Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier: e2KFdVSiIbHsFaRzx8lMOGxe2DZ4KAm3H7jhUko/8E0=
Subject key identifier: 6A:4F:32:47:80:B7:45:CE:6D:4D:97:56:A2:7D:5B:F7:E2:08:62:1F
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial: 019D29294A0EB9BB93C87A1C4507790F1FA0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number: 0BBF
Signing time: Thu 26 Mar 2026 08:01:04 +0000
Manifest this update: Thu 26 Mar 2026 08:01:04 +0000
Manifest next update: Fri 27 Mar 2026 08:01:04 +0000
Files and hashes: 1: Gt-80zXqf_s_u6U1np0ZyLE5Z40.roa (hash: xo9qKHdsqyfJiaN4I/AOjnmYmRnO4exFxr4FsuIGykQ=)
2: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: W42nbCRrDfOmTeilrZLYNVKLKlYjZgF55EHSXWDkOTs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:4a:0e:b9:bb:93:c8:7a:1c:45:07:79:0f:1f:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
Validity
Not Before: Mar 26 08:01:04 2026 GMT
Not After : Mar 27 08:01:04 2026 GMT
Subject: CN=6a4f324780b745ce6d4d9756a27d5bf7e208621f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:04:f1:2e:fd:ca:36:bb:3c:b6:82:dd:bc:7c:
23:c7:26:81:05:40:6a:07:76:8c:b8:25:71:85:33:
f5:4c:b7:85:9a:7b:66:8a:92:03:0b:cb:fe:7b:a1:
13:ef:44:c7:cf:a4:df:98:98:1d:b2:99:28:45:f4:
ee:6c:f2:37:00:c9:85:2f:4e:a9:4e:8b:c2:97:d2:
ab:6a:7a:e1:6e:51:3f:61:89:af:7e:ac:1b:2e:2a:
d7:fb:3c:09:6c:ec:d0:35:34:bc:bb:0f:72:9a:d4:
7d:24:bb:50:a7:6b:4c:f1:42:dc:47:05:dc:a7:f6:
ba:fa:38:59:79:2f:c4:f3:b9:86:55:d5:b8:9c:7d:
85:48:53:6e:1f:25:92:95:c9:7e:9e:da:8f:3d:a2:
ea:0f:2a:0e:34:28:47:33:da:1d:89:04:58:71:38:
45:42:4f:65:ee:c8:4a:b0:e4:3b:4c:1c:36:92:20:
5f:af:52:94:34:84:ad:ce:99:d2:20:39:cd:f5:f3:
eb:e0:55:a1:ae:01:97:c6:3e:3c:cc:f0:4e:ae:6b:
3c:ab:47:0d:f0:4d:a0:84:38:f0:34:85:54:0d:f5:
ec:3f:5a:ae:e2:8f:01:f7:a3:64:40:dd:18:7a:24:
4e:71:79:82:82:6d:64:c2:e3:8f:bb:a7:3e:2c:4a:
f5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:4F:32:47:80:B7:45:CE:6D:4D:97:56:A2:7D:5B:F7:E2:08:62:1F
X509v3 Authority Key Identifier:
keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:77:71:5e:fb:91:b4:bb:cc:e0:62:c6:c2:c9:02:e3:2c:5f:
7b:08:84:44:9b:fe:9e:72:a7:5a:5a:d0:ee:c4:e6:77:5f:a3:
a1:b3:f4:6f:41:73:40:9f:9e:63:73:b8:ab:e4:1b:85:4c:85:
d2:a4:5d:af:02:03:70:85:7f:fd:e9:81:40:ed:eb:33:06:e5:
e5:e1:e6:ef:9d:52:03:bd:16:af:cd:aa:37:78:b3:d8:4d:7f:
0a:91:37:32:dc:0d:98:9c:a4:ad:45:4d:2b:ad:be:ea:64:0e:
49:32:c6:6c:37:47:a1:77:93:6d:0e:da:5f:d5:25:25:2d:31:
08:96:39:c2:17:e6:55:4a:8d:0a:91:0e:8e:47:ed:c8:ca:60:
a1:f3:dd:65:d3:b9:3a:bb:9d:a2:99:af:a3:29:92:cc:0f:4d:
25:f6:1c:71:33:24:90:3c:ad:a3:92:e4:b3:76:4c:dd:ec:cd:
83:65:a3:9e:1a:0e:c1:09:be:98:b2:d6:cb:ab:01:da:43:d2:
86:81:f5:26:49:bc:01:55:fa:53:af:08:05:ed:47:5d:c5:fe:
4e:64:e9:32:83:3b:b3:42:6f:66:62:fa:ca:f4:e4:bb:0f:77:
a3:66:b0:b0:2d:e5:05:c5:f4:1d:9e:b8:b4:5a:19:61:d2:89:
69:da:be:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKUoOubuTyHocRQd5Dx+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjYwMzI2MDgwMTA0WhcNMjYwMzI3MDgwMTA0WjAzMTEwLwYDVQQD
Eyg2YTRmMzI0NzgwYjc0NWNlNmQ0ZDk3NTZhMjdkNWJmN2UyMDg2MjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgTxLv3KNrs8toLdvHwjxyaBBUBq
B3aMuCVxhTP1TLeFmntmipIDC8v+e6ET70THz6TfmJgdspkoRfTubPI3AMmFL06p
TovCl9KranrhblE/YYmvfqwbLirX+zwJbOzQNTS8uw9ymtR9JLtQp2tM8ULcRwXc
p/a6+jhZeS/E87mGVdW4nH2FSFNuHyWSlcl+ntqPPaLqDyoONChHM9odiQRYcThF
Qk9l7shKsOQ7TBw2kiBfr1KUNIStzpnSIDnN9fPr4FWhrgGXxj48zPBOrms8q0cN
8E2ghDjwNIVUDfXsP1qu4o8B96NkQN0YeiROcXmCgm1kwuOPu6c+LEr1bwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGpPMkeAt0XObU2XVqJ9W/fiCGIfMB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANndxXvuR
tLvM4GLGwskC4yxfewiERJv+nnKnWlrQ7sTmd1+jobP0b0FzQJ+eY3O4q+QbhUyF
0qRdrwIDcIV//emBQO3rMwbl5eHm751SA70Wr82qN3iz2E1/CpE3MtwNmJykrUVN
K62+6mQOSTLGbDdHoXeTbQ7aX9UlJS0xCJY5whfmVUqNCpEOjkftyMpgofPdZdO5
OrudopmvoymSzA9NJfYccTMkkDyto5Lks3ZM3ezNg2WjnhoOwQm+mLLWy6sB2kPS
hoH1Jkm8AVX6U68IBe1HXcX+TmTpMoM7s0JvZmL6yvTkuw93o2awsC3lBcX0HZ64
tFoZYdKJadq+7A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:31:52 2026 by rpki-client