Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
File: OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft (raw, json)
Hash identifier: KGsCd0LTzDBc0lLkhks5QFVjXU4G0oZwXoY1BfwoTGQ=
Subject key identifier: D8:BD:D9:42:95:30:7B:BC:45:41:31:17:C4:E4:98:14:92:E1:B7:F1
Authority key identifier: 3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B
Certificate issuer: /CN=3a40ff154c453943a0b02aa65021c9c264947c2b
Certificate serial: 019E30A95BC249FBFA88A2916EBC8FE3C562
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
Manifest number: 0FF6
Signing time: Sat 16 May 2026 12:01:05 +0000
Manifest this update: Sat 16 May 2026 12:01:05 +0000
Manifest next update: Sun 17 May 2026 12:01:05 +0000
Files and hashes: 1: J7pOiHdYKd2j4ChTilTVhn454DE.roa (hash: hcNJP1cRdMhyS1Muhx9YTYmFbSp39gRRkj1KauS78s0=)
2: OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl (hash: wf6clg5/EUUyffQn1gYm+0abCrcoXzdCns6EW46ZZV8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 12:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:a9:5b:c2:49:fb:fa:88:a2:91:6e:bc:8f:e3:c5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a40ff154c453943a0b02aa65021c9c264947c2b
Validity
Not Before: May 16 12:01:05 2026 GMT
Not After : May 17 12:01:05 2026 GMT
Subject: CN=d8bdd94295307bbc45413117c4e4981492e1b7f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:96:49:79:31:6a:10:67:83:b6:12:ec:f2:a9:
5c:9e:99:81:eb:a0:48:07:58:77:bd:69:85:16:24:
49:a0:f9:df:67:07:4d:36:06:39:56:07:83:02:83:
42:35:9d:46:3d:41:05:85:4c:f6:b0:77:6e:ba:97:
80:7f:bf:94:74:4e:35:18:01:20:9f:6e:c2:d0:c0:
02:0c:79:a9:8c:c9:dc:2e:66:54:dd:44:a9:ff:b1:
e6:2e:5d:7b:2b:d9:df:33:fc:48:09:c0:db:e9:3b:
e5:c5:e0:04:93:bd:1c:cc:8f:b1:72:6c:67:9f:36:
5f:38:8a:b7:32:3e:14:a4:0d:ae:bd:9c:cd:fc:3c:
da:93:f7:98:9e:87:a5:de:2f:b1:ce:d9:fb:82:e8:
66:1b:f6:6b:91:2b:65:d8:27:f8:bc:b5:cd:d0:48:
e7:b0:24:04:e2:e5:a5:e9:46:46:f9:0b:36:15:11:
2a:ae:42:5c:76:5a:55:a6:0a:6b:16:23:80:05:e4:
f1:92:61:7a:87:03:a4:ef:82:0e:ab:7a:82:e7:d5:
26:34:34:60:9d:08:71:21:d6:10:02:3b:52:0e:6f:
64:1c:4f:ef:ec:cb:a6:f4:a4:e3:ed:7a:c3:7a:bc:
f8:fb:c6:a3:e6:52:c4:c6:02:e7:bb:a0:32:fd:36:
b3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BD:D9:42:95:30:7B:BC:45:41:31:17:C4:E4:98:14:92:E1:B7:F1
X509v3 Authority Key Identifier:
keyid:3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:33:fd:d9:4b:4d:59:c6:cf:56:66:75:d4:53:13:09:d7:73:
32:49:e4:cb:dc:a0:db:2f:b6:58:67:66:01:3d:91:de:ed:8d:
ab:83:3a:53:5a:37:b8:eb:ee:51:9f:ab:9e:f6:e7:de:46:52:
9d:73:47:32:49:b8:3e:f3:09:46:74:4e:55:65:a4:98:b4:bb:
75:31:fc:0d:3f:cf:f0:c3:14:69:e5:51:13:b4:32:af:84:3b:
c9:d1:4b:4c:dc:a5:a5:66:58:66:12:72:53:c5:45:94:2d:47:
c4:25:6a:5e:4d:f0:4d:43:46:ce:94:98:86:a6:08:89:fd:3b:
97:ec:9c:d7:c2:4f:cd:79:62:0c:a1:8c:e1:ae:38:3d:ad:67:
89:17:05:1b:8e:ce:2a:87:ef:70:18:28:93:4f:0e:43:26:a0:
a8:4d:49:13:82:19:81:5e:0c:2f:1d:f4:18:ea:d7:23:a2:23:
dc:bc:65:9a:d9:f0:44:5d:82:38:e4:85:dc:67:62:a6:59:4a:
90:fa:b3:f0:ea:62:86:e4:43:7d:f6:9b:c2:aa:32:f9:0a:b8:
a6:d1:23:bd:14:39:91:1b:7a:6f:48:93:e2:01:05:6c:ad:9c:
1f:de:85:e9:d0:ad:b8:bd:68:39:29:75:11:8d:c8:51:39:10:
3c:b2:d5:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wqVvCSfv6iKKRbryP48ViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDBmZjE1NGM0NTM5NDNhMGIwMmFhNjUwMjFjOWMyNjQ5
NDdjMmIwHhcNMjYwNTE2MTIwMTA1WhcNMjYwNTE3MTIwMTA1WjAzMTEwLwYDVQQD
EyhkOGJkZDk0Mjk1MzA3YmJjNDU0MTMxMTdjNGU0OTgxNDkyZTFiN2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5ZJeTFqEGeDthLs8qlcnpmB66BI
B1h3vWmFFiRJoPnfZwdNNgY5VgeDAoNCNZ1GPUEFhUz2sHduupeAf7+UdE41GAEg
n27C0MACDHmpjMncLmZU3USp/7HmLl17K9nfM/xICcDb6TvlxeAEk70czI+xcmxn
nzZfOIq3Mj4UpA2uvZzN/Dzak/eYnoel3i+xztn7guhmG/ZrkStl2Cf4vLXN0Ejn
sCQE4uWl6UZG+Qs2FREqrkJcdlpVpgprFiOABeTxkmF6hwOk74IOq3qC59UmNDRg
nQhxIdYQAjtSDm9kHE/v7Mum9KTj7XrDerz4+8aj5lLExgLnu6Ay/TazQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNi92UKVMHu8RUExF8TkmBSS4bfxMB8GA1UdIwQY
MBaAFDpA/xVMRTlDoLAqplAhycJklHwrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQt
ODJiYjBiYjExZTNlLzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQtODJiYjBiYjExZTNl
LzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGjP92UtN
WcbPVmZ11FMTCddzMknky9yg2y+2WGdmAT2R3u2Nq4M6U1o3uOvuUZ+rnvbn3kZS
nXNHMkm4PvMJRnROVWWkmLS7dTH8DT/P8MMUaeVRE7Qyr4Q7ydFLTNylpWZYZhJy
U8VFlC1HxCVqXk3wTUNGzpSYhqYIif07l+yc18JPzXliDKGM4a44Pa1niRcFG47O
KofvcBgok08OQyagqE1JE4IZgV4MLx30GOrXI6Ij3LxlmtnwRF2COOSF3GdipllK
kPqz8OpihuRDffabwqoy+Qq4ptEjvRQ5kRt6b0iT4gEFbK2cH96F6dCtuL1oOSl1
EY3IUTkQPLLVuA==
-----END CERTIFICATE-----
Generated at Sat May 16 21:13:02 2026 by rpki-client