Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier: vXwRmhQ29skHouc1xukWBC/tA1kvevSgmty6JGleZiQ=
Subject key identifier: 7A:4F:88:69:97:17:EE:8F:8F:D7:B8:A2:88:6D:00:CB:34:63:62:2C
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial: 019D389C251B2195C203FD4B8C162006F4D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number: 0BC7
Signing time: Sun 29 Mar 2026 08:00:50 +0000
Manifest this update: Sun 29 Mar 2026 08:00:50 +0000
Manifest next update: Mon 30 Mar 2026 08:00:50 +0000
Files and hashes: 1: Gt-80zXqf_s_u6U1np0ZyLE5Z40.roa (hash: xo9qKHdsqyfJiaN4I/AOjnmYmRnO4exFxr4FsuIGykQ=)
2: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: DJv4slRL7HqkVF5plnP499RXTX2mxKdTvjVvv0DJCwk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:25:1b:21:95:c2:03:fd:4b:8c:16:20:06:f4:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
Validity
Not Before: Mar 29 08:00:50 2026 GMT
Not After : Mar 30 08:00:50 2026 GMT
Subject: CN=7a4f88699717ee8f8fd7b8a2886d00cb3463622c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:17:29:66:3b:0d:32:e3:49:aa:37:d2:65:90:
f5:c3:a5:e0:2a:3a:3a:d8:d3:76:81:a1:4a:9c:5b:
e4:95:6d:ed:bb:29:47:97:04:d6:7d:44:d7:47:88:
43:7d:40:96:f7:b7:3f:81:62:ca:49:1b:7f:10:4a:
c9:db:db:f6:a9:02:6d:a2:7c:e2:b0:fd:c7:4e:d3:
69:6a:14:42:c1:a8:74:93:16:f8:7d:e7:b7:09:84:
68:eb:4b:40:5d:10:e7:89:32:c3:34:51:ab:e0:be:
55:da:7b:07:30:7c:25:59:a0:33:f7:4a:3e:7b:22:
1d:d8:9c:60:62:8c:cf:69:7c:de:03:99:11:19:cb:
60:09:50:3c:a0:bf:77:d7:5f:14:47:10:23:fc:ad:
13:d6:7a:41:2f:15:ec:2f:90:4b:1d:3b:48:ab:16:
7b:10:7f:68:9e:8c:8d:69:d1:58:0c:03:a0:07:0b:
5f:74:4b:82:e7:e5:0d:a2:fb:d1:5a:a4:b9:2f:83:
5a:4a:77:a5:3a:fa:64:3a:9d:d6:21:53:37:d4:0a:
bd:ee:39:17:08:8f:29:d6:f6:5c:2d:90:ce:ab:f0:
a2:1d:5e:7c:51:8c:81:a2:e8:12:35:ab:45:be:2f:
aa:7c:11:b2:bc:cf:6e:91:fd:60:89:b2:d0:38:0e:
93:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4F:88:69:97:17:EE:8F:8F:D7:B8:A2:88:6D:00:CB:34:63:62:2C
X509v3 Authority Key Identifier:
keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:fa:d7:da:f5:8f:da:26:b0:e9:58:89:b2:ac:bb:1f:23:9c:
05:da:d2:c5:a1:75:ce:52:55:5d:d1:73:42:b2:50:66:5e:e7:
b3:d4:bf:2b:75:6f:51:7c:4f:c3:82:97:5c:0a:76:94:d3:c1:
97:a7:aa:2c:49:4c:b5:6e:a8:83:02:55:59:89:1a:3b:89:40:
f5:01:03:45:5c:05:4e:36:6b:d0:3b:05:d8:62:ab:33:71:89:
fb:d2:25:40:2c:a3:50:76:96:c0:24:c1:4b:7a:91:1f:4b:b0:
b3:5f:31:9c:32:c5:d7:29:14:07:b1:fd:2c:a3:45:b2:6e:ba:
f6:f4:0e:98:ed:f4:d3:42:84:6d:09:22:22:77:3a:e6:44:f6:
65:b3:2b:70:16:d4:5f:c9:58:0a:72:26:b0:54:a1:5b:b9:08:
72:25:01:b2:50:f5:be:f3:62:9c:70:1f:8d:e9:5a:f0:8d:c8:
a1:8c:79:66:b9:02:b2:2c:d6:e5:a6:c1:0a:a9:60:59:4a:71:
8e:0b:df:32:bb:37:46:39:51:b4:2f:db:b4:af:4a:c5:b3:f5:
7e:ca:7a:5e:ef:a9:2d:3d:6c:79:30:cb:01:c0:20:69:14:c6:
b3:f8:59:de:88:d4:78:1a:01:4d:d4:62:00:d5:b0:f1:9b:19:
2c:47:dc:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nCUbIZXCA/1LjBYgBvTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjYwMzI5MDgwMDUwWhcNMjYwMzMwMDgwMDUwWjAzMTEwLwYDVQQD
Eyg3YTRmODg2OTk3MTdlZThmOGZkN2I4YTI4ODZkMDBjYjM0NjM2MjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxcpZjsNMuNJqjfSZZD1w6XgKjo6
2NN2gaFKnFvklW3tuylHlwTWfUTXR4hDfUCW97c/gWLKSRt/EErJ29v2qQJtonzi
sP3HTtNpahRCwah0kxb4fee3CYRo60tAXRDniTLDNFGr4L5V2nsHMHwlWaAz90o+
eyId2JxgYozPaXzeA5kRGctgCVA8oL93118URxAj/K0T1npBLxXsL5BLHTtIqxZ7
EH9onoyNadFYDAOgBwtfdEuC5+UNovvRWqS5L4NaSnelOvpkOp3WIVM31Aq97jkX
CI8p1vZcLZDOq/CiHV58UYyBougSNatFvi+qfBGyvM9ukf1gibLQOA6T1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHpPiGmXF+6Pj9e4oohtAMs0Y2IsMB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACfrX2vWP
2iaw6ViJsqy7HyOcBdrSxaF1zlJVXdFzQrJQZl7ns9S/K3VvUXxPw4KXXAp2lNPB
l6eqLElMtW6ogwJVWYkaO4lA9QEDRVwFTjZr0DsF2GKrM3GJ+9IlQCyjUHaWwCTB
S3qRH0uws18xnDLF1ykUB7H9LKNFsm669vQOmO3000KEbQkiInc65kT2ZbMrcBbU
X8lYCnImsFShW7kIciUBslD1vvNinHAfjela8I3IoYx5ZrkCsizW5abBCqlgWUpx
jgvfMrs3RjlRtC/btK9KxbP1fsp6Xu+pLT1seTDLAcAgaRTGs/hZ3ojUeBoBTdRi
ANWw8ZsZLEfcNA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:07:12 2026 by rpki-client