Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
File: OKN8JN3KNH1xPteU0zzUqBqLSYo.mft (raw, json)
Hash identifier: GjOu/l/ibxS6PECcaPpIRnkYFHodW+OIeCylsxMVygs=
Subject key identifier: 78:B8:FC:4F:37:AB:63:D9:AB:DA:E3:C1:F6:AD:AD:EC:70:EC:9D:EE
Authority key identifier: 38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
Certificate issuer: /CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Certificate serial: 019CAAC60CEDDBE51A4C94DA0DDD98239A30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
Manifest number: 17F2
Signing time: Sun 01 Mar 2026 19:00:31 +0000
Manifest this update: Sun 01 Mar 2026 19:00:31 +0000
Manifest next update: Mon 02 Mar 2026 19:00:31 +0000
Files and hashes: 1: GRmYf5fBtQllaFBPiERX0WNTqyw.roa (hash: OUUewVjWM6OodlJe2MBm0csiVAeXeLMBert10ePJJOg=)
2: OKN8JN3KNH1xPteU0zzUqBqLSYo.crl (hash: HkDRKsUcRLQIX2QwcI+VLglphl4W7i/DsT4tc6xOo2s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 19:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:0c:ed:db:e5:1a:4c:94:da:0d:dd:98:23:9a:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Validity
Not Before: Mar 1 19:00:31 2026 GMT
Not After : Mar 2 19:00:31 2026 GMT
Subject: CN=78b8fc4f37ab63d9abdae3c1f6adadec70ec9dee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ed:77:07:97:b1:0f:b0:d6:97:a3:e2:14:f1:
c4:31:d5:0a:96:68:ac:66:3f:8f:e2:1b:7e:e4:4a:
d3:4f:a3:2b:6f:5e:d7:31:2f:77:bc:4f:95:e5:ee:
0d:96:5a:ec:95:87:f8:ec:5e:d6:bb:f3:5d:a2:62:
08:c5:35:6f:47:0d:67:89:a4:05:99:05:93:26:b5:
76:7f:ac:bf:b4:b1:0d:7f:3d:b9:dc:a7:8d:c2:72:
46:8a:b3:78:c5:fd:bb:37:36:20:ba:e8:b5:9c:4b:
ec:99:e3:a8:11:01:49:cc:d7:ec:c8:f2:b8:97:a1:
2b:95:bc:2e:3f:ba:97:c1:39:5f:2b:e7:61:88:9d:
16:23:44:16:40:3a:0b:e6:ef:4a:02:0b:fb:ac:be:
f5:b2:6e:2d:44:2a:a1:89:29:d1:78:e7:84:67:ac:
33:94:51:e9:32:57:ed:e2:ef:fb:9b:57:22:9f:71:
d1:f6:69:10:f6:f6:9b:d3:fd:79:4e:b2:b9:f4:86:
65:f5:1f:14:f7:f3:3e:75:f5:f8:c9:8d:9a:68:13:
5d:23:df:10:fa:ff:81:4f:89:f6:1d:6e:dd:d4:1c:
e3:e7:7b:ea:3b:ae:d1:9c:83:8a:f6:58:83:38:56:
5e:e5:7d:db:6e:8a:eb:89:a6:a1:ca:40:92:82:59:
6c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:B8:FC:4F:37:AB:63:D9:AB:DA:E3:C1:F6:AD:AD:EC:70:EC:9D:EE
X509v3 Authority Key Identifier:
keyid:38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:81:82:19:17:83:23:a5:b9:f1:1f:b1:39:d0:0a:91:57:71:
48:f2:51:ee:cb:73:15:93:30:dd:bd:37:66:7b:22:af:fb:48:
79:70:fe:39:83:84:1b:91:34:61:df:28:68:64:79:fc:99:fb:
df:6e:25:13:1d:e7:e5:ae:36:9d:c4:ab:a9:8e:18:1d:04:b6:
9e:94:e0:b8:16:54:4a:28:41:f5:e6:0a:bf:c2:35:4d:95:d4:
e9:ec:8b:7a:99:49:87:5c:68:51:b1:8d:2e:20:4f:88:5e:26:
88:c0:28:2a:aa:76:11:a0:3e:a9:0d:dd:98:6f:8f:36:74:59:
da:f6:a5:0b:ab:97:2d:e7:e9:e8:d6:03:4c:f0:c2:fb:0f:38:
38:55:f5:20:3e:11:46:96:4e:c1:c2:4e:94:da:9f:57:02:05:
ed:fb:f3:2e:b2:41:15:e8:fe:65:15:01:98:9e:5f:96:a6:c0:
3a:09:50:18:91:19:6d:61:d9:53:88:5b:c9:4d:d6:ac:c2:32:
b8:43:9e:98:1d:9d:68:8c:40:e0:f2:12:5a:0d:9a:0e:50:83:
ec:d2:95:57:e1:9d:5c:e1:dd:bb:55:5d:19:c9:a2:12:b3:81:
d6:c0:4a:b4:f8:3b:56:3b:b1:dc:bb:9b:bf:c8:20:24:0f:6e:
35:6c:a2:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxgzt2+UaTJTaDd2YI5owMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTM3YzI0ZGRjYTM0N2Q3MTNlZDc5NGQzM2NkNGE4MWE4
YjQ5OGEwHhcNMjYwMzAxMTkwMDMxWhcNMjYwMzAyMTkwMDMxWjAzMTEwLwYDVQQD
Eyg3OGI4ZmM0ZjM3YWI2M2Q5YWJkYWUzYzFmNmFkYWRlYzcwZWM5ZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiu13B5exD7DWl6PiFPHEMdUKlmis
Zj+P4ht+5ErTT6Mrb17XMS93vE+V5e4NllrslYf47F7Wu/NdomIIxTVvRw1niaQF
mQWTJrV2f6y/tLENfz253KeNwnJGirN4xf27NzYguui1nEvsmeOoEQFJzNfsyPK4
l6ErlbwuP7qXwTlfK+dhiJ0WI0QWQDoL5u9KAgv7rL71sm4tRCqhiSnReOeEZ6wz
lFHpMlft4u/7m1cin3HR9mkQ9vab0/15TrK59IZl9R8U9/M+dfX4yY2aaBNdI98Q
+v+BT4n2HW7d1Bzj53vqO67RnIOK9liDOFZe5X3bborriaahykCSgllsCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHi4/E83q2PZq9rjwfatrexw7J3uMB8GA1UdIwQY
MBaAFDijfCTdyjR9cT7XlNM81Kgai0mKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUt
NDRhNDlkMjYzNzAwLzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUtNDRhNDlkMjYzNzAw
LzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo4GCGReD
I6W58R+xOdAKkVdxSPJR7stzFZMw3b03Znsir/tIeXD+OYOEG5E0Yd8oaGR5/Jn7
324lEx3n5a42ncSrqY4YHQS2npTguBZUSihB9eYKv8I1TZXU6eyLeplJh1xoUbGN
LiBPiF4miMAoKqp2EaA+qQ3dmG+PNnRZ2valC6uXLefp6NYDTPDC+w84OFX1ID4R
RpZOwcJOlNqfVwIF7fvzLrJBFej+ZRUBmJ5flqbAOglQGJEZbWHZU4hbyU3WrMIy
uEOemB2daIxA4PISWg2aDlCD7NKVV+GdXOHdu1VdGcmiErOB1sBKtPg7Vjux3Lub
v8ggJA9uNWyiYw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:49:31 2026 by rpki-client