Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
File: ok-vY1IPfv9skINInIuVQ_XEHms.mft (raw, json)
Hash identifier: NpytmST0/HRgjv7+cBRsk60YPBSVxJvvdBVLDRL2EWc=
Subject key identifier: F5:8B:98:9F:14:F9:E2:E0:24:CE:DA:02:4F:94:1C:18:86:DB:A5:C8
Authority key identifier: A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
Certificate issuer: /CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Certificate serial: 019D9BBEBD0F43D6AE48BAD17450C34612AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
Manifest number: AD
Signing time: Fri 17 Apr 2026 14:01:01 +0000
Manifest this update: Fri 17 Apr 2026 14:01:01 +0000
Manifest next update: Sat 18 Apr 2026 14:01:01 +0000
Files and hashes: 1: mRAPRARmIWBI0GVMPhWngw_j6ww.roa (hash: avARUPRrUse7y3N+OWqTLKma/Wv73drbWJGHR9JSglE=)
2: ok-vY1IPfv9skINInIuVQ_XEHms.crl (hash: N0j0Jl2Yk19atN8gQDdtWMegkSQkUMMNYSPn+gyQeu0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:be:bd:0f:43:d6:ae:48:ba:d1:74:50:c3:46:12:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Validity
Not Before: Apr 17 14:01:01 2026 GMT
Not After : Apr 18 14:01:01 2026 GMT
Subject: CN=f58b989f14f9e2e024ceda024f941c1886dba5c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:5d:e4:01:5d:ad:39:90:ef:c6:76:cd:83:11:
89:f1:ab:91:fd:51:55:89:08:02:ea:cf:8d:da:aa:
74:64:f0:c5:91:6b:e4:de:43:0b:ab:89:03:db:4e:
43:75:d0:08:39:8a:8a:96:27:b2:66:e6:0b:11:15:
67:e6:58:8f:8f:f7:90:4b:e1:de:25:98:2e:d0:88:
a4:72:39:0b:1c:e0:2c:59:da:21:d5:8b:ba:ea:c3:
94:48:76:de:61:7b:6e:97:89:56:98:c2:fe:fe:9c:
95:db:06:aa:21:19:08:6a:22:ab:a4:e5:c8:a8:d6:
5e:3f:f9:4e:b5:66:af:81:b3:20:c6:88:c9:79:0d:
0c:93:70:86:49:52:e3:ca:92:cf:16:ee:17:02:49:
a2:b0:d5:29:d9:96:49:67:90:78:5c:10:a4:6b:54:
98:34:17:c0:0f:88:54:e0:ee:a6:4e:db:19:a9:46:
ed:76:0d:12:21:e7:6a:a3:1e:18:cb:70:68:61:74:
70:99:8a:ff:ff:9f:91:31:66:95:27:cd:28:df:37:
cc:85:0b:ec:72:4d:77:38:7b:27:c2:24:5d:c3:d3:
37:42:6a:16:2d:7c:4f:de:47:f3:8a:ce:1d:fe:a2:
b9:a8:a3:fd:3f:2e:eb:6c:88:ff:83:c6:17:6a:38:
d2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:8B:98:9F:14:F9:E2:E0:24:CE:DA:02:4F:94:1C:18:86:DB:A5:C8
X509v3 Authority Key Identifier:
keyid:A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:49:a4:fa:e1:92:c7:10:55:b8:77:b1:de:c9:45:3b:63:c5:
17:0c:e1:2e:d9:bf:ec:80:76:fe:8f:79:94:45:92:fa:8c:80:
e6:42:c5:85:ab:7e:c9:4a:3a:6b:28:b3:de:51:d5:be:77:a5:
44:7a:39:04:c9:ac:6a:4f:d6:88:f8:a7:39:14:32:b3:69:d3:
e8:ab:d2:6b:08:a7:86:09:d1:25:c3:b1:bd:fe:21:3b:2a:24:
2e:23:7a:b6:58:c0:89:f6:3f:0b:99:68:02:4a:54:26:34:a3:
7c:10:66:1d:5e:fd:ee:86:82:5b:a8:20:7f:b3:b6:44:cb:74:
c6:01:a2:b4:43:70:8c:0b:9d:e4:31:c5:e2:1e:50:64:92:2d:
ca:2a:61:f1:b6:dd:75:4a:b8:c4:0d:15:cf:5f:4f:7b:08:b2:
30:2b:65:f1:1d:c1:36:ad:7b:9e:87:7f:4f:13:18:cd:47:7a:
9c:a1:dd:b0:10:0e:ee:d1:96:7d:9f:4c:dd:2d:46:09:a2:86:
51:c0:ff:c2:38:93:0f:a2:52:19:a9:6a:f7:4b:55:ca:e8:ad:
d3:db:bc:78:8e:26:bd:20:d6:89:e5:fd:ff:e9:71:2c:d3:3e:
21:5f:31:ff:a1:bf:36:8d:19:82:23:96:4b:37:e6:03:b8:cf:
55:6c:c5:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvr0PQ9auSLrRdFDDRhKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGZhZjYzNTIwZjdlZmY2YzkwODM0ODljOGI5NTQzZjVj
NDFlNmIwHhcNMjYwNDE3MTQwMTAxWhcNMjYwNDE4MTQwMTAxWjAzMTEwLwYDVQQD
EyhmNThiOTg5ZjE0ZjllMmUwMjRjZWRhMDI0Zjk0MWMxODg2ZGJhNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA313kAV2tOZDvxnbNgxGJ8auR/VFV
iQgC6s+N2qp0ZPDFkWvk3kMLq4kD205DddAIOYqKlieyZuYLERVn5liPj/eQS+He
JZgu0IikcjkLHOAsWdoh1Yu66sOUSHbeYXtul4lWmML+/pyV2waqIRkIaiKrpOXI
qNZeP/lOtWavgbMgxojJeQ0Mk3CGSVLjypLPFu4XAkmisNUp2ZZJZ5B4XBCka1SY
NBfAD4hU4O6mTtsZqUbtdg0SIedqox4Yy3BoYXRwmYr//5+RMWaVJ80o3zfMhQvs
ck13OHsnwiRdw9M3QmoWLXxP3kfzis4d/qK5qKP9Py7rbIj/g8YXajjS2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWLmJ8U+eLgJM7aAk+UHBiG26XIMB8GA1UdIwQY
MBaAFKJPr2NSD37/bJCDSJyLlUP1xB5rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmIt
NzExNzEyNjBkYjM0LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmItNzExNzEyNjBkYjM0
LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtEmk+uGS
xxBVuHex3slFO2PFFwzhLtm/7IB2/o95lEWS+oyA5kLFhat+yUo6ayiz3lHVvnel
RHo5BMmsak/WiPinORQys2nT6KvSawinhgnRJcOxvf4hOyokLiN6tljAifY/C5lo
AkpUJjSjfBBmHV797oaCW6ggf7O2RMt0xgGitENwjAud5DHF4h5QZJItyiph8bbd
dUq4xA0Vz19PewiyMCtl8R3BNq17nod/TxMYzUd6nKHdsBAO7tGWfZ9M3S1GCaKG
UcD/wjiTD6JSGalq90tVyuit09u8eI4mvSDWieX9/+lxLNM+IV8x/6G/No0ZgiOW
SzfmA7jPVWzFvQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:14:24 2026 by rpki-client