Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
File: OKN8JN3KNH1xPteU0zzUqBqLSYo.mft (raw, json)
Hash identifier: xG25ABqwlYb+CeLX+7DBEV9x/m4VxeyrT18gnFMP6sU=
Subject key identifier: AE:50:C8:A7:45:37:80:BB:33:2E:BD:00:5C:DB:47:19:9C:46:59:B3
Authority key identifier: 38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
Certificate issuer: /CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Certificate serial: 019D265EE7906B11EF3D792855DEAC9AE3E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
Manifest number: 1832
Signing time: Wed 25 Mar 2026 19:00:46 +0000
Manifest this update: Wed 25 Mar 2026 19:00:46 +0000
Manifest next update: Thu 26 Mar 2026 19:00:46 +0000
Files and hashes: 1: GRmYf5fBtQllaFBPiERX0WNTqyw.roa (hash: OUUewVjWM6OodlJe2MBm0csiVAeXeLMBert10ePJJOg=)
2: OKN8JN3KNH1xPteU0zzUqBqLSYo.crl (hash: BjT5GYXpW5hFtA7+oMwdLEIPKo1fRlt/PMwyoNZY15c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5e:e7:90:6b:11:ef:3d:79:28:55:de:ac:9a:e3:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Validity
Not Before: Mar 25 19:00:46 2026 GMT
Not After : Mar 26 19:00:46 2026 GMT
Subject: CN=ae50c8a7453780bb332ebd005cdb47199c4659b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1f:a4:2e:b9:a3:12:03:bb:d8:c3:f0:59:21:
4a:6d:92:7f:29:f9:01:41:ec:5e:71:dc:67:be:ff:
53:d4:14:3a:dd:dd:44:15:fd:26:58:9f:b0:58:bb:
3f:f3:bc:6a:a8:8b:9e:e8:19:4a:ab:a5:af:21:48:
7f:7e:96:b1:ef:bb:92:3a:46:01:8c:22:82:2a:1c:
9f:e2:b3:84:a7:57:a1:65:c7:4a:09:8c:56:91:af:
b3:99:4a:0f:74:6c:8f:b8:28:37:cc:34:81:f9:be:
e2:5b:7b:89:55:54:db:07:af:e2:56:3e:2e:52:be:
ad:9c:1d:f1:df:eb:75:c2:07:84:38:00:3e:90:8e:
fe:05:5b:27:02:d8:b1:f3:dd:3a:7a:c6:4a:1d:38:
63:4f:e3:97:93:62:e6:74:d7:2a:74:d7:ed:1a:16:
1d:b1:1d:9d:f3:e5:af:b7:bd:6b:df:35:f9:f8:d6:
b4:80:ce:ff:aa:04:6f:f7:36:37:c5:82:a5:27:b8:
b8:b2:21:a9:d5:e3:00:17:cf:c1:9a:f5:0e:69:e4:
4e:39:35:9e:2c:aa:3c:ba:02:ee:61:16:bf:bb:c6:
23:3b:e4:13:f6:53:43:5d:3d:83:55:75:f6:af:c3:
58:0b:91:76:ab:25:0d:2e:36:e6:17:39:bf:da:a1:
17:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:50:C8:A7:45:37:80:BB:33:2E:BD:00:5C:DB:47:19:9C:46:59:B3
X509v3 Authority Key Identifier:
keyid:38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ab:a3:a7:c6:81:6a:27:db:0f:73:7f:4b:39:96:ed:19:69:bc:
b5:f5:04:0d:15:3c:5c:6d:cc:19:70:19:f7:08:bf:27:36:ef:
9f:b8:ea:34:e0:3a:38:9a:5d:a4:4e:96:01:de:2a:c6:09:8e:
a5:51:18:89:e3:be:9a:28:61:95:3e:87:ce:3a:a5:38:92:a2:
60:9a:21:a9:52:59:ac:36:6e:64:f8:4a:4c:42:ae:24:f3:8c:
59:8a:14:63:55:c4:e2:e7:bf:a2:12:95:aa:33:5f:cb:28:49:
3c:98:43:0c:98:fc:ab:68:da:39:e5:ff:52:65:18:02:95:3c:
eb:96:e6:2a:c3:39:73:67:26:c7:a5:33:50:64:43:81:60:1d:
18:4b:ad:5f:7e:35:9f:aa:d5:f1:02:b6:0c:d5:b2:c4:23:d5:
3c:d7:89:60:76:d1:7f:57:09:a1:11:0e:34:e6:ca:6c:29:07:
16:b5:c7:88:60:47:01:4f:bb:59:89:a3:39:45:e7:b8:2a:a7:
6c:e1:80:91:2a:fd:c3:aa:39:53:56:0a:94:59:84:3f:bc:25:
57:7c:18:7b:91:e7:90:99:29:cf:ba:f9:0e:8a:f7:d3:ef:fb:
60:4b:4a:1a:c7:21:41:25:25:33:98:48:6b:00:11:9e:fd:14:
13:07:44:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXueQaxHvPXkoVd6smuPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTM3YzI0ZGRjYTM0N2Q3MTNlZDc5NGQzM2NkNGE4MWE4
YjQ5OGEwHhcNMjYwMzI1MTkwMDQ2WhcNMjYwMzI2MTkwMDQ2WjAzMTEwLwYDVQQD
EyhhZTUwYzhhNzQ1Mzc4MGJiMzMyZWJkMDA1Y2RiNDcxOTljNDY1OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyh+kLrmjEgO72MPwWSFKbZJ/KfkB
Qexecdxnvv9T1BQ63d1EFf0mWJ+wWLs/87xqqIue6BlKq6WvIUh/fpax77uSOkYB
jCKCKhyf4rOEp1ehZcdKCYxWka+zmUoPdGyPuCg3zDSB+b7iW3uJVVTbB6/iVj4u
Ur6tnB3x3+t1wgeEOAA+kI7+BVsnAtix8906esZKHThjT+OXk2LmdNcqdNftGhYd
sR2d8+Wvt71r3zX5+Na0gM7/qgRv9zY3xYKlJ7i4siGp1eMAF8/BmvUOaeROOTWe
LKo8ugLuYRa/u8YjO+QT9lNDXT2DVXX2r8NYC5F2qyUNLjbmFzm/2qEXDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5QyKdFN4C7My69AFzbRxmcRlmzMB8GA1UdIwQY
MBaAFDijfCTdyjR9cT7XlNM81Kgai0mKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUt
NDRhNDlkMjYzNzAwLzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUtNDRhNDlkMjYzNzAw
LzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq6OnxoFq
J9sPc39LOZbtGWm8tfUEDRU8XG3MGXAZ9wi/Jzbvn7jqNOA6OJpdpE6WAd4qxgmO
pVEYieO+mihhlT6HzjqlOJKiYJohqVJZrDZuZPhKTEKuJPOMWYoUY1XE4ue/ohKV
qjNfyyhJPJhDDJj8q2jaOeX/UmUYApU865bmKsM5c2cmx6UzUGRDgWAdGEutX341
n6rV8QK2DNWyxCPVPNeJYHbRf1cJoREONObKbCkHFrXHiGBHAU+7WYmjOUXnuCqn
bOGAkSr9w6o5U1YKlFmEP7wlV3wYe5HnkJkpz7r5Dor30+/7YEtKGschQSUlM5hI
awARnv0UEwdEKw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:56:09 2026 by rpki-client