Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
File: ok-vY1IPfv9skINInIuVQ_XEHms.mft (raw, json)
Hash identifier: qTYW77yZLt1gXMkltv2ydFRVAN/5cjHFfUZ/10AJuig=
Subject key identifier: F9:E4:0E:F2:37:93:2C:B0:7C:3F:FF:B5:BA:C0:66:FB:6C:D5:CD:2E
Authority key identifier: A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
Certificate issuer: /CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Certificate serial: 019E3FE553A3CCA98776CDC8756E354BA1F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
Manifest number: 0102
Signing time: Tue 19 May 2026 11:00:54 +0000
Manifest this update: Tue 19 May 2026 11:00:54 +0000
Manifest next update: Wed 20 May 2026 11:00:54 +0000
Files and hashes: 1: mRAPRARmIWBI0GVMPhWngw_j6ww.roa (hash: avARUPRrUse7y3N+OWqTLKma/Wv73drbWJGHR9JSglE=)
2: ok-vY1IPfv9skINInIuVQ_XEHms.crl (hash: j/oS5kiAEZtfbInK32HDuBnr2i0PdQd5AhGHv1so0/M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 20 May 2026 07:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3f:e5:53:a3:cc:a9:87:76:cd:c8:75:6e:35:4b:a1:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Validity
Not Before: May 19 11:00:54 2026 GMT
Not After : May 20 11:00:54 2026 GMT
Subject: CN=f9e40ef237932cb07c3fffb5bac066fb6cd5cd2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ca:4c:a8:2e:0c:92:d0:cb:d7:f7:0e:b7:6a:
14:60:5b:64:15:65:a2:67:1d:df:38:bd:30:8d:a0:
ff:b8:f5:38:a1:46:a2:c8:d2:f6:b4:7e:65:8f:41:
7a:6c:af:e9:02:8b:83:2a:a4:ce:0f:37:f9:3e:62:
fc:a8:4f:3b:cc:17:17:e6:bc:22:18:31:d2:88:a5:
c5:6d:10:75:42:ef:8f:52:6b:3f:c1:b3:15:c5:09:
df:4f:92:d0:ef:ef:27:4a:72:bc:5b:dc:57:44:01:
20:c7:5c:0c:4e:63:21:ef:98:a0:3e:a2:62:96:2e:
1d:7a:c5:25:4e:85:a8:a4:28:b1:d4:e5:0c:8f:31:
1a:dc:c1:c6:41:c3:df:90:4a:67:b9:04:3e:af:4c:
d0:64:f4:b0:69:1b:17:f1:bc:f9:2c:a9:cf:ce:5e:
6c:c6:f6:1f:df:e5:a8:c7:bd:6a:e8:19:50:c6:c4:
98:a6:9f:93:c6:29:97:34:ad:9e:57:c9:e9:a3:ad:
90:0d:6b:68:6a:a2:89:a7:26:fa:af:63:e1:be:ca:
81:08:20:db:ab:2a:84:5c:8b:6f:5a:53:a7:7e:a3:
d1:71:e9:9c:d6:1c:7c:b3:88:a4:64:46:96:24:02:
c4:0b:97:48:a5:66:79:63:10:90:72:b3:68:01:ce:
3d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:E4:0E:F2:37:93:2C:B0:7C:3F:FF:B5:BA:C0:66:FB:6C:D5:CD:2E
X509v3 Authority Key Identifier:
keyid:A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:72:e4:86:72:9c:39:3a:3c:e5:09:e3:ff:a5:2d:a2:40:69:
7f:79:6b:8a:f4:31:2a:44:95:d8:ef:55:70:c0:f8:72:50:7b:
77:ba:b7:46:c2:ef:99:6c:6a:ae:5c:c6:26:2e:71:9a:59:a1:
ff:de:de:0c:62:2f:9a:16:c5:5f:26:ec:db:22:be:94:cb:df:
82:36:e0:79:4b:f5:db:0d:67:44:82:e8:38:f9:50:56:fb:32:
96:60:81:8d:ba:d7:df:65:62:7a:2e:5d:e4:64:92:60:1e:db:
d1:b5:39:ef:fd:1b:7b:b6:93:48:ed:1a:5a:2f:db:98:08:29:
63:65:b5:33:72:a6:8c:53:b2:39:3f:27:74:aa:1b:e7:bf:e3:
42:6d:73:95:68:b6:04:cc:1f:d0:cf:62:82:30:47:57:b4:fa:
9c:99:18:1e:96:89:b9:ed:65:64:c7:ae:13:42:a0:38:fe:1f:
b0:83:9a:41:44:43:32:d2:41:ef:5c:6b:34:2c:41:70:f7:e0:
51:68:72:be:73:7c:95:76:ef:7e:3f:08:34:20:ef:a6:55:5a:
7d:11:49:88:80:2b:ef:59:eb:3b:22:d2:06:ef:8f:2a:31:ce:
c7:cb:3e:9e:7a:03:23:17:30:3f:22:4f:39:7e:92:45:24:59:
41:b1:d5:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4/5VOjzKmHds3IdW41S6HyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGZhZjYzNTIwZjdlZmY2YzkwODM0ODljOGI5NTQzZjVj
NDFlNmIwHhcNMjYwNTE5MTEwMDU0WhcNMjYwNTIwMTEwMDU0WjAzMTEwLwYDVQQD
EyhmOWU0MGVmMjM3OTMyY2IwN2MzZmZmYjViYWMwNjZmYjZjZDVjZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApspMqC4MktDL1/cOt2oUYFtkFWWi
Zx3fOL0wjaD/uPU4oUaiyNL2tH5lj0F6bK/pAouDKqTODzf5PmL8qE87zBcX5rwi
GDHSiKXFbRB1Qu+PUms/wbMVxQnfT5LQ7+8nSnK8W9xXRAEgx1wMTmMh75igPqJi
li4desUlToWopCix1OUMjzEa3MHGQcPfkEpnuQQ+r0zQZPSwaRsX8bz5LKnPzl5s
xvYf3+Wox71q6BlQxsSYpp+TximXNK2eV8npo62QDWtoaqKJpyb6r2PhvsqBCCDb
qyqEXItvWlOnfqPRcemc1hx8s4ikZEaWJALEC5dIpWZ5YxCQcrNoAc49twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnkDvI3kyywfD//tbrAZvts1c0uMB8GA1UdIwQY
MBaAFKJPr2NSD37/bJCDSJyLlUP1xB5rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmIt
NzExNzEyNjBkYjM0LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmItNzExNzEyNjBkYjM0
LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEXLkhnKc
OTo85Qnj/6UtokBpf3lrivQxKkSV2O9VcMD4clB7d7q3RsLvmWxqrlzGJi5xmlmh
/97eDGIvmhbFXybs2yK+lMvfgjbgeUv12w1nRILoOPlQVvsylmCBjbrX32Viei5d
5GSSYB7b0bU57/0be7aTSO0aWi/bmAgpY2W1M3KmjFOyOT8ndKob57/jQm1zlWi2
BMwf0M9igjBHV7T6nJkYHpaJue1lZMeuE0KgOP4fsIOaQURDMtJB71xrNCxBcPfg
UWhyvnN8lXbvfj8INCDvplVafRFJiIAr71nrOyLSBu+PKjHOx8s+nnoDIxcwPyJP
OX6SRSRZQbHVvA==
-----END CERTIFICATE-----
Generated at Tue May 19 16:28:52 2026 by rpki-client