Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
File: Okj-BwTkrJXjpw6VvrhEJcMWua0.mft (raw, json)
Hash identifier: WCif9+PHq3qUi9k20TqiPmwcRBD1hCqUSGdzq0MNGhc=
Subject key identifier: BB:91:EB:83:38:B7:45:33:09:72:A7:32:66:0F:52:06:B7:AC:6F:1D
Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Certificate serial: 019E1CEBD2669852199EF9FD5E0CD9D9D9F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
Manifest number: 1420
Signing time: Tue 12 May 2026 16:01:17 +0000
Manifest this update: Tue 12 May 2026 16:01:17 +0000
Manifest next update: Wed 13 May 2026 16:01:17 +0000
Files and hashes: 1: Okj-BwTkrJXjpw6VvrhEJcMWua0.crl (hash: XqhGnfvgEbuBODMUwUVvdS0LL6yht27DZ98uTRs8CKQ=)
2: juBkbpcYbHGu8X6oDqr6gXzg0p4.roa (hash: YpMOIRw0fnrQ2EWztcpAe2+2MvDjXytsu0Rk4/ssWiY=)
3: kBXYGbTxdPtMX8674-LRTUc3syU.roa (hash: iVyxpIKZTeWiXDctlyE3ADiEgnIUxFQhQQ9pjma1pGw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:eb:d2:66:98:52:19:9e:f9:fd:5e:0c:d9:d9:d9:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Validity
Not Before: May 12 16:01:17 2026 GMT
Not After : May 13 16:01:17 2026 GMT
Subject: CN=bb91eb8338b745330972a732660f5206b7ac6f1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:52:88:62:28:bb:38:21:9a:79:fd:4f:4b:e2:
d6:75:fd:8e:bf:f4:ce:ce:be:12:60:48:07:cd:7e:
4e:5f:90:74:95:72:49:03:7b:27:d5:7e:b0:00:98:
34:64:ed:f6:3d:f5:8d:ac:43:14:af:ab:17:27:0c:
6e:a5:3f:29:ea:b3:79:a0:83:13:17:2a:ef:3b:c2:
b4:8a:22:1d:af:2b:c9:26:1f:99:86:0d:b7:f5:d0:
79:17:fe:18:40:b0:fe:db:db:d8:4f:e2:ee:b4:65:
a2:0c:48:9a:df:22:40:09:2b:82:8e:1f:21:88:e1:
4b:48:9a:c7:99:0f:9e:85:7c:df:85:44:37:9b:9d:
c0:f2:de:9d:32:e6:4f:86:df:84:b7:ce:38:71:5e:
3e:fd:1f:6f:84:2d:75:7b:8e:2e:85:2b:61:9a:33:
a7:db:77:36:28:4c:1b:dc:1b:bd:b8:1e:3a:63:95:
c2:a0:9e:3b:55:8a:9f:70:14:eb:2b:7a:be:dc:a3:
df:54:92:56:75:83:ea:21:14:e9:d3:6d:bf:c3:a5:
07:ac:60:53:77:8e:be:7e:5a:ce:ea:90:88:90:53:
43:e0:a6:33:0c:6e:db:8d:08:b2:8f:ad:c8:b8:01:
12:92:2d:fb:f7:60:51:6b:9e:f6:73:1e:e5:cd:16:
28:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:91:EB:83:38:B7:45:33:09:72:A7:32:66:0F:52:06:B7:AC:6F:1D
X509v3 Authority Key Identifier:
keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:09:85:2a:fd:e7:dd:b6:9a:d9:c3:1e:22:06:1a:cd:32:35:
18:c0:c7:13:94:3a:cf:41:09:9d:83:d2:a3:28:8a:9d:9f:0c:
e9:28:d3:7c:e5:c9:45:bb:a1:61:44:ed:f4:23:d6:d1:90:27:
c6:96:4f:80:ac:be:7c:80:8d:a3:c2:a9:5d:16:b4:0a:b3:53:
17:e2:6c:32:0c:2e:d8:a8:42:27:de:f8:45:39:97:e4:7b:27:
b6:09:f5:91:7c:bc:b0:14:67:d9:a3:c6:db:f7:e2:a4:45:44:
66:4d:7f:42:25:1d:3e:dc:13:e4:7d:b3:6d:46:fc:48:81:d4:
e3:5d:49:b6:e9:aa:20:ef:55:30:d3:ae:98:9b:93:42:31:c3:
20:d1:e5:70:39:46:fb:54:43:0c:93:df:98:ff:cb:e2:07:46:
19:a4:ed:55:f5:56:35:fa:8d:01:b4:cc:d6:bb:5c:29:76:c2:
0c:ef:5f:ad:d8:29:b3:94:16:2e:21:df:7f:7b:fb:12:77:ec:
8c:2f:38:49:6d:9f:1a:82:2e:ae:71:57:1e:8c:51:3f:22:91:
a1:41:db:48:02:b9:68:f7:8c:33:93:3b:58:02:42:70:e7:98:
e3:5c:ec:0f:3a:c9:f7:f9:aa:04:2d:af:c9:96:c2:44:6f:5e:
e0:fc:56:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4c69JmmFIZnvn9XgzZ2dnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx
NmI5YWQwHhcNMjYwNTEyMTYwMTE3WhcNMjYwNTEzMTYwMTE3WjAzMTEwLwYDVQQD
EyhiYjkxZWI4MzM4Yjc0NTMzMDk3MmE3MzI2NjBmNTIwNmI3YWM2ZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1KIYii7OCGaef1PS+LWdf2Ov/TO
zr4SYEgHzX5OX5B0lXJJA3sn1X6wAJg0ZO32PfWNrEMUr6sXJwxupT8p6rN5oIMT
FyrvO8K0iiIdryvJJh+Zhg239dB5F/4YQLD+29vYT+LutGWiDEia3yJACSuCjh8h
iOFLSJrHmQ+ehXzfhUQ3m53A8t6dMuZPht+Et844cV4+/R9vhC11e44uhSthmjOn
23c2KEwb3Bu9uB46Y5XCoJ47VYqfcBTrK3q+3KPfVJJWdYPqIRTp022/w6UHrGBT
d46+flrO6pCIkFND4KYzDG7bjQiyj63IuAESki3792BRa572cx7lzRYoAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuR64M4t0UzCXKnMmYPUga3rG8dMB8GA1UdIwQY
MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt
ZTEyM2U0ZTMwM2UxLzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux
LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlwmFKv3n
3baa2cMeIgYazTI1GMDHE5Q6z0EJnYPSoyiKnZ8M6SjTfOXJRbuhYUTt9CPW0ZAn
xpZPgKy+fICNo8KpXRa0CrNTF+JsMgwu2KhCJ974RTmX5Hsntgn1kXy8sBRn2aPG
2/fipEVEZk1/QiUdPtwT5H2zbUb8SIHU411JtumqIO9VMNOumJuTQjHDINHlcDlG
+1RDDJPfmP/L4gdGGaTtVfVWNfqNAbTM1rtcKXbCDO9frdgps5QWLiHff3v7Enfs
jC84SW2fGoIurnFXHoxRPyKRoUHbSAK5aPeMM5M7WAJCcOeY41zsDzrJ9/mqBC2v
yZbCRG9e4PxWrA==
-----END CERTIFICATE-----
Generated at Wed May 13 00:23:27 2026 by rpki-client