Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
File: Okj-BwTkrJXjpw6VvrhEJcMWua0.mft (raw, json)
Hash identifier: S4ZTPcU5SKSI59dYkM0SR0jmSbWm9I9TJk9Iko2pkIM=
Subject key identifier: CD:BC:88:31:D1:49:52:D5:02:8E:0D:B0:DD:C0:7B:27:69:76:E4:FF
Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Certificate serial: 019D25BACB8BDFCC99F0A5113269A32C39D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
Manifest number: 13A0
Signing time: Wed 25 Mar 2026 16:01:31 +0000
Manifest this update: Wed 25 Mar 2026 16:01:31 +0000
Manifest next update: Thu 26 Mar 2026 16:01:31 +0000
Files and hashes: 1: Okj-BwTkrJXjpw6VvrhEJcMWua0.crl (hash: thQkHljklT7wmvqXdYY1K4uY5AcPlHN/xrGRyfW1H8w=)
2: juBkbpcYbHGu8X6oDqr6gXzg0p4.roa (hash: YpMOIRw0fnrQ2EWztcpAe2+2MvDjXytsu0Rk4/ssWiY=)
3: kBXYGbTxdPtMX8674-LRTUc3syU.roa (hash: iVyxpIKZTeWiXDctlyE3ADiEgnIUxFQhQQ9pjma1pGw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:cb:8b:df:cc:99:f0:a5:11:32:69:a3:2c:39:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Validity
Not Before: Mar 25 16:01:31 2026 GMT
Not After : Mar 26 16:01:31 2026 GMT
Subject: CN=cdbc8831d14952d5028e0db0ddc07b276976e4ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4c:33:dd:77:60:e3:c3:93:60:d4:4c:75:d2:
05:78:25:f4:bf:c7:fc:81:99:bf:94:ce:7f:5d:31:
5c:bc:fb:5c:f8:89:6e:12:2f:55:55:c8:b4:20:b3:
57:fb:35:7c:5e:d6:ba:21:83:b8:81:95:77:ec:7d:
f2:0b:f6:df:4f:d9:3a:ce:13:13:7a:3f:c5:00:c6:
27:55:5d:3b:09:7c:3e:9a:e8:76:17:57:db:14:d8:
74:25:9d:ca:49:bd:1a:25:c3:03:5c:06:e6:50:6d:
87:59:5e:16:b1:74:8f:93:81:df:2c:ce:6a:5b:5a:
58:50:19:1e:e7:6b:b6:cc:0c:d8:33:f0:3f:ea:a0:
7b:bf:72:8c:f8:ad:ed:83:76:9f:15:fb:38:92:67:
e1:bb:ad:37:b5:dc:c8:35:5d:a9:af:f8:8a:9e:a2:
81:1e:a9:c9:73:25:c1:65:06:c5:28:e5:26:78:b9:
f1:1f:b0:e8:b0:60:c3:5e:c9:94:5d:4a:fd:2c:73:
aa:7d:c3:43:83:83:81:84:28:cb:f7:6f:17:45:83:
79:92:7a:a7:e2:5c:30:8f:e3:ef:7a:41:3f:14:0b:
1e:bc:a0:05:0d:d4:a1:20:32:69:71:12:07:b8:82:
2d:84:aa:c7:e2:40:6a:12:09:0a:c3:87:a0:e8:b9:
04:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:BC:88:31:D1:49:52:D5:02:8E:0D:B0:DD:C0:7B:27:69:76:E4:FF
X509v3 Authority Key Identifier:
keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:21:9c:c9:d1:4f:7d:c9:54:e4:d0:6d:23:47:af:a6:d2:c2:
83:82:dc:40:f0:79:2e:90:a3:ad:b6:30:4a:1b:ef:67:b6:a8:
4a:f6:d0:25:84:ea:08:0a:74:a0:4e:69:20:46:17:f1:9a:da:
fc:63:f0:84:eb:7b:6c:e1:5c:f8:57:d4:98:d1:7c:d9:70:33:
b6:b9:2f:e6:b5:1c:13:ab:a7:39:99:32:a6:e1:94:89:9f:ea:
09:a5:ac:a3:27:71:ee:6c:f1:71:f6:4e:8d:25:54:d7:10:77:
d9:67:b1:e8:81:03:13:0f:2a:47:5d:15:df:e0:d0:c4:eb:48:
4c:b0:5b:b8:4f:77:12:0a:a4:aa:32:d1:02:be:8d:b3:4a:01:
03:34:32:65:f4:18:29:e8:83:95:95:30:70:84:6c:a9:6b:87:
8a:00:d1:61:57:c7:f2:4f:69:40:20:8d:5a:f7:c7:96:91:4c:
30:7f:65:4c:9e:87:dd:1d:11:ce:92:06:9e:38:e0:2e:07:23:
b1:ff:0a:64:99:63:26:5d:09:1b:13:be:0a:12:f7:7f:1e:b8:
32:00:cd:de:33:1c:81:22:e7:b2:0c:ea:84:f4:ba:db:b1:a2:
5b:d9:f9:3b:10:54:2d:38:8c:90:4d:d7:2a:98:27:63:d0:e6:
68:09:30:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lusuL38yZ8KURMmmjLDnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx
NmI5YWQwHhcNMjYwMzI1MTYwMTMxWhcNMjYwMzI2MTYwMTMxWjAzMTEwLwYDVQQD
EyhjZGJjODgzMWQxNDk1MmQ1MDI4ZTBkYjBkZGMwN2IyNzY5NzZlNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0wz3Xdg48OTYNRMddIFeCX0v8f8
gZm/lM5/XTFcvPtc+IluEi9VVci0ILNX+zV8Xta6IYO4gZV37H3yC/bfT9k6zhMT
ej/FAMYnVV07CXw+muh2F1fbFNh0JZ3KSb0aJcMDXAbmUG2HWV4WsXSPk4HfLM5q
W1pYUBke52u2zAzYM/A/6qB7v3KM+K3tg3afFfs4kmfhu603tdzINV2pr/iKnqKB
HqnJcyXBZQbFKOUmeLnxH7DosGDDXsmUXUr9LHOqfcNDg4OBhCjL928XRYN5knqn
4lwwj+PvekE/FAsevKAFDdShIDJpcRIHuIIthKrH4kBqEgkKw4eg6LkEFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM28iDHRSVLVAo4NsN3AeydpduT/MB8GA1UdIwQY
MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt
ZTEyM2U0ZTMwM2UxLzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux
LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfCGcydFP
fclU5NBtI0evptLCg4LcQPB5LpCjrbYwShvvZ7aoSvbQJYTqCAp0oE5pIEYX8Zra
/GPwhOt7bOFc+FfUmNF82XAztrkv5rUcE6unOZkypuGUiZ/qCaWsoydx7mzxcfZO
jSVU1xB32Wex6IEDEw8qR10V3+DQxOtITLBbuE93EgqkqjLRAr6Ns0oBAzQyZfQY
KeiDlZUwcIRsqWuHigDRYVfH8k9pQCCNWvfHlpFMMH9lTJ6H3R0RzpIGnjjgLgcj
sf8KZJljJl0JGxO+ChL3fx64MgDN3jMcgSLnsgzqhPS627GiW9n5OxBULTiMkE3X
KpgnY9DmaAkwdw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:19:33 2026 by rpki-client