Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json)
Hash identifier: yUxcOBPFIFqc5KN+S9ZPC15xYfniL2IQ1k7SR3I9RpA=
Subject key identifier: 1F:45:FD:B1:0D:3E:B1:D6:5F:A3:68:DE:43:46:9E:B4:9B:19:94:B5
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 019D2703CC137BB21C17BFEB11CF7DE6B17F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
Manifest number: 188B
Signing time: Wed 25 Mar 2026 22:00:53 +0000
Manifest this update: Wed 25 Mar 2026 22:00:53 +0000
Manifest next update: Thu 26 Mar 2026 22:00:53 +0000
Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: Z0hvl86MFqr/9PsjjAw5TMdc3V8TmkR62UQquawb+eM=)
2: WeJgs7A95jwqtwLgB758IcXv4EU.roa (hash: 84hLdtwmT7VOnkUt9Z3ak3sP5MNYReF+bmVuaSuUp4c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:03:cc:13:7b:b2:1c:17:bf:eb:11:cf:7d:e6:b1:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Mar 25 22:00:53 2026 GMT
Not After : Mar 26 22:00:53 2026 GMT
Subject: CN=1f45fdb10d3eb1d65fa368de43469eb49b1994b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2d:54:70:56:46:d6:3b:16:6d:8c:91:54:0c:
b7:94:69:14:2a:9a:f9:02:4f:00:d7:c7:5c:9d:16:
ed:85:36:44:d3:a6:e7:ff:e3:8b:e2:30:0a:71:25:
b4:a6:ce:d4:0c:fd:89:ea:3f:91:3c:8e:4b:af:1f:
09:7b:d6:e0:29:eb:d8:5f:60:d9:93:5e:00:41:f8:
1b:c3:9a:63:a7:fe:01:74:f3:e2:70:f1:e2:e3:17:
27:1c:51:47:4f:eb:13:3e:d0:20:1c:83:5c:13:aa:
4e:8d:5d:79:30:9e:b6:f3:ba:25:2c:54:c7:21:96:
9c:58:46:55:2f:e2:67:24:ce:28:c1:1c:da:99:aa:
5a:f6:62:cc:b5:6b:01:2a:b1:aa:3b:fe:0d:bd:1a:
5c:73:a7:ad:5c:1e:c6:ee:34:78:3d:a8:b9:1c:b8:
b6:2b:4f:eb:26:72:82:a2:88:ac:75:5b:f0:25:08:
7e:68:ec:79:36:cb:d8:a4:df:08:ef:17:80:4a:c1:
36:a5:2a:d0:d1:ba:95:39:cc:37:2e:e9:b1:f3:8a:
44:f9:86:c9:40:e8:a1:10:f4:21:aa:ce:6c:df:7c:
0d:1b:4c:d6:8d:98:52:97:78:ec:04:0b:80:c4:df:
ac:d5:3b:53:2a:0e:42:b6:a5:a2:a2:b8:0c:27:f7:
47:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:45:FD:B1:0D:3E:B1:D6:5F:A3:68:DE:43:46:9E:B4:9B:19:94:B5
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:53:46:96:9d:36:06:ec:82:e5:d1:59:b0:b6:83:c6:26:4d:
71:4f:f8:d3:45:bb:f9:cd:cc:f9:bc:bd:23:03:e0:24:af:17:
7a:bc:29:23:33:3a:cf:f3:e6:f7:70:ca:ca:a4:ac:17:e1:59:
6e:27:e2:07:54:36:19:bf:18:0c:25:ce:e4:72:4c:f4:4c:b5:
7d:61:7d:cd:96:f8:01:a4:19:cb:1c:8a:44:c3:43:f5:ce:3b:
85:7d:69:88:ff:47:4d:57:2c:9d:fd:3b:c3:4e:9c:ed:5e:7b:
4f:9a:05:8c:c3:3c:f3:d2:36:ca:be:14:7a:98:b8:bb:5a:26:
81:5e:47:e2:ed:36:44:13:6e:c8:4d:3b:51:1f:77:85:3c:20:
4b:55:37:81:82:21:de:f5:ea:de:51:83:ee:4e:6b:c1:b4:c5:
a0:9a:76:0f:fb:39:23:24:53:3e:19:67:e1:bd:47:4a:6f:60:
32:af:47:1a:5f:7e:b7:c3:d1:2d:53:a4:ea:81:2c:ca:a0:1c:
da:c6:b3:53:f1:3e:79:36:02:22:20:8e:2b:14:48:df:70:5e:
de:71:c6:1e:a7:e2:fe:69:85:e2:10:c9:13:39:8f:e8:cd:31:
7f:01:be:d7:97:3a:04:6b:3c:00:02:09:06:ec:8b:21:83:7f:
d9:b1:d7:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA8wTe7IcF7/rEc995rF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjYwMzI1MjIwMDUzWhcNMjYwMzI2MjIwMDUzWjAzMTEwLwYDVQQD
EygxZjQ1ZmRiMTBkM2ViMWQ2NWZhMzY4ZGU0MzQ2OWViNDliMTk5NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy1UcFZG1jsWbYyRVAy3lGkUKpr5
Ak8A18dcnRbthTZE06bn/+OL4jAKcSW0ps7UDP2J6j+RPI5Lrx8Je9bgKevYX2DZ
k14AQfgbw5pjp/4BdPPicPHi4xcnHFFHT+sTPtAgHINcE6pOjV15MJ6287olLFTH
IZacWEZVL+JnJM4owRzamapa9mLMtWsBKrGqO/4NvRpcc6etXB7G7jR4Pai5HLi2
K0/rJnKCooisdVvwJQh+aOx5NsvYpN8I7xeASsE2pSrQ0bqVOcw3Lumx84pE+YbJ
QOihEPQhqs5s33wNG0zWjZhSl3jsBAuAxN+s1TtTKg5CtqWiorgMJ/dHtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9F/bENPrHWX6No3kNGnrSbGZS1MB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbFNGlp02
BuyC5dFZsLaDxiZNcU/400W7+c3M+by9IwPgJK8XerwpIzM6z/Pm93DKyqSsF+FZ
bifiB1Q2Gb8YDCXO5HJM9Ey1fWF9zZb4AaQZyxyKRMND9c47hX1piP9HTVcsnf07
w06c7V57T5oFjMM889I2yr4Uepi4u1omgV5H4u02RBNuyE07UR93hTwgS1U3gYIh
3vXq3lGD7k5rwbTFoJp2D/s5IyRTPhln4b1HSm9gMq9HGl9+t8PRLVOk6oEsyqAc
2sazU/E+eTYCIiCOKxRI33Be3nHGHqfi/mmF4hDJEzmP6M0xfwG+15c6BGs8AAIJ
BuyLIYN/2bHXdg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:29:07 2026 by rpki-client