Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
File: OkGxVaq20SKf00jqoD0PeQPxJno.mft (raw, json)
Hash identifier: 298XY8V0ohxJzwUBuDhEZFhrXcDWiGTGTb5hFthtYls=
Subject key identifier: 26:6D:33:2E:9F:64:2E:42:5D:1A:CA:13:9E:55:8D:19:2C:AD:66:A6
Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Certificate serial: 019D292905ACD1914F318706C0DEC0651B21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
Manifest number: 138F
Signing time: Thu 26 Mar 2026 08:00:47 +0000
Manifest this update: Thu 26 Mar 2026 08:00:47 +0000
Manifest next update: Fri 27 Mar 2026 08:00:47 +0000
Files and hashes: 1: MQkaYy80rlcF2zpg2yFpUgSAhhE.roa (hash: S21YGrGdqaF7674FFZMPM/sVGaBX3VNwBzrWaUE2Lqg=)
2: OkGxVaq20SKf00jqoD0PeQPxJno.crl (hash: ME3fMV9iyjUlQAdzdhznt08uC5AMUSpziPwndfhl1mA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:05:ac:d1:91:4f:31:87:06:c0:de:c0:65:1b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Validity
Not Before: Mar 26 08:00:47 2026 GMT
Not After : Mar 27 08:00:47 2026 GMT
Subject: CN=266d332e9f642e425d1aca139e558d192cad66a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:7b:43:18:83:6a:c5:a4:a8:17:f7:e9:13:b2:
39:61:a2:94:5f:71:ed:c5:e2:4e:4a:01:db:61:02:
a0:50:fe:46:56:d6:8d:4f:18:56:51:8f:11:f6:89:
dd:a3:5d:55:de:10:74:7d:cc:74:90:a4:06:d3:5e:
d7:b3:df:ac:fa:3b:67:1e:b0:46:92:3d:c7:36:1f:
06:8b:42:1c:b4:42:04:d0:2c:7a:91:95:07:6e:d5:
ad:b7:6b:07:27:99:bf:4d:27:bb:bf:54:da:95:91:
54:76:3d:38:f4:45:fb:57:9c:e5:e5:ff:41:b3:0d:
22:52:e6:89:9a:ba:3b:78:71:df:b0:3d:45:b3:5d:
a3:bf:dc:50:3b:5c:95:ac:d0:e5:77:13:de:d2:2d:
d0:44:50:aa:c0:88:19:2f:de:27:2c:77:6b:c0:f6:
c1:54:bd:5f:e4:2d:fd:f7:a6:a9:5d:b1:e2:c1:66:
9d:de:da:98:e6:fd:61:61:22:b3:bb:c0:15:90:f1:
26:8a:c7:9c:37:27:d7:4d:bd:2a:77:01:58:a3:dd:
0a:1a:2f:ea:9f:84:86:69:e1:8e:90:0a:6c:7d:5e:
ed:b9:21:29:fe:ea:d7:aa:18:5c:d5:4d:5b:64:78:
c0:4f:2b:d2:ba:1a:c5:31:6f:78:28:c5:b9:9f:d0:
2f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:6D:33:2E:9F:64:2E:42:5D:1A:CA:13:9E:55:8D:19:2C:AD:66:A6
X509v3 Authority Key Identifier:
keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:03:95:8a:d0:75:42:b3:a6:2b:40:1d:35:06:28:f0:fd:2c:
ef:61:a7:bc:f5:f5:b3:9d:91:6b:a5:f3:d9:57:9d:f5:ec:c1:
85:c3:bb:30:42:20:de:a6:a3:ea:c5:d7:a1:99:40:a0:44:d2:
86:ba:1e:44:77:f4:98:5d:67:10:72:1a:39:89:3c:4b:f1:47:
db:1e:53:ae:b1:ee:fa:d5:69:58:75:5a:8c:69:ac:41:de:1a:
e0:88:2a:99:f1:2d:33:23:6a:8a:25:ea:80:b4:58:e6:63:af:
ab:f4:e0:e3:5e:fb:76:05:98:b7:a2:28:16:28:ef:2a:7f:07:
20:ee:57:9f:e9:df:eb:2d:3f:13:2a:4f:89:b9:aa:16:05:67:
46:ac:08:6e:d5:c6:fb:2e:71:15:bf:54:b7:ff:1a:c0:e6:a6:
45:e5:db:da:9d:48:49:2d:22:51:41:ef:53:08:90:bf:cc:3e:
30:e5:2c:8c:fc:ee:52:49:2e:c6:80:81:3b:7d:5b:41:95:a2:
ee:c1:14:6c:17:e2:6f:1c:8b:d9:88:eb:96:1f:84:0b:e8:27:
d9:b6:2c:5d:d2:fc:ed:63:d8:29:43:c3:eb:04:cf:cb:14:a4:
13:76:ba:8f:ee:eb:a0:04:6b:52:a1:07:bd:14:51:cf:79:2a:
f4:2b:a1:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKQWs0ZFPMYcGwN7AZRshMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm
MTI2N2EwHhcNMjYwMzI2MDgwMDQ3WhcNMjYwMzI3MDgwMDQ3WjAzMTEwLwYDVQQD
EygyNjZkMzMyZTlmNjQyZTQyNWQxYWNhMTM5ZTU1OGQxOTJjYWQ2NmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8HtDGINqxaSoF/fpE7I5YaKUX3Ht
xeJOSgHbYQKgUP5GVtaNTxhWUY8R9ondo11V3hB0fcx0kKQG017Xs9+s+jtnHrBG
kj3HNh8Gi0IctEIE0Cx6kZUHbtWtt2sHJ5m/TSe7v1TalZFUdj049EX7V5zl5f9B
sw0iUuaJmro7eHHfsD1Fs12jv9xQO1yVrNDldxPe0i3QRFCqwIgZL94nLHdrwPbB
VL1f5C3996apXbHiwWad3tqY5v1hYSKzu8AVkPEmisecNyfXTb0qdwFYo90KGi/q
n4SGaeGOkApsfV7tuSEp/urXqhhc1U1bZHjATyvSuhrFMW94KMW5n9AvqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZtMy6fZC5CXRrKE55VjRksrWamMB8GA1UdIwQY
MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt
MmIzYjRjNzgwNDE5LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5
LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFQOVitB1
QrOmK0AdNQYo8P0s72GnvPX1s52Ra6Xz2Ved9ezBhcO7MEIg3qaj6sXXoZlAoETS
hroeRHf0mF1nEHIaOYk8S/FH2x5TrrHu+tVpWHVajGmsQd4a4IgqmfEtMyNqiiXq
gLRY5mOvq/Tg4177dgWYt6IoFijvKn8HIO5Xn+nf6y0/EypPibmqFgVnRqwIbtXG
+y5xFb9Ut/8awOamReXb2p1ISS0iUUHvUwiQv8w+MOUsjPzuUkkuxoCBO31bQZWi
7sEUbBfibxyL2Yjrlh+EC+gn2bYsXdL87WPYKUPD6wTPyxSkE3a6j+7roARrUqEH
vRRRz3kq9Cuh/g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:36:22 2026 by rpki-client