Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.mft
File: 2okNBdXIi33m9bqkwdCF_nMB9dU.mft (raw, json)
Hash identifier: pIwdKeGOzpM4UFW9YofZEpnhbFp32sa41y1q9zJ76To=
Subject key identifier: 71:8A:65:71:EE:37:70:E2:BE:1A:0A:BA:E8:EC:3F:33:2B:8C:BC:0C
Authority key identifier: DA:89:0D:05:D5:C8:8B:7D:E6:F5:BA:A4:C1:D0:85:FE:73:01:F5:D5
Certificate issuer: /CN=da890d05d5c88b7de6f5baa4c1d085fe7301f5d5
Certificate serial: 019D38D3D36FF832D0856C5475D17D27A092
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2okNBdXIi33m9bqkwdCF_nMB9dU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.mft
Manifest number: 0CE7
Signing time: Sun 29 Mar 2026 09:01:39 +0000
Manifest this update: Sun 29 Mar 2026 09:01:39 +0000
Manifest next update: Mon 30 Mar 2026 09:01:39 +0000
Files and hashes: 1: 2okNBdXIi33m9bqkwdCF_nMB9dU.crl (hash: qYaGAfzX+Uekz/zk8+tvnmlxd1fetGWUkAKmoPy/yq4=)
2: ZT7cIfopY2icNRG5lkp_GApY3rE.roa (hash: gKGo8E7JgzV3hVuTiWO3MJ9KqBj85ZmcBVlHFpHWLjk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2okNBdXIi33m9bqkwdCF_nMB9dU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:d3:6f:f8:32:d0:85:6c:54:75:d1:7d:27:a0:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da890d05d5c88b7de6f5baa4c1d085fe7301f5d5
Validity
Not Before: Mar 29 09:01:39 2026 GMT
Not After : Mar 30 09:01:39 2026 GMT
Subject: CN=718a6571ee3770e2be1a0abae8ec3f332b8cbc0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d5:9d:9c:8e:3d:e9:5f:b9:96:27:e6:cd:da:
de:fb:0f:d8:c7:8c:84:00:37:36:86:8d:e0:a5:aa:
cb:26:9a:82:9a:28:17:b9:1c:07:62:17:f3:70:8a:
34:6d:df:a7:e3:93:02:60:78:73:36:c9:61:d5:b0:
bc:36:2b:6c:72:e1:af:ac:70:02:4a:f1:98:e6:c1:
ba:c9:53:54:34:96:92:9f:f8:33:61:b8:81:d0:11:
22:75:8b:15:80:23:88:e8:27:e2:2a:e1:9a:d6:e6:
85:08:91:e2:f8:b7:c1:a0:7a:68:25:33:33:4a:40:
20:2d:e5:94:0a:85:f1:73:64:97:a3:de:cd:6b:cd:
fd:74:b5:f2:9b:d0:2b:19:cb:09:8b:b8:62:cd:f3:
8c:15:1b:27:97:bc:6f:72:ea:f6:d2:d0:74:d6:81:
d7:4f:d8:c4:39:2b:ef:ea:7d:bb:c3:52:39:07:48:
79:3c:03:b9:cb:0e:1a:3c:45:23:25:26:92:e7:57:
14:10:cd:da:ad:71:ce:cb:54:e2:ae:a1:b6:f6:10:
52:bc:53:ca:6a:33:c1:54:40:89:c8:e3:c9:83:28:
12:f7:19:06:c2:1d:e0:07:ce:28:42:35:78:a6:cb:
69:5f:c6:f6:2c:45:6a:9f:b7:a5:d5:3b:51:aa:d1:
f4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:8A:65:71:EE:37:70:E2:BE:1A:0A:BA:E8:EC:3F:33:2B:8C:BC:0C
X509v3 Authority Key Identifier:
keyid:DA:89:0D:05:D5:C8:8B:7D:E6:F5:BA:A4:C1:D0:85:FE:73:01:F5:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2okNBdXIi33m9bqkwdCF_nMB9dU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b8:f7:49:e4:3d:39:37:21:e7:62:eb:04:cc:c3:b1:4a:19:af:
e8:da:c6:23:53:70:d0:9b:5b:5d:b2:eb:cf:cd:ca:d6:82:84:
7c:5d:61:a3:62:9e:df:3d:ee:f7:89:5e:1f:6f:cb:16:cb:fe:
68:f1:8a:1a:c1:ba:7c:b0:24:6e:df:de:b1:3d:d7:9d:05:98:
29:70:26:ac:b1:bf:9f:db:c6:3d:b6:6e:ed:94:a2:67:d2:a5:
7b:31:56:4f:5a:9e:1a:7e:68:a1:27:eb:4e:f2:9c:08:2f:f8:
6b:eb:aa:61:07:b8:88:53:17:f0:dc:49:fd:bb:f0:b5:d2:81:
5c:4f:ba:75:4e:71:fd:49:45:af:d3:6e:f0:8c:10:25:19:bd:
55:1f:c6:4a:46:88:c7:0c:14:89:f1:0c:d3:68:6a:4d:7b:75:
be:87:c8:06:bd:8d:ad:8a:4c:de:4d:77:1a:60:84:77:22:96:
7a:ff:db:bb:2b:98:23:cf:06:d1:89:53:d2:2c:76:9c:86:ea:
ce:f2:ff:45:4d:55:7f:0d:0b:fa:81:d3:56:24:69:40:89:74:
49:4a:91:a1:d6:21:bc:e6:54:2f:2b:9a:5c:1f:01:ed:26:fa:
b2:5f:2e:7b:b6:9e:93:50:1c:f8:c1:c1:95:8e:48:5b:e3:26:
67:c1:8e:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0409Nv+DLQhWxUddF9J6CSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhODkwZDA1ZDVjODhiN2RlNmY1YmFhNGMxZDA4NWZlNzMw
MWY1ZDUwHhcNMjYwMzI5MDkwMTM5WhcNMjYwMzMwMDkwMTM5WjAzMTEwLwYDVQQD
Eyg3MThhNjU3MWVlMzc3MGUyYmUxYTBhYmFlOGVjM2YzMzJiOGNiYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9WdnI496V+5lifmzdre+w/Yx4yE
ADc2ho3gparLJpqCmigXuRwHYhfzcIo0bd+n45MCYHhzNslh1bC8NitscuGvrHAC
SvGY5sG6yVNUNJaSn/gzYbiB0BEidYsVgCOI6CfiKuGa1uaFCJHi+LfBoHpoJTMz
SkAgLeWUCoXxc2SXo97Na839dLXym9ArGcsJi7hizfOMFRsnl7xvcur20tB01oHX
T9jEOSvv6n27w1I5B0h5PAO5yw4aPEUjJSaS51cUEM3arXHOy1TirqG29hBSvFPK
ajPBVECJyOPJgygS9xkGwh3gB84oQjV4pstpX8b2LEVqn7el1TtRqtH0KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHGKZXHuN3DivhoKuujsPzMrjLwMMB8GA1UdIwQY
MBaAFNqJDQXVyIt95vW6pMHQhf5zAfXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm9rTkJkWElpMzNtOWJxa3dkQ0Zfbk1COWRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNjc0MjAtYjFiNS00NDk1LTkxNzYt
YjQ4MzZiYzE2NGExLzEvMm9rTkJkWElpMzNtOWJxa3dkQ0Zfbk1COWRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hNjc0MjAtYjFiNS00NDk1LTkxNzYtYjQ4MzZiYzE2NGEx
LzEvMm9rTkJkWElpMzNtOWJxa3dkQ0Zfbk1COWRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuPdJ5D05
NyHnYusEzMOxShmv6NrGI1Nw0JtbXbLrz83K1oKEfF1ho2Ke3z3u94leH2/LFsv+
aPGKGsG6fLAkbt/esT3XnQWYKXAmrLG/n9vGPbZu7ZSiZ9KlezFWT1qeGn5ooSfr
TvKcCC/4a+uqYQe4iFMX8NxJ/bvwtdKBXE+6dU5x/UlFr9Nu8IwQJRm9VR/GSkaI
xwwUifEM02hqTXt1vofIBr2NrYpM3k13GmCEdyKWev/buyuYI88G0YlT0ix2nIbq
zvL/RU1Vfw0L+oHTViRpQIl0SUqRodYhvOZULyuaXB8B7Sb6sl8ue7aek1Ac+MHB
lY5IW+MmZ8GOhA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:16 2026 by rpki-client