Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
File: OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft (raw, json)
Hash identifier: DnNNIQbKIv5b4O9QXn90YYpS/aonj3VFFRR4TlttRm4=
Subject key identifier: D0:4D:85:D9:73:F1:53:D2:2F:37:C7:8A:22:D4:1A:01:DD:0B:17:5D
Authority key identifier: 38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
Certificate issuer: /CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Certificate serial: 019D27A8DF3F00635EE9ECE3A9D480BA5634
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
Manifest number: 17ED
Signing time: Thu 26 Mar 2026 01:01:11 +0000
Manifest this update: Thu 26 Mar 2026 01:01:11 +0000
Manifest next update: Fri 27 Mar 2026 01:01:11 +0000
Files and hashes: 1: I5suLRJMCcD3Q-LkLgkHzGSULk4.roa (hash: lLdnBAzP++nZyrTcfhQAr6iSYGM9RrOFuFX70aI206Q=)
2: OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl (hash: C/sBcC92R5yI+qo88Ab7ffe6KDkc7h8beDGFldg0dXU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a8:df:3f:00:63:5e:e9:ec:e3:a9:d4:80:ba:56:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Validity
Not Before: Mar 26 01:01:11 2026 GMT
Not After : Mar 27 01:01:11 2026 GMT
Subject: CN=d04d85d973f153d22f37c78a22d41a01dd0b175d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b4:5f:d0:46:52:f5:26:fb:59:15:02:e5:42:
8f:31:90:a2:58:45:04:39:74:58:50:68:00:04:f4:
6a:fc:fe:9b:64:f1:03:46:5a:01:de:4f:bc:96:d5:
9c:2e:ea:8c:24:7c:29:e9:9b:ac:4f:54:54:64:c4:
23:ea:79:7e:3e:67:1d:21:37:30:25:fe:30:af:5a:
eb:a4:de:f0:f4:84:fa:a1:ab:f6:fe:90:82:ef:56:
77:bd:7d:a2:dc:5f:19:32:36:c5:f8:5a:91:0e:5c:
2d:7c:03:31:55:50:b8:73:06:ab:a9:9f:1a:9b:6f:
9b:74:bf:4d:91:e0:20:15:be:66:e5:a5:75:fe:59:
f9:e5:d1:e5:45:01:6c:1e:41:0c:e7:41:67:d7:24:
bd:e1:f6:b0:61:ef:4a:2c:e0:d4:6b:a1:04:7a:41:
fb:fc:95:63:ad:f3:be:84:9d:6d:e1:70:02:f9:ab:
6d:83:84:0d:fe:97:6a:75:bc:ed:d9:69:b8:4a:9e:
89:75:ad:b9:2a:77:ae:a1:3b:fb:15:d8:b5:1b:4b:
31:2a:47:db:c0:c6:29:05:dc:c8:86:a3:a7:e6:39:
06:54:10:7a:8b:82:2d:26:ae:51:67:2e:54:d0:d5:
0e:95:ff:e4:d8:44:3c:56:a3:f5:18:e3:7d:a5:63:
fb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:4D:85:D9:73:F1:53:D2:2F:37:C7:8A:22:D4:1A:01:DD:0B:17:5D
X509v3 Authority Key Identifier:
keyid:38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:14:6b:93:b2:06:d7:00:e2:2f:83:00:c1:04:1d:18:40:f2:
e2:9d:e1:46:ba:34:e7:fb:9e:d8:d3:0e:7b:2c:fe:7f:db:2d:
46:6a:13:49:fa:b5:f0:b3:09:07:84:00:07:26:5c:1d:5b:43:
1a:ea:1c:5e:d7:a4:16:d1:db:53:7a:14:4b:79:b5:3c:81:a1:
37:7c:64:73:6a:02:86:55:e4:05:cf:72:ed:c0:c1:1c:fa:bf:
f3:2b:0e:e0:25:f3:97:d0:ce:77:4e:cb:bd:f5:ba:25:df:f0:
4c:6a:d4:9f:52:53:f1:fb:88:e6:e5:6e:4e:96:65:b5:21:12:
6a:77:42:40:f9:c9:a2:b5:95:85:4d:df:65:b2:15:1a:e9:aa:
65:79:19:3d:b2:98:fa:7b:ae:72:2e:8c:26:25:ef:48:a3:36:
a6:04:d0:de:43:d8:16:69:ad:58:e8:ba:7f:31:2a:db:6d:17:
4d:02:df:6c:91:56:33:14:55:7b:bd:ab:c5:1f:ea:54:07:8e:
a0:e4:93:1a:b6:da:d0:2b:b1:d8:45:62:a9:fc:52:29:4d:bf:
b0:70:65:38:d4:22:70:8c:51:5e:5d:c4:5d:2e:89:f5:6c:f7:
8d:b8:e6:16:59:15:9e:5f:30:a8:b9:40:cf:c3:50:08:29:b5:
96:56:1d:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqN8/AGNe6ezjqdSAulY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTBjODgyNmMxOGJjZDUxM2FhYTdlNTIwODFmZjlmZDM3
OTE5ZmIwHhcNMjYwMzI2MDEwMTExWhcNMjYwMzI3MDEwMTExWjAzMTEwLwYDVQQD
EyhkMDRkODVkOTczZjE1M2QyMmYzN2M3OGEyMmQ0MWEwMWRkMGIxNzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLRf0EZS9Sb7WRUC5UKPMZCiWEUE
OXRYUGgABPRq/P6bZPEDRloB3k+8ltWcLuqMJHwp6ZusT1RUZMQj6nl+PmcdITcw
Jf4wr1rrpN7w9IT6oav2/pCC71Z3vX2i3F8ZMjbF+FqRDlwtfAMxVVC4cwarqZ8a
m2+bdL9NkeAgFb5m5aV1/ln55dHlRQFsHkEM50Fn1yS94fawYe9KLODUa6EEekH7
/JVjrfO+hJ1t4XAC+attg4QN/pdqdbzt2Wm4Sp6Jda25KneuoTv7Fdi1G0sxKkfb
wMYpBdzIhqOn5jkGVBB6i4ItJq5RZy5U0NUOlf/k2EQ8VqP1GON9pWP7pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBNhdlz8VPSLzfHiiLUGgHdCxddMB8GA1UdIwQY
MBaAFDigyIJsGLzVE6qn5SCB/5/TeRn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTkt
MDUwMmE2YTU0YWFiLzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTktMDUwMmE2YTU0YWFi
LzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEhRrk7IG
1wDiL4MAwQQdGEDy4p3hRro05/ue2NMOeyz+f9stRmoTSfq18LMJB4QAByZcHVtD
GuocXtekFtHbU3oUS3m1PIGhN3xkc2oChlXkBc9y7cDBHPq/8ysO4CXzl9DOd07L
vfW6Jd/wTGrUn1JT8fuI5uVuTpZltSESandCQPnJorWVhU3fZbIVGumqZXkZPbKY
+nuuci6MJiXvSKM2pgTQ3kPYFmmtWOi6fzEq220XTQLfbJFWMxRVe72rxR/qVAeO
oOSTGrba0Cux2EViqfxSKU2/sHBlONQicIxRXl3EXS6J9Wz3jbjmFlkVnl8wqLlA
z8NQCCm1llYdjQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:42:07 2026 by rpki-client