Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier: 9AfEqy3zWM4OCim73bkk1U7H7Q8GgPqACIWmnWlBjuA=
Subject key identifier: 62:49:90:08:6C:B4:C5:23:FC:B5:41:44:0E:49:4F:3C:56:0A:4C:DA
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial: 019D992B902AC5E1D572AC7A6BC7A0717C52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number: 0BF9
Signing time: Fri 17 Apr 2026 02:01:02 +0000
Manifest this update: Fri 17 Apr 2026 02:01:02 +0000
Manifest next update: Sat 18 Apr 2026 02:01:02 +0000
Files and hashes: 1: Gt-80zXqf_s_u6U1np0ZyLE5Z40.roa (hash: xo9qKHdsqyfJiaN4I/AOjnmYmRnO4exFxr4FsuIGykQ=)
2: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: JGi6WsDOs3h/n7BW0vbWupMT4GeeGpGCmhunBGMaUlk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:2b:90:2a:c5:e1:d5:72:ac:7a:6b:c7:a0:71:7c:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
Validity
Not Before: Apr 17 02:01:02 2026 GMT
Not After : Apr 18 02:01:02 2026 GMT
Subject: CN=624990086cb4c523fcb541440e494f3c560a4cda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:76:53:e7:f0:af:56:23:ef:c2:36:d2:65:6d:
4b:02:90:fd:ac:1a:85:1f:63:09:4c:af:ae:5d:71:
b9:dc:da:02:7f:b6:58:55:72:ec:53:f9:f3:a1:fe:
e1:2d:81:e1:7f:24:98:0a:f4:81:ae:94:44:ba:ec:
ee:72:ae:b5:b1:64:73:39:d4:78:b8:64:15:0f:f3:
27:80:46:ce:d5:bb:dc:5b:65:26:18:64:a1:ad:30:
8e:bc:38:ea:05:20:b3:41:e7:95:d8:70:ca:8d:4e:
f4:c5:a7:56:d2:34:47:cd:70:11:e3:33:36:7d:b5:
e3:d6:bd:b0:fa:21:cd:72:c8:e5:55:9b:9c:54:a0:
e8:63:db:59:b9:d5:7d:0c:0c:1e:d1:a4:d5:d7:00:
b1:2a:a8:89:b7:32:92:47:bc:36:9c:99:c9:06:a0:
6b:f3:93:59:53:41:45:df:e2:fe:24:0e:02:66:e2:
6b:5c:e0:d7:54:e8:92:05:d4:1f:a3:b6:a4:f5:ae:
c8:bb:76:6f:b4:ed:25:15:62:95:e6:c1:fb:e8:bd:
76:00:65:28:02:43:f0:fd:bc:b6:30:4d:10:5d:2b:
49:9d:6a:3b:2d:de:33:af:7e:98:1b:f7:ba:76:d9:
74:2e:20:02:47:1a:21:7a:83:6c:46:d9:ee:34:77:
c1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:49:90:08:6C:B4:C5:23:FC:B5:41:44:0E:49:4F:3C:56:0A:4C:DA
X509v3 Authority Key Identifier:
keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:98:3c:3f:52:f8:4e:ac:54:54:f9:34:2c:fc:bf:d0:2e:91:
5e:cd:b7:73:0b:f3:af:91:3b:cf:ab:10:50:3c:33:63:6c:5c:
d4:77:db:7c:bb:92:02:80:ee:3a:12:67:a1:39:38:37:e8:5e:
39:80:5e:9d:01:9d:f0:b4:cb:ee:75:07:5c:21:f7:b2:08:78:
8a:6e:cd:3f:33:ac:2e:d4:ca:4a:4a:6a:4d:2a:2a:41:0c:50:
bb:22:43:31:76:36:ea:9b:4b:1a:e5:a0:70:07:a3:ab:9e:6c:
b3:77:e8:60:86:6a:36:e2:7b:3a:96:20:57:a9:72:53:c0:aa:
12:34:a2:a8:97:9c:9d:bf:0b:6d:42:2d:11:38:9f:46:14:6e:
9d:d6:f2:3a:71:3c:82:82:1c:2f:6c:22:30:56:c1:c9:5e:c2:
72:a2:3d:47:cd:7d:8c:9c:e7:e1:4a:f2:98:27:d6:67:7d:5c:
13:5b:8b:5f:00:82:15:10:c6:74:5c:7d:df:38:57:89:42:36:
90:fc:11:a8:64:94:82:08:77:65:ac:8c:fd:dd:87:44:a7:bc:
5d:20:c7:f6:76:07:71:95:1a:d3:5c:0a:9f:20:b6:d1:92:16:
dd:c9:10:c2:b8:ac:e5:25:45:e1:22:34:a6:ee:f7:35:6e:64:
1f:2e:77:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK5AqxeHVcqx6a8egcXxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjYwNDE3MDIwMTAyWhcNMjYwNDE4MDIwMTAyWjAzMTEwLwYDVQQD
Eyg2MjQ5OTAwODZjYjRjNTIzZmNiNTQxNDQwZTQ5NGYzYzU2MGE0Y2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXZT5/CvViPvwjbSZW1LApD9rBqF
H2MJTK+uXXG53NoCf7ZYVXLsU/nzof7hLYHhfySYCvSBrpREuuzucq61sWRzOdR4
uGQVD/MngEbO1bvcW2UmGGShrTCOvDjqBSCzQeeV2HDKjU70xadW0jRHzXAR4zM2
fbXj1r2w+iHNcsjlVZucVKDoY9tZudV9DAwe0aTV1wCxKqiJtzKSR7w2nJnJBqBr
85NZU0FF3+L+JA4CZuJrXODXVOiSBdQfo7ak9a7Iu3ZvtO0lFWKV5sH76L12AGUo
AkPw/by2ME0QXStJnWo7Ld4zr36YG/e6dtl0LiACRxoheoNsRtnuNHfBGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJJkAhstMUj/LVBRA5JTzxWCkzaMB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACJg8P1L4
TqxUVPk0LPy/0C6RXs23cwvzr5E7z6sQUDwzY2xc1HfbfLuSAoDuOhJnoTk4N+he
OYBenQGd8LTL7nUHXCH3sgh4im7NPzOsLtTKSkpqTSoqQQxQuyJDMXY26ptLGuWg
cAejq55ss3foYIZqNuJ7OpYgV6lyU8CqEjSiqJecnb8LbUItETifRhRundbyOnE8
goIcL2wiMFbByV7CcqI9R819jJzn4UrymCfWZ31cE1uLXwCCFRDGdFx93zhXiUI2
kPwRqGSUggh3ZayM/d2HRKe8XSDH9nYHcZUa01wKnyC20ZIW3ckQwris5SVF4SI0
pu73NW5kHy53JQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:14:53 2026 by rpki-client