Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
File: ok-vY1IPfv9skINInIuVQ_XEHms.mft (raw, json)
Hash identifier: 7VfzyD+iFiU7wPGc5zFSE6fJLXjB0UU+obd4EDPl3tI=
Subject key identifier: 6F:27:37:7F:F4:25:C7:C8:3E:05:2B:24:8A:B9:61:FB:10:41:AB:FE
Authority key identifier: A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
Certificate issuer: /CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Certificate serial: 019EBF5AC4E271FA380611FDC036C624107A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
Manifest number: 0144
Signing time: Sat 13 Jun 2026 05:00:57 +0000
Manifest this update: Sat 13 Jun 2026 05:00:57 +0000
Manifest next update: Sun 14 Jun 2026 05:00:57 +0000
Files and hashes: 1: mRAPRARmIWBI0GVMPhWngw_j6ww.roa (hash: avARUPRrUse7y3N+OWqTLKma/Wv73drbWJGHR9JSglE=)
2: ok-vY1IPfv9skINInIuVQ_XEHms.crl (hash: IjMRC9aHDN48KJ29JopF2+yrfRpnv72Brl37EniPaV8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 05:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bf:5a:c4:e2:71:fa:38:06:11:fd:c0:36:c6:24:10:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Validity
Not Before: Jun 13 05:00:57 2026 GMT
Not After : Jun 14 05:00:57 2026 GMT
Subject: CN=6f27377ff425c7c83e052b248ab961fb1041abfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:36:1c:2a:cc:a7:c5:6a:05:93:bb:c5:74:54:
b0:7a:a8:d2:1f:01:c3:4a:9a:0f:d6:ba:6f:93:8e:
fa:7a:67:41:df:41:a1:19:bb:14:9e:01:b5:45:1f:
1b:9e:6a:3c:40:8e:46:22:08:e4:ba:dc:64:6b:67:
5f:00:dc:1f:f2:43:d2:52:3c:29:8b:44:a9:e8:af:
9f:ae:c0:7e:49:63:31:ff:85:fc:f1:26:3a:f1:a0:
70:c1:fa:6d:bf:48:d6:fd:4d:84:5d:df:ab:9b:ad:
30:d2:17:5d:7e:c8:ba:ae:27:49:3c:1a:f7:df:f7:
0d:fd:58:2e:ad:8d:98:1b:4d:3f:3b:f0:18:55:d9:
ee:1a:78:e8:82:d5:bf:30:7a:8b:7d:d5:a0:3d:8b:
53:c3:2e:cf:2d:4c:40:16:f6:d9:d4:21:7b:1e:70:
a4:97:b4:f0:11:b9:fe:33:23:0d:d9:67:c8:ec:88:
94:43:56:30:a3:12:3d:d2:b3:b5:e3:4f:ea:cc:88:
6c:ce:18:14:d1:bd:6b:4c:97:0b:05:78:09:c6:06:
46:3a:50:c6:b4:4c:11:7f:67:62:c7:3b:52:ca:2e:
65:d8:2e:13:93:8b:4c:4b:e8:d7:fa:b7:00:4a:92:
63:65:38:7c:01:a5:1c:74:7e:e8:cc:5f:5e:54:1d:
63:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:27:37:7F:F4:25:C7:C8:3E:05:2B:24:8A:B9:61:FB:10:41:AB:FE
X509v3 Authority Key Identifier:
keyid:A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:78:33:bb:1c:66:91:1d:75:81:10:14:c2:84:dd:39:c4:32:
cb:f6:97:f5:18:b0:60:e7:83:37:ff:54:58:1b:96:ff:c3:c9:
80:dc:da:fc:61:ad:13:69:0e:f6:23:f5:23:38:34:7d:06:e4:
d5:29:b2:0f:24:d0:8c:e3:bf:56:91:11:e7:43:18:61:51:74:
ef:7c:e3:53:da:21:13:a1:7d:03:5a:8e:d8:f4:ab:e2:e9:15:
39:01:bd:d0:7e:5f:0d:19:c7:28:d7:6e:51:7b:72:dd:fa:b6:
86:04:b3:f3:ff:66:0a:18:b8:be:67:4d:f1:cd:0d:dd:e5:ce:
b9:b0:35:68:96:b2:a5:f4:1e:43:64:af:6b:37:d0:24:75:33:
b0:1d:3c:e9:2c:c3:e4:36:a4:82:e4:ed:8c:92:65:34:27:ea:
c6:8c:08:34:f8:dd:fa:bc:12:2d:ac:c3:ee:a8:ea:78:f2:07:
a0:40:6e:d1:7a:da:45:6d:5e:27:3a:18:ad:4b:69:5e:df:9d:
dc:14:1d:e7:17:3c:c1:68:87:70:8a:fd:ce:be:bb:25:c0:a5:
93:68:33:94:dc:1b:67:65:1e:36:51:38:0e:1b:c1:71:66:99:
29:d8:1c:11:f3:58:d3:d8:fa:7c:6f:e8:4f:a1:96:70:32:5f:
fe:12:d7:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/WsTicfo4BhH9wDbGJBB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGZhZjYzNTIwZjdlZmY2YzkwODM0ODljOGI5NTQzZjVj
NDFlNmIwHhcNMjYwNjEzMDUwMDU3WhcNMjYwNjE0MDUwMDU3WjAzMTEwLwYDVQQD
Eyg2ZjI3Mzc3ZmY0MjVjN2M4M2UwNTJiMjQ4YWI5NjFmYjEwNDFhYmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTYcKsynxWoFk7vFdFSweqjSHwHD
SpoP1rpvk476emdB30GhGbsUngG1RR8bnmo8QI5GIgjkutxka2dfANwf8kPSUjwp
i0Sp6K+frsB+SWMx/4X88SY68aBwwfptv0jW/U2EXd+rm60w0hddfsi6ridJPBr3
3/cN/VgurY2YG00/O/AYVdnuGnjogtW/MHqLfdWgPYtTwy7PLUxAFvbZ1CF7HnCk
l7TwEbn+MyMN2WfI7IiUQ1YwoxI90rO140/qzIhszhgU0b1rTJcLBXgJxgZGOlDG
tEwRf2dixztSyi5l2C4Tk4tMS+jX+rcASpJjZTh8AaUcdH7ozF9eVB1jxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG8nN3/0JcfIPgUrJIq5YfsQQav+MB8GA1UdIwQY
MBaAFKJPr2NSD37/bJCDSJyLlUP1xB5rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmIt
NzExNzEyNjBkYjM0LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmItNzExNzEyNjBkYjM0
LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaXgzuxxm
kR11gRAUwoTdOcQyy/aX9RiwYOeDN/9UWBuW/8PJgNza/GGtE2kO9iP1Izg0fQbk
1SmyDyTQjOO/VpER50MYYVF073zjU9ohE6F9A1qO2PSr4ukVOQG90H5fDRnHKNdu
UXty3fq2hgSz8/9mChi4vmdN8c0N3eXOubA1aJaypfQeQ2SvazfQJHUzsB086SzD
5DakguTtjJJlNCfqxowINPjd+rwSLazD7qjqePIHoEBu0XraRW1eJzoYrUtpXt+d
3BQd5xc8wWiHcIr9zr67JcClk2gzlNwbZ2UeNlE4DhvBcWaZKdgcEfNY09j6fG/o
T6GWcDJf/hLXyQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 14:34:42 2026 by rpki-client