Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier: bwtAW0Ow3umXEGQFik/rfyoNyZjwxDUjv43bv311IR8=
Subject key identifier: D8:FF:9E:66:F4:B1:BA:F2:D6:7D:08:40:6C:AD:08:52:C8:AE:38:FB
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial: 019848C0C7B1DEBA44718DA6FA8325B37637
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number: 0938
Signing time: Sat 26 Jul 2025 22:00:50 +0000
Manifest this update: Sat 26 Jul 2025 22:00:50 +0000
Manifest next update: Sun 27 Jul 2025 22:00:50 +0000
Files and hashes: 1: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: at4kjHw0EZPLUdITYV1MT/S7lL07wEhQ5bA/UN862QI=)
2: q5bfraBywGI6OWgME5lOUXQvdtQ.roa (hash: VPJfRwAlvqbFoPlw0asR42eLfzS3WBMbNuvc2HvQmEs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 15:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:48:c0:c7:b1:de:ba:44:71:8d:a6:fa:83:25:b3:76:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
Validity
Not Before: Jul 26 22:00:50 2025 GMT
Not After : Jul 27 22:00:50 2025 GMT
Subject: CN=d8ff9e66f4b1baf2d67d08406cad0852c8ae38fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:32:64:86:e0:25:7b:41:17:b8:f6:78:08:b6:
7d:1d:25:72:1d:c0:70:ee:8d:3c:a6:c6:41:00:56:
b8:ab:3c:2c:fd:e7:11:8f:78:7e:01:db:1b:88:98:
be:97:07:ef:b0:16:f6:f9:9f:e5:85:00:36:4f:a3:
88:35:61:bc:90:f6:a1:18:eb:fc:91:6d:09:5a:9e:
93:63:ce:af:fd:9d:75:1f:b3:e3:67:bf:e5:61:03:
29:44:a2:be:91:88:2e:fb:02:42:0a:83:59:78:b0:
0c:70:d3:20:1e:34:1e:62:73:26:a4:28:e1:04:82:
d0:d7:ad:80:1d:1b:d0:c3:87:fa:50:74:9b:91:09:
ba:8f:45:cf:b4:94:b5:43:24:bd:ad:8c:40:6c:d8:
53:f2:ac:e7:d5:55:b3:7d:b4:55:9f:5b:b5:d6:5e:
bd:85:99:42:dc:c8:72:66:6f:7c:75:ef:d1:a7:84:
40:79:5e:2c:eb:3f:ef:c8:2f:bb:15:f0:6e:b3:e6:
a9:96:41:0c:13:af:de:bb:e7:23:e2:1f:be:77:4e:
58:db:0c:c5:ea:d0:ec:ce:41:9e:7a:40:6a:31:b5:
df:d6:f7:c4:54:82:95:58:f6:b0:a2:73:81:36:3b:
01:f2:69:fa:94:84:9b:27:67:28:60:bf:80:61:ee:
68:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FF:9E:66:F4:B1:BA:F2:D6:7D:08:40:6C:AD:08:52:C8:AE:38:FB
X509v3 Authority Key Identifier:
keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:7f:f3:fa:73:ed:66:a9:f9:cf:db:57:3f:b5:55:2a:72:22:
ad:c0:fb:a8:2c:2d:40:c3:4a:6b:b5:f5:4a:02:e5:0e:c2:e3:
89:08:4a:3e:93:1c:74:df:9c:27:af:80:ae:6a:fa:a1:eb:fa:
c4:11:68:0b:66:69:7b:e8:01:ca:46:df:36:ae:e0:da:e7:3d:
63:52:8e:79:60:f8:8e:07:f4:98:c6:9d:7c:18:76:92:e5:4d:
42:eb:2e:55:11:b5:34:7a:34:37:af:a2:c4:e6:41:85:db:50:
f0:a3:c9:fc:8f:20:fb:e8:e6:7c:12:a9:d4:50:94:e0:1a:b8:
26:a2:af:86:a8:9e:c8:6f:24:f8:05:5f:e9:9e:d2:0f:90:f6:
d9:20:03:d5:38:86:66:99:77:c2:b7:dd:33:dd:ac:bc:b2:0b:
56:e4:46:ff:98:f7:c3:3f:a6:e5:32:3d:53:fe:30:fc:05:32:
29:1c:d8:a7:42:06:b8:16:6a:10:d5:6e:c6:f8:0b:2e:66:64:
e0:6f:bd:c3:8a:3f:ab:b0:59:e0:97:7e:44:83:f9:ae:f6:4b:
9a:2f:24:7d:80:e2:ce:d8:02:78:84:ed:fa:9e:5f:70:34:82:
1e:5f:db:21:29:03:12:ee:3e:7f:48:19:e5:c5:19:69:9b:f6:
38:7c:99:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhIwMex3rpEcY2m+oMls3Y3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjUwNzI2MjIwMDUwWhcNMjUwNzI3MjIwMDUwWjAzMTEwLwYDVQQD
EyhkOGZmOWU2NmY0YjFiYWYyZDY3ZDA4NDA2Y2FkMDg1MmM4YWUzOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DJkhuAle0EXuPZ4CLZ9HSVyHcBw
7o08psZBAFa4qzws/ecRj3h+AdsbiJi+lwfvsBb2+Z/lhQA2T6OINWG8kPahGOv8
kW0JWp6TY86v/Z11H7PjZ7/lYQMpRKK+kYgu+wJCCoNZeLAMcNMgHjQeYnMmpCjh
BILQ162AHRvQw4f6UHSbkQm6j0XPtJS1QyS9rYxAbNhT8qzn1VWzfbRVn1u11l69
hZlC3MhyZm98de/Rp4RAeV4s6z/vyC+7FfBus+aplkEME6/eu+cj4h++d05Y2wzF
6tDszkGeekBqMbXf1vfEVIKVWPawonOBNjsB8mn6lISbJ2coYL+AYe5oXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNj/nmb0sbry1n0IQGytCFLIrjj7MB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnX/z+nPt
Zqn5z9tXP7VVKnIircD7qCwtQMNKa7X1SgLlDsLjiQhKPpMcdN+cJ6+Armr6oev6
xBFoC2Zpe+gBykbfNq7g2uc9Y1KOeWD4jgf0mMadfBh2kuVNQusuVRG1NHo0N6+i
xOZBhdtQ8KPJ/I8g++jmfBKp1FCU4Bq4JqKvhqieyG8k+AVf6Z7SD5D22SAD1TiG
Zpl3wrfdM92svLILVuRG/5j3wz+m5TI9U/4w/AUyKRzYp0IGuBZqENVuxvgLLmZk
4G+9w4o/q7BZ4Jd+RIP5rvZLmi8kfYDiztgCeITt+p5fcDSCHl/bISkDEu4+f0gZ
5cUZaZv2OHyZZg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 00:28:26 2025 by rpki-client