Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
File: okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft (raw, json)
Hash identifier: cIoP4+RW386gs99zBunlTV33BTt7Q7Ia9WD47yvs+p4=
Subject key identifier: 9F:85:2B:F1:F9:0A:97:85:83:D0:0A:0A:3E:37:05:6C:40:2C:DB:2F
Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Certificate serial: 019D2B4E8D2F3738188DD18C8FDB8036E502
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
Manifest number: 033F
Signing time: Thu 26 Mar 2026 18:01:01 +0000
Manifest this update: Thu 26 Mar 2026 18:01:01 +0000
Manifest next update: Fri 27 Mar 2026 18:01:01 +0000
Files and hashes: 1: Cyd9epktZUP2NzDWt7kuBmj63qY.roa (hash: 4Hn7SVvllIET4/FJbhg9Vi4tqF9x0RkLIB5CUH+jolo=)
2: okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl (hash: ZrlkcoJq9YhtrR5Ir4LiJKZWj5czCfO0dpCT43+/vxA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:4e:8d:2f:37:38:18:8d:d1:8c:8f:db:80:36:e5:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Validity
Not Before: Mar 26 18:01:01 2026 GMT
Not After : Mar 27 18:01:01 2026 GMT
Subject: CN=9f852bf1f90a978583d00a0a3e37056c402cdb2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d5:79:12:f6:5f:4b:ca:6f:19:1c:a7:ca:49:
a0:4e:69:bd:37:97:e5:53:a3:ca:13:eb:be:c2:44:
f0:31:93:46:50:a2:03:ac:af:28:e4:30:c0:91:75:
ea:76:f7:c0:2a:d3:14:2e:05:85:d6:c1:66:b9:bb:
ae:11:5d:99:62:2b:b8:de:dc:11:1b:3e:4f:4f:ba:
fb:f3:6e:8a:6b:d9:4c:d6:6d:fa:4e:b1:01:08:dc:
48:9d:62:4e:f9:99:c3:d0:b1:6f:6a:0a:14:6b:c9:
09:67:12:b7:de:8c:dc:f7:d4:e6:1b:9b:15:b4:a7:
99:39:ff:42:2c:60:78:42:8e:49:c6:18:d0:ce:2e:
cd:d8:93:89:ee:bf:ec:37:63:a5:8e:1c:8b:66:e5:
9e:b7:f7:03:9e:cb:94:ee:8e:93:04:66:e0:86:7c:
4e:dd:25:02:2b:c1:7f:88:43:7b:c5:ec:25:af:fc:
5a:30:9f:47:c1:d8:68:05:e5:ec:b7:ad:93:3c:7c:
f8:a7:16:78:a2:36:73:f5:83:1e:8b:a5:99:91:c2:
d0:61:02:9f:c2:8f:0a:37:96:e7:05:db:fe:4f:b3:
81:5a:9a:19:21:97:78:6c:7a:3a:69:2b:04:b9:85:
80:f5:66:be:98:e3:3b:59:ab:b5:a4:b8:99:2e:de:
c3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:85:2B:F1:F9:0A:97:85:83:D0:0A:0A:3E:37:05:6C:40:2C:DB:2F
X509v3 Authority Key Identifier:
keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d4:e7:9c:2c:a7:5e:4d:2b:0d:90:0b:f9:a9:08:b9:5a:09:a7:
e8:9b:64:e4:f4:81:29:94:98:dd:e9:a9:42:85:5e:e9:84:21:
7f:1b:b8:70:a0:99:9b:d2:ca:89:ad:7b:b1:7b:07:a0:22:30:
d3:81:25:1f:9b:73:e9:79:0c:39:fc:17:16:1a:a0:f5:6e:1c:
30:2c:c1:59:0a:8d:23:07:7d:63:6b:34:74:9f:20:26:2f:0f:
2e:22:ce:48:6c:7e:56:ed:83:f1:66:5e:14:c1:57:a3:c8:a9:
ad:8e:f9:87:56:6e:e3:17:73:67:74:9b:70:3d:ff:2f:09:b4:
22:4e:a5:57:c4:e1:5c:21:9e:7e:31:26:49:8e:ed:de:cf:c6:
5c:d6:84:10:bd:17:14:b7:1c:73:18:5f:aa:92:04:ca:92:a6:
ad:e8:e7:7c:86:04:22:b8:0f:85:a2:f7:b6:4d:1b:f4:07:9a:
b7:77:df:84:7d:45:9f:9b:fd:c0:41:8c:c0:67:62:d2:fc:6d:
20:e3:94:73:3c:c2:aa:99:98:fa:41:9f:5b:34:25:28:10:d9:
4e:a0:2d:8d:8d:9c:34:47:c5:db:b3:1b:d4:69:14:1d:f1:cd:
37:6b:56:30:f2:e1:af:29:2c:48:ab:1d:3a:ce:aa:1d:3a:c9:
e8:3e:1c:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rTo0vNzgYjdGMj9uANuUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl
OGZkMmIwHhcNMjYwMzI2MTgwMTAxWhcNMjYwMzI3MTgwMTAxWjAzMTEwLwYDVQQD
Eyg5Zjg1MmJmMWY5MGE5Nzg1ODNkMDBhMGEzZTM3MDU2YzQwMmNkYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dV5EvZfS8pvGRynykmgTmm9N5fl
U6PKE+u+wkTwMZNGUKIDrK8o5DDAkXXqdvfAKtMULgWF1sFmubuuEV2ZYiu43twR
Gz5PT7r7826Ka9lM1m36TrEBCNxInWJO+ZnD0LFvagoUa8kJZxK33ozc99TmG5sV
tKeZOf9CLGB4Qo5JxhjQzi7N2JOJ7r/sN2OljhyLZuWet/cDnsuU7o6TBGbghnxO
3SUCK8F/iEN7xewlr/xaMJ9HwdhoBeXst62TPHz4pxZ4ojZz9YMei6WZkcLQYQKf
wo8KN5bnBdv+T7OBWpoZIZd4bHo6aSsEuYWA9Wa+mOM7Wau1pLiZLt7DzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+FK/H5CpeFg9AKCj43BWxALNsvMB8GA1UdIwQY
MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt
M2YzY2MxZTU3M2ZkLzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk
LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1OecLKde
TSsNkAv5qQi5Wgmn6Jtk5PSBKZSY3empQoVe6YQhfxu4cKCZm9LKia17sXsHoCIw
04ElH5tz6XkMOfwXFhqg9W4cMCzBWQqNIwd9Y2s0dJ8gJi8PLiLOSGx+Vu2D8WZe
FMFXo8iprY75h1Zu4xdzZ3SbcD3/Lwm0Ik6lV8ThXCGefjEmSY7t3s/GXNaEEL0X
FLcccxhfqpIEypKmrejnfIYEIrgPhaL3tk0b9Aeat3ffhH1Fn5v9wEGMwGdi0vxt
IOOUczzCqpmY+kGfWzQlKBDZTqAtjY2cNEfF27Mb1GkUHfHNN2tWMPLhryksSKsd
Os6qHTrJ6D4cpA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:27:57 2026 by rpki-client