Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
File: OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft (raw, json)
Hash identifier: rsLmB+4YYeOKVVnfPMMmT2SPASpLLfSZtPUnFvaIASo=
Subject key identifier: 7C:0F:8E:57:19:15:16:DE:35:81:B3:71:C0:FA:C5:4F:50:13:E3:52
Authority key identifier: 3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B
Certificate issuer: /CN=3a40ff154c453943a0b02aa65021c9c264947c2b
Certificate serial: 019D397773D24C8B9991F6616965B0146911
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
Manifest number: 0F76
Signing time: Sun 29 Mar 2026 12:00:22 +0000
Manifest this update: Sun 29 Mar 2026 12:00:22 +0000
Manifest next update: Mon 30 Mar 2026 12:00:22 +0000
Files and hashes: 1: J7pOiHdYKd2j4ChTilTVhn454DE.roa (hash: hcNJP1cRdMhyS1Muhx9YTYmFbSp39gRRkj1KauS78s0=)
2: OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl (hash: ziM5sMxoQ0T1QTIpZpEfM8ZjkatKBLIXOSgm/t4/wY4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:73:d2:4c:8b:99:91:f6:61:69:65:b0:14:69:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a40ff154c453943a0b02aa65021c9c264947c2b
Validity
Not Before: Mar 29 12:00:22 2026 GMT
Not After : Mar 30 12:00:22 2026 GMT
Subject: CN=7c0f8e57191516de3581b371c0fac54f5013e352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4c:f4:db:2f:7d:68:8d:d5:74:62:19:d5:1b:
2b:8b:a3:cd:d7:43:ef:e6:3c:2a:fb:61:3d:3a:b5:
b4:39:43:9f:e2:fb:04:c2:dd:a9:5d:ef:e0:18:b9:
58:38:df:17:57:a6:92:49:30:37:c1:c9:d0:f4:db:
80:3f:65:96:ef:8a:b3:bc:b1:25:a3:b9:b4:49:c6:
36:8e:9f:28:0b:c1:80:4b:b4:23:22:93:23:51:08:
6b:d7:7d:f3:12:45:90:1b:8a:c1:0b:11:4b:37:93:
9b:dd:ee:2b:ec:cc:b5:06:d2:84:c7:6f:c5:40:47:
c3:bd:c6:6e:ed:a5:9a:e3:e5:7e:f1:ad:56:73:b8:
d8:5c:aa:d2:f1:e0:9f:34:c9:ca:0a:6c:9c:bf:23:
17:ea:43:98:e4:58:88:2a:85:9d:ba:ee:f9:71:9e:
30:64:c2:e3:b9:2b:ee:0a:cf:62:d0:58:e5:6c:81:
0c:4e:e4:56:2d:41:5c:30:13:48:95:6e:45:59:a9:
25:11:34:7b:bd:fe:a8:22:72:e7:2c:88:23:fe:7d:
fd:f2:07:00:dd:9c:29:60:ab:f2:2e:33:56:22:bb:
06:2e:d7:fe:0c:c1:a8:72:bc:66:54:9c:36:0a:f0:
7e:41:a5:7f:6f:a5:88:1a:e9:b6:7c:c8:e9:9d:2d:
c6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:0F:8E:57:19:15:16:DE:35:81:B3:71:C0:FA:C5:4F:50:13:E3:52
X509v3 Authority Key Identifier:
keyid:3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:7d:bd:7d:ae:4e:ec:e3:58:c4:c0:eb:f0:e2:26:98:53:19:
48:78:b2:22:87:c4:27:9d:7f:7e:d1:fa:99:01:1b:2e:ad:ab:
aa:ea:5d:5b:1c:41:11:81:8e:2c:61:43:ab:89:b3:5a:4a:6b:
ee:35:f2:af:3e:0d:fe:cf:54:de:ec:93:66:7e:83:9d:cd:48:
09:ce:9f:1d:4b:b3:5c:20:74:10:aa:67:af:6d:cc:b9:21:4c:
8d:15:34:d7:2b:f0:88:94:90:5a:48:29:b8:37:9b:a7:f4:90:
75:d8:7a:90:cb:f8:12:51:93:1a:41:0f:cb:a5:a5:77:80:70:
43:d9:9b:ff:e4:88:4e:17:62:5b:5b:e0:b2:1d:5c:61:9b:cc:
f2:2f:38:45:05:96:47:d1:5c:7c:97:e1:87:a4:ce:3a:ca:3c:
ba:f3:a0:fb:d7:30:c0:4b:08:95:73:0b:32:7f:4c:cd:b8:39:
ff:36:a4:02:27:25:2c:4b:c4:25:1b:16:10:8f:9b:c8:b2:88:
2e:97:6d:62:d6:a1:c3:e2:6e:37:51:75:03:ca:bf:5d:a7:97:
3c:31:53:3b:44:00:f5:6a:94:7f:65:35:39:06:00:6b:2b:dd:
22:e3:8d:b3:80:ff:eb:55:29:06:9b:7a:2a:df:2f:0d:5a:94:
8c:a5:8f:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d3PSTIuZkfZhaWWwFGkRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDBmZjE1NGM0NTM5NDNhMGIwMmFhNjUwMjFjOWMyNjQ5
NDdjMmIwHhcNMjYwMzI5MTIwMDIyWhcNMjYwMzMwMTIwMDIyWjAzMTEwLwYDVQQD
Eyg3YzBmOGU1NzE5MTUxNmRlMzU4MWIzNzFjMGZhYzU0ZjUwMTNlMzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEz02y99aI3VdGIZ1Rsri6PN10Pv
5jwq+2E9OrW0OUOf4vsEwt2pXe/gGLlYON8XV6aSSTA3wcnQ9NuAP2WW74qzvLEl
o7m0ScY2jp8oC8GAS7QjIpMjUQhr133zEkWQG4rBCxFLN5Ob3e4r7My1BtKEx2/F
QEfDvcZu7aWa4+V+8a1Wc7jYXKrS8eCfNMnKCmycvyMX6kOY5FiIKoWduu75cZ4w
ZMLjuSvuCs9i0FjlbIEMTuRWLUFcMBNIlW5FWaklETR7vf6oInLnLIgj/n398gcA
3ZwpYKvyLjNWIrsGLtf+DMGocrxmVJw2CvB+QaV/b6WIGum2fMjpnS3G8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwPjlcZFRbeNYGzccD6xU9QE+NSMB8GA1UdIwQY
MBaAFDpA/xVMRTlDoLAqplAhycJklHwrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQt
ODJiYjBiYjExZTNlLzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQtODJiYjBiYjExZTNl
LzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPX29fa5O
7ONYxMDr8OImmFMZSHiyIofEJ51/ftH6mQEbLq2rqupdWxxBEYGOLGFDq4mzWkpr
7jXyrz4N/s9U3uyTZn6Dnc1ICc6fHUuzXCB0EKpnr23MuSFMjRU01yvwiJSQWkgp
uDebp/SQddh6kMv4ElGTGkEPy6Wld4BwQ9mb/+SIThdiW1vgsh1cYZvM8i84RQWW
R9FcfJfhh6TOOso8uvOg+9cwwEsIlXMLMn9Mzbg5/zakAiclLEvEJRsWEI+byLKI
LpdtYtahw+JuN1F1A8q/XaeXPDFTO0QA9WqUf2U1OQYAayvdIuONs4D/61UpBpt6
Kt8vDVqUjKWPvw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:34:49 2026 by rpki-client