Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json)
Hash identifier: pWfvPZL+9ewgUOhPrjsOlyef13DRQzEL1aTEvaDHoTQ=
Subject key identifier: B3:33:1A:B0:21:AA:DB:18:52:DE:50:6E:8A:46:F8:7B:1B:9E:4D:39
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 019D386627B0919C8C3C07E446AC632FC282
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
Manifest number: 1894
Signing time: Sun 29 Mar 2026 07:01:51 +0000
Manifest this update: Sun 29 Mar 2026 07:01:51 +0000
Manifest next update: Mon 30 Mar 2026 07:01:51 +0000
Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: pVR4a/q26NvIVSzMDXo+AvA1wRj7Ad7DLG8kjo0Y6PI=)
2: WeJgs7A95jwqtwLgB758IcXv4EU.roa (hash: 84hLdtwmT7VOnkUt9Z3ak3sP5MNYReF+bmVuaSuUp4c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:27:b0:91:9c:8c:3c:07:e4:46:ac:63:2f:c2:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Mar 29 07:01:51 2026 GMT
Not After : Mar 30 07:01:51 2026 GMT
Subject: CN=b3331ab021aadb1852de506e8a46f87b1b9e4d39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:12:fb:a5:52:a2:db:66:45:f9:33:62:05:8c:
1c:3a:c8:d1:e7:6c:44:70:99:92:29:1e:15:c0:61:
66:d8:5f:bb:04:c3:e5:46:0f:34:4a:36:7f:ec:6b:
3d:26:c9:78:e9:26:a4:03:d2:15:f6:7e:22:e3:c4:
dc:04:1a:a6:23:8d:9b:24:19:ec:a9:fc:36:fe:6c:
b7:d9:9f:5a:73:6b:f4:b5:b2:55:1d:cd:cb:af:01:
58:8b:28:67:31:78:4b:e7:70:b2:e6:be:8d:9b:5c:
77:b6:f1:15:86:d9:32:5a:fe:0a:60:6d:3d:68:a7:
34:6c:2e:56:ea:71:31:76:3a:85:0f:da:7a:5c:1b:
0e:a7:a0:e1:3b:e2:88:90:c7:f5:ba:44:67:b6:e3:
74:65:01:a1:85:2a:c0:14:22:a4:a3:ca:4c:e8:1a:
e1:b8:47:ab:d9:88:66:00:04:1d:52:7d:5b:49:c7:
83:be:08:98:54:df:05:a4:d6:46:95:2b:83:6b:0f:
e9:54:11:9d:56:62:1a:6b:57:d2:04:02:a0:12:b3:
d2:d4:3f:45:d3:94:76:86:2b:f4:a2:6c:48:f8:d6:
72:fa:cc:4a:1a:09:6f:c5:63:94:db:b4:87:df:20:
e6:11:1c:e4:51:3a:71:77:1a:43:9f:3d:3e:69:82:
8a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:33:1A:B0:21:AA:DB:18:52:DE:50:6E:8A:46:F8:7B:1B:9E:4D:39
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:05:73:61:52:0e:76:8f:8b:07:92:6b:8f:c3:51:23:4e:d9:
94:fa:a7:13:95:88:38:3f:61:36:bd:67:5f:ec:32:df:d6:56:
a6:08:ac:c9:d8:fc:19:24:0c:f9:c3:83:a8:42:e8:19:e6:c9:
ec:0a:3d:df:e7:f0:78:7e:75:be:b7:c6:f6:31:c4:79:93:2c:
4f:cc:5c:ac:5d:37:a2:26:6d:92:ad:3c:54:da:ee:f5:53:e6:
87:08:0c:e0:67:da:0d:42:c3:db:ac:c4:7c:8f:a8:9e:8f:31:
6b:60:14:97:47:53:4d:7a:06:90:4e:d5:8e:61:29:db:99:5f:
ce:f5:96:ef:8c:af:66:03:03:2f:f8:ba:2d:91:4e:49:24:32:
bf:18:59:48:12:5b:05:39:11:4e:13:89:18:54:c4:d5:1c:43:
99:67:8d:4c:79:88:ca:cc:7c:37:5e:43:c6:5b:67:db:f9:d6:
fd:59:d2:96:9b:86:f9:fb:dc:c1:34:cf:d3:ad:e3:cb:15:f1:
71:10:3f:80:8e:b9:47:a6:4a:c3:8f:6c:ca:e3:65:39:4c:ef:
b0:c0:30:23:3d:9a:1e:ee:9d:79:64:0c:a8:ab:56:fe:55:15:
9e:ba:b3:b5:c7:1c:65:91:c3:8a:9e:98:13:01:86:28:f2:e9:
98:91:e2:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZiewkZyMPAfkRqxjL8KCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjYwMzI5MDcwMTUxWhcNMjYwMzMwMDcwMTUxWjAzMTEwLwYDVQQD
EyhiMzMzMWFiMDIxYWFkYjE4NTJkZTUwNmU4YTQ2Zjg3YjFiOWU0ZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxL7pVKi22ZF+TNiBYwcOsjR52xE
cJmSKR4VwGFm2F+7BMPlRg80SjZ/7Gs9Jsl46SakA9IV9n4i48TcBBqmI42bJBns
qfw2/my32Z9ac2v0tbJVHc3LrwFYiyhnMXhL53Cy5r6Nm1x3tvEVhtkyWv4KYG09
aKc0bC5W6nExdjqFD9p6XBsOp6DhO+KIkMf1ukRntuN0ZQGhhSrAFCKko8pM6Brh
uEer2YhmAAQdUn1bSceDvgiYVN8FpNZGlSuDaw/pVBGdVmIaa1fSBAKgErPS1D9F
05R2hiv0omxI+NZy+sxKGglvxWOU27SH3yDmERzkUTpxdxpDnz0+aYKKNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMzGrAhqtsYUt5QbopG+Hsbnk05MB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUwVzYVIO
do+LB5Jrj8NRI07ZlPqnE5WIOD9hNr1nX+wy39ZWpgisydj8GSQM+cODqELoGebJ
7Ao93+fweH51vrfG9jHEeZMsT8xcrF03oiZtkq08VNru9VPmhwgM4GfaDULD26zE
fI+ono8xa2AUl0dTTXoGkE7VjmEp25lfzvWW74yvZgMDL/i6LZFOSSQyvxhZSBJb
BTkRThOJGFTE1RxDmWeNTHmIysx8N15Dxltn2/nW/VnSlpuG+fvcwTTP063jyxXx
cRA/gI65R6ZKw49syuNlOUzvsMAwIz2aHu6deWQMqKtW/lUVnrqztcccZZHDip6Y
EwGGKPLpmJHisQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:03:20 2026 by rpki-client