Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
File: OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft (raw, json)
Hash identifier: qihOgbiqopjuW4UEQPUS/s2MxvViQQKlhEHf8p5J0J4=
Subject key identifier: 8E:8D:69:70:75:FC:73:98:92:17:B5:AF:31:1C:F7:06:72:24:12:1A
Authority key identifier: 38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
Certificate issuer: /CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Certificate serial: 019CAC0FFE3DF1B5243D48A0EA8AEABB58E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
Manifest number: 17AD
Signing time: Mon 02 Mar 2026 01:00:55 +0000
Manifest this update: Mon 02 Mar 2026 01:00:55 +0000
Manifest next update: Tue 03 Mar 2026 01:00:55 +0000
Files and hashes: 1: I5suLRJMCcD3Q-LkLgkHzGSULk4.roa (hash: lLdnBAzP++nZyrTcfhQAr6iSYGM9RrOFuFX70aI206Q=)
2: OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl (hash: PmjOFjS81+Ae//7oqIiaOHg9VorCpkND/YmU4HZ6JHw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:0f:fe:3d:f1:b5:24:3d:48:a0:ea:8a:ea:bb:58:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Validity
Not Before: Mar 2 01:00:55 2026 GMT
Not After : Mar 3 01:00:55 2026 GMT
Subject: CN=8e8d697075fc73989217b5af311cf7067224121a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1b:40:e1:73:36:d5:e0:50:ea:ad:1d:db:5a:
6f:a2:d9:a6:2a:48:7d:18:9f:9a:5d:c8:06:80:9e:
92:8f:15:5e:af:2b:82:78:aa:42:79:d4:02:9f:e8:
6b:c1:39:0b:67:7a:26:59:54:15:72:ba:bd:a6:52:
51:17:b5:d3:42:19:89:59:5a:a6:bc:57:90:a8:63:
f2:e7:bc:79:ff:53:6b:0d:46:bf:54:0f:31:7b:73:
1b:6c:49:3a:45:e6:38:95:7f:05:94:21:00:78:35:
b5:c2:9e:23:72:ba:bd:73:23:a8:c1:66:96:3a:9d:
89:04:52:ed:99:25:33:e3:44:76:a2:4f:4a:63:cb:
7e:82:37:c2:64:fb:01:07:94:9a:71:bd:86:b3:ca:
27:16:48:44:9c:a6:c9:a0:76:a8:ad:7f:9d:34:fa:
42:e7:a1:68:72:2e:46:05:d2:39:45:c6:91:d8:76:
97:d0:67:f6:9f:46:1d:a3:41:47:6e:8c:55:2e:02:
0a:81:fe:a3:9c:74:71:fc:9f:79:af:bf:23:c4:12:
79:2e:2d:30:2f:fe:68:40:44:3a:74:b4:95:fd:1f:
da:c1:f4:83:e0:69:1d:f7:cb:63:e9:f7:76:a9:58:
4f:04:c7:5f:05:5a:1d:58:e6:ab:9d:6e:7f:dc:1f:
20:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:8D:69:70:75:FC:73:98:92:17:B5:AF:31:1C:F7:06:72:24:12:1A
X509v3 Authority Key Identifier:
keyid:38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:20:e2:84:df:22:1e:43:5f:f9:04:25:5d:91:ce:9d:e8:34:
0e:c3:91:5d:29:7d:95:a1:49:54:3d:25:87:dc:d7:95:22:b9:
4c:89:30:2c:17:31:b5:d7:c3:6d:37:62:2b:14:de:6b:6c:f6:
fc:b3:6c:9d:a3:67:01:c4:0d:c2:b4:e3:9e:e5:1b:69:fd:4b:
ab:c5:de:5a:5a:b1:2d:1a:24:0e:41:9a:c6:59:e0:c7:7c:1c:
60:5f:eb:7c:eb:75:ff:6b:b6:83:ad:3f:de:89:1f:4b:4e:1e:
86:d9:5b:5a:97:a8:b1:c5:52:69:ca:87:a4:15:e5:7e:65:9e:
ff:61:5d:74:2b:66:bf:fc:41:36:a5:9c:7b:70:6c:83:03:26:
20:e5:db:bf:7c:33:4d:65:c6:34:ee:02:06:16:94:8c:2e:26:
87:25:40:96:71:ac:fe:7b:50:df:12:d9:18:8c:2d:8f:97:c1:
a0:4f:d3:f2:ac:a2:61:57:f1:34:55:58:36:01:d6:ff:e9:c3:
7a:a1:6e:ad:fb:e3:1b:1f:f9:7f:55:54:10:0e:cc:4a:47:34:
4f:d6:dd:3f:f8:7f:f0:9c:6e:5c:9e:a1:27:a3:2a:a5:ff:03:
d1:3c:26:55:b6:58:4b:8c:5a:78:c3:58:77:74:7e:ce:f4:51:
7c:fc:39:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD/498bUkPUig6orqu1joMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTBjODgyNmMxOGJjZDUxM2FhYTdlNTIwODFmZjlmZDM3
OTE5ZmIwHhcNMjYwMzAyMDEwMDU1WhcNMjYwMzAzMDEwMDU1WjAzMTEwLwYDVQQD
Eyg4ZThkNjk3MDc1ZmM3Mzk4OTIxN2I1YWYzMTFjZjcwNjcyMjQxMjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRtA4XM21eBQ6q0d21pvotmmKkh9
GJ+aXcgGgJ6SjxVeryuCeKpCedQCn+hrwTkLZ3omWVQVcrq9plJRF7XTQhmJWVqm
vFeQqGPy57x5/1NrDUa/VA8xe3MbbEk6ReY4lX8FlCEAeDW1wp4jcrq9cyOowWaW
Op2JBFLtmSUz40R2ok9KY8t+gjfCZPsBB5Sacb2Gs8onFkhEnKbJoHaorX+dNPpC
56Foci5GBdI5RcaR2HaX0Gf2n0Ydo0FHboxVLgIKgf6jnHRx/J95r78jxBJ5Li0w
L/5oQEQ6dLSV/R/awfSD4Gkd98tj6fd2qVhPBMdfBVodWOarnW5/3B8gNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6NaXB1/HOYkhe1rzEc9wZyJBIaMB8GA1UdIwQY
MBaAFDigyIJsGLzVE6qn5SCB/5/TeRn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTkt
MDUwMmE2YTU0YWFiLzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTktMDUwMmE2YTU0YWFi
LzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZSDihN8i
HkNf+QQlXZHOneg0DsORXSl9laFJVD0lh9zXlSK5TIkwLBcxtdfDbTdiKxTea2z2
/LNsnaNnAcQNwrTjnuUbaf1Lq8XeWlqxLRokDkGaxlngx3wcYF/rfOt1/2u2g60/
3okfS04ehtlbWpeoscVSacqHpBXlfmWe/2FddCtmv/xBNqWce3BsgwMmIOXbv3wz
TWXGNO4CBhaUjC4mhyVAlnGs/ntQ3xLZGIwtj5fBoE/T8qyiYVfxNFVYNgHW/+nD
eqFurfvjGx/5f1VUEA7MSkc0T9bdP/h/8JxuXJ6hJ6Mqpf8D0TwmVbZYS4xaeMNY
d3R+zvRRfPw5sg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:20:46 2026 by rpki-client