Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
File: OkjgM962SsQkPHLOiZ1Tgi32mW0.mft (raw, json)
Hash identifier: e4LelGjrIuv6eToSA900DjoSyEmJ3lfwgzSbPi12jdk=
Subject key identifier: 94:BA:13:E7:E1:07:66:2D:97:B6:C0:1D:F6:3E:94:95:23:E3:10:B8
Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
Certificate issuer: /CN=3a48e033deb64ac4243c72ce899d53822df6996d
Certificate serial: 019CAE6C66BA3B56C6A43F05733234C19D69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
Manifest number: 17DA
Signing time: Mon 02 Mar 2026 12:01:05 +0000
Manifest this update: Mon 02 Mar 2026 12:01:05 +0000
Manifest next update: Tue 03 Mar 2026 12:01:05 +0000
Files and hashes: 1: OkjgM962SsQkPHLOiZ1Tgi32mW0.crl (hash: vFicFW63f6wcF0pFm7OZ8R5qc+BDrQCYr6+k+E2G2g4=)
2: hAyoLpCra0kpXCEB9YIPKEmLRzU.roa (hash: L8pQSdo6sZNnsGCjKX/I+wB7KeoUwSik66sYCeRu7Vs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:6c:66:ba:3b:56:c6:a4:3f:05:73:32:34:c1:9d:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d
Validity
Not Before: Mar 2 12:01:05 2026 GMT
Not After : Mar 3 12:01:05 2026 GMT
Subject: CN=94ba13e7e107662d97b6c01df63e949523e310b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b9:a9:3b:1d:9f:55:d8:a9:d4:39:9c:9e:c6:
e2:ce:19:ea:5b:b1:10:a0:ed:ed:6a:38:26:4e:02:
b9:5c:b9:49:66:55:77:e0:2d:54:1e:18:a6:20:14:
2c:64:bd:c9:4f:05:c8:e4:22:aa:ac:fd:25:9c:bd:
9a:8b:4e:77:53:79:ea:0b:14:f9:b4:8d:c1:77:eb:
b1:a3:af:6b:34:df:54:3c:3d:f7:d6:ce:ca:14:36:
d7:e5:11:e3:d9:95:27:42:41:b5:12:96:d0:ff:b0:
7d:92:e0:be:3a:02:19:72:4b:ca:4a:82:ab:24:66:
70:5d:04:34:9f:93:b8:a7:7f:b2:83:7d:f2:46:a0:
ae:da:9f:4c:54:6b:5f:eb:3c:04:b9:7d:c2:05:f1:
cc:e4:38:91:44:fe:84:28:eb:7c:67:c1:3d:0a:b2:
63:a5:8d:ee:73:e6:a3:23:d9:e4:fd:47:b7:8d:cb:
3c:33:e1:00:07:05:bf:a2:32:75:da:3f:ed:9c:10:
92:fb:a7:33:8e:eb:d4:59:c7:f0:39:a3:10:6b:0f:
09:97:8d:ce:75:c7:71:a0:95:59:fd:c7:79:88:a8:
d7:c3:1a:4a:5e:29:a9:8b:51:78:f7:76:5e:bc:da:
71:af:8e:68:8e:0b:ac:62:29:80:ae:c6:30:25:d0:
63:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:BA:13:E7:E1:07:66:2D:97:B6:C0:1D:F6:3E:94:95:23:E3:10:B8
X509v3 Authority Key Identifier:
keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:9e:db:1e:32:70:50:35:52:b5:52:6b:5c:e6:dc:90:a7:f9:
ea:25:1a:76:78:fd:33:73:1f:9f:2c:c6:86:02:e4:35:6b:79:
46:a5:c7:7b:78:dd:13:ac:47:ef:88:8c:26:81:a5:0f:a3:91:
27:f4:3f:0c:43:28:08:76:c7:58:62:7f:e1:27:39:49:4b:ca:
c1:5d:2c:6a:7c:6a:81:75:fd:35:29:1a:b3:31:e4:b4:0d:18:
04:83:07:56:52:84:81:12:0c:ec:45:40:6c:18:8b:64:32:8e:
7b:be:8d:1b:15:4e:c2:77:8d:e7:b0:f5:a4:f1:44:b4:b7:60:
1a:eb:d5:6c:67:0e:d1:31:06:de:9f:87:fe:1f:35:7e:4a:6b:
29:b6:87:c2:cd:b6:c6:11:d7:44:4f:ee:08:50:2b:b1:29:0a:
44:75:c9:4e:34:fd:86:0a:55:c1:11:d0:f4:e6:d9:20:19:e8:
cf:cc:6e:c2:52:43:93:42:bc:93:fa:40:01:e3:7b:76:ea:e9:
fc:72:62:84:34:9a:33:9a:d9:cd:6c:c5:4b:9e:09:26:db:bb:
f4:47:5d:40:0f:67:5d:96:87:fb:24:c9:6d:ad:91:36:9c:63:
db:38:28:4e:24:3c:52:5f:f9:85:b7:0a:e9:5c:2e:40:c5:53:
f8:76:99:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyubGa6O1bGpD8FczI0wZ1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhlMDMzZGViNjRhYzQyNDNjNzJjZTg5OWQ1MzgyMmRm
Njk5NmQwHhcNMjYwMzAyMTIwMTA1WhcNMjYwMzAzMTIwMTA1WjAzMTEwLwYDVQQD
Eyg5NGJhMTNlN2UxMDc2NjJkOTdiNmMwMWRmNjNlOTQ5NTIzZTMxMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bmpOx2fVdip1DmcnsbizhnqW7EQ
oO3tajgmTgK5XLlJZlV34C1UHhimIBQsZL3JTwXI5CKqrP0lnL2ai053U3nqCxT5
tI3Bd+uxo69rNN9UPD331s7KFDbX5RHj2ZUnQkG1EpbQ/7B9kuC+OgIZckvKSoKr
JGZwXQQ0n5O4p3+yg33yRqCu2p9MVGtf6zwEuX3CBfHM5DiRRP6EKOt8Z8E9CrJj
pY3uc+ajI9nk/Ue3jcs8M+EABwW/ojJ12j/tnBCS+6czjuvUWcfwOaMQaw8Jl43O
dcdxoJVZ/cd5iKjXwxpKXimpi1F493ZevNpxr45ojgusYimArsYwJdBjPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJS6E+fhB2Ytl7bAHfY+lJUj4xC4MB8GA1UdIwQY
MBaAFDpI4DPetkrEJDxyzomdU4It9pltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEt
YzUzMjFkYzllNjRiLzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEtYzUzMjFkYzllNjRi
LzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPp7bHjJw
UDVStVJrXObckKf56iUadnj9M3MfnyzGhgLkNWt5RqXHe3jdE6xH74iMJoGlD6OR
J/Q/DEMoCHbHWGJ/4Sc5SUvKwV0sanxqgXX9NSkaszHktA0YBIMHVlKEgRIM7EVA
bBiLZDKOe76NGxVOwneN57D1pPFEtLdgGuvVbGcO0TEG3p+H/h81fkprKbaHws22
xhHXRE/uCFArsSkKRHXJTjT9hgpVwRHQ9ObZIBnoz8xuwlJDk0K8k/pAAeN7durp
/HJihDSaM5rZzWzFS54JJtu79EddQA9nXZaH+yTJba2RNpxj2zgoTiQ8Ul/5hbcK
6VwuQMVT+HaZGA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:07:29 2026 by rpki-client