Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.mft
File: cOKzQXw5wP47u7xNUj7UN7KcWhw.mft (raw, json)
Hash identifier: jFXUjsgz5JEF+TffgdcdRgC/2QWSbbrsKudYadYr6cU=
Subject key identifier: 35:C7:5F:85:92:99:3E:F8:38:F9:7D:58:18:23:6F:D4:C2:62:FA:FC
Authority key identifier: 70:E2:B3:41:7C:39:C0:FE:3B:BB:BC:4D:52:3E:D4:37:B2:9C:5A:1C
Certificate issuer: /CN=70e2b3417c39c0fe3bbbbc4d523ed437b29c5a1c
Certificate serial: 019CAAFD71452B6AEF4A0BF3F102D511B755
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOKzQXw5wP47u7xNUj7UN7KcWhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.mft
Manifest number: 17D8
Signing time: Sun 01 Mar 2026 20:01:02 +0000
Manifest this update: Sun 01 Mar 2026 20:01:02 +0000
Manifest next update: Mon 02 Mar 2026 20:01:02 +0000
Files and hashes: 1: 4zn72bRe20a9LWBauf9Jwg2zBPE.roa (hash: wXzhbicfsNgTz8LgBL2cOtIn+bE67CUdF+iypRz7TNw=)
2: cOKzQXw5wP47u7xNUj7UN7KcWhw.crl (hash: fMa1kBNhBK7l0rjol4WSCDlKaCZMOKzevHNVA1SmzLQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOKzQXw5wP47u7xNUj7UN7KcWhw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fd:71:45:2b:6a:ef:4a:0b:f3:f1:02:d5:11:b7:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e2b3417c39c0fe3bbbbc4d523ed437b29c5a1c
Validity
Not Before: Mar 1 20:01:02 2026 GMT
Not After : Mar 2 20:01:02 2026 GMT
Subject: CN=35c75f8592993ef838f97d5818236fd4c262fafc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:cc:e1:12:4d:b7:fd:7c:f8:b8:22:97:db:2d:
db:5d:c3:32:3e:ed:60:18:55:51:3a:70:ed:13:96:
1a:a4:47:95:36:a0:ea:6d:8c:62:0e:9f:6d:fa:64:
02:51:6c:a5:f1:58:d8:6f:24:cf:c9:fc:2f:3c:dc:
9e:65:f6:c9:71:65:27:97:bd:ba:fa:b1:8c:03:82:
fc:13:93:00:78:3e:99:65:f9:0d:e5:05:86:24:06:
d8:70:bc:76:72:6e:a0:82:98:14:d0:00:3c:56:0b:
66:a8:68:e5:0e:00:ff:ca:b6:e7:3b:1c:ef:83:d1:
8a:fd:71:42:c7:b6:8c:a7:23:db:82:22:f7:2f:fc:
8e:aa:5d:02:48:48:9e:94:27:e6:95:ee:24:ca:20:
f0:e8:d2:46:53:64:3f:38:3a:94:d8:86:ab:94:96:
7b:a6:3e:c0:9b:62:cd:08:71:97:91:1d:51:38:00:
69:01:b3:fd:ce:98:5c:d6:68:70:fc:32:47:1f:c4:
4d:a1:46:42:70:14:a3:24:06:13:e6:59:11:fa:bf:
47:78:63:c5:f5:81:7c:db:8d:30:77:cf:c8:4e:ba:
ec:16:e2:11:ce:01:49:9d:6d:95:c2:ba:cb:21:74:
c3:a1:70:73:f5:3d:c0:63:86:70:7b:d9:f3:36:b3:
a3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C7:5F:85:92:99:3E:F8:38:F9:7D:58:18:23:6F:D4:C2:62:FA:FC
X509v3 Authority Key Identifier:
keyid:70:E2:B3:41:7C:39:C0:FE:3B:BB:BC:4D:52:3E:D4:37:B2:9C:5A:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOKzQXw5wP47u7xNUj7UN7KcWhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:47:98:50:6d:dd:4b:1a:19:96:dc:5b:2c:a0:be:dc:aa:3d:
71:36:86:7e:72:ed:0f:6e:26:c4:9a:93:60:17:3c:b8:51:fa:
8b:1f:4c:29:1c:8a:2c:4b:e8:a3:95:a1:f1:43:b6:98:5e:47:
3e:cd:0a:43:cd:87:a3:97:88:46:fd:d8:f8:cf:f7:1f:a7:35:
72:5e:e5:24:28:9e:3f:83:e6:30:13:f5:9f:0a:10:8b:27:ca:
4e:aa:86:b7:0a:6d:f1:a2:17:27:70:d8:e1:55:5d:14:a7:4e:
a9:8a:56:91:2d:7b:5a:49:c6:cc:8c:da:68:77:29:4d:92:73:
1e:49:d2:49:60:1d:4e:1e:bf:7c:60:c9:13:de:44:cc:59:4d:
32:3e:a5:37:bd:39:b4:42:14:a1:f1:f0:57:a2:20:8e:3f:f0:
c4:96:05:14:62:bc:83:88:c8:7f:d2:a0:79:d1:89:15:50:c1:
10:fe:a0:97:ee:fd:a3:bf:2a:bd:25:21:32:6b:84:41:d3:a1:
cb:a9:84:b9:6f:d2:21:fe:7f:88:26:b2:6c:92:7f:b7:e2:40:
e7:2a:3d:72:22:b1:1b:26:31:d3:70:1e:0f:9c:ce:f3:0f:16:
40:57:b2:fc:fc:04:ad:f7:da:d4:5a:2e:a7:b2:f8:45:9b:97:
f2:a1:50:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/XFFK2rvSgvz8QLVEbdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTJiMzQxN2MzOWMwZmUzYmJiYmM0ZDUyM2VkNDM3YjI5
YzVhMWMwHhcNMjYwMzAxMjAwMTAyWhcNMjYwMzAyMjAwMTAyWjAzMTEwLwYDVQQD
EygzNWM3NWY4NTkyOTkzZWY4MzhmOTdkNTgxODIzNmZkNGMyNjJmYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlczhEk23/Xz4uCKX2y3bXcMyPu1g
GFVROnDtE5YapEeVNqDqbYxiDp9t+mQCUWyl8VjYbyTPyfwvPNyeZfbJcWUnl726
+rGMA4L8E5MAeD6ZZfkN5QWGJAbYcLx2cm6ggpgU0AA8VgtmqGjlDgD/yrbnOxzv
g9GK/XFCx7aMpyPbgiL3L/yOql0CSEielCfmle4kyiDw6NJGU2Q/ODqU2IarlJZ7
pj7Am2LNCHGXkR1ROABpAbP9zphc1mhw/DJHH8RNoUZCcBSjJAYT5lkR+r9HeGPF
9YF8240wd8/ITrrsFuIRzgFJnW2VwrrLIXTDoXBz9T3AY4Zwe9nzNrOjfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDXHX4WSmT74OPl9WBgjb9TCYvr8MB8GA1UdIwQY
MBaAFHDis0F8OcD+O7u8TVI+1DeynFocMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09LelFYdzV3UDQ3dTd4TlVqN1VON0tjV2h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84NzYwYWQtNjJjOS00ODNmLWJkMmYt
ZGMzYjYzMmU5ZTJiLzEvY09LelFYdzV3UDQ3dTd4TlVqN1VON0tjV2h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84NzYwYWQtNjJjOS00ODNmLWJkMmYtZGMzYjYzMmU5ZTJi
LzEvY09LelFYdzV3UDQ3dTd4TlVqN1VON0tjV2h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUUeYUG3d
SxoZltxbLKC+3Ko9cTaGfnLtD24mxJqTYBc8uFH6ix9MKRyKLEvoo5Wh8UO2mF5H
Ps0KQ82Ho5eIRv3Y+M/3H6c1cl7lJCieP4PmMBP1nwoQiyfKTqqGtwpt8aIXJ3DY
4VVdFKdOqYpWkS17WknGzIzaaHcpTZJzHknSSWAdTh6/fGDJE95EzFlNMj6lN705
tEIUofHwV6Igjj/wxJYFFGK8g4jIf9KgedGJFVDBEP6gl+79o78qvSUhMmuEQdOh
y6mEuW/SIf5/iCaybJJ/t+JA5yo9ciKxGyYx03AeD5zO8w8WQFey/PwErffa1Fou
p7L4RZuX8qFQNQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:20:20 2026 by rpki-client