Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
File: ok-vY1IPfv9skINInIuVQ_XEHms.mft (raw, json)
Hash identifier: Ae6k2TQNEeFuac5ZH4Q9DLjmlHpAPIRA8GChPNLydrk=
Subject key identifier: 02:0D:85:65:34:E6:45:81:87:E8:27:35:18:EF:10:90:E7:54:83:CB
Authority key identifier: A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
Certificate issuer: /CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Certificate serial: 019E1D234A95FCD18EF1973C0531B5ED29F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
Manifest number: F0
Signing time: Tue 12 May 2026 17:01:52 +0000
Manifest this update: Tue 12 May 2026 17:01:52 +0000
Manifest next update: Wed 13 May 2026 17:01:52 +0000
Files and hashes: 1: mRAPRARmIWBI0GVMPhWngw_j6ww.roa (hash: avARUPRrUse7y3N+OWqTLKma/Wv73drbWJGHR9JSglE=)
2: ok-vY1IPfv9skINInIuVQ_XEHms.crl (hash: kSKJ/qs0cCGXK9rciB+mVYnTt8icgsRniVyElDpoZjI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1d:23:4a:95:fc:d1:8e:f1:97:3c:05:31:b5:ed:29:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Validity
Not Before: May 12 17:01:52 2026 GMT
Not After : May 13 17:01:52 2026 GMT
Subject: CN=020d856534e6458187e8273518ef1090e75483cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:9f:1e:57:00:3b:d1:60:c5:ac:22:e4:f7:df:
69:1a:8d:e9:6c:5d:23:22:6b:d8:aa:92:c3:a2:49:
ba:3f:95:7e:75:64:a9:d6:62:b3:95:43:0f:f4:5f:
6a:ef:24:d7:e6:03:4b:74:07:90:06:5e:63:8e:f2:
c8:bc:7b:c9:5c:2b:2a:64:c0:f2:1f:a6:fd:c3:0c:
e2:cf:68:4f:29:e1:2a:24:07:88:af:3e:ae:fa:83:
14:cb:eb:da:fe:24:55:86:96:7d:bd:e6:ce:fc:cd:
47:ab:0f:1b:d8:9b:bc:27:1f:06:c6:9b:e5:1a:f2:
f3:62:f0:5a:db:57:03:91:9a:24:64:1d:00:8f:72:
53:ca:73:b7:c5:25:fe:68:52:5e:33:05:cc:0e:26:
59:5d:57:c1:e2:22:1c:88:22:7b:94:8e:13:d8:9e:
c5:8d:3d:ef:50:a8:d8:53:f5:01:ba:19:ca:7d:94:
a3:6c:4e:8a:30:86:ea:ac:3a:e0:a1:44:36:e4:87:
c2:bb:89:cc:e9:ad:96:2d:00:33:32:72:4a:ab:39:
6a:d7:6f:c3:91:ca:81:58:6b:1c:63:43:b8:e9:d8:
4b:1a:5d:7c:34:d7:b2:43:77:c2:93:10:00:3e:5e:
15:c7:b6:5e:eb:ec:49:69:84:50:7c:a0:16:bc:48:
c8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:0D:85:65:34:E6:45:81:87:E8:27:35:18:EF:10:90:E7:54:83:CB
X509v3 Authority Key Identifier:
keyid:A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:6b:f1:17:c7:81:b4:6a:95:ae:ed:aa:ed:67:96:76:4e:95:
47:19:a0:14:25:3b:96:5c:37:a6:c3:9a:75:fa:12:8c:8f:58:
25:b3:68:a2:d5:2b:59:75:77:cd:40:22:bc:51:ad:16:bc:09:
e4:66:df:a7:3f:9e:d6:55:c4:3d:b3:c2:bd:7a:d7:99:1f:ac:
95:29:98:3f:68:2e:44:15:08:20:64:f2:3e:22:c4:ba:19:34:
12:1c:08:84:d1:f8:de:05:f7:a6:65:42:d4:97:8a:3a:3b:ca:
e1:a4:a6:f8:77:eb:b1:a4:36:a3:a4:3f:cb:6d:18:45:41:aa:
44:42:4e:ca:ad:6b:dc:4a:80:59:23:8d:c0:24:6b:f1:37:8a:
44:30:9f:c3:d0:bf:5c:e9:06:ee:62:6c:da:2f:51:5e:57:54:
b9:4a:96:98:a2:32:e9:48:52:5e:fe:7b:29:5d:ae:23:0d:2d:
a3:a2:90:78:16:5a:3f:63:52:bb:68:22:8b:bd:1f:ce:25:5c:
0d:ba:bd:9f:7d:94:80:4d:72:fe:8e:a2:be:4c:7d:8f:08:21:
6e:c3:89:cb:60:2d:aa:d5:97:f2:b6:3a:c9:de:9e:d6:01:ac:
63:f5:2d:81:ca:75:af:63:f0:42:d1:a2:92:5e:d5:d0:18:03:
a0:c5:a6:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dI0qV/NGO8Zc8BTG17Sn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGZhZjYzNTIwZjdlZmY2YzkwODM0ODljOGI5NTQzZjVj
NDFlNmIwHhcNMjYwNTEyMTcwMTUyWhcNMjYwNTEzMTcwMTUyWjAzMTEwLwYDVQQD
EygwMjBkODU2NTM0ZTY0NTgxODdlODI3MzUxOGVmMTA5MGU3NTQ4M2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8J8eVwA70WDFrCLk999pGo3pbF0j
ImvYqpLDokm6P5V+dWSp1mKzlUMP9F9q7yTX5gNLdAeQBl5jjvLIvHvJXCsqZMDy
H6b9wwziz2hPKeEqJAeIrz6u+oMUy+va/iRVhpZ9vebO/M1Hqw8b2Ju8Jx8Gxpvl
GvLzYvBa21cDkZokZB0Aj3JTynO3xSX+aFJeMwXMDiZZXVfB4iIciCJ7lI4T2J7F
jT3vUKjYU/UBuhnKfZSjbE6KMIbqrDrgoUQ25IfCu4nM6a2WLQAzMnJKqzlq12/D
kcqBWGscY0O46dhLGl18NNeyQ3fCkxAAPl4Vx7Ze6+xJaYRQfKAWvEjIfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAINhWU05kWBh+gnNRjvEJDnVIPLMB8GA1UdIwQY
MBaAFKJPr2NSD37/bJCDSJyLlUP1xB5rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmIt
NzExNzEyNjBkYjM0LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmItNzExNzEyNjBkYjM0
LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARGvxF8eB
tGqVru2q7WeWdk6VRxmgFCU7llw3psOadfoSjI9YJbNootUrWXV3zUAivFGtFrwJ
5Gbfpz+e1lXEPbPCvXrXmR+slSmYP2guRBUIIGTyPiLEuhk0EhwIhNH43gX3pmVC
1JeKOjvK4aSm+HfrsaQ2o6Q/y20YRUGqREJOyq1r3EqAWSONwCRr8TeKRDCfw9C/
XOkG7mJs2i9RXldUuUqWmKIy6UhSXv57KV2uIw0to6KQeBZaP2NSu2gii70fziVc
Dbq9n32UgE1y/o6ivkx9jwghbsOJy2AtqtWX8rY6yd6e1gGsY/Utgcp1r2PwQtGi
kl7V0BgDoMWmOA==
-----END CERTIFICATE-----
Generated at Wed May 13 03:08:47 2026 by rpki-client