Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json)
Hash identifier: dEQs8ZbDrTwsIaBE/YKamx5vc+/Tpqpy7U7NFXqb2ws=
Subject key identifier: FA:7E:51:B9:56:DE:44:D2:20:CA:42:1B:02:9D:54:F4:B2:9C:B1:B4
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 019E318574EFE536AB3CF1A3D6B19D1812DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
Manifest number: 1915
Signing time: Sat 16 May 2026 16:01:30 +0000
Manifest this update: Sat 16 May 2026 16:01:30 +0000
Manifest next update: Sun 17 May 2026 16:01:30 +0000
Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: ngydYfwcUM7qEaocJg3g22jkDf0kj6Z/F6oRRUdDMlE=)
2: WeJgs7A95jwqtwLgB758IcXv4EU.roa (hash: 84hLdtwmT7VOnkUt9Z3ak3sP5MNYReF+bmVuaSuUp4c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 12:40:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:31:85:74:ef:e5:36:ab:3c:f1:a3:d6:b1:9d:18:12:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: May 16 16:01:30 2026 GMT
Not After : May 17 16:01:30 2026 GMT
Subject: CN=fa7e51b956de44d220ca421b029d54f4b29cb1b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8d:d1:b3:22:98:e0:4c:3d:e0:3c:f6:3a:7f:
5f:17:98:ba:40:c8:ad:55:d4:b5:84:3a:3d:04:ed:
1e:29:8f:07:5d:97:38:45:d2:4c:5d:f7:6c:be:61:
9d:ac:b6:2c:a8:4a:d2:4a:87:aa:51:9a:43:bc:9d:
2a:18:74:5a:85:ff:fc:7d:21:6b:17:5d:7c:6d:3a:
78:26:07:94:64:2a:2b:1b:80:78:57:b0:2b:33:7f:
a7:52:8b:6a:84:ac:f4:65:d6:ea:e3:33:18:16:20:
c4:a9:fc:d6:cf:e3:b5:59:e6:36:6b:05:6d:e8:4d:
32:d5:3c:2c:ea:fc:0a:2b:43:be:e8:3e:f1:3b:7c:
7a:0c:fa:76:32:cb:68:97:db:25:7c:be:4f:06:f4:
72:cd:34:8b:ab:4e:a4:70:58:4f:29:40:e2:9c:57:
6f:4f:63:01:0b:f0:33:e0:89:6f:a5:c7:d6:11:a7:
22:bb:52:cc:13:e6:55:2e:f4:b5:1e:22:c6:c6:a7:
af:83:cd:92:a1:5f:bf:2f:cf:6c:46:ea:35:38:59:
80:e1:08:c7:21:4b:bc:89:09:f9:a4:d1:33:a4:3b:
19:bb:97:26:8e:0f:59:43:2d:a5:00:e2:71:74:82:
62:44:cd:1c:56:2a:a2:92:9d:41:90:02:e0:8f:e4:
84:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:7E:51:B9:56:DE:44:D2:20:CA:42:1B:02:9D:54:F4:B2:9C:B1:B4
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:d1:9b:86:9d:43:7b:6e:db:d9:dd:4c:1c:57:67:2d:e1:5f:
fa:bd:a3:f7:93:37:9a:bb:65:39:ca:a0:4e:8b:64:02:fe:fe:
f6:fb:aa:6c:83:40:3b:82:05:47:b7:3f:e2:ee:87:85:f8:a1:
bb:dc:b4:ff:13:8f:a0:34:70:ce:cc:01:77:cb:47:f8:5b:97:
61:11:62:35:f2:9b:66:3b:5a:f0:b6:8a:de:f6:fe:11:aa:b9:
e8:4c:54:69:91:ff:c4:e3:cd:08:91:b3:71:d5:c5:28:da:a6:
83:82:e3:47:cc:2b:9c:22:cc:99:b2:24:51:19:9e:59:05:5e:
67:40:5d:15:8d:86:f0:e3:11:90:4a:30:85:a0:d5:2d:28:8a:
62:4f:71:f8:e3:b5:68:27:8a:2c:ee:40:39:6f:8a:20:9c:97:
32:d4:96:a6:2b:30:de:00:1d:b3:12:bd:d7:6a:9c:b8:60:bb:
af:4d:56:85:c7:e7:2d:8f:21:b8:f1:e8:30:c6:2f:fe:44:bf:
ff:7a:e9:b6:7a:fc:07:35:b8:a1:c1:fa:00:5b:b2:c9:e1:ca:
31:3a:10:6d:c6:18:13:67:03:ea:93:77:63:84:19:04:10:cf:
8d:d3:9f:16:a5:26:18:20:6f:d1:2a:c1:f0:e4:30:28:50:ce:
c9:e3:06:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xhXTv5TarPPGj1rGdGBLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjYwNTE2MTYwMTMwWhcNMjYwNTE3MTYwMTMwWjAzMTEwLwYDVQQD
EyhmYTdlNTFiOTU2ZGU0NGQyMjBjYTQyMWIwMjlkNTRmNGIyOWNiMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh43RsyKY4Ew94Dz2On9fF5i6QMit
VdS1hDo9BO0eKY8HXZc4RdJMXfdsvmGdrLYsqErSSoeqUZpDvJ0qGHRahf/8fSFr
F118bTp4JgeUZCorG4B4V7ArM3+nUotqhKz0Zdbq4zMYFiDEqfzWz+O1WeY2awVt
6E0y1Tws6vwKK0O+6D7xO3x6DPp2Mstol9slfL5PBvRyzTSLq06kcFhPKUDinFdv
T2MBC/Az4IlvpcfWEaciu1LME+ZVLvS1HiLGxqevg82SoV+/L89sRuo1OFmA4QjH
IUu8iQn5pNEzpDsZu5cmjg9ZQy2lAOJxdIJiRM0cViqikp1BkALgj+SElwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPp+UblW3kTSIMpCGwKdVPSynLG0MB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfNGbhp1D
e27b2d1MHFdnLeFf+r2j95M3mrtlOcqgTotkAv7+9vuqbINAO4IFR7c/4u6Hhfih
u9y0/xOPoDRwzswBd8tH+FuXYRFiNfKbZjta8LaK3vb+Eaq56ExUaZH/xOPNCJGz
cdXFKNqmg4LjR8wrnCLMmbIkURmeWQVeZ0BdFY2G8OMRkEowhaDVLSiKYk9x+OO1
aCeKLO5AOW+KIJyXMtSWpisw3gAdsxK912qcuGC7r01WhcfnLY8huPHoMMYv/kS/
/3rptnr8BzW4ocH6AFuyyeHKMToQbcYYE2cD6pN3Y4QZBBDPjdOfFqUmGCBv0SrB
8OQwKFDOyeMGdg==
-----END CERTIFICATE-----
Generated at Sat May 16 18:39:32 2026 by rpki-client