
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft
File: OklF5GdkAp0lgdggwzc_pEWFVTk.mft (raw, json)
Hash identifier: kjYPwQC2O3yhVZAx5RC9Qeu2loc/B5Z79QxqdUREwdE=
Subject key identifier: 75:20:1D:86:E6:89:66:4A:3B:03:BA:96:16:87:B3:12:8F:56:76:3B
Authority key identifier: 3A:49:45:E4:67:64:02:9D:25:81:D8:20:C3:37:3F:A4:45:85:55:39
Certificate issuer: /CN=3a4945e46764029d2581d820c3373fa445855539
Certificate serial: 019D29CEE140C567113C476D9A4D08BEA9C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft
Manifest number: 189A
Signing time: Thu 26 Mar 2026 11:01:57 +0000
Manifest this update: Thu 26 Mar 2026 11:01:57 +0000
Manifest next update: Fri 27 Mar 2026 11:01:57 +0000
Files and hashes: 1: 0273NJ6iQvZTgyuMash3xOhPLj8.roa (hash: 4bykyvzdYlZRg3u7BKzjHELAB3KL3rC2juBQve+S7UU=)
2: 78Cs8FmR3BIH_U5LsGqewvTlDV8.roa (hash: Z1dE+G16ehwR1QYJ/Luwdk+orufuAf1qVWJAWByx1UU=)
3: 9ieasZqKBlr3lokENCedNiqsCIM.roa (hash: TDVoR875fUbuSNWGAFsbE/WCEgXPy5Nn5pq79JskxQQ=)
4: 9xohe0WrdtI7HVhoFYevFGaGlbc.roa (hash: JlRzOAenO4QPVaHIwuTlBW/1CKfl7RhsHIL/eBfeU2g=)
5: MD4cosIRi9elPGst52tPGWVVXgQ.roa (hash: uQ5E7La04dxcXCsqGXXrY+8iqi3ww+c05QuoQOajMIE=)
6: OklF5GdkAp0lgdggwzc_pEWFVTk.crl (hash: KCWSCcDMnw5ESyKpuP+Y0JXzPWWVmYWLUEuA4OcbHwQ=)
7: PrbXCFhVtFkWUcwdTHxrF95uYDo.roa (hash: qYxwfpMga93RAf62Cr8sXnqP6qDnonu8QcpFUw5HhJ8=)
8: aa9c3i_QmzIlTyi0XFZwJXrmq48.roa (hash: HcRPfUnw0rt8gf5+bGCJq0Ra7n/YA9e5E/2HwqC6qHA=)
9: pdrRYgteZLUMBCQJIc10YC36u-o.roa (hash: fx4ol1jSVjOBVf92RkrVydBgXb8sh/pU0bwRASzDz2U=)
10: pj8mJKqUF_T2Ou11ZZQsgbjDNYQ.roa (hash: fs3ur5x7vbxGo0xyTuilMeKyac+Lx5FJiRM1jXFcziw=)
11: vI4OFivT89O9243mI_1fzU94Pao.roa (hash: vkj2cXgQH1KS/H+As5+qw6+hxQEc0denm5Wi71uvRzE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:e1:40:c5:67:11:3c:47:6d:9a:4d:08:be:a9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a4945e46764029d2581d820c3373fa445855539
Validity
Not Before: Mar 26 11:01:57 2026 GMT
Not After : Mar 27 11:01:57 2026 GMT
Subject: CN=75201d86e689664a3b03ba961687b3128f56763b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:59:78:11:e7:c2:29:77:0d:25:89:66:64:8d:
6c:93:80:0b:02:2a:88:be:2d:31:11:35:f1:8c:79:
98:d0:54:b0:3e:4c:97:b7:f4:c7:d5:ba:e2:36:9c:
15:b0:8d:47:97:67:30:ae:da:b6:49:04:b4:76:e5:
96:44:0c:13:d1:00:65:3d:9e:95:cc:ce:4d:01:c7:
91:70:0d:37:a8:14:d4:b3:3f:23:38:e8:5f:f1:9f:
78:2d:88:8a:c6:c1:d7:5f:23:d7:a2:ed:4e:11:86:
1a:b9:39:99:c3:d9:4f:a9:51:c8:c3:5a:e5:55:73:
28:76:f3:e8:78:57:b0:20:c7:49:47:f0:9a:1e:f6:
58:03:8f:67:78:2a:1c:b3:c4:08:a2:69:e4:08:ba:
a0:a9:46:c8:34:6f:28:8a:99:70:2e:58:12:29:61:
bd:92:7e:c7:f8:d4:9f:88:f8:3d:ba:d9:08:bb:1c:
25:0b:22:77:28:05:bf:99:fe:63:aa:74:91:3f:b2:
e2:ff:0d:33:51:56:8f:0f:75:6c:0a:08:8f:6a:a7:
9c:5d:26:83:d2:49:76:67:0e:8b:47:6d:d9:51:be:
c3:cc:47:19:01:dd:b3:20:bb:24:9c:48:69:5b:e9:
ed:d9:dd:cf:45:09:29:a8:f3:38:88:10:a1:a2:6d:
c2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:20:1D:86:E6:89:66:4A:3B:03:BA:96:16:87:B3:12:8F:56:76:3B
X509v3 Authority Key Identifier:
keyid:3A:49:45:E4:67:64:02:9D:25:81:D8:20:C3:37:3F:A4:45:85:55:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:a9:6e:f3:6d:bd:63:62:46:84:3b:b3:93:7d:6e:ee:7e:03:
f7:d2:2a:2e:5d:fe:05:1c:aa:c0:1c:c2:ec:6c:4b:b7:b1:8e:
7e:c6:5f:f2:ba:4d:10:2e:36:1f:98:e4:65:7c:77:e3:55:63:
0c:a8:ab:b4:e2:a2:1b:20:fc:0d:5a:3b:d6:1b:92:be:4c:c2:
52:46:bd:f1:48:dd:e5:e6:79:06:fd:c3:e1:a6:d7:11:dd:a3:
c3:fb:8b:56:ad:5c:4b:27:45:f0:c9:e7:89:07:59:92:2c:b9:
c6:f2:ae:59:a9:d5:bd:9d:3c:bd:d3:20:bc:32:32:06:0f:36:
ee:a4:ad:7a:c7:58:30:e6:2d:62:38:c0:5c:47:12:d8:ca:f4:
e1:be:da:e9:ce:78:e2:d0:56:27:56:04:5e:42:7f:09:64:b0:
09:00:ce:9e:97:ae:45:9d:d0:aa:68:68:7c:6c:fa:b8:a8:4f:
ad:6a:21:c7:83:0d:ef:7b:e4:2d:15:18:29:28:02:62:76:55:
e2:7a:47:64:4b:c1:04:35:6b:6c:a8:bc:e4:ad:d4:dd:6f:02:
44:a4:e7:ca:2d:1f:93:de:eb:e8:9c:0e:69:2c:36:91:95:f1:
dd:73:93:99:8e:1c:79:6b:3a:ba:22:aa:67:64:6e:60:23:ae:
8d:c0:54:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzuFAxWcRPEdtmk0IvqnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDk0NWU0Njc2NDAyOWQyNTgxZDgyMGMzMzczZmE0NDU4
NTU1MzkwHhcNMjYwMzI2MTEwMTU3WhcNMjYwMzI3MTEwMTU3WjAzMTEwLwYDVQQD
Eyg3NTIwMWQ4NmU2ODk2NjRhM2IwM2JhOTYxNjg3YjMxMjhmNTY3NjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Fl4EefCKXcNJYlmZI1sk4ALAiqI
vi0xETXxjHmY0FSwPkyXt/TH1briNpwVsI1Hl2cwrtq2SQS0duWWRAwT0QBlPZ6V
zM5NAceRcA03qBTUsz8jOOhf8Z94LYiKxsHXXyPXou1OEYYauTmZw9lPqVHIw1rl
VXModvPoeFewIMdJR/CaHvZYA49neCocs8QIomnkCLqgqUbING8oiplwLlgSKWG9
kn7H+NSfiPg9utkIuxwlCyJ3KAW/mf5jqnSRP7Li/w0zUVaPD3VsCgiPaqecXSaD
0kl2Zw6LR23ZUb7DzEcZAd2zILsknEhpW+nt2d3PRQkpqPM4iBChom3CEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHUgHYbmiWZKOwO6lhaHsxKPVnY7MB8GA1UdIwQY
MBaAFDpJReRnZAKdJYHYIMM3P6RFhVU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80ZWY2ODAtN2M1NS00YTViLTg1Njgt
MzM2YWM5NDU2NDY0LzEvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80ZWY2ODAtN2M1NS00YTViLTg1NjgtMzM2YWM5NDU2NDY0
LzEvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO6lu8229
Y2JGhDuzk31u7n4D99IqLl3+BRyqwBzC7GxLt7GOfsZf8rpNEC42H5jkZXx341Vj
DKirtOKiGyD8DVo71huSvkzCUka98Ujd5eZ5Bv3D4abXEd2jw/uLVq1cSydF8Mnn
iQdZkiy5xvKuWanVvZ08vdMgvDIyBg827qStesdYMOYtYjjAXEcS2Mr04b7a6c54
4tBWJ1YEXkJ/CWSwCQDOnpeuRZ3QqmhofGz6uKhPrWohx4MN73vkLRUYKSgCYnZV
4npHZEvBBDVrbKi85K3U3W8CRKTnyi0fk97r6JwOaSw2kZXx3XOTmY4ceWs6uiKq
Z2RuYCOujcBUtw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:24:23 2026 by rpki-client