOIWnhE3RSfctoasd48AImMtcF8IRHhTq6/0HZ54ozSfbatOBVwGCO
BKeeA/ZLi8We/w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:01:08 2026 by rpki-client