Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json)
Hash identifier: 5Kxf8zPo/eWKm03DhYs1u9W+AQLryRL12ht9qRMLJ00=
Subject key identifier: 28:CC:59:DF:54:33:CD:76:D1:D3:EA:2B:DA:88:57:A8:1E:B8:CC:C8
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 019E1E3595370CAE2C43075BB36094BFB2B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
Manifest number: 190B
Signing time: Tue 12 May 2026 22:01:28 +0000
Manifest this update: Tue 12 May 2026 22:01:28 +0000
Manifest next update: Wed 13 May 2026 22:01:28 +0000
Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: NeCeL5t4ZmGiZO4FeRayIK1ibpsLlgpEzxeESDqcTAQ=)
2: WeJgs7A95jwqtwLgB758IcXv4EU.roa (hash: 84hLdtwmT7VOnkUt9Z3ak3sP5MNYReF+bmVuaSuUp4c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:35:95:37:0c:ae:2c:43:07:5b:b3:60:94:bf:b2:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: May 12 22:01:28 2026 GMT
Not After : May 13 22:01:28 2026 GMT
Subject: CN=28cc59df5433cd76d1d3ea2bda8857a81eb8ccc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:40:c2:4c:fd:14:bd:f6:b3:e4:3c:ed:bb:1b:
c9:8d:f3:6f:7c:37:1c:6a:be:22:76:f4:21:16:08:
0a:aa:82:dc:e8:9a:d8:b0:21:08:c7:27:1e:c5:34:
98:3b:fa:b7:e1:1e:7d:62:a5:8c:9b:08:a1:23:82:
08:6a:96:8e:56:47:d6:ea:c6:eb:94:79:5b:6e:41:
f1:dc:d3:0e:97:4a:4f:69:36:04:f7:6d:40:d9:1d:
1e:50:78:7e:4e:57:4e:e6:51:68:79:45:b0:a9:6d:
b3:16:64:dc:b0:07:ca:37:dc:50:18:a2:31:ce:19:
69:7d:3f:96:70:4f:4d:c2:9d:c8:48:42:36:69:f5:
32:2b:42:35:3d:57:53:1e:30:6d:27:83:2d:10:81:
cb:b8:45:0a:ef:1f:af:5c:37:29:ed:0c:6e:7c:56:
3d:53:a0:cb:18:5c:fd:cf:2e:12:59:ad:c7:3e:6d:
d2:d4:95:87:3b:0d:98:92:98:8e:72:b5:93:c4:99:
27:16:2d:b9:48:3f:57:d9:f9:2a:18:3e:35:b5:e0:
0f:30:a0:2a:29:be:79:e7:92:b2:3f:78:6a:98:26:
2d:40:cd:5c:d6:45:58:47:5c:ed:c3:e4:e3:ab:85:
ab:cc:5a:22:e2:24:92:86:34:51:9a:be:9c:29:71:
ef:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CC:59:DF:54:33:CD:76:D1:D3:EA:2B:DA:88:57:A8:1E:B8:CC:C8
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:8a:a7:1a:c4:5f:fd:1a:59:50:00:ed:cb:2d:0d:6c:3e:34:
22:59:b0:94:c0:1a:13:7c:8b:76:c0:f0:9a:9d:5c:54:4a:15:
31:f9:63:47:16:2f:6a:6d:24:92:e9:77:89:9c:eb:fb:08:01:
4e:97:2b:fb:99:6d:82:c7:f0:36:55:02:45:92:a3:ed:4c:55:
14:bd:1d:a8:b2:7c:eb:8a:f1:bb:85:cc:8e:fd:dc:21:f1:a7:
96:4a:40:95:fa:26:08:70:4c:72:0a:d2:c3:80:ca:5c:1e:df:
87:af:63:cc:db:c8:c3:4e:ad:b9:58:98:64:d2:dc:f4:f6:62:
92:4f:a2:cd:be:29:dc:e0:44:ec:a5:74:08:d7:70:09:c3:dd:
e6:bd:26:88:af:4c:f3:8c:dc:d8:af:3c:4c:8e:c8:f2:86:02:
a3:0b:66:4c:0c:dd:f2:55:0c:e5:b5:a9:cd:2f:6f:22:f4:9b:
5e:8c:d6:16:c0:e3:54:07:3e:45:1a:36:8b:c3:89:0c:a2:95:
f7:82:9b:e1:38:af:ba:4f:ad:e3:45:f5:5d:54:b8:94:88:08:
92:53:a7:de:8e:75:8c:c3:d5:25:c7:3c:be:4b:fa:6d:2c:ec:
cf:2a:a1:5e:ec:b9:a5:95:9d:83:98:44:eb:94:e8:55:05:de:
1c:10:79:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNZU3DK4sQwdbs2CUv7KyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjYwNTEyMjIwMTI4WhcNMjYwNTEzMjIwMTI4WjAzMTEwLwYDVQQD
EygyOGNjNTlkZjU0MzNjZDc2ZDFkM2VhMmJkYTg4NTdhODFlYjhjY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0DCTP0Uvfaz5DztuxvJjfNvfDcc
ar4idvQhFggKqoLc6JrYsCEIxycexTSYO/q34R59YqWMmwihI4IIapaOVkfW6sbr
lHlbbkHx3NMOl0pPaTYE921A2R0eUHh+TldO5lFoeUWwqW2zFmTcsAfKN9xQGKIx
zhlpfT+WcE9Nwp3ISEI2afUyK0I1PVdTHjBtJ4MtEIHLuEUK7x+vXDcp7QxufFY9
U6DLGFz9zy4SWa3HPm3S1JWHOw2YkpiOcrWTxJknFi25SD9X2fkqGD41teAPMKAq
Kb5555KyP3hqmCYtQM1c1kVYR1ztw+Tjq4WrzFoi4iSShjRRmr6cKXHvOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjMWd9UM8120dPqK9qIV6geuMzIMB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOYqnGsRf
/RpZUADtyy0NbD40IlmwlMAaE3yLdsDwmp1cVEoVMfljRxYvam0kkul3iZzr+wgB
Tpcr+5ltgsfwNlUCRZKj7UxVFL0dqLJ864rxu4XMjv3cIfGnlkpAlfomCHBMcgrS
w4DKXB7fh69jzNvIw06tuViYZNLc9PZikk+izb4p3OBE7KV0CNdwCcPd5r0miK9M
84zc2K88TI7I8oYCowtmTAzd8lUM5bWpzS9vIvSbXozWFsDjVAc+RRo2i8OJDKKV
94Kb4Tivuk+t40X1XVS4lIgIklOn3o51jMPVJcc8vkv6bSzszyqhXuy5pZWdg5hE
65ToVQXeHBB5Jg==
-----END CERTIFICATE-----
Generated at Wed May 13 04:07:20 2026 by rpki-client