Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
File: okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft (raw, json)
Hash identifier: sNlm7gfSirSq4NXrumjr4Y3zOxEnJsxPMeZCCuU6Guc=
Subject key identifier: 9B:5C:6D:D0:0C:4F:95:E4:C3:65:F8:FF:8A:B0:A9:3A:1D:6D:BA:6B
Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Certificate serial: 019CAFB5FBAC9CF676DA1647A78C40531CAA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
Manifest number: 02FF
Signing time: Mon 02 Mar 2026 18:01:04 +0000
Manifest this update: Mon 02 Mar 2026 18:01:04 +0000
Manifest next update: Tue 03 Mar 2026 18:01:04 +0000
Files and hashes: 1: Cyd9epktZUP2NzDWt7kuBmj63qY.roa (hash: 4Hn7SVvllIET4/FJbhg9Vi4tqF9x0RkLIB5CUH+jolo=)
2: okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl (hash: mzVrrvxbRbR0drCGiE+mgqtW5cy5CPqfeKR1nY44AGc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 18:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:b5:fb:ac:9c:f6:76:da:16:47:a7:8c:40:53:1c:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Validity
Not Before: Mar 2 18:01:04 2026 GMT
Not After : Mar 3 18:01:04 2026 GMT
Subject: CN=9b5c6dd00c4f95e4c365f8ff8ab0a93a1d6dba6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:23:24:93:9d:06:cd:22:55:be:8c:17:3f:06:
bc:c6:02:f4:89:61:77:16:e2:30:ef:7b:2a:e8:0e:
9a:8e:a0:7f:d2:46:9d:02:47:ab:e9:f1:50:01:ee:
61:25:93:e5:aa:63:c1:7e:ca:86:44:ac:a2:a4:de:
54:4c:6b:58:91:d2:07:7b:51:cd:60:9f:ec:f9:83:
b0:76:ba:e5:94:6a:b4:9a:96:52:50:fd:14:8e:4c:
e7:62:05:5c:6b:0c:25:ea:88:ab:78:c2:6f:56:c3:
fe:94:55:1b:7e:ae:2d:3b:ec:07:ac:2e:22:be:c7:
60:e3:6d:fb:44:f7:65:90:f1:a5:a3:0d:e3:9a:8f:
5c:ea:d2:15:97:ee:b5:ce:4b:4f:66:62:b4:b5:6d:
8e:9e:e4:fc:23:ee:aa:6e:f5:e4:aa:71:f3:b4:78:
a2:d2:25:06:2c:64:9c:50:2e:77:5e:93:34:06:b1:
d3:d8:a9:dd:8e:3c:47:48:03:6a:fd:7d:9d:6d:7f:
07:82:1b:24:a2:42:65:7f:72:f2:22:f5:11:69:c4:
c8:f1:96:52:c4:10:1e:51:d0:33:ba:f3:16:f9:59:
a7:b5:fc:f7:02:4b:b1:1f:54:fe:72:a9:0a:ae:09:
ad:0e:2b:7c:16:e6:08:e5:20:92:88:9d:80:37:ec:
0f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:5C:6D:D0:0C:4F:95:E4:C3:65:F8:FF:8A:B0:A9:3A:1D:6D:BA:6B
X509v3 Authority Key Identifier:
keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:83:c9:44:8f:bb:f2:71:04:e6:c4:57:3c:cd:55:90:95:4e:
93:d0:1b:52:84:0d:29:f8:fe:58:6a:63:d7:fe:21:5c:b7:ca:
8e:8c:41:6a:6d:9f:95:9b:a2:fc:2c:35:1f:c1:28:69:0c:3d:
3d:eb:6a:b8:ed:39:20:d8:92:4d:8b:37:37:36:30:91:1d:6f:
c5:60:40:7a:60:e4:3e:58:c7:f5:39:c6:f3:36:e0:44:96:1d:
d5:a6:86:27:40:e2:c9:0d:c6:84:67:15:b3:d4:c2:c9:66:5e:
85:ee:f3:42:13:5b:d3:38:75:ab:05:f4:19:88:ab:3d:57:bb:
7e:45:3b:6d:36:ff:83:f2:77:89:c9:70:64:4f:a6:eb:2b:47:
dd:21:3c:d5:a9:0f:74:93:11:9e:b8:a5:78:08:b3:c5:d6:a9:
bc:4f:40:c7:be:e3:4d:92:de:50:4e:bc:82:88:99:6c:4d:1b:
c0:36:a0:85:2f:58:7f:a8:f0:2d:d2:d4:8d:2c:c7:9d:c5:b2:
f1:ce:fd:8a:05:c7:81:87:89:65:4b:9d:5c:d7:a0:da:87:49:
f9:25:60:99:cb:61:e8:b9:29:05:97:64:18:60:02:dc:bf:3b:
d4:99:ed:67:e1:95:57:fc:56:c0:2e:65:74:28:bd:92:04:9d:
f3:12:0c:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvtfusnPZ22hZHp4xAUxyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl
OGZkMmIwHhcNMjYwMzAyMTgwMTA0WhcNMjYwMzAzMTgwMTA0WjAzMTEwLwYDVQQD
Eyg5YjVjNmRkMDBjNGY5NWU0YzM2NWY4ZmY4YWIwYTkzYTFkNmRiYTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCMkk50GzSJVvowXPwa8xgL0iWF3
FuIw73sq6A6ajqB/0kadAker6fFQAe5hJZPlqmPBfsqGRKyipN5UTGtYkdIHe1HN
YJ/s+YOwdrrllGq0mpZSUP0UjkznYgVcawwl6oireMJvVsP+lFUbfq4tO+wHrC4i
vsdg4237RPdlkPGlow3jmo9c6tIVl+61zktPZmK0tW2OnuT8I+6qbvXkqnHztHii
0iUGLGScUC53XpM0BrHT2KndjjxHSANq/X2dbX8HghskokJlf3LyIvURacTI8ZZS
xBAeUdAzuvMW+Vmntfz3AkuxH1T+cqkKrgmtDit8FuYI5SCSiJ2AN+wPTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJtcbdAMT5Xkw2X4/4qwqTodbbprMB8GA1UdIwQY
MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt
M2YzY2MxZTU3M2ZkLzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk
LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEYPJRI+7
8nEE5sRXPM1VkJVOk9AbUoQNKfj+WGpj1/4hXLfKjoxBam2flZui/Cw1H8EoaQw9
PetquO05INiSTYs3NzYwkR1vxWBAemDkPljH9TnG8zbgRJYd1aaGJ0DiyQ3GhGcV
s9TCyWZehe7zQhNb0zh1qwX0GYirPVe7fkU7bTb/g/J3iclwZE+m6ytH3SE81akP
dJMRnrileAizxdapvE9Ax77jTZLeUE68goiZbE0bwDaghS9Yf6jwLdLUjSzHncWy
8c79igXHgYeJZUudXNeg2odJ+SVgmcth6LkpBZdkGGAC3L871JntZ+GVV/xWwC5l
dCi9kgSd8xIMAw==
-----END CERTIFICATE-----
Generated at Tue Mar 3 03:43:49 2026 by rpki-client