Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
File: ok-vY1IPfv9skINInIuVQ_XEHms.mft (raw, json)
Hash identifier: RbZXYEhmWITBlbPXpRZmdI4XSBssfXKHSXPMj0TG850=
Subject key identifier: 30:39:A4:7D:C6:B4:D8:61:93:CC:10:EB:8C:F4:85:A4:D4:3E:AA:08
Authority key identifier: A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
Certificate issuer: /CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Certificate serial: 019D29CE697A9C433277AE76CD191827A52E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
Manifest number: 72
Signing time: Thu 26 Mar 2026 11:01:26 +0000
Manifest this update: Thu 26 Mar 2026 11:01:26 +0000
Manifest next update: Fri 27 Mar 2026 11:01:26 +0000
Files and hashes: 1: mRAPRARmIWBI0GVMPhWngw_j6ww.roa (hash: avARUPRrUse7y3N+OWqTLKma/Wv73drbWJGHR9JSglE=)
2: ok-vY1IPfv9skINInIuVQ_XEHms.crl (hash: imPTQ5ENggV64oDvQTBs3b7InAahrQfsB2oYsOhHmps=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:69:7a:9c:43:32:77:ae:76:cd:19:18:27:a5:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Validity
Not Before: Mar 26 11:01:26 2026 GMT
Not After : Mar 27 11:01:26 2026 GMT
Subject: CN=3039a47dc6b4d86193cc10eb8cf485a4d43eaa08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:86:c3:a5:52:18:c8:a5:d4:cd:f3:f9:48:04:
35:ba:35:35:be:e5:e0:db:0b:33:05:c0:0a:8d:77:
f6:aa:19:0f:21:dc:ee:84:88:9e:6d:ac:37:3d:4e:
e5:4a:e4:78:fc:0c:0a:6e:b7:e2:e3:4c:55:17:79:
37:0b:cf:a6:e0:2e:71:60:90:44:0f:29:63:e9:3f:
e2:a5:db:ec:dc:ba:12:cc:5a:07:6d:8e:f2:a5:2f:
b6:60:30:41:63:a3:10:ca:92:7d:6d:04:4c:ec:c6:
d7:b6:b2:20:18:47:49:43:13:19:1a:32:e5:9c:14:
3d:2d:ee:49:4e:e1:08:d6:b0:78:e3:e1:e5:61:71:
7c:5f:8a:9b:c8:7b:80:ba:58:a1:03:68:86:45:50:
7d:44:8f:ab:f2:b7:1c:c4:53:1e:28:8a:df:3d:e2:
8f:38:93:d7:f0:68:39:f9:55:60:58:44:b9:08:3b:
ce:76:5e:d8:71:7c:bb:02:00:01:48:51:38:b0:05:
12:b3:53:94:1b:58:44:43:e6:3f:97:32:68:d5:2f:
a9:dc:e4:7f:0b:a6:20:a9:00:48:e7:67:56:4b:7c:
44:20:3b:92:db:5c:4b:df:f4:1f:26:ba:cf:80:a9:
a8:af:28:c3:c4:ef:58:63:e6:7f:36:70:01:0c:3d:
ac:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:39:A4:7D:C6:B4:D8:61:93:CC:10:EB:8C:F4:85:A4:D4:3E:AA:08
X509v3 Authority Key Identifier:
keyid:A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:94:4e:89:76:fe:e4:df:57:35:ec:bb:ab:26:d6:cb:6d:5e:
68:b9:e0:1d:8c:86:34:29:19:ee:81:b5:29:57:0e:30:10:7e:
27:56:49:56:42:aa:08:74:6f:88:d5:52:e1:2e:13:70:85:52:
87:1b:dc:fd:26:5f:34:bd:dc:39:ce:f5:c2:2d:7b:81:d8:bb:
66:d9:50:be:20:f8:6f:8f:ef:58:e5:cf:04:dd:e7:5c:1d:82:
29:dc:78:dd:71:67:b6:93:be:16:8a:d2:bb:05:28:8a:f6:d9:
3a:e7:1b:4c:6b:70:09:39:22:1e:d5:80:c7:ec:e5:6e:db:42:
91:77:6d:cd:44:33:34:65:2b:fc:8b:f4:74:bc:57:6a:5d:9f:
14:e4:53:1a:88:7b:e2:19:b4:3f:92:24:58:21:2b:ea:42:f7:
03:94:2d:fc:21:16:94:ff:58:eb:ff:20:16:73:6d:1b:ec:6d:
d5:6e:7a:99:6d:1e:a7:e6:37:8c:7d:5a:7f:69:2e:87:b0:f2:
19:19:3c:b0:36:db:ab:b1:8f:ff:6c:a9:28:ad:3a:1f:fb:65:
1c:c4:a4:1a:8f:31:57:4d:7b:f2:a4:14:0c:af:65:b7:7a:7e:
24:38:c3:48:f4:86:0e:a7:5d:46:02:d5:73:43:6c:f5:09:40:
7b:ae:e7:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzml6nEMyd652zRkYJ6UuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGZhZjYzNTIwZjdlZmY2YzkwODM0ODljOGI5NTQzZjVj
NDFlNmIwHhcNMjYwMzI2MTEwMTI2WhcNMjYwMzI3MTEwMTI2WjAzMTEwLwYDVQQD
EygzMDM5YTQ3ZGM2YjRkODYxOTNjYzEwZWI4Y2Y0ODVhNGQ0M2VhYTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5IbDpVIYyKXUzfP5SAQ1ujU1vuXg
2wszBcAKjXf2qhkPIdzuhIiebaw3PU7lSuR4/AwKbrfi40xVF3k3C8+m4C5xYJBE
Dylj6T/ipdvs3LoSzFoHbY7ypS+2YDBBY6MQypJ9bQRM7MbXtrIgGEdJQxMZGjLl
nBQ9Le5JTuEI1rB44+HlYXF8X4qbyHuAulihA2iGRVB9RI+r8rccxFMeKIrfPeKP
OJPX8Gg5+VVgWES5CDvOdl7YcXy7AgABSFE4sAUSs1OUG1hEQ+Y/lzJo1S+p3OR/
C6YgqQBI52dWS3xEIDuS21xL3/QfJrrPgKmoryjDxO9YY+Z/NnABDD2sGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDA5pH3GtNhhk8wQ64z0haTUPqoIMB8GA1UdIwQY
MBaAFKJPr2NSD37/bJCDSJyLlUP1xB5rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmIt
NzExNzEyNjBkYjM0LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmItNzExNzEyNjBkYjM0
LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgpROiXb+
5N9XNey7qybWy21eaLngHYyGNCkZ7oG1KVcOMBB+J1ZJVkKqCHRviNVS4S4TcIVS
hxvc/SZfNL3cOc71wi17gdi7ZtlQviD4b4/vWOXPBN3nXB2CKdx43XFntpO+ForS
uwUoivbZOucbTGtwCTkiHtWAx+zlbttCkXdtzUQzNGUr/Iv0dLxXal2fFORTGoh7
4hm0P5IkWCEr6kL3A5Qt/CEWlP9Y6/8gFnNtG+xt1W56mW0ep+Y3jH1af2kuh7Dy
GRk8sDbbq7GP/2ypKK06H/tlHMSkGo8xV0178qQUDK9lt3p+JDjDSPSGDqddRgLV
c0Ns9QlAe67nEQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:32:26 2026 by rpki-client