Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
File: ok-vY1IPfv9skINInIuVQ_XEHms.mft (raw, json)
Hash identifier: 9YWkIMWnYZDjjhUwpuI4fTgvvVfB2B3rbcTEvRhE0OM=
Subject key identifier: 83:F8:C3:AD:F7:75:ED:02:34:B9:1E:AB:A3:DB:D0:54:29:4B:75:E4
Authority key identifier: A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
Certificate issuer: /CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Certificate serial: 019CAA587ED4E99CAC05D3A6AD268FB88128
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
Manifest number: 30
Signing time: Sun 01 Mar 2026 17:00:52 +0000
Manifest this update: Sun 01 Mar 2026 17:00:52 +0000
Manifest next update: Mon 02 Mar 2026 17:00:52 +0000
Files and hashes: 1: mRAPRARmIWBI0GVMPhWngw_j6ww.roa (hash: avARUPRrUse7y3N+OWqTLKma/Wv73drbWJGHR9JSglE=)
2: ok-vY1IPfv9skINInIuVQ_XEHms.crl (hash: U4OS/B9PJkwhClbpRUoP+2NCj1VG6fx/on0sTWt8ch4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:7e:d4:e9:9c:ac:05:d3:a6:ad:26:8f:b8:81:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Validity
Not Before: Mar 1 17:00:52 2026 GMT
Not After : Mar 2 17:00:52 2026 GMT
Subject: CN=83f8c3adf775ed0234b91eaba3dbd054294b75e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:66:2f:e7:ac:8f:af:83:8c:cb:bb:fc:fb:d3:
54:15:65:72:f0:f1:1e:56:b7:93:85:61:77:d2:71:
78:99:d7:5e:12:2c:b7:72:f5:30:f9:3e:7a:4b:24:
8b:aa:ab:0b:a3:59:db:68:03:d3:83:45:3b:91:96:
28:8e:f8:30:c8:e2:b4:8e:a8:f0:33:0e:64:ae:2e:
54:c3:53:f0:9b:5b:66:64:b0:2b:0c:59:53:2e:78:
73:37:f0:de:07:82:c3:d7:f8:06:7d:41:18:91:63:
c7:a1:64:f3:a0:94:fa:7a:c0:61:58:8d:a9:4e:3d:
09:a5:a3:e3:62:06:88:c5:b4:a5:8c:64:ce:1e:fd:
32:f9:3f:1f:e4:da:8c:0b:48:67:1d:80:6d:21:07:
f2:1b:71:1b:20:02:dd:59:36:75:81:32:44:29:55:
12:33:a7:63:dc:f0:e8:2e:33:63:70:24:8d:4b:d2:
6a:a7:a2:a9:81:7e:75:fb:07:d4:be:35:91:9a:62:
2d:a6:ae:48:00:41:08:a9:69:56:8d:1c:ed:e6:be:
6e:d1:66:e9:fa:24:30:e4:8e:cb:6d:c7:c0:3e:37:
c9:fa:85:be:4b:9d:82:db:23:fb:90:df:25:c7:c4:
2f:67:4c:74:5d:31:0e:23:41:c1:e9:9e:3d:fb:3a:
5b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F8:C3:AD:F7:75:ED:02:34:B9:1E:AB:A3:DB:D0:54:29:4B:75:E4
X509v3 Authority Key Identifier:
keyid:A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:9c:62:bf:5b:4e:46:0a:f1:ff:ae:39:88:6a:93:69:f3:86:
3e:b9:01:ab:52:e0:52:ff:b1:bd:18:18:48:7e:9a:ef:a5:03:
66:41:c9:4c:c5:82:d5:f9:8c:f7:f8:c3:7b:d1:2f:67:bf:ae:
fc:09:d7:60:d1:1e:cb:94:89:6f:34:56:4d:6c:2e:63:bd:17:
b3:b8:d8:3f:ef:46:e3:c3:f4:5a:c7:56:d6:0f:84:bd:94:b6:
23:2b:01:bb:b8:fe:4b:bf:e2:50:71:e6:cf:11:6e:21:b7:d2:
84:a5:12:d7:be:52:5e:01:d1:b3:31:6c:66:cc:f5:2b:52:0c:
c1:d7:ae:3c:63:0c:80:f4:9a:c5:4d:7e:e0:a7:e7:34:23:10:
86:00:f9:6e:1b:e9:d4:15:c9:88:9c:ce:89:2b:80:5c:af:77:
0c:29:ab:8d:9e:36:c8:e7:db:43:db:9d:fa:9e:bb:10:43:5b:
ba:0a:98:ad:21:35:37:f7:b9:ec:5b:0f:24:bb:34:b4:da:21:
a6:cd:68:1f:bd:83:2e:2e:4d:16:14:9a:e3:92:34:25:cf:fe:
19:39:35:ac:ed:b8:bf:aa:ea:4e:0c:15:f5:ef:9c:4f:92:08:
fc:51:91:55:e3:e5:6e:eb:b7:2f:75:1c:1d:82:27:54:6a:13:
96:7c:ca:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWH7U6ZysBdOmrSaPuIEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGZhZjYzNTIwZjdlZmY2YzkwODM0ODljOGI5NTQzZjVj
NDFlNmIwHhcNMjYwMzAxMTcwMDUyWhcNMjYwMzAyMTcwMDUyWjAzMTEwLwYDVQQD
Eyg4M2Y4YzNhZGY3NzVlZDAyMzRiOTFlYWJhM2RiZDA1NDI5NGI3NWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2Yv56yPr4OMy7v8+9NUFWVy8PEe
VreThWF30nF4mddeEiy3cvUw+T56SySLqqsLo1nbaAPTg0U7kZYojvgwyOK0jqjw
Mw5kri5Uw1Pwm1tmZLArDFlTLnhzN/DeB4LD1/gGfUEYkWPHoWTzoJT6esBhWI2p
Tj0JpaPjYgaIxbSljGTOHv0y+T8f5NqMC0hnHYBtIQfyG3EbIALdWTZ1gTJEKVUS
M6dj3PDoLjNjcCSNS9Jqp6KpgX51+wfUvjWRmmItpq5IAEEIqWlWjRzt5r5u0Wbp
+iQw5I7LbcfAPjfJ+oW+S52C2yP7kN8lx8QvZ0x0XTEOI0HB6Z49+zpbNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIP4w633de0CNLkeq6Pb0FQpS3XkMB8GA1UdIwQY
MBaAFKJPr2NSD37/bJCDSJyLlUP1xB5rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmIt
NzExNzEyNjBkYjM0LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmItNzExNzEyNjBkYjM0
LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQZxiv1tO
Rgrx/645iGqTafOGPrkBq1LgUv+xvRgYSH6a76UDZkHJTMWC1fmM9/jDe9EvZ7+u
/AnXYNEey5SJbzRWTWwuY70Xs7jYP+9G48P0WsdW1g+EvZS2IysBu7j+S7/iUHHm
zxFuIbfShKUS175SXgHRszFsZsz1K1IMwdeuPGMMgPSaxU1+4KfnNCMQhgD5bhvp
1BXJiJzOiSuAXK93DCmrjZ42yOfbQ9ud+p67EENbugqYrSE1N/e57FsPJLs0tNoh
ps1oH72DLi5NFhSa45I0Jc/+GTk1rO24v6rqTgwV9e+cT5II/FGRVePlbuu3L3Uc
HYInVGoTlnzKTw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:25:37 2026 by rpki-client