Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
File: OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft (raw, json)
Hash identifier: lvNyjmA19JoFeq5OfWnYFYTh7c2cfbjulRUW/TGH7D4=
Subject key identifier: 0B:07:BA:BA:9A:14:CD:15:89:50:0C:67:5D:32:74:B0:29:CB:77:35
Authority key identifier: 3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B
Certificate issuer: /CN=3a40ff154c453943a0b02aa65021c9c264947c2b
Certificate serial: 019D9818FE44EB0813E06752C5A5AE73B4F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
Manifest number: 0FA7
Signing time: Thu 16 Apr 2026 21:01:07 +0000
Manifest this update: Thu 16 Apr 2026 21:01:07 +0000
Manifest next update: Fri 17 Apr 2026 21:01:07 +0000
Files and hashes: 1: J7pOiHdYKd2j4ChTilTVhn454DE.roa (hash: hcNJP1cRdMhyS1Muhx9YTYmFbSp39gRRkj1KauS78s0=)
2: OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl (hash: 5daZRvkBeoWqbCnyU9qRvLXLPSStIRF+Up0dl6UlQTU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 21:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:18:fe:44:eb:08:13:e0:67:52:c5:a5:ae:73:b4:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a40ff154c453943a0b02aa65021c9c264947c2b
Validity
Not Before: Apr 16 21:01:07 2026 GMT
Not After : Apr 17 21:01:07 2026 GMT
Subject: CN=0b07baba9a14cd1589500c675d3274b029cb7735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7f:85:87:26:df:24:e9:01:5d:54:35:f7:71:
a5:63:08:ca:3d:4d:e7:72:04:d3:12:0a:bc:11:15:
8a:a3:86:27:46:2f:6b:c2:1d:36:e7:c4:01:6e:71:
bb:9b:62:e7:38:b5:76:21:2f:1e:75:ef:79:d0:33:
bb:88:88:45:6f:3a:a9:0d:86:a2:3c:c9:bf:bc:31:
19:5d:e1:3e:5b:c7:ca:86:90:48:3b:e8:74:09:01:
e6:0a:9d:28:cf:43:22:83:18:5b:49:ac:60:d7:94:
dd:5a:a0:36:f6:c5:3c:7a:d6:74:05:fd:7a:a7:da:
e9:fb:d5:2f:21:f5:ac:7d:0e:1c:e2:cf:c6:ed:9b:
0e:bd:a1:97:fa:aa:25:0b:d2:ab:6e:ad:ec:d7:d3:
70:a8:06:56:4d:43:ff:ba:1e:8c:8e:00:8c:28:11:
77:e1:0a:27:d7:fb:e8:26:81:d4:a2:d3:2c:a8:d1:
a4:e9:06:3d:5d:9b:c3:67:33:ad:63:5b:1a:72:49:
0d:69:81:ee:64:02:e5:32:68:81:7b:a0:dd:8a:40:
0e:ca:b6:a5:40:29:22:ca:c7:97:3b:fa:ad:81:6e:
ce:a8:9f:a9:ce:2c:99:55:a7:85:e2:19:f6:ce:e4:
d5:be:d1:d6:d4:e7:6b:6b:34:58:41:d3:56:2d:d3:
dd:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:07:BA:BA:9A:14:CD:15:89:50:0C:67:5D:32:74:B0:29:CB:77:35
X509v3 Authority Key Identifier:
keyid:3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:b0:92:fd:73:eb:35:c0:17:a1:a3:38:3d:ab:55:a2:e0:3b:
04:5b:05:e1:5b:3b:a9:42:a6:f2:2d:43:b6:e2:b6:b8:7c:f0:
ed:50:a9:e3:95:38:e3:6d:07:7b:13:b8:26:8a:6e:75:ab:7f:
a3:cf:20:9e:e9:97:c3:8c:f8:3c:39:6e:5a:56:85:47:ca:8e:
4f:e1:d4:3a:98:4e:27:c5:62:75:62:bd:6e:74:3b:fa:8d:7a:
34:f2:20:da:e4:b6:8b:b9:50:1e:5b:ce:54:84:93:40:c7:7f:
f7:58:31:ea:98:e6:49:d6:c5:38:34:ad:f4:fb:6c:90:80:f1:
39:48:95:8f:89:ec:a9:e7:15:f1:79:bf:61:70:4c:1f:34:5c:
c3:f2:e8:54:8a:51:5c:a7:8b:20:87:9f:a6:23:20:5b:88:ee:
bc:96:a3:6d:8c:8f:5c:eb:58:61:91:f5:22:fa:d1:4a:72:c8:
bc:e9:17:3a:52:e0:7c:56:ef:a2:3f:a3:71:9b:6f:10:55:40:
4b:c0:2f:3c:e4:bc:a0:67:be:5f:59:f0:f2:ab:2f:97:8e:12:
f7:79:71:16:af:a4:f8:81:f4:32:0c:21:c9:61:3e:54:23:45:
25:55:45:a5:85:ce:a7:69:29:88:35:96:7b:b5:8d:f9:07:ae:
28:89:5c:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YGP5E6wgT4GdSxaWuc7T2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDBmZjE1NGM0NTM5NDNhMGIwMmFhNjUwMjFjOWMyNjQ5
NDdjMmIwHhcNMjYwNDE2MjEwMTA3WhcNMjYwNDE3MjEwMTA3WjAzMTEwLwYDVQQD
EygwYjA3YmFiYTlhMTRjZDE1ODk1MDBjNjc1ZDMyNzRiMDI5Y2I3NzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxH+FhybfJOkBXVQ193GlYwjKPU3n
cgTTEgq8ERWKo4YnRi9rwh0258QBbnG7m2LnOLV2IS8ede950DO7iIhFbzqpDYai
PMm/vDEZXeE+W8fKhpBIO+h0CQHmCp0oz0MigxhbSaxg15TdWqA29sU8etZ0Bf16
p9rp+9UvIfWsfQ4c4s/G7ZsOvaGX+qolC9Krbq3s19NwqAZWTUP/uh6MjgCMKBF3
4Qon1/voJoHUotMsqNGk6QY9XZvDZzOtY1sackkNaYHuZALlMmiBe6DdikAOyral
QCkiyseXO/qtgW7OqJ+pziyZVaeF4hn2zuTVvtHW1OdrazRYQdNWLdPdpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAsHurqaFM0ViVAMZ10ydLApy3c1MB8GA1UdIwQY
MBaAFDpA/xVMRTlDoLAqplAhycJklHwrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQt
ODJiYjBiYjExZTNlLzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQtODJiYjBiYjExZTNl
LzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAabCS/XPr
NcAXoaM4PatVouA7BFsF4Vs7qUKm8i1DtuK2uHzw7VCp45U4420HexO4Jopudat/
o88gnumXw4z4PDluWlaFR8qOT+HUOphOJ8VidWK9bnQ7+o16NPIg2uS2i7lQHlvO
VISTQMd/91gx6pjmSdbFODSt9PtskIDxOUiVj4nsqecV8Xm/YXBMHzRcw/LoVIpR
XKeLIIefpiMgW4juvJajbYyPXOtYYZH1IvrRSnLIvOkXOlLgfFbvoj+jcZtvEFVA
S8AvPOS8oGe+X1nw8qsvl44S93lxFq+k+IH0MgwhyWE+VCNFJVVFpYXOp2kpiDWW
e7WN+QeuKIlcnw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:54:50 2026 by rpki-client