Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
File: okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft (raw, json)
Hash identifier: nOqwq61f0H/iNTNeUph6FKDdFBgHwsmDjn9bs0KroH4=
Subject key identifier: D3:C4:B9:79:32:7B:93:34:A6:49:25:48:AC:A6:F0:02:9C:00:EA:5D
Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Certificate serial: 019D9D3EED457921CDA3CD362C60EFECAD06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
Manifest number: 037A
Signing time: Fri 17 Apr 2026 21:00:39 +0000
Manifest this update: Fri 17 Apr 2026 21:00:39 +0000
Manifest next update: Sat 18 Apr 2026 21:00:39 +0000
Files and hashes: 1: Cyd9epktZUP2NzDWt7kuBmj63qY.roa (hash: 4Hn7SVvllIET4/FJbhg9Vi4tqF9x0RkLIB5CUH+jolo=)
2: okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl (hash: Do2CDTQFwEJ94P7b9HDDrWszS4BSw5h8FqAzvS3AFCc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9d:3e:ed:45:79:21:cd:a3:cd:36:2c:60:ef:ec:ad:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Validity
Not Before: Apr 17 21:00:39 2026 GMT
Not After : Apr 18 21:00:39 2026 GMT
Subject: CN=d3c4b979327b9334a6492548aca6f0029c00ea5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:81:89:85:75:41:18:29:11:f9:08:c5:1a:4c:
79:18:a1:b9:36:c7:cd:ea:7d:3f:d9:7a:f8:64:18:
ca:2f:a9:ef:47:f1:85:93:50:fa:f7:4a:69:a1:a9:
c4:a1:17:7d:f9:e0:15:6b:32:a0:52:53:a7:c4:1f:
25:28:57:43:33:ff:6a:1f:80:c9:3e:b1:71:75:14:
8e:78:ad:3c:8d:34:48:a3:d0:f5:15:83:67:ad:74:
f9:79:6e:c4:7b:43:b4:98:0c:31:1e:25:6b:c4:7d:
e8:95:1c:7e:69:d5:2e:f1:e0:5d:13:7a:5e:dc:78:
a4:d9:37:3d:0e:a7:8a:84:bb:08:2b:a1:d5:fd:a1:
d7:f8:b7:85:77:c9:0c:95:65:34:b0:ad:86:a6:5a:
08:2f:18:b6:32:45:1e:94:de:6b:7e:9b:12:51:b6:
60:c7:0d:47:55:70:92:0c:03:e8:83:4a:6d:2b:02:
93:f7:70:b9:f7:eb:88:82:b2:84:64:f1:d0:9d:68:
df:64:58:80:6e:38:ca:4b:d5:88:2d:ce:2b:3a:01:
a5:df:f4:34:a9:0f:03:8b:43:73:9d:6f:0f:6a:61:
0b:c0:c4:37:49:a2:01:91:25:60:21:3b:0e:59:66:
b3:34:8d:43:9e:6d:4b:2c:0f:09:ee:e0:43:cf:eb:
6c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C4:B9:79:32:7B:93:34:A6:49:25:48:AC:A6:F0:02:9C:00:EA:5D
X509v3 Authority Key Identifier:
keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:bb:4d:87:f1:c9:bb:20:07:31:3f:ca:22:64:d3:87:96:aa:
b8:37:1d:86:ff:12:84:ef:85:ac:09:b5:00:47:47:f7:de:dc:
c8:04:e3:99:dc:d4:35:8a:e3:52:bf:4d:ce:be:82:df:12:18:
b9:cb:13:e5:ea:79:14:eb:42:2c:60:01:ed:d7:26:d5:99:c6:
5b:3b:1a:02:10:b8:aa:b8:d3:ef:1d:de:5e:17:1a:29:16:1f:
38:3b:f3:99:e8:05:3d:61:cb:96:1f:d8:0d:d5:cd:13:0c:e4:
99:e2:97:2d:dd:e8:c4:bc:b0:35:e9:7b:69:72:96:63:70:8b:
98:c9:f5:f9:cf:f7:dc:e9:93:d5:96:60:56:44:f0:eb:5c:9a:
b8:90:66:e1:c4:f0:09:4f:4e:77:df:67:8f:b6:7e:6e:b8:64:
9f:94:2a:19:f9:fd:cf:3e:24:e1:43:13:2d:57:29:df:91:6e:
74:33:86:63:d7:41:ae:e9:46:8b:61:83:d0:a3:4d:e9:9b:6f:
e7:c8:ff:c1:51:20:97:fd:45:15:d0:00:4d:33:de:ac:f9:71:
d2:20:4d:33:eb:9b:ab:8d:28:9e:c1:0f:57:92:51:cf:71:dd:
30:05:c6:a6:28:24:67:6e:b0:08:b1:1d:7a:92:22:b8:26:9b:
fc:72:92:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2dPu1FeSHNo802LGDv7K0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl
OGZkMmIwHhcNMjYwNDE3MjEwMDM5WhcNMjYwNDE4MjEwMDM5WjAzMTEwLwYDVQQD
EyhkM2M0Yjk3OTMyN2I5MzM0YTY0OTI1NDhhY2E2ZjAwMjljMDBlYTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYGJhXVBGCkR+QjFGkx5GKG5NsfN
6n0/2Xr4ZBjKL6nvR/GFk1D690ppoanEoRd9+eAVazKgUlOnxB8lKFdDM/9qH4DJ
PrFxdRSOeK08jTRIo9D1FYNnrXT5eW7Ee0O0mAwxHiVrxH3olRx+adUu8eBdE3pe
3Hik2Tc9DqeKhLsIK6HV/aHX+LeFd8kMlWU0sK2GploILxi2MkUelN5rfpsSUbZg
xw1HVXCSDAPog0ptKwKT93C59+uIgrKEZPHQnWjfZFiAbjjKS9WILc4rOgGl3/Q0
qQ8Di0NznW8PamELwMQ3SaIBkSVgITsOWWazNI1Dnm1LLA8J7uBDz+tsxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPEuXkye5M0pkklSKym8AKcAOpdMB8GA1UdIwQY
MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt
M2YzY2MxZTU3M2ZkLzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk
LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYbtNh/HJ
uyAHMT/KImTTh5aquDcdhv8ShO+FrAm1AEdH997cyATjmdzUNYrjUr9Nzr6C3xIY
ucsT5ep5FOtCLGAB7dcm1ZnGWzsaAhC4qrjT7x3eXhcaKRYfODvzmegFPWHLlh/Y
DdXNEwzkmeKXLd3oxLywNel7aXKWY3CLmMn1+c/33OmT1ZZgVkTw61yauJBm4cTw
CU9Od99nj7Z+brhkn5QqGfn9zz4k4UMTLVcp35FudDOGY9dBrulGi2GD0KNN6Ztv
58j/wVEgl/1FFdAATTPerPlx0iBNM+ubq40onsEPV5JRz3HdMAXGpigkZ26wCLEd
epIiuCab/HKSUA==
-----END CERTIFICATE-----
Generated at Sat Apr 18 02:32:40 2026 by rpki-client