Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier: 65EcSy36rL7/ui+rz2DPTsOzhWGuPx9/K4XdF6Sh7Vs=
Subject key identifier: 5D:E4:81:78:7C:B5:A7:B0:17:A8:81:D1:2B:1F:98:DB:D6:73:B5:77
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial: 019CABA20FC2820EA82C47668022CB8E1B1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number: 0B7E
Signing time: Sun 01 Mar 2026 23:00:50 +0000
Manifest this update: Sun 01 Mar 2026 23:00:50 +0000
Manifest next update: Mon 02 Mar 2026 23:00:50 +0000
Files and hashes: 1: Gt-80zXqf_s_u6U1np0ZyLE5Z40.roa (hash: xo9qKHdsqyfJiaN4I/AOjnmYmRnO4exFxr4FsuIGykQ=)
2: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: KWh6IKP3p5fJivo4zBtIlxlRz8pzaLzCJXjtpvmnmMM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a2:0f:c2:82:0e:a8:2c:47:66:80:22:cb:8e:1b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
Validity
Not Before: Mar 1 23:00:50 2026 GMT
Not After : Mar 2 23:00:50 2026 GMT
Subject: CN=5de481787cb5a7b017a881d12b1f98dbd673b577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b1:d5:83:2b:f2:43:ca:32:1f:3c:90:e5:c7:
bd:7c:98:50:3a:6a:a5:0c:1f:39:87:71:62:0b:ab:
b8:bc:d3:4a:dc:82:41:a2:6c:1a:56:39:c6:c5:d6:
06:ca:2d:19:7a:40:ce:0e:9e:ac:fe:6e:96:96:47:
6e:d9:11:bb:8b:25:5c:13:86:4c:67:bb:cf:d9:e0:
3f:ef:eb:f1:63:98:52:c7:b9:60:41:bc:93:53:52:
1a:4a:8c:44:bb:5a:a4:8e:80:a0:70:1f:35:b6:aa:
cb:09:06:a5:da:3b:26:7e:29:45:e8:a5:ec:6c:9a:
ad:7c:e9:e6:18:c9:cb:2f:a3:0b:55:f4:86:55:2c:
66:83:a0:73:59:88:df:5c:1e:f0:0d:20:e1:31:b1:
da:92:84:d5:d2:08:a3:10:83:d6:37:83:f4:7a:72:
cf:fa:1c:57:d7:44:b1:38:a1:82:8c:51:01:26:a2:
d6:68:15:ad:69:3a:19:1c:4a:b8:dc:13:9d:b5:44:
09:99:33:ef:69:8f:64:3d:32:0f:7e:30:52:1d:0b:
0a:35:11:96:4f:cb:0b:e2:bd:67:99:95:3b:01:08:
b8:82:86:a2:8b:8d:f1:00:6e:d8:8b:97:7d:17:07:
6a:3e:a6:28:3d:b8:8b:47:3c:25:a7:d3:5d:33:83:
4e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E4:81:78:7C:B5:A7:B0:17:A8:81:D1:2B:1F:98:DB:D6:73:B5:77
X509v3 Authority Key Identifier:
keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:4d:b5:a3:e7:57:44:cd:9b:ee:58:36:7c:5f:60:ca:c7:46:
e1:ab:96:9c:c9:14:d3:53:f0:2f:81:8f:d2:6f:fd:23:15:32:
ad:d5:97:a8:ac:0f:5a:7b:de:6a:72:41:cb:fe:ae:83:1f:7b:
b0:4c:21:e6:44:8e:48:ef:36:d4:9c:42:91:85:b8:26:e0:b3:
8d:40:af:1a:87:45:f5:e5:93:18:85:c3:cc:e1:6e:32:76:3d:
75:7f:d0:be:d4:f0:82:bc:29:6f:4d:a0:b1:3c:30:57:2e:92:
0a:43:cb:2f:f1:af:15:89:8d:fb:c4:5d:cd:a7:8b:43:68:3b:
70:5b:4c:e3:81:d3:fd:89:eb:11:f3:28:bb:52:b5:9b:dd:a6:
1a:9f:25:a9:d8:a1:30:52:a9:df:11:af:38:15:27:08:80:39:
6d:4d:87:25:cb:38:52:89:ed:62:67:59:63:02:a1:6e:4c:0a:
f3:15:e1:57:5e:85:b2:fa:18:22:b3:19:83:89:c5:8a:b6:81:
82:ad:23:bb:48:09:3a:0f:05:ed:bb:44:0c:85:6a:f8:b5:c5:
46:97:60:a3:5e:74:ab:95:e2:14:f9:f9:60:1a:cd:58:39:06:
ee:79:27:59:20:4b:f2:97:78:a5:6d:8c:6e:26:21:73:f9:ab:
3c:ea:27:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrog/Cgg6oLEdmgCLLjhsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjYwMzAxMjMwMDUwWhcNMjYwMzAyMjMwMDUwWjAzMTEwLwYDVQQD
Eyg1ZGU0ODE3ODdjYjVhN2IwMTdhODgxZDEyYjFmOThkYmQ2NzNiNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrHVgyvyQ8oyHzyQ5ce9fJhQOmql
DB85h3FiC6u4vNNK3IJBomwaVjnGxdYGyi0ZekDODp6s/m6Wlkdu2RG7iyVcE4ZM
Z7vP2eA/7+vxY5hSx7lgQbyTU1IaSoxEu1qkjoCgcB81tqrLCQal2jsmfilF6KXs
bJqtfOnmGMnLL6MLVfSGVSxmg6BzWYjfXB7wDSDhMbHakoTV0gijEIPWN4P0enLP
+hxX10SxOKGCjFEBJqLWaBWtaToZHEq43BOdtUQJmTPvaY9kPTIPfjBSHQsKNRGW
T8sL4r1nmZU7AQi4goaii43xAG7Yi5d9FwdqPqYoPbiLRzwlp9NdM4NOzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF3kgXh8taewF6iB0SsfmNvWc7V3MB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA021o+dX
RM2b7lg2fF9gysdG4auWnMkU01PwL4GP0m/9IxUyrdWXqKwPWnveanJBy/6ugx97
sEwh5kSOSO821JxCkYW4JuCzjUCvGodF9eWTGIXDzOFuMnY9dX/QvtTwgrwpb02g
sTwwVy6SCkPLL/GvFYmN+8RdzaeLQ2g7cFtM44HT/YnrEfMou1K1m92mGp8lqdih
MFKp3xGvOBUnCIA5bU2HJcs4UontYmdZYwKhbkwK8xXhV16FsvoYIrMZg4nFiraB
gq0ju0gJOg8F7btEDIVq+LXFRpdgo150q5XiFPn5YBrNWDkG7nknWSBL8pd4pW2M
biYhc/mrPOonQg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:17:54 2026 by rpki-client