Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
File: ok-vY1IPfv9skINInIuVQ_XEHms.mft (raw, json)
Hash identifier: mW9c/wf1PqK1mkrAbGfHKCnNvz6AF759Tdrq/MSYIjk=
Subject key identifier: FC:5E:73:3D:32:02:D5:58:82:9C:AD:A5:5A:FC:B7:91:91:81:84:A2
Authority key identifier: A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
Certificate issuer: /CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Certificate serial: 019D3941383B11692B1A73AAB18C4250350D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
Manifest number: 7A
Signing time: Sun 29 Mar 2026 11:01:08 +0000
Manifest this update: Sun 29 Mar 2026 11:01:08 +0000
Manifest next update: Mon 30 Mar 2026 11:01:08 +0000
Files and hashes: 1: mRAPRARmIWBI0GVMPhWngw_j6ww.roa (hash: avARUPRrUse7y3N+OWqTLKma/Wv73drbWJGHR9JSglE=)
2: ok-vY1IPfv9skINInIuVQ_XEHms.crl (hash: czB5tO8ssOaNdZw3NCAicW3vGtfevmerihNZXndteLo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 11:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:38:3b:11:69:2b:1a:73:aa:b1:8c:42:50:35:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24faf63520f7eff6c9083489c8b9543f5c41e6b
Validity
Not Before: Mar 29 11:01:08 2026 GMT
Not After : Mar 30 11:01:08 2026 GMT
Subject: CN=fc5e733d3202d558829cada55afcb791918184a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f9:9c:5e:e3:7d:1b:37:38:dd:41:05:73:83:
ce:21:10:40:cf:4c:f8:57:58:3a:83:be:ec:f0:dd:
95:20:2b:20:96:46:fd:b2:dd:56:0b:1a:96:c5:b4:
d4:9b:a2:9d:1b:61:df:c0:05:aa:e3:eb:b5:40:89:
e8:09:a5:73:a8:a6:fa:5d:d3:32:92:fd:71:35:bf:
48:91:73:59:46:fb:c7:63:dc:cf:25:b0:15:59:ad:
e6:19:87:fe:3d:d3:5e:fd:57:bb:9f:3e:94:1e:5e:
23:0c:65:0f:fb:1b:d5:c9:00:f7:35:f8:65:c4:30:
54:d5:5e:6b:08:fb:7e:c0:a9:45:eb:79:72:7a:f3:
26:24:cc:b0:6d:78:0c:41:be:6c:01:12:e9:5e:38:
b0:98:b3:26:d6:97:e5:a2:67:cc:a5:d2:0f:01:b2:
b9:4d:84:e3:53:c4:81:33:25:ea:8e:c4:79:ef:aa:
00:d6:da:55:d2:a5:f1:9e:18:6a:9a:d6:93:15:1c:
6f:dd:7d:4d:10:6d:e3:bc:7c:2d:a7:82:ac:f0:61:
8e:6a:70:e1:35:1b:6c:3f:56:f9:ef:b0:d4:7a:f8:
cd:8a:f8:22:33:83:64:79:27:29:5f:a0:c5:bd:8c:
3b:34:b9:25:49:33:45:d9:1a:6b:5b:23:3d:b8:56:
08:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:5E:73:3D:32:02:D5:58:82:9C:AD:A5:5A:FC:B7:91:91:81:84:A2
X509v3 Authority Key Identifier:
keyid:A2:4F:AF:63:52:0F:7E:FF:6C:90:83:48:9C:8B:95:43:F5:C4:1E:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ok-vY1IPfv9skINInIuVQ_XEHms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a2c735-b3c8-457a-abfb-71171260db34/1/ok-vY1IPfv9skINInIuVQ_XEHms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:57:54:2a:9e:f4:53:d6:de:bc:56:a9:b2:98:d8:bc:4e:27:
6a:db:ee:e3:5d:f2:0a:2e:11:a3:cf:ea:8e:fe:c0:cf:14:d8:
60:d1:45:20:78:6a:76:30:50:2a:30:50:17:11:58:91:80:1e:
a2:e2:2a:7e:03:31:9c:55:dd:5e:ca:7a:38:21:c3:f5:0c:ce:
2b:98:7c:37:05:fb:14:18:93:14:2c:9b:cc:11:ec:27:27:86:
9c:9f:7a:43:2c:a8:80:67:26:d5:58:c7:b2:d7:fe:b8:16:16:
d0:b0:b1:f7:3b:9b:81:70:f4:8b:4c:6e:60:58:3e:a1:e4:ec:
7a:65:0c:c8:2a:be:bb:da:bc:0b:ba:78:06:6a:a9:2c:96:56:
bb:2d:6a:8c:2c:6c:84:e9:03:12:ea:34:20:99:b4:9b:34:f8:
df:34:ea:e8:0f:a4:bb:ef:43:8b:56:1b:62:99:82:5b:27:a9:
ff:5b:98:7f:9a:06:48:2d:e6:42:f6:df:83:95:69:bb:23:1b:
a9:ec:51:db:54:eb:7e:7a:ad:da:78:6d:1f:3d:ab:59:d4:70:
ff:28:27:5c:39:46:4b:ea:88:b7:e8:41:3c:56:50:bb:c6:0c:
6b:84:8d:01:7c:4f:57:23:f9:63:fa:06:be:ea:60:c5:5a:1f:
69:67:78:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QTg7EWkrGnOqsYxCUDUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGZhZjYzNTIwZjdlZmY2YzkwODM0ODljOGI5NTQzZjVj
NDFlNmIwHhcNMjYwMzI5MTEwMTA4WhcNMjYwMzMwMTEwMTA4WjAzMTEwLwYDVQQD
EyhmYzVlNzMzZDMyMDJkNTU4ODI5Y2FkYTU1YWZjYjc5MTkxODE4NGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufmcXuN9Gzc43UEFc4POIRBAz0z4
V1g6g77s8N2VICsglkb9st1WCxqWxbTUm6KdG2HfwAWq4+u1QInoCaVzqKb6XdMy
kv1xNb9IkXNZRvvHY9zPJbAVWa3mGYf+PdNe/Ve7nz6UHl4jDGUP+xvVyQD3Nfhl
xDBU1V5rCPt+wKlF63lyevMmJMywbXgMQb5sARLpXjiwmLMm1pflomfMpdIPAbK5
TYTjU8SBMyXqjsR576oA1tpV0qXxnhhqmtaTFRxv3X1NEG3jvHwtp4Ks8GGOanDh
NRtsP1b577DUevjNivgiM4NkeScpX6DFvYw7NLklSTNF2RprWyM9uFYIqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPxecz0yAtVYgpytpVr8t5GRgYSiMB8GA1UdIwQY
MBaAFKJPr2NSD37/bJCDSJyLlUP1xB5rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmIt
NzExNzEyNjBkYjM0LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hMmM3MzUtYjNjOC00NTdhLWFiZmItNzExNzEyNjBkYjM0
LzEvb2stdlkxSVBmdjlza0lOSW5JdVZRX1hFSG1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQldUKp70
U9bevFapspjYvE4natvu413yCi4Ro8/qjv7AzxTYYNFFIHhqdjBQKjBQFxFYkYAe
ouIqfgMxnFXdXsp6OCHD9QzOK5h8NwX7FBiTFCybzBHsJyeGnJ96QyyogGcm1VjH
stf+uBYW0LCx9zubgXD0i0xuYFg+oeTsemUMyCq+u9q8C7p4BmqpLJZWuy1qjCxs
hOkDEuo0IJm0mzT43zTq6A+ku+9Di1YbYpmCWyep/1uYf5oGSC3mQvbfg5VpuyMb
qexR21Trfnqt2nhtHz2rWdRw/ygnXDlGS+qIt+hBPFZQu8YMa4SNAXxPVyP5Y/oG
vupgxVofaWd4iQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:14:31 2026 by rpki-client