Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
File: OkGxVaq20SKf00jqoD0PeQPxJno.mft (raw, json)
Hash identifier: 2WzY1P0ewQaWknOWjWbKcJtY/DWN1Xjij6Wqhwm4wFg=
Subject key identifier: 6F:BB:29:F8:CD:18:8B:F3:17:10:2A:5D:9A:BC:F9:68:70:6B:DA:26
Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Certificate serial: 019D389BFA48A7697A43D6E0124B004D7AE6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
Manifest number: 1397
Signing time: Sun 29 Mar 2026 08:00:39 +0000
Manifest this update: Sun 29 Mar 2026 08:00:39 +0000
Manifest next update: Mon 30 Mar 2026 08:00:39 +0000
Files and hashes: 1: MQkaYy80rlcF2zpg2yFpUgSAhhE.roa (hash: S21YGrGdqaF7674FFZMPM/sVGaBX3VNwBzrWaUE2Lqg=)
2: OkGxVaq20SKf00jqoD0PeQPxJno.crl (hash: FygSxcFyR/vi9IP7DjZ42wGbQoToUGvFyGfpt9CD5M8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:fa:48:a7:69:7a:43:d6:e0:12:4b:00:4d:7a:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Validity
Not Before: Mar 29 08:00:39 2026 GMT
Not After : Mar 30 08:00:39 2026 GMT
Subject: CN=6fbb29f8cd188bf317102a5d9abcf968706bda26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:97:00:4f:f3:df:82:97:85:b5:ea:ce:9e:04:
87:70:71:4c:3d:f9:95:e1:d1:c8:43:c0:46:ab:bd:
5c:e1:54:00:64:28:1f:48:1a:db:45:14:0c:a6:8a:
54:77:af:60:b1:2e:06:1a:78:56:e8:a0:bb:08:96:
ff:e1:0b:0a:15:21:ed:a7:78:3f:2b:93:25:da:91:
08:7a:fd:38:cb:4b:6a:65:a9:58:98:b9:d7:59:68:
9d:c9:76:f6:9b:8c:7a:a9:97:93:77:23:89:94:92:
d2:5b:03:63:f8:97:a7:b3:6d:7f:c1:4c:d0:65:2f:
f4:d6:b7:55:b8:7e:dc:99:63:43:29:56:48:c6:f2:
1c:50:86:9d:5b:3c:fc:14:60:09:c9:41:dd:45:c2:
38:ad:d6:12:60:78:f0:91:ac:8b:b4:60:57:54:ee:
77:e7:6a:e2:e3:39:71:58:31:a5:ef:2b:45:d9:a0:
45:ff:c5:c9:51:59:a9:0c:53:89:f6:e8:2e:6b:1a:
4b:9c:3b:0a:c1:53:26:5f:31:90:09:43:8a:9f:0e:
a6:a3:e8:07:8e:ec:40:fc:62:5f:eb:e3:af:cb:15:
6f:15:7d:ed:13:73:a3:ac:91:ec:63:19:0d:4a:22:
b0:41:30:b0:9c:45:9b:01:c5:52:1d:4f:8f:45:36:
b5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BB:29:F8:CD:18:8B:F3:17:10:2A:5D:9A:BC:F9:68:70:6B:DA:26
X509v3 Authority Key Identifier:
keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:4b:ad:75:c5:40:b1:90:e4:3b:65:4d:c4:39:30:76:1c:39:
63:51:7d:ad:06:a1:10:68:86:c1:01:38:0b:a3:f1:13:65:9e:
29:cd:44:a5:96:bd:60:66:fa:3b:3f:e0:bb:9d:43:a8:cc:dd:
02:af:77:37:c6:29:94:38:cd:08:04:2b:ec:35:c8:e2:cd:ee:
2f:f6:ae:f8:dc:10:9a:5f:79:db:35:de:3b:a6:93:79:27:83:
82:08:df:99:a9:5d:87:7f:5b:37:8e:34:42:fc:fd:9a:c0:33:
25:f6:9c:86:74:42:83:2b:d1:00:fe:53:88:2d:94:cf:cd:07:
a7:a3:41:1f:8e:dc:cc:88:6f:ef:2e:da:fd:e9:94:71:cc:83:
6b:98:76:fd:c2:9f:5c:e5:0a:42:c9:7f:f0:2f:7e:c0:b4:cc:
ae:49:ca:7e:d9:58:72:26:b3:9a:60:c7:6e:e9:9b:cd:d8:29:
75:f1:07:0a:ac:0a:88:2c:ce:50:a3:9e:2c:94:28:ba:53:16:
0d:28:84:47:71:dc:2a:e1:6a:69:35:92:89:15:cb:a7:6b:2d:
7a:a0:aa:55:63:b0:07:2e:bd:7e:87:2d:7e:d3:65:d0:93:ee:
1d:c1:20:e9:e8:88:19:31:c2:28:3d:f5:8d:d1:bb:64:dc:45:
ad:a6:96:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m/pIp2l6Q9bgEksATXrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm
MTI2N2EwHhcNMjYwMzI5MDgwMDM5WhcNMjYwMzMwMDgwMDM5WjAzMTEwLwYDVQQD
Eyg2ZmJiMjlmOGNkMTg4YmYzMTcxMDJhNWQ5YWJjZjk2ODcwNmJkYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpcAT/PfgpeFterOngSHcHFMPfmV
4dHIQ8BGq71c4VQAZCgfSBrbRRQMpopUd69gsS4GGnhW6KC7CJb/4QsKFSHtp3g/
K5Ml2pEIev04y0tqZalYmLnXWWidyXb2m4x6qZeTdyOJlJLSWwNj+Jens21/wUzQ
ZS/01rdVuH7cmWNDKVZIxvIcUIadWzz8FGAJyUHdRcI4rdYSYHjwkayLtGBXVO53
52ri4zlxWDGl7ytF2aBF/8XJUVmpDFOJ9uguaxpLnDsKwVMmXzGQCUOKnw6mo+gH
juxA/GJf6+OvyxVvFX3tE3OjrJHsYxkNSiKwQTCwnEWbAcVSHU+PRTa1twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+7KfjNGIvzFxAqXZq8+Whwa9omMB8GA1UdIwQY
MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt
MmIzYjRjNzgwNDE5LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5
LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVkutdcVA
sZDkO2VNxDkwdhw5Y1F9rQahEGiGwQE4C6PxE2WeKc1EpZa9YGb6Oz/gu51DqMzd
Aq93N8YplDjNCAQr7DXI4s3uL/au+NwQml952zXeO6aTeSeDggjfmaldh39bN440
Qvz9msAzJfachnRCgyvRAP5TiC2Uz80Hp6NBH47czIhv7y7a/emUccyDa5h2/cKf
XOUKQsl/8C9+wLTMrknKftlYciazmmDHbumbzdgpdfEHCqwKiCzOUKOeLJQoulMW
DSiER3HcKuFqaTWSiRXLp2steqCqVWOwBy69foctftNl0JPuHcEg6eiIGTHCKD31
jdG7ZNxFraaWbw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:56:48 2026 by rpki-client