Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json)
Hash identifier: eJN0UGbzifEEPELEp2J4jgt4PfkcDZXNXfJKOjrOrss=
Subject key identifier: 03:9B:AC:9C:62:61:F5:8E:25:6C:85:50:53:09:D7:BE:47:52:87:35
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 019CAAFD7159E442C2BDFE0AC8BBD1A665FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
Manifest number: 184A
Signing time: Sun 01 Mar 2026 20:01:02 +0000
Manifest this update: Sun 01 Mar 2026 20:01:02 +0000
Manifest next update: Mon 02 Mar 2026 20:01:02 +0000
Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: qh3HMSBspcn3npNHLVfUbQiQbh1Khk0PfYQQ172dfGw=)
2: DeOjOOwis1AR2KZCrmSrlAIMW_U.roa (hash: YRk1DmfcABvQ8nayCmElnZfNEWkWQiqPKIgK2NRobvo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fd:71:59:e4:42:c2:bd:fe:0a:c8:bb:d1:a6:65:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Mar 1 20:01:02 2026 GMT
Not After : Mar 2 20:01:02 2026 GMT
Subject: CN=039bac9c6261f58e256c85505309d7be47528735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:41:43:3e:0f:cf:a9:ae:9f:d5:5b:0e:7c:07:
ed:e2:e6:a7:ed:c1:10:2f:b0:ec:98:94:29:92:48:
37:70:24:77:19:0b:4a:00:e7:de:2b:70:33:ab:82:
82:08:c5:79:49:43:0d:19:b4:7c:94:24:3e:23:8f:
53:fd:69:a7:c2:6c:55:24:bc:2e:e8:eb:70:30:32:
8e:81:6b:5d:ea:e2:0b:8e:19:1b:12:e7:e8:e8:35:
9c:ca:10:06:e2:40:0c:4d:b0:64:e2:a1:95:4b:25:
02:8c:96:8b:e6:0d:44:cb:9e:da:3f:2b:e6:76:79:
e2:92:db:9e:5c:5a:96:da:b3:f4:1a:fe:b3:76:6c:
95:d8:d2:0b:0c:04:b0:33:40:60:83:09:b7:83:1f:
ca:24:97:d5:31:82:43:95:08:9e:91:10:95:10:b0:
0d:16:4a:9c:4e:9d:53:83:35:94:d4:8f:77:eb:a4:
17:d1:36:57:b1:76:05:85:ba:64:d1:89:8b:7b:08:
52:2e:55:a4:07:bc:21:b0:91:7e:e2:dc:53:b0:27:
b6:71:ed:0b:16:8d:c4:fb:14:c4:43:a6:ba:8a:d5:
f4:12:02:52:ba:e4:69:18:29:c9:86:b7:41:19:d1:
7c:3e:5e:c0:55:80:13:d4:4f:84:81:d1:3a:02:25:
b4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:9B:AC:9C:62:61:F5:8E:25:6C:85:50:53:09:D7:BE:47:52:87:35
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:bf:e1:2e:0c:32:ce:08:9a:57:e7:4e:d8:2c:40:1a:0a:d5:
c1:ce:62:5a:b0:07:14:06:05:dc:cf:5f:36:5d:d7:f3:97:a8:
6f:f3:ac:01:2e:4e:0d:24:2a:4b:32:1b:0c:36:b5:e4:c7:01:
d7:45:e7:21:7d:fa:41:fd:aa:ee:b4:5a:cf:13:34:29:9f:45:
ba:d7:b8:9d:13:ce:7f:43:b2:d1:28:0f:1b:f5:a3:e8:0f:8e:
7c:80:29:55:40:34:b8:f7:47:41:cb:7d:98:ec:28:55:20:e1:
89:e8:71:9a:e9:b3:5a:0a:e3:ca:d1:6e:83:77:b7:c7:9a:80:
4a:03:59:91:f6:9b:1a:20:3b:98:23:b4:9f:c9:86:c0:89:5a:
c7:f5:22:4f:59:fe:5a:00:2c:fc:9b:61:25:73:b9:0a:12:5f:
4b:0b:9c:8c:50:72:c7:e0:b4:da:8f:48:8b:de:7c:d7:97:4a:
9d:55:38:9b:45:b7:fb:27:79:fa:59:6b:94:d0:fc:45:1f:7a:
af:89:f3:96:29:0e:6f:85:4f:7f:40:bf:ef:ac:56:06:30:8e:
48:cd:4e:d9:0b:52:92:cd:ed:eb:e2:db:db:80:b1:93:61:fa:
60:60:30:fa:1e:ae:b5:23:db:7c:7e:d3:da:34:29:1b:95:4b:
4a:58:0f:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/XFZ5ELCvf4KyLvRpmX7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjYwMzAxMjAwMTAyWhcNMjYwMzAyMjAwMTAyWjAzMTEwLwYDVQQD
EygwMzliYWM5YzYyNjFmNThlMjU2Yzg1NTA1MzA5ZDdiZTQ3NTI4NzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEFDPg/Pqa6f1VsOfAft4uan7cEQ
L7DsmJQpkkg3cCR3GQtKAOfeK3Azq4KCCMV5SUMNGbR8lCQ+I49T/WmnwmxVJLwu
6OtwMDKOgWtd6uILjhkbEufo6DWcyhAG4kAMTbBk4qGVSyUCjJaL5g1Ey57aPyvm
dnniktueXFqW2rP0Gv6zdmyV2NILDASwM0Bggwm3gx/KJJfVMYJDlQiekRCVELAN
FkqcTp1TgzWU1I9366QX0TZXsXYFhbpk0YmLewhSLlWkB7whsJF+4txTsCe2ce0L
Fo3E+xTEQ6a6itX0EgJSuuRpGCnJhrdBGdF8Pl7AVYAT1E+EgdE6AiW0oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAObrJxiYfWOJWyFUFMJ175HUoc1MB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ7/hLgwy
zgiaV+dO2CxAGgrVwc5iWrAHFAYF3M9fNl3X85eob/OsAS5ODSQqSzIbDDa15McB
10XnIX36Qf2q7rRazxM0KZ9Fute4nRPOf0Oy0SgPG/Wj6A+OfIApVUA0uPdHQct9
mOwoVSDhiehxmumzWgrjytFug3e3x5qASgNZkfabGiA7mCO0n8mGwIlax/UiT1n+
WgAs/JthJXO5ChJfSwucjFByx+C02o9Ii95815dKnVU4m0W3+yd5+llrlND8RR96
r4nzlikOb4VPf0C/76xWBjCOSM1O2QtSks3t6+Lb24Cxk2H6YGAw+h6utSPbfH7T
2jQpG5VLSlgPow==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:43:41 2026 by rpki-client